# [SOLVED] dnsmasq: setting capabilities failed

## rev138

I recently upgraded from 2.41 to 2.43. Now, when I start dnsmasq, I get the following:

```

 * Starting dnsmasq ...

dnsmasq: setting capabilities failed: Operation not permitted                                                           [ !! ]

```

No config files were changed, apparently.

What gives?

----------

## rev138

Anyone?

I find it hard to believe I'm the only one experiencing this...

----------

## vaguy02

Can we get some log files?

----------

## rev138

This is what I get in /var/log/messages when I restart the init script:

```

Jul 16 18:11:58 woodchuck dnsmasq[24765]: exiting on receipt of SIGTERM

Jul 16 18:12:01 woodchuck dnsmasq[2316]: setting capabilities failed: Operation not permitted

Jul 16 18:12:01 woodchuck dnsmasq[2316]: FAILED to start up

```

Not very informative. I'm unaware of anywhere else it might be logging.

----------

## rev138

Could this have anything to do with CONFIG_SECURITY_CAPABILITIES in the kernel? Mine is not enabled.

----------

## vaguy02

How about /etc/dnsmasq.conf?

----------

## rev138

/etc/dnsmasq.conf

```

domain-needed

bogus-priv

filterwin2k

localise-queries

listen-address=10.1.0.1

dhcp-range=lan.hzsogood.net,10.1.0.100,10.1.0.250,255.255.255.0,12h

local=/lan.hzsogood.net/

domain=lan.hzsogood.net

expand-hosts

no-negcache

resolv-file=/etc/resolv.conf

dhcp-authoritative

dhcp-leasefile=/etc/dhcp.leases

read-ethers

dhcp-host=00:14:A4:60:73:66,kong,infinite

dhcp-host=00:1d:d9:45:1f:8a,theharlequin,infinite

dhcp-host=00:01:e6:4e:64:47,printer,infinite

```

----------

## vaguy02

Nothing looks out of the ordinary to me.

----------

## rev138

 *rev138 wrote:*   

> Could this have anything to do with CONFIG_SECURITY_CAPABILITIES in the kernel? Mine is not enabled.

 

It does...

 *http://www.thekelleys.org.uk/dnsmasq/docs/FAQ wrote:*   

> Q: Dnsmasq fails to start up with a message about capabilities.
> 
>    Why did that happen and what can do to fix it?
> 
> A: Change your kernel configuration: either deselect CONFIG_SECURITY
> ...

 

----------

## rev138

Yup, that worked  :Smile: 

----------

