BIND 9.14.0: unable to set effective uid to 0: Operation not permitted
Tony Finch
dot at dotat.at
Tue Apr 2 15:12:38 UTC 2019
Anand Buddhdev <anandb at ripe.net> wrote:
>
> I'm not sure why it's doing that, but I think I know the reason for this
> error message. The release notes of 9.14.0 say that on Linux, BIND uses
> libcap to set certain privileges. However, if the /usr/sbin/named binary
> is not marked as being able to use privileges, then it won't be able to
> set certain privileges.
I have not noticed these errors on my toy server. I had a look at the code
and I thought Stephan's explanation was correct. My guess is that he is
starting named without root privileges, so it is unable to switch back and
forth between users when it is starting up. It switches users so files
are created with the correct privileges, and as Stephan said, that is when
the warnings are emitted. It might be a combination of starting as an
unprivileged user and also providing the -u command line option.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
responsible stewardship of the earth and its resources
More information about the bind-users
mailing list