[Pdns-users] pdns-recursor Permissions Error

Wed Jan 8 09:17:20 UTC 2020

Hi Michael,
I failed to find anything useful in the audit.log file as you recommended
besides failed login attempts.
Thought I'd share this as well

# ps auxw | grep snmp
snmp     24569  0.0  0.1  65068  8564 ?        S    09:28   0:07
/usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -g snmp -I -smux mteTrigger
mteTriggerConf -p /run/snmpd.pid
root     26031  0.0  0.0  12940   968 pts/0    S+   12:03   0:00 grep
--color=auto snmp

# ps auxw | grep pdns
pdns     25624  0.1  0.1 1416756 16036 ?       Ssl  11:11   0:03
/usr/sbin/pdns_recursor --daemon=no --write-pid=no --disable-syslog
--log-timestamp=no
root     26036  0.0  0.0  12940  1084 pts/0    S+   12:04   0:00 grep
--color=auto pdns

# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 10.157.4.178:53         0.0.0.0:*               LISTEN

tcp        0      0 41.210.187.101:53       0.0.0.0:*               LISTEN

tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN

tcp6       0      0 :::22                   :::*                    LISTEN

udp        0      0 10.157.4.178:53         0.0.0.0:*

udp        0      0 41.210.187.101:53       0.0.0.0:*

udp        0      0 127.0.0.1:53            0.0.0.0:*

udp        0      0 0.0.0.0:161             0.0.0.0:*

udp6       0      0 ::1:161                 :::*

Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     664628
/run/user/1000/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     620630
/run/user/1001/systemd/private
unix  2      [ ACC ]     SEQPACKET  LISTENING     11972    /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     14915
 /run/uuidd/request
unix  2      [ ACC ]     STREAM     LISTENING     15150
 /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     15047
 /var/lib/lxd/unix.socket
unix  2      [ ACC ]     STREAM     LISTENING     15151    /run/snapd.socket
unix  2      [ ACC ]     STREAM     LISTENING     15152
 /run/snapd-snap.socket
unix  2      [ ACC ]     STREAM     LISTENING     11885
 /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     11967
 /run/systemd/journal/stdout
unix  2      [ ACC ]     STREAM     LISTENING     11969
 /run/lvm/lvmetad.socket
unix  2      [ ACC ]     STREAM     LISTENING     11970
 /run/systemd/fsck.progress
unix  2      [ ACC ]     STREAM     LISTENING     10457
 /run/lvm/lvmpolld.socket
unix  2      [ ACC ]     STREAM     LISTENING     18924
 /var/run/fail2ban/fail2ban.sock
unix  2      [ ACC ]     STREAM     LISTENING     16697
 @ISCSIADM_ABSTRACT_NAMESPACE
unix  2      [ ACC ]     STREAM     LISTENING     15070
 /run/acpid.socket#

Regards,
Sharone B.

On Tue, 7 Jan 2020 at 22:02, Michael Ströder <michael at stroeder.com> wrote:

> On 1/7/20 3:00 PM, Sharone Bakara wrote:
> > On 7 Jan 2020, at 16:55, Remi Gacogne <remi.gacogne at powerdns.com> wrote:
> >> On 1/7/20 2:41 PM, Sharone wrote:
> >>> '/var/run/pdns-recursor': Permission denied"*
> >> I'm not sure of what your SNMP setup is, but it looks like the user
> >> invoking rec_control does not have the rights to create a new file in
> >> /var/run/pdns-recursor. What happens if you invoke the rec_control
> >> command directly as the 'pdns' user?
> >
> > I get the same error as when I run it root.
>
> Whenever "permissions denied" happens while running an action as root
> I'd check whether SELinux or AppArmor blocks some access.
> => check your audit log (assuming you're running auditd)
>
> Ciao, Michael.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200108/c1cdbe32/attachment-0001.htm>