When Unbound Won't Write Logs

PUBLISHED ON 27/09/2018 — UNIX

Since I have set up my own e-mail server solution, I am using unbound as a local reverse DNS for rspamd. It works great… So great, that I haven’t noticed that it does not log anything until today…

Error as seen when restarting the service or looking into syslog:

error Could not open logfile /var/log/unbound/unbound.log: Permission denied

The permissions on the file are okay, but the problem was with apparmor.

So to fix the issue, we have to edit the settings:

$ vim /etc/apparmor.d/local/usr.sbin.unbound

Add this line:

# Site-specific additions and overrides for usr.sbin.unbound.
# For more details, please see /etc/apparmor.d/local/README.
/var/log/unbound/unbound.log rw,

Reload apparmor config and restart unbound services:

# apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound 
service unbound restart