Hi to all. I noticed that the latest unbound release warns at startup because it does not seems allowed to set the UDP send buffer size:

warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available

maybe the unbound user needs to be grant for a specific RBAC permission?

warden: it may be trying to set it above the max buffer size limit

(see ipadm show-prop to see it, and ipadm set-prop to adjust the max_buf value

sommerfeld: thanks, i'll give it a try! Any suggestion about changing exec_attr for the unbound user, or its SMF configuration? I tried to add net_rawaccess to start/privileges with svccfg, but the warning remains at service startup

I tried starting unbound as root, and the warning isn't triggered, thus it would be possible to assign the right permission to the unbound user or to its service's fmri?

ppriv -e -D can be useful in figuring out which privileges are missing.

sommerfeld: great, thank you for the suggestion! Unfortunately I just discovered my previous test with root was faked... I left the workaround setting in unbound.conf! :@

so the problem actually is that the max UDP send_buf property range in illumos does not allow the value that unbound tries to set (4194304 against the limit of 2097152)

"ipadm set-prop -t -p max_buf=5242880 udp" solved the issue! ;)

I have created a build recipe for the Fish shell based on the OpnIndiana patches: omniosorg/omnios-extra #1675