Question about dnstap
Borja Marcos
borjam at sarenet.es
Tue Sep 13 13:13:41 UTC 2022
> On 13 Sep 2022, at 14:34, Peter <pmc at citylink.dinoex.sub.org> wrote:
>
> Apparently, the first connect() happens (after chroot but) before
> droppings priviledges.
> (The FreeBSD integration script does set -u to UID "bind", by default.)
>
> So, apparently, fstrm_capture should also run as UID "bind" (and would
> then need a proper filespace where it is allowed to create that
> socket). Or something else along that line.
>
> The OP should check if their problem suddenly resolves when doing a
> "chmod 777" on that socket (and then devise a suitable design
> according to their security policy).
My fault indeed, sorry! *blush*.
Actually my confusion was slightly more stupid but still a permissions issue.
My apologies!
Borja.
More information about the bind-users
mailing list