I am running unbound. I have defined an AA-profile for it.be From time to time unbound does not start. The reason I find in the logs: could not open autotrust-file for writing /var/lib/unbound/root.key.2112-0 permission denied.
I tried to set AA on complain, but it does not encounter something to complain and to adapt. I recall I granted the right to that process in AA.
Moreover, when I start the unbound by hand in "service" the process starts without any problem. And without giving error. So the issue seems only when it tries to update the autotrust-file. So, I do not understand why it needs to write to autotrust and I would like to know what permissions it should have, to compare with the ones I have: ls -l /var/lib/unbound/
entropia@roadrunner:~> ls -l /var/lib/unbound/ totale 4 -rw-r--r-- 1 unbound unbound 1251 20 gen 02.14 root.key
Seems about right?? Or does the permission here need to be root:unbound?
Thanks in advance. (Once it runs it is fast and reliable, but it is irritating that it fallbacks all the time due to this error. Is that a systemd service? If so, this looks like a timing issue. Something else needs to be done first, before unbound can start. You'd have to look at
Op woensdag 20 januari 2021 02:28:53 CET schreef Stakanov: the status of the service if it doesn't run, or find out with journalctl -- Gertjan Lettink a.k.a. Knurpht openSUSE Board openSUSE Forums Team