Since I have set up my own e-mail server solution, I am using unbound as a local reverse DNS for rspamd. It works great… So great, that I haven’t noticed that it does not log anything until today…
Error as seen when restarting the service or looking into syslog:
error Could not open logfile /var/log/unbound/unbound.log: Permission denied
The permissions on the file are okay, but the problem was with apparmor.
So to fix the issue, we have to edit the settings:
$ vim /etc/apparmor.d/local/usr.sbin.unbound
Add this line:
# Site-specific additions and overrides for usr.sbin.unbound.
# For more details, please see /etc/apparmor.d/local/README.
/var/log/unbound/unbound.log rw,
Reload apparmor config and restart unbound services:
# apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound
service unbound restart