systemd ExecStartPre test config

Sorry, the right option is --conf-dir=/etc/dnsmasq.d

Another problem: if systemd control the network in place of network manager, dnsmasq starts before systemd-resolved.service. dnsmasq fails with error message "directory /etc/resolv.conf for resolv-file is missing, cannot poll".

Solution: in section [Unit] of /lib/systemd/system/dnsmasq.service insert After=systemd-resolved.service

I'm currently scanning through bugs that were dormant for too long.
I must beg your pardon - in particular because I was the (less experienced me back then) one who triaged it initially.

Looking back the right decision would have been to ask you to report this to Debian.

This bug is present in Debian too, and Ubuntu currently doesn't make any changes over the Debian package. So this bug would be best fixed directly in Debian, and then Ubuntu will pick up the fix automatically.
OTOH I think your request is perfectly valid - the dependency on systemd-resolvd as well as the check of the right config.

Therefore it would be great if you could report that to Debian and link the bug here.
Once fixed there Ubuntu will automatically pick that up for the next release and from there we can consider SRU's.

Hi,
I again come by cleaning up dormant bugs which just means to me that it isn't important enough for anyone to be able to allocate time for it.
While the suggestion you made is absolutely correct it just wasn't important to many users it seems and also of low severity just dropping the ExecStartPre test on the floor by using the wrong conf.

I really think it is not worth a delta to Debian to be carried in Ubuntu (due to low severity), as I said before Debian is just as affected - so reporting it there would benefit Debian as well and eventually be picked up by Ubuntu as well.

Furthermore the config dir is configurable in /etc/default/dnsmasq so maybe the test should follow this config as well.
That would need EnvironmentFile=-/etc/default/dnsmasq as well as some logic to do this conditionally if set. As far as I can see the latter can't be done in systemd according to its current doc (to set the -7 CONF_DIR only if set).

But it certainly could be done as:
1. drop the ExecStartPre as it tests the wrong thing
2a. implement it in the systemd-exec section in /etc/init.d/dnsmasq (there all vars are set up anyway)
2b. if you want to leverage StartPre then you'd need a systemd-exec-check section with just the same as 2a

I'd really want to encourage you to report just that to Debian.
If you are unable or unwilling please let me know, but in general it is better if the reporters do so.

Enough late posts for a lack of activity on this, this time I think we can close it :-)

What used to be:
ExecStartPre=/usr/sbin/dnsmasq --test

Nowadays is:
ExecStartPre=/etc/init.d/dnsmasq checkconfig
that maps it to
${DAEMON} --test ${CONFIG_DIR:+ -7 ${CONFIG_DIR}} ${DNSMASQ_OPTS:+ ${DNSMASQ_OPTS}} >/dev/null 2>&1

Which includes not only config-dir but also all other configs that might affect it.

It is not yet started as After=systemd-resolved.service but tolerates both modes nowadays.
1. with systemd-resolved stopped

● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
     Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 15:49:59 UTC; 5s ago
    Process: 29898 ExecStartPre=/etc/init.d/dnsmasq checkconfig (code=exited, status=0/SUCCESS)
    Process: 29906 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
    Process: 29915 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
   Main PID: 29914 (dnsmasq)
      Tasks: 1 (limit: 38266)
     Memory: 2.0M
     CGroup: /system.slice/dnsmasq.service
             └─29914 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c>

Nov 17 15:49:59 j systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Nov 17 15:49:59 j dnsmasq[29914]: started, version 2.85 cachesize 150
Nov 17 15:49:59 j dnsmasq[29914]: DNS service limited to local subnets
Nov 17 15:49:59 j dnsmasq[29914]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth cryptohash DNSSEC loop-detect inotify dumpfile
Nov 17 15:49:59 j dnsmasq[29914]: reading /etc/resolv.conf
Nov 17 15:49:59 j dnsmasq[29914]: using nameserver 127.0.0.53#53
Nov 17 15:49:59 j dnsmasq[29914]: read /etc/hosts - 7 addresses
Nov 17 15:49:59 j systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.

2. with systemd-resolved stopped and /etc/resolv.conf removed

● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
     Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 15:50:41 UTC; 3s ago
    Process: 29937 ExecStartPre=/etc/init.d/dnsmasq checkconfig (code=exited, status=0/SUCCESS)
    Process: 29945 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
    Process: 29954 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
   Main PID: 29953 (dnsmasq)
      Tasks: 1 (limit: 38266)
     Memory: 1.8M
     CGroup: /system.slice/dnsmasq.service
             └─29953 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c>

Nov 17 15:50:41 j systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Nov 17 15:50:41 j dnsmasq[29953]: started, version 2.85 cachesize 150
Nov 17 15:50:41 j dnsmasq[29953]: DNS servic...

oh Focal is affected as well, that makes it more reasonable to at least consider a smaller version (not the full rewrite, but as suggested maybe pass the config dir at least).

Hi ingopingo and anyone else,

I have looked closely at your perfectly valid bug report, and I have to say thank you for reporting it and helping to improve Ubuntu.

It's true that the ExecStartPre directive is incomplete, as it is not using the --conf-dir/-7 option and there isn't a hardcoded folder anywhere that the daemon uses with the --test option without argument, as we can see experimenting a bit directly with the command in that directive (root@focal:~# grep ExecStartPre /lib/systemd/system/dnsmasq.service
ExecStartPre=/usr/sbin/dnsmasq --test ):

 1- Let's put a bad configuration file under /etc/dnsmasq.d :
     root@focal:~# cat /etc/dnsmasq.d/kk.conf
     HELLO="I need coffee to say hello in the morning"

 2- Running the command from the directive, we get:
     root@focal:~# /usr/sbin/dnsmasq --test
     dnsmasq: syntax check OK.

 3- Running the command with the --conf-dir/-7 option:
     root@focal:~# /usr/sbin/dnsmasq --test --conf-dir=/etc/dnsmasq.d

     dnsmasq: bad option at line 1 of /etc/dnsmasq.d/kk.conf

So, as you pointed out, the ExecStartPre is doing nothing in the service unit file. But, if we look at the failed status after trying a "systemctl start dnsmasq" with the bad config, we get:

    - Not testing well, with SUCCESS status for the directive (so the starting process continues):
       Process: 34824 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
       Nov 25 10:16:43 focal dnsmasq[34824]: dnsmasq: syntax check OK.

    - and not starting the service, because fortunately the dnsmasq's init.d file check the configuration on start:
       Process: 34825 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=1/FAILURE)
       Nov 25 10:16:43 focal dnsmasq[34825]: dnsmasq: bad option at line 1 of /etc/dnsmasq.d/kk.conf
       Nov 25 10:16:43 focal dnsmasq[34825]: bad option at line 1 of /etc/dnsmasq.d/kk.conf

     root@focal:~# systemctl start dnsmasq
    Job for dnsmasq.service failed because the control process exited with error code.
    See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
    root@focal:~# systemctl status dnsmasq
    ● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
     Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Thu 2021-11-25 10:16:43 UTC; 4s ago
    Process: 34824 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
    Process: 34825 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=1/FAILURE)

    Nov 25 10:16:43 focal systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
    Nov 25 10:16:43 focal dnsmasq[34824]: dnsmasq: syntax check OK.
    Nov 25 10:16:43 focal dnsmasq[34825]: dnsmasq: bad option at line 1 of /etc/dnsmasq.d/kk.conf
    Nov 25 10:16:43 focal dnsmasq[34825]: bad option at line 1 of /etc/dnsmasq.d/kk.conf
    Nov 25 10:16:43 focal dnsmasq[34825]: FAILED to start up
    Nov 25 10:16:43 focal systemd[1]: dnsmasq.service: Control process exited, code=exited, status=1/FAILURE
    Nov 25 10:16:43 focal systemd[1]: dnsmasq.service: Failed with res...