The bind package expect to have the capability CAP_SYS_RESOURCE.
It expects this because it may need to increase its ulimit.
By default, a vserver does not have this capability. A vserver starts
with some ulimit values and can only reduce them, not enlarge them.
The idea is to control what a vserver can use.
To fix that, one can give the capability to the vserver running
bind. Edit the vserver configuration file (/etc/vservers/*.conf) and
modify the S_CAPS line like this
S_CAPS="CAP_SYS_RESOURCE"