systemd ignoring DHCP DNS servers and DNS servers set in Network Manager GUI

Hi there!

I'm running ubuntu 22.04.1 LTS installed via the ISO image ubuntu-22.04.1-desktop-amd64.iso.

This issue affects both the Live CD and installed operating system.

I have configured my modem's DHCP server to push my adguard home DNS server (cloud-hosted) as the DNS for the network. I have an access point that is setup to do the same.

With the Live CD and installed operating system, there is a local DNS server installed that runs on 127.0.0.1:53. Somehow this bypasses the DNS servers I've configured for the network and suddenly websites that have been blocked for being malicious or harmful are now accessible.

There is no option in the installer or GUI to disable this.

Changing the network DNS settings via the GUI of either the live cd or installation do not change the behavior and do not result in the specified DNS server(s) being used. The 127.0.0.1:53 server still overrides anything set in the GUI.

The only way I have found to override this behavior is to edit /etc/systemd/resolved.conf:

1) uncomment DNSStubListener=yes
2) change yes to no
3) save file
4) run the following commands in terminal:
sudo systemctl daemon-reload
sudo systemctl restart systemd-networkd
sudo systemctl restart systemd-resolved

After doing so, the DNS servers that have been provided by DHCP are properly used.

This is considered a security vulnerability due to there being no way for a normal user to change this setting without editing system configuration files and no warning given to the user that the settings they are applying in the GUI have not been applied due to this default configuration.

This is considered a hack if this is the intentional configuration as it overrides network configuration options set by the DHCP server.

I've resolved it for myself for now by making a custom iso image that removes this configuration by default and instead installs the /etc/systemd/resolved.conf file attached to this bug report.

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: systemd 249.11-0ubuntu3.4
ProcVersionSignature: Ubuntu 5.15.0-46.49-generic 5.15.39
Uname: Linux 5.15.0-46-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.11-0ubuntu82.1
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Sun Aug 28 21:18:35 2022
InstallationDate: Installed on 2022-08-29 (0 days ago)
InstallationMedia: Ubuntu 22.04.1 2022.08.28 LTS "Custom Jammy Jellyfish" (20220828)
MachineType: Micro-Star International Co., Ltd. GS75 Stealth 9SG
ProcEnviron:
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-5.15.0-46-generic root=/dev/mapper/vgubuntu-root ro quiet splash vt.handoff=7
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 03/26/2019
dmi.bios.release: 1.12
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: E17G1IMS.10C
dmi.board.asset.tag: Default string
dmi.board.name: MS-17G1
dmi.board.vendor: Micro-Star International Co., Ltd.
dmi.board.version: REV:1.0
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: Micro-Star International Co., Ltd.
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrE17G1IMS.10C:bd03/26/2019:br1.12:svnMicro-StarInternationalCo.,Ltd.:pnGS75Stealth9SG:pvrREV1.0:rvnMicro-StarInternationalCo.,Ltd.:rnMS-17G1:rvrREV1.0:cvnMicro-StarInternationalCo.,Ltd.:ct10:cvrN/A:sku17G1.1:
dmi.product.family: GS
dmi.product.name: GS75 Stealth 9SG
dmi.product.sku: 17G1.1
dmi.product.version: REV:1.0
dmi.sys.vendor: Micro-Star International Co., Ltd.
mtime.conffile..etc.systemd.resolved.conf: 2022-08-28T19:29:41