| 2017-03-17 19:00:24 |
Ryan Harper |
bug |
|
|
added bug |
| 2017-03-18 00:19:18 |
Steve Langasek |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-03-18 00:19:18 |
Steve Langasek |
bug task added |
|
systemd (Ubuntu Xenial) |
|
| 2017-03-18 00:19:18 |
Steve Langasek |
nominated for series |
|
Ubuntu Yakkety |
|
| 2017-03-18 00:19:18 |
Steve Langasek |
bug task added |
|
systemd (Ubuntu Yakkety) |
|
| 2017-03-23 07:07:30 |
Steve Langasek |
systemd (Ubuntu): status |
New |
Fix Committed |
|
| 2017-03-23 07:07:32 |
Steve Langasek |
systemd (Ubuntu): assignee |
|
Steve Langasek (vorlon) |
|
| 2017-03-23 21:39:18 |
Ryan Harper |
description |
1) Xenial, Yakkety and Zesty; (Xenial is affected if you're using networkd and resolved, but it's not the default)
2) 229-4ubuntu16, 231-9ubuntu3, 232-18ubuntu1 respectively to (1)
3) DNS resolution should be available once systemd has reached 'network-online.target' state
4) Sometimes systemd-resolved has not become active prior to network-online.target and DNS service is not available.
The remaining issue for the systemd-resolved.service unit is that it needs to include a Before=network-online.target to ensure it's ordered to run before systemd reaches 'network-online.target' |
=== Begin SRU Template ===
[Impact]
For releases using systemd-resolved (yakkety and zesty); the unit
configuration does not require that the service be active before
allowing systemd to reach 'network-online.target' which is a special
target used to allow other units which require networking access to
run.
In some cases, units which run After=network-online.target may
encounter DNS failures if systemd-resolved is not yet completely
active.
The fix is to add Before=network-online.target to the Unit directives
for systemd-resolved.service.
[Test Case]
1. lxc launch ubuntu-daily:yakkety y1
2. lxc exec y1 -- journalctl -o short-precise \
--unit systemd-resolved --unit network-online.target
3. Check order of units; If 'Reached target Network is Online' is
listed before 'Started Network Name Resolution', then DNS may not
be up.
Example FAIL output:
# apt-cache policy systemd
systemd:
Installed: 231-9ubuntu3
Candidate: 231-9ubuntu3
Version table:
*** 231-9ubuntu3 500
500 http://archive.ubuntu.com/ubuntu yakkety-updates/main amd64 Packages
100 /var/lib/dpkg/status
231-9git1 500
500 http://archive.ubuntu.com/ubuntu yakkety/main amd64 Packages
# journalctl -o short-precise -u systemd-resolved -u network-online.target
-- Logs begin at Thu 2017-03-23 21:22:42 UTC, end at Thu 2017-03-23 21:22:49 UTC. --
Mar 23 21:22:47.173454 y1 systemd[1]: Reached target Network is Online.
Mar 23 21:22:47.197566 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted
Mar 23 21:22:47.198023 y1 systemd[1]: Starting Network Name Resolution...
Mar 23 21:22:47.207216 y1 systemd-resolved[438]: Positive Trust Anchors:
Mar 23 21:22:47.207265 y1 systemd-resolved[438]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3
Mar 23 21:22:47.207319 y1 systemd-resolved[438]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add
Mar 23 21:22:47.216370 y1 systemd-resolved[438]: Using system hostname 'y1'.
Mar 23 21:22:47.237441 y1 systemd-resolved[438]: Switching to system DNS server 10.245.119.1.
Mar 23 21:22:47.399614 y1 systemd[1]: Started Network Name Resolution.
Example PASS output:
# journalctl -o short-precise -u systemd-resolved -u network-online.target
-- Logs begin at Thu 2017-03-23 21:25:08 UTC, end at Thu 2017-03-23 21:25:11 UTC. --
Mar 23 21:25:10.206276 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted
Mar 23 21:25:10.206685 y1 systemd[1]: Starting Network Name Resolution...
Mar 23 21:25:10.229430 y1 systemd-resolved[445]: Positive Trust Anchors:
Mar 23 21:25:10.229449 y1 systemd-resolved[445]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3
Mar 23 21:25:10.229491 y1 systemd-resolved[445]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add
Mar 23 21:25:10.229759 y1 systemd-resolved[445]: Using system hostname 'y1'.
Mar 23 21:25:10.231969 y1 systemd-resolved[445]: Switching to system DNS server 10.245.119.1.
Mar 23 21:25:10.291591 y1 systemd[1]: Started Network Name Resolution.
Mar 23 21:25:10.291944 y1 systemd[1]: Reached target Network is Online.
[Regression Potential]
Changing order in boot can be dangerous. This is a possiblity of
units using the defaults in /etc/resolv.conf (which doesn't point to
systemd-resolved until later during boot) would now run when
/etc/resolv.conf points to systemd-resolved service (127.0.0.53).
[Original Description]
1) Xenial, Yakkety and Zesty; (Xenial is affected if you're using networkd and resolved, but it's not the default)
2) 229-4ubuntu16, 231-9ubuntu3, 232-18ubuntu1 respectively to (1)
3) DNS resolution should be available once systemd has reached 'network-online.target' state
4) Sometimes systemd-resolved has not become active prior to network-online.target and DNS service is not available.
The remaining issue for the systemd-resolved.service unit is that it needs to include a Before=network-online.target to ensure it's ordered to run before systemd reaches 'network-online.target' |
|
| 2017-04-08 01:48:11 |
Launchpad Janitor |
systemd (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2017-04-11 08:19:30 |
Łukasz Zemczak |
systemd (Ubuntu Yakkety): status |
New |
Fix Committed |
|
| 2017-04-11 08:19:32 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-04-11 08:19:33 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2017-04-11 08:19:35 |
Łukasz Zemczak |
tags |
|
verification-needed |
|
| 2017-04-21 00:10:48 |
Steve Langasek |
systemd (Ubuntu Xenial): status |
New |
Triaged |
|
| 2017-04-21 03:28:31 |
Steve Langasek |
tags |
verification-needed |
verification-done-yakkety |
|
| 2017-04-21 04:00:28 |
Launchpad Janitor |
systemd (Ubuntu Yakkety): status |
Fix Committed |
Fix Released |
|
| 2017-04-21 04:00:48 |
Steve Langasek |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2017-07-04 09:10:16 |
Dimitri John Ledkov |
systemd (Ubuntu Xenial): milestone |
|
ubuntu-16.04.3 |
|
| 2017-07-10 15:32:51 |
Łukasz Zemczak |
systemd (Ubuntu Xenial): status |
Triaged |
Fix Committed |
|
| 2017-07-10 15:32:53 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-07-10 15:32:55 |
Łukasz Zemczak |
tags |
verification-done-yakkety |
verification-done-yakkety verification-needed verification-needed-xenial |
|
| 2017-07-11 13:09:18 |
Dimitri John Ledkov |
tags |
verification-done-yakkety verification-needed verification-needed-xenial |
verification-done-xenial verification-done-yakkety verification-needed |
|
| 2017-07-11 13:09:30 |
Dimitri John Ledkov |
tags |
verification-done-xenial verification-done-yakkety verification-needed |
verification-done-xenial verification-done-yakkety |
|
| 2017-07-17 16:05:05 |
Dimitri John Ledkov |
cve linked |
|
2017-9445 |
|
| 2017-07-18 23:34:00 |
Adam Conrad |
tags |
verification-done-xenial verification-done-yakkety |
verification-done-yakkety verification-needed verification-needed-xenial |
|
| 2017-07-19 13:39:28 |
Dimitri John Ledkov |
tags |
verification-done-yakkety verification-needed verification-needed-xenial |
verification-done-xenial verification-done-yakkety verification-needed |
|
| 2017-07-19 13:39:37 |
Dimitri John Ledkov |
tags |
verification-done-xenial verification-done-yakkety verification-needed |
verification-done verification-done-xenial verification-done-yakkety |
|
| 2017-07-20 23:43:25 |
Launchpad Janitor |
systemd (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
