Ubuntu
resolvconf package

Conflict between resolvconf and systemd-resolved dhclient scripts

Bug #1782275 reported by Daniel Richard G.
22
This bug affects 3 people
Affects Status Importance Assigned to Milestone
resolvconf (Ubuntu)
Confirmed
Undecided
Unassigned
systemd (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

I am setting up an Ubuntu 18.04 (bionic) system with ifupdown instead of netplan, as the latter does not meet my needs. I am using resolvconf to update /etc/resolv.conf from DHCP, as in earlier releases.

Unfortunately, I am not seeing /etc/resolv.conf (actually a symlink to /run/resolvconf/resolv.conf) being updated; it is only the boilerplate from /etc/resolvconf/resolv.conf.d/head with no server information appended. (My "base" and "tail" files are empty.)

I poked around the scripts in /etc, and believe I have found the problem.

When resolvconf is installed, the following two files are present:

    /etc/dhcp/dhclient-enter-hooks.d/resolvconf
    /etc/dhcp/dhclient-enter-hooks.d/resolved

Both of these scripts define the make_resolv_conf() shell function. What I am seeing is that dhclient runs these two scripts in the (alphabetical) order shown, and as the resolved script runs second, it overwrites the resolvconf version of the shell function with its own. As a result, dhclient does not invoke the appropriate update command for resolvconf, even though the hook script was installed correctly.

Normally, I would remove the package that is providing the "resolved" script, but this package is systemd, which cannot be removed. I am not sure which of the two packages (resolvconf or systemd) needs to make an accommodation for the other, but it is clear that the current approach does not work.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Given that it is a conffile, you can remove the one you do not need.

Why do you want to use resolvconf, instead of resolved? I was expecting for people to have /etc/resolv.conf to point at either /run/systemd/resolve/stub-resolv.conf or /run/systemd/resolve/resolv.conf (as needed) and have nameservers updated via that.

Revision history for this message
Daniel Richard G. (skunk) wrote :

This issue can be addressed with a manual action, but first you have to dig into the scripts to diagnose the problem, and really if resolvconf is installed then it should just work.

Part of this setup involves disabling systemd-resolved, in favor of a "direct" /etc/resolv.conf, to match the network configuration of other systems at my site. We've also found resolvconf to be a good solution to allow flexibility in how the dynamic resolv.conf file is assembled.

There are at least two issues that I can see here:

1. When there is more than one script in /etc/dhcp/dhclient-enter-hooks.d/ that defines the make_resolv_conf() shell function, the last definition is the one that "wins." If the "resolvconf" script is renamed to e.g. "zz-resolvconf", then it works correctly. This may be a case for renaming systemd's "resolved" script to something like "00resolved" (borrowing an idea from /etc/X11/Xsession.d/), since it is always present in an out-of-the-box install.

2. The "resolved" script takes effect if the /lib/systemd/systemd-resolved executable is present, when it should probably also check that systemd-resolved is enabled. Currently, the script runs even if systemd-resolved is not active, effectively turning into a no-op (albeit a no-op that clobbers resolvconf's functionality).

   That would also fix another use case, where systemd-resolved is disabled and resolvconf is absent. In that scenario, the default make_resolv_conf() function from /sbin/dhclient-script should be used.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in resolvconf (Ubuntu):
status: New → Confirmed
Changed in systemd (Ubuntu):
status: New → Confirmed
Dan Streetman (ddstreet)
tags: added: resolved-resolvconf
Revision history for this message
Daniel Richard G. (skunk) wrote :

This issue is still present in Ubuntu focal.

Here is what I see that needs to happen:

systemd: The /etc/dhcp/dhclient-enter-hooks.d/resolved script should be renamed to something like 00resolved or aaa_resolved, so that other packages that install scripts into that directory will have their scripts override whatever definitions are in the "resolved" script. (It is notable that the avahi-autoipd package installs a file named "zzz_avahi-autoipd" into /etc/dhcp/dhclient-exit-hooks.d/, apparently so that it always runs last.)

systemd: The "resolved" script itself is obviously a modified version of the one shipped with resolvconf; a comment at the top still even names the original project. There is a conditional at the top that checks for the presence of /lib/systemd/systemd-resolved (exactly where the original checks for /sbin/resolvconf), but this check is pointless---the systemd-resolved file not only belongs to the same package as the script, the package in question is systemd, which for all intents and purposes cannot be removed. Instead, the check should be on whether systemd-resolved is enabled, e.g.

    if systemctl is-enabled systemd-resolved | fgrep -q enabled ; then

systemd: In general, the "resolved" script could use some cleanup, particularly on removing bits related to resolvconf that do not apply to systemd-resolved.

resolvconf: It may be worthwhile for this package to disable systemd-resolved upon installation (and re-enable it upon renewal), as that presumably would be the intent of anyone installing it.

tags: added: focal
Dan Streetman (ddstreet)
tags: added: ddstreet
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.