diff --git a/dnscrypt-proxy/config.go b/dnscrypt-proxy/config.go
index ad8033a3..72b212bd 100644
--- a/dnscrypt-proxy/config.go
+++ b/dnscrypt-proxy/config.go
@@ -193,6 +193,9 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 
 	flag.Parse()
 
+	if *child {
+		PledgeChild()
+	}
 	if *svcFlag == "stop" || *svcFlag == "uninstall" {
 		return nil
 	}
@@ -240,6 +243,8 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 	proxy.logMaxAge = config.LogMaxAge
 	proxy.logMaxBackups = config.LogMaxBackups
 
+	proxy.userName = config.UserName
+
 	proxy.child = *child
 	proxy.xTransport = NewXTransport()
 	proxy.xTransport.tlsDisableSessionTickets = config.TLSDisableSessionTickets
diff --git a/dnscrypt-proxy/pledge_openbsd.go b/dnscrypt-proxy/pledge_openbsd.go
index 4b593fb0..6c5ea2ea 100644
--- a/dnscrypt-proxy/pledge_openbsd.go
+++ b/dnscrypt-proxy/pledge_openbsd.go
@@ -2,9 +2,14 @@
 
 package main
 
-import "golang.org/x/sys/unix"
+import (
+	"golang.org/x/sys/unix"
+)
 
 func Pledge() {
-	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id",
-		"stdio rpath wpath cpath tmppath inet fattr flock dns recvfd")
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id", nil)
+}
+
+func PledgeChild() {
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns recvfd", nil)
 }
diff --git a/dnscrypt-proxy/pledge_others.go b/dnscrypt-proxy/pledge_others.go
index 4b791db0..59178a68 100644
--- a/dnscrypt-proxy/pledge_others.go
+++ b/dnscrypt-proxy/pledge_others.go
@@ -5,3 +5,7 @@ package main
 func Pledge() {
 
 }
+
+func PledgeChild() {
+
+}