1

     Every time I try to launch the Unbound DNS server via Homebrew Services with the command 'sudo brew services start unbound,' I start seeing log entries of the following form in OS X's 'Console' application ('/Applications/Utilities/Console.app'…:)  

%l:%M:%S %p com.apple.xpc.launchd[1]: (homebrew.mxcl.unbound[$PID]) Service exited with abnormal code: 1
%l:%M:%S %p com.apple.xpc.launchd[1]: (homebrew.mxcl.unbound) Service only ran for 0 seconds. Pushing respawn out by 10 seconds.

…one after the other. (If the conventions I'm using to denote per-instance variables seem unusual, then '%l,' '%M,' '%S,' and '%p' are strftime(3) format specifiers specifying the general appearance of each log entry's timestamp when expanded therein. '$PID' is, obviously, similarly replaced by the process ID of the particular instance of Unbound in question during each invocation by launchd.)
     When I checked, my Unbound-specific log file, /usr/local/etc/unbound/unbound.log, was blank. I've been having trouble getting my configuration file right, so maybe I'm still having problems with that? For reference, here are the contents of my configuration file, /usr/local/etc/unbound/unbound.conf, which I adapted from the example given by the Unbound source tarball's contained file '$UNTAR_WORKING_OR_TARGET_DIR/unbound-1.5.8/docs/example.conf.in. Does anything look odd in there, or is something else unexpected going on in this case?

P. S.: Here's information I get about the _unbound daemon account when I run ddcl . -read /Users/_unbound: 

dsAttrTypeNative:accountPolicyData:
 <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>creationTime</key>
    <real>1464121481.5192709</real>
    <key>failedLoginCount</key>
    <integer>0</integer>
    <key>failedLoginTimestamp</key>
    <integer>0</integer>
    <key>passwordLastSetTime</key>
    <real>1464121482.61134</real>
</dict>
</plist>

AppleMetaNodeLocation: /Local/Default
GeneratedUID: EB92AA79-6746-4C8C-8D3A-D82F7215FD88
Password: *
PrimaryGroupID: 499
RealName:
 Unbound DNS Validating Resolver Daemon
RecordName: _unbound unbound
RecordType: dsRecTypeStandard:Users
UniqueID: 499
UserShell: /usr/bin/false
RandomDSdevel
  • 143

1 Answers1

1

     Well, it turns out that, as a friend of mine told me over IRC, I never checked to make sure that Unbound could reach /dev/random — and maybe /dev/log, as well —, the former of which the software's documentation for its configuration file states as a requirement under the sub-heading describing Unbound's chroot option and the latter of which might be necessary for logging, from within its chroot jail. As such, I'm going to have to try sharing /dev (or at least its contained log and random files) into /usr/local/etc/unbound via NFS (OS X doesn't directly support bind mounts.)

Community
  • 1
RandomDSdevel
  • 143