from logfile: Aug 22 11:20:10 unbound[74860:0] notice: Restart of unbound 1.11.0. Aug 22 11:20:10 unbound[74860:0] notice: init module 0: validator Aug 22 11:20:10 unbound[74860:0] notice: init module 1: iterator Aug 22 11:20:10 unbound[74860:0] notice: attempting to connect to dnstap socket /usr/local/etc/unbound/dnstap.sock Aug 22 11:20:10 unbound[74860:0] warning: could not open dnstap-socket-path: /usr/local/etc/unbound/dnstap.sock, No such file or directory Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/RESOLVER_QUERY enabled Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/RESOLVER_RESPONSE enabled Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/CLIENT_QUERY enabled Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/CLIENT_RESPONSE enabled Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/FORWARDER_QUERY enabled Aug 22 11:20:10 unbound[74860:0] notice: dnstap Message/FORWARDER_RESPONSE enabled Aug 22 11:20:10 unbound[74860:0] info: start of service (unbound 1.11.0). Aug 22 11:20:10 unbound[74860:5] error: dnstap io: failed to connect to "/usr/local/etc/unbound/dnstap.sock": No such file or directory Aug 22 11:20:10 unbound[74860:5] error: dnstap io: failed to connect to "/usr/local/etc/unbound/dnstap.sock": No such file or directory Aug 22 11:20:10 unbound[74860:5] error: dnstap io: failed to connect to "/usr/local/etc/unbound/dnstap.sock": No such file or directory Aug 22 11:20:10 unbound[74860:5] error: dnstap io: failed to connect to "/usr/local/etc/unbound/dnstap.sock": No such file or directory ... error is repeated every second for ever
(In reply to p5B2E9A8F from comment #0) There is a bug that the chroot path and/or the working directory is not taken into account and that interferes with the dnstap-socket-path. So, if unbound is doing a chroot (default) leave of the the default path (as specified by the chroot: directive) the work around is to remove the chroot path from the dnstap-socket-path: The bug will be fixed in the next release and there will also a fix to stop unbound from spamming the logfile. jaap
(In reply to Jaap Akkerhuis from comment #1) I tried work around with having this in unbound.conf: chroot: /usr/local/etc/unbound and changed dnstap-socket-path: "/usr/local/etc/unbound/dnstap.sock" to dnstap-socket-path: "dnstap.sock" but get still error error: dnstap io: failed to connect to "dnstap.sock": No such file or directory
(In reply to p5B2E9A8F from comment #2) Unbound won't create the socket, it only wants to (re-)connect with an existing one off which there is a program listening. The canonical example is discussed at <https://dnstap.info/Examples/>. Alternatively, you could also use the test tool which is hidden in the unbound release. Go to ../unbound/work/unbouns-1.11.0. Create the test tool (make unbound-dnstap-socket). ./unbound-dnstap-socket -h tells you how to use it: ./unbound-dnstap-socket -h usage: unbound-dnstap-socket [options] Listen to dnstap messages stdout has dnstap log, stderr has verbose server log -u <socketpath> listen to unix socket with this file name -s <serverip[@port]> listen for TCP on the IP and port -t <serverip[@port]> listen for TLS on IP and port -x <server.key> server key file for TLS service -y <server.pem> server cert file for TLS service -z <verify.pem> cert file to verify client connections -l long format for DNS printout -v more verbose log output -h this help text Note that this is just a testing tool, it is not meant for daily use. jaap BTW, don't forget to make sure that unbound can read/write to the socket.
Fixed in Unbound version 1.12.0
Unfortunately the bug seems not to be fixed. What has been fixed is that the logfile gets no more spammed. A UNIX socket created /usr/local/etc/unbound/dnstap.sock is not recognized. The logfile lines are exactly the same except the version is now 1.12.0
Please feedback as problem was not fixed.
(In reply to p5B2E9A8F from comment #6) This is clearly not a problem with the port. It is much better to open an issue with the upstream directly at https://github.com/NLnetLabs/unbound/issues
This has been fixed in the 1.13.0 pre-release rc1. There is an unbound 1.13.0rc4 available. https://github.com/NLnetLabs/unbound/issues/358 https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-November/007095.html fr: https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-November/007055.html "- Fix dnstap socket and the chroot not applied properly to the dnstap socket path." The ports patch is trivial but I'll include it for your perusal.
Created attachment 220128 [details] unbound port update to 1.13.0rc4
(In reply to rallenh from comment #9) There will be a final release 1.13.0 later this week, let's wait on that one.
Unbound 1.13.0 is available since 3 December, 2020 please upgrade the port accordingly since the bug is fixed there: * Fix dnstap socket and the chroot not applied properly to the dnstap socket path.
(In reply to p5B2E9A8F from comment #11) Already in progress, see PR #251563
Thanks :) Works now as intended.