2

Error 'finding' log file on starting unbound service

 Jun 25 20:02:19 asus unbound[111312]: [1624676539] unbound[111312:0] error: Could not open logfile /var/log/unbound.log: No such file or directory

But the file exists and should be writable...

For example (I have tried a number of combinations of ownership and perms)

 [root@asus:/var/log]
 :> ll | grep unbound
 -rw-rw-r--   1 root unbound            0 2021-06-25 20:00 unbound.log

Where's the error?

I have tried even

 -rw-r--r--   1 unbound unbound            0 2021-06-25 20:00 unbound.log

and

-rw-rw-r--   1 stephen stephen            0 2021-06-25 20:00 unbound.log

and

 -rw-rw-r--   1 root root            0 2021-06-25 20:00 unbound.log

And so on

Parent permissions

drwxr-xr-x 13 root root 4.0K 2021-06-24 14:19 var
drwxr-xr-x 13 root root 4.0K 2021-06-25 20:00 log

Logging config on unbound.conf is :

 server:
  directory: "/etc/unbound"
  username: unbound
  chroot: "/etc/unbound"
  pidfile: "/etc/unbound/unbound.pid"
  interface: 0.0.0.0
  interface: ::0

  logfile: /var/log/unbound.log
  verbosity: 1
  log-queries: yes
Stephen Boston
  • 1,928
  • 3
  • 25
  • 50
  • What are the permissions on the parent directories - /var and /var/log ? – Haxiel Jun 26 '21 at 03:53
  • @Haxiel Thanks. Added to post – Stephen Boston Jun 26 '21 at 06:21
  • 1
    After reading through the [manpage](https://linux.die.net/man/5/unbound.conf), I think the problem is chroot. With the current configuration, I think it is expecting to find /var/log/unbound.log relative to the chroot, which would be /etc/unbound/var/log/unbound.log. Can you create the file at this location, and see if it works? – Haxiel Jun 26 '21 at 06:34
  • @Haxiel RTFM. Exactly right! I created the directory -- not the file -- and owned it as unbound.unbound and the service starts successfully without error and without the notes of the previous config. Thanks. Write it up and I'll tick it. – Stephen Boston Jun 26 '21 at 11:53
  • Glad to hear that it's sorted out. I've added an answer with the exact info from the manpage. – Haxiel Jun 26 '21 at 12:43

1 Answers1

1

On the manpage for unbound.conf, the 'logfile' parameter is mentioned in reference to chroot. Rearranging a bit for clarity:

chroot: directory

If given a chroot is done to the given directory. The default is "/etc/unbound". If you give "" no chroot is performed.

All other file paths (working dir, logfile, roothints, and key files) can be specified in several ways: as an absolute path relative to the new root, as a relative path to the working directory, or as an absolute path relative to the original root. In the last case the path is adjusted to remove the unused portion.

Since chroot is enabled by default, the daemon would look for the log file relative to chroot directory. In this case, the full path to the log file would be /etc/unbound/var/log/unbound.log. Creating this path manually (and assigning the right permissions) allows the daemon to locate the file correctly.

Also, the example unbound.conf file in the manpage specifies a log file relative to the chroot directory:

chroot: "/etc/unbound"
logfile: "/etc/unbound/unbound.log"
Haxiel
  • 8,201
  • 1
  • 20
  • 30