Bitlbee appears to be trying to write to /var/run/bitlbee.sock - which it won't have access to if its running as its dropped user privileges (user = bitlbee in /etc/bitlbee/bitlbee.conf)

It does however have read/write perms to /var/run/bitlbee/ and should instead write out the file here.

Log of error after restarting bitlbee daemon:

Dec 12 12:03:07 milkme bitlbee[11701]: SIGTERM received, cleaning up process.
Dec 12 12:03:07 milkme bitlbee[11820]: Unable to bind UNIX socket to /var/run/bitlbee.sock: Permission denied
Dec 12 12:03:07 milkme bitlbee[11820]: Unable to bind UNIX socket to /var/run/bitlbee.sock: Permission denied



/etc/conf.d/bitlbee:

tim@server ~ $ cat /etc/bitlbee/bitlbee.conf 
## BitlBee default configuration file
##
## Comments are marked like this. The rest of the file is INI-style. The
## comments should tell you enough about what all settings mean.
##

[settings]

## RunMode:
##
##  Inetd -- Run from inetd (default)
##  Daemon -- Run as a stand-alone daemon, serving all users from one process.
##    This saves memory if there are more users, the downside is that when one
##    user hits a crash-bug, all other users will also lose their connection.
##  ForkDaemon -- Run as a stand-alone daemon, but keep all clients in separate
##    child processes. This should be pretty safe and reliable to use instead
##    of inetd mode.
##
# RunMode = Inetd
RunMode = Daemon

## User:
## 
## If BitlBee is started by root as a daemon, it can drop root privileges,
## and change to the specified user.
##
User = bitlbee

## DaemonPort/DaemonInterface:
##
## For daemon mode, you can specify on what interface and port the daemon
## should be listening for connections.
##
#DaemonInterface = 0.0.0.0
#DaemonPort = 6667

## ClientInterface:
##
## If for any reason, you want BitlBee to use a specific address/interface
## for outgoing traffic (IM connections, HTTP(S), etc.), set it here.
##
# ClientInterface = 0.0.0.0

## AuthMode
##
##  Open -- Accept connections from anyone, use NickServ for user authentication.
##    (default)
##  Closed -- Require authorization (using the PASS command during login) before
##    allowing the user to connect at all.
##  Registered -- Only allow registered users to use this server; this disables
##    the register- and the account command until the user identifies himself.
##
# AuthMode = Open

## AuthPassword
##
## Password the user should enter when logging into a closed BitlBee server.
## You can also have a BitlBee-style MD5 hash here. Format: "md5:", followed
## by a hash as generated by "bitlbee -x hash <password>".
##
# AuthPassword = ItllBeBitlBee   ## Heh.. Our slogan. ;-)
## or
# AuthPassword = md5:gzkK0Ox/1xh+1XTsQjXxBJ571Vgl

## OperPassword
##
## Password that unlocks access to special operator commands.
##
# OperPassword = ChangeMe!
## or
OperPassword = md5:BLANKED

## HostName
##
## Normally, BitlBee gets a hostname using getsockname(). If you have a nicer
## alias for your BitlBee daemon, you can set it here and BitlBee will identify
## itself with that name instead.
##
HostName = milkme.co.uk

## MotdFile
##
## Specify an alternative MOTD (Message Of The Day) file. Default value depends
## on the --etcdir argument to configure.
##
MotdFile = /etc/bitlbee/motd.txt

## ConfigDir
##
## Specify an alternative directory to store all the per-user configuration
## files. (.nicks/.accounts)
##
# ConfigDir = /var/lib/bitlbee

## Ping settings
##
## BitlBee can send PING requests to the client to check whether it's still
## alive. This is not very useful on local servers, but it does make sense
## when most clients connect to the server over a real network interface.
## (Public servers) Pinging the client will make sure lost clients are
## detected and cleaned up sooner.
##
## PING requests are sent every PingInterval seconds. If no PONG reply has
## been received for PingTimeOut seconds, BitlBee aborts the connection.
##
## To disable the pinging, set at least one of these to 0.
##
# PingInterval = 180
# PingTimeOut = 300

## Using proxy servers for outgoing connections
##
## If you're running BitlBee on a host which is behind a restrictive firewall
## and a proxy server, you can tell BitlBee to use that proxy server here.
## The setting has to be a URL, formatted like one of these examples:
##
## (Obviously, the username and password are optional)
##
## Proxy = http://john:doe@proxy.localnet.com:8080
## Proxy = socks4://socksproxy.localnet.com
## Proxy = socks5://socksproxy.localnet.com

## Protocols offered by bitlbee
## 
## As recompiling may be quite unpractical for some people, this option
## allows to remove the support of protocol, even if compiled in. If
## nothing is given, there are no restrictions.
## 
## Protocols = jabber yahoo


[defaults]

## Here you can override the defaults for some per-user settings. Users are
## still able to override your defaults, so this is not a way to restrict
## your users...

## To enable private mode by default, for example:

## private = 1


emerge options etc:

tim@server ~ $ emerge --info
Portage 2.1.10.11 (default/linux/amd64/10.0, gcc-4.4.5, glibc-2.12.2-r0, 2.6.36-gentoo-r5 x86_64)
=================================================================
System uname: Linux-2.6.36-gentoo-r5-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4600+-with-gentoo-2.0.3
Timestamp of tree: Fri, 09 Dec 2011 04:45:01 +0000
distcc[11857] (dcc_set_trace_from_env) ERROR: failed to open logfile /var/log/distcc.log: Permission denied [enabled]
ccache version 3.1.6 [enabled]
app-shells/bash:          4.1_p9
dev-lang/python:          2.7.2-r3, 3.1.4-r3
dev-util/ccache:          3.1.6
dev-util/cmake:           2.8.4-r1
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.0.3
sys-apps/openrc:          0.8.3-r1
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.68
sys-devel/automake:       1.10.3, 1.11.1
sys-devel/binutils:       2.21.1-r1
sys-devel/gcc:            4.4.5, 4.5.3-r1
sys-devel/gcc-config:     1.4.1-r1
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r1
sys-kernel/linux-headers: 2.6.39 (virtual/os-headers)
sys-libs/glibc:           2.12.2
Repositories: gentoo bitcoin x-portage
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=athlon64-sse3 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/openvpn/easy-rsa /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=athlon64-sse3 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs ccache distcc distlocks ebuild-locks fixlafiles fixpackages news nodoc noinfo parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://gentoo.virginmedia.com/  ftp://mirror.bytemark.co.uk/gentoo/ http://mirror.bytemark.co.uk/gentoo/ rsync://mirror.bytemark.co.uk/gentoo/ ftp://mirror.qubenet.net/mirror/gentoo/ http://mirror.qubenet.net/mirror/gentoo/ rsync://rsync.mirrorservice.org/www.ibiblio.org/gentoo/ http://www.mirrorservice.org/sites/www.ibiblio.org/gentoo/ ftp://ftp.mirrorservice.org/sites/www.ibiblio.org/gentoo/ ftp://gentoo.virginmedia.com/sites/gentoo http://gentoo.virginmedia.com/"
LANG="en_GB.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/bitcoin /usr/local/portage"
SYNC="rsync://rsync.uk.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext aac aalib acl acpi alsa amd64 amr apache2 avi berkdb bzip2 cddb cdparanoia cli consolekit cpudetection cracklib crypt cups cxx daemon dbus dri dvb embedded extensions extras ffmpeg fortran gdbm gif gpm iconv jpeg mmx modules moonlight mp3 mpeg mudflap multilib ncurses netboot nls nptl nptlonly openmp pam pcre png policykit pppd qt3support readline rss sdl session sse sse2 ssl sysfs tcpd tftp unicode v4l v4l2 vdpau xorg xulrunner xvid zlib" ALSA_CARDS="snd-hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XFCE_PLUGINS="menu" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS