Missing Permissions?

[oshinowo-stephen]

So... I've ran into this problem while trying to setup a simple config:

Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
cp: cannot create special file '/opt/unbound/etc/unbound/dev/random': Operation not permitted
cp: cannot create special file '/opt/unbound/etc/unbound/dev/urandom': Operation not permitted
cp: cannot create special file '/opt/unbound/etc/unbound/dev/null': Operation not permitted
[1662047591] unbound[1:0] warning: so-rcvbuf 1048576 was not granted. Got 360448. To fix: start with root permissions(linux) or sysctl bigger net.core.rmem_max(linux) or kern.ipc.maxsockbuf(bsd) values.
[1662047591] unbound[1:0] warning: unbound is already running as pid 1.
[1662047591] unbound[1:0] error: Could not open logfile /dev/null: Permission denied
[1662047592] unbound[1:0] info: start of service (unbound **1.16.0).**

While scanning online i'm not really sure what caused this, nor anything to resolve it... i'm hoping someone can give me some insight for this situation...

my config is just a direct copy and paste from: https://github.com/IAmStoxe/wirehole/blob/master/unbound/unbound.conf

docker-compose.yml snippt:

  satori_unbound:
    image: mvance/unbound-rpi:latest
    container_name: nametag
    restart: unless-stopped
    hostname: "unbound"
    volumes:
      - ./unbound:/opt/unbound/etc/unbound/
    networks:
      private_network:
        ipv4_address: 10.2.0.200

[MatthewVance]

If you're using a volume mount, are you including all the correct files? See #21 (comment).

[MatthewVance]

For so-rcvbuf, you'll need to run something like sysctl -w net.core.rmem_max=1048576 on your host.

To make it persist across reboots, add the following to the /etc/sysctl.conf file:

net.core.rmem_max=1048576

Per the Unbound.conf docs:
"The OS caps it at a maximum, on linux Unbound needs root permission to bypass the limit, or the admin can use sysctl net.core.rmem_max."