[Pdns-users] How to debug / log more info about: pdns operation not permitted.

Thu Jun 16 01:41:29 UTC 2016

Hi all,

In my (small) home setup I have been running for a couple years pdns/pnds-recursor. The pdns with the gmysql backend.

Initially on ubuntu and recently on Centos7. In both instances I receive these, as shown below,  syslog messages a couple times a day. The total amount of queries is low, as it's a home network. 

Jun 15 04:12:03 emani pdns[2228]: Unable to send a packet to our recursing backend: Operation not permitted
Jun 15 04:59:04 emani pdns[2228]: Unable to send a packet to our recursing backend: Operation not permitted

A google and maillist search turned up some "Unable to send packet" but none with the reason "Operation not permitted"

Additionally I couldn't find documentation how to log these failed/denied queries.

No issue getting my hands dirty :-) and dig through logs (or code, but far from c expert), how to obtain some further logging why this is denied?

Current info on distro and version:

[emani ~]$ cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.0 (Maipo)                                                    
[emani ~]$ rpm -qi pdns                                                                          
Name        : pdns                                                                                     
Version     : 3.4.8                                                                                    
Release     : 1.el7                                                                                    
Architecture: x86_64                                                                                   
Install Date: Thu May 26 23:42:07 2016                                                                 
Group       : System Environment/Daemons                                                               
Size        : 8561959                                                                                  
License     : GPLv2                                                                                    
Signature   : RSA/SHA256, Thu Feb  4 19:41:53 2016, Key ID 6a2faea2352c64e5                            
Source RPM  : pdns-3.4.8-1.el7.src.rpm                                                                 
Build Date  : Wed Feb  3 18:59:43 2016                                                                 
Build Host  : buildvm-19-nfs.phx2.fedoraproject.org                                                    
<<snip>>

[emani ~]$ /usr/sbin/pdns_server --version
Jun 16 03:31:11 PowerDNS Authoritative Server 3.4.8 (jenkins at autotest.powerdns.com) (C) 2001-2015 PowerDNS.COM BV
Jun 16 03:31:11 Using 64-bits mode. Built on 20160203175745 by mockbuild at buildvm-19-nfs.phx2.fedoraproject.org, gcc 4.8.5 20150623 (Red Hat 4.8.5-4).
Jun 16 03:31:11 PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
Jun 16 03:31:11 Features: cryptopp libdl lua remotebackend-zeromq
Jun 16 03:31:11 Built-in modules: 

[emani ~]# grep -v -e ^# -e ^$ /etc/pdns/pdns.conf
allow-recursion=127.0.0.0/8, 192.168.0.0/16, ::1/128, fe80::/10, 2001:610:600:89c2::/64
daemon=yes
disable-axfr=yes
distributor-threads=3
guardian=yes
launch=gmysql
local-address=127.0.0.1,192.168.5.5
local-ipv6=::1,2001:610:600:89c2::5:5
local-port=53
recursor=127.0.0.1:54
reuseport=no
security-poll-suffix=secpoll.powerdns.com.
send-root-referral=no
setgid=pdns
setuid=pdns
gmysql-host=<<removed>>
gmysql-port=
gmysql-dbname=pdns
gmysql-user=<<removed>>
gmysql-password=<<removed>>
gmysql-dnssec=yes
gmysql-socket=/var/lib/mysql/mysql.sock

Thanks in advance,
Stijn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160615/117112b7/attachment.html>