[`config-dir`](#config-dir) and [`module-dir`](#module-dir)) set in the configuration
are relative to the new root.
+When running on a system where systemd manages services, `chroot` does not work out of the box, as PowerDNS cannot use the `NOTIFY_SOCKET`.
+Either don't `chroot` on these systems or set the 'Type' of the this service to 'simple' instead of 'notify' (refer to the systemd documentation on how to modify unit-files)
+
## `config-dir`
* Path
When using `chroot` and the API ([`webserver`](#webserver)), [`api-readonly`](#api-readonly)
must be set and [`api-config-dir`](#api-config-dir) unset.
+When running on a system where systemd manages services, `chroot` does not work out of the box, as PowerDNS cannot use the `NOTIFY_SOCKET`.
+Either do not `chroot` on these systems or set the 'Type' of this service to 'simple' instead of 'notify' (refer to the systemd documentation on how to modify unit-files)
+
## `client-tcp-timeout`
* Integer
* Default: 2
stubParseResolveConf();
if(!::arg()["chroot"].empty()) {
+#ifdef HAVE_SYSTEMD
+ char *ns;
+ ns = getenv("NOTIFY_SOCKET");
+ if (ns != nullptr) {
+ L<<Logger::Error<<"Unable to chroot when running from systemd. Please disable chroot= or set the 'Type' for this service to 'simple'"<<endl;
+ exit(1);
+ }
+#endif
triggerLoadOfLibraries();
if(::arg().mustDo("master") || ::arg().mustDo("slave"))
gethostbyname("a.root-servers.net"); // this forces all lookup libraries to be loaded
Utility::dropGroupPrivs(newuid, newgid);
if (!::arg()["chroot"].empty()) {
+#ifdef HAVE_SYSTEMD
+ char *ns;
+ ns = getenv("NOTIFY_SOCKET");
+ if (ns != nullptr) {
+ L<<Logger::Error<<"Unable to chroot when running from systemd. Please disable chroot= or set the 'Type' for this service to 'simple'"<<endl;
+ exit(1);
+ }
+#endif
if (chroot(::arg()["chroot"].c_str())<0 || chdir("/") < 0) {
L<<Logger::Error<<"Unable to chroot to '"+::arg()["chroot"]+"': "<<strerror (errno)<<", exiting"<<endl;
exit(1);
projects / thirdparty / pdns.git / commitdiff
