app can't write to USB stick

FESyv · 20 June 2019 22:46

i have DietPi running on Rpi3-B+ making use of “unbound” with pihole. the /var/log/unbound logs gets rather large so i put in a USB stick formatted with ext4 and changed unbound config to put its log files there. but i’m getting errors trying to make that happen. i.e;

syslog:: unbound[816]: [1561052647] unbound[816:0] error: Could not open logfile /mnt/USB1/log/unbound.log: Permission denied

perms on /mnt/USB1/log is:

Access: (0770/drwxrwx—) Uid: ( 0/ root) Gid: ( 112/ unbound)

unbound group has perms to write there, so how can i get unbound to accually write to the USB stick and stop this error?

MichaIng · 23 June 2019 15:48

FESyv
Hmm works well here if I use the default log file location and chown the dir with 770 root:unbound. The file gets created automatically:

root@VM-Stretch:~# l -a /etc/unbound/
drwxrwx---  3 root    unbound 4096 Jun 23 17:43 .
-rw-r--r--  1 unbound unbound  192 Jun 23 17:43 unbound.log

Without sufficient permissions on this folder it fails silently here (is simply not created) .

Did you try it with the systemd service or the raw binary?

The systemd service has some chroot setup step that I don’t understand:

ExecStartPre=-/usr/lib/unbound/package-helper chroot_setup
ExecStartPre=-/usr/lib/unbound/package-helper root_trust_anchor_update

Not sure if this might include some limitations with external drives.

Did you try it with unbound:unbound and in case 777 permissions?
And otherwise try it once with the binary itself instead of the systemd service:

systemctl stop unbound
unbound

FESyv · 27 June 2019 05:41

@FESyv
Hmm works well here if I use the default log file location and chown the dir with 770 root:unbound. The file gets created automatically:
root@VM-Stretch:~# l -a /etc/unbound/
drwxrwx---  3 root    unbound 4096 Jun 23 17:43 .
-rw-r--r--  1 unbound unbound  192 Jun 23 17:43 unbound.log
Without sufficient permissions on this folder it fails silently here (is simply not created) .

Did you try it with the systemd service or the raw binary?

The systemd service has some chroot setup step that I don’t understand:
ExecStartPre=-/usr/lib/unbound/package-helper chroot_setup
ExecStartPre=-/usr/lib/unbound/package-helper root_trust_anchor_update
Not sure if this might include some limitations with external drives.

Did you try it with unbound:unbound and in case 777 permissions?
And otherwise try it once with the binary itself instead of the systemd service:
systemctl stop unbound
unbound

apologies for late reply…

i have same perms as you on “/etc/unbound/” but on the usb stick /mnt/USB1/log/unbound (root.unbound) . though, nothing gets written as you know. unbound defaults to syslog i believe if it can’t write to the dir set in its config.

i have these opts “resolvconf_start” & “resolvconf_stop” passed to package-helper in the unbound-resolvconf.service file. the usage options for the package-helper list the “chroot_setup” & “resolvconf_start/stop” along with a few others. basically functions in that script.

currently, unbound is running via systemd but i will stop it and run from /usr/sbin/unbound , try some different dir’s in the config file and compare to usb stick dir. i’ll post back results in a day or two.

appreciate your reply.

FESyv · 1 July 2019 00:36

i changed perms to unbound.unbound on /var/log/unbound and /mnt/USB1/log/unbound. its working now.
maybe i changed perms mucking about on this and forgot. thanks for your help!~