Ubuntu
isc-dhcp package

dhclient overriding stub-resolv.conf file on Jammy

Bug #1972029 reported by Pedro Principeza
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
isc-dhcp (Ubuntu)
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned

Bug Description

[Issue]
On Jammy, the stub-resolv.conf file on /run/systemd/resolve gets overwritten if dhclient is executed.

While debugging this, I found the reference on LP#1889068 [0] of the move of `resolved` hook from dhclient-enter-hooks.d/ to dhclient-exit-hooks.d/, and this new hook [2] has no reference of make_resolv_conf() being called.

[Reproducer]
-
I used a cloud-image based Jammy installation (uvt-kvm). Once in:

$ cat /run/system/resolve/stub-resolv.conf

And one will see:

nameserver 127.0.0.53
options edns0 trust-ad
search .

Then:

$ sudo dhclient
$ cat /run/system/resolve/stub-resolv.conf

You'll see the definition of the nameserver(s) in, and the stub IP address no longer there. To revert this, a `systemctl restart systemd-resolved` is needed.

[Impact]

This is an improper way to keep nameserver(s) in *resolv* files; the override of the file should never happen in these circumstances.

[Extra]
-
As a minor test, I copied over the dhclient-enter-hooks.d/resolved file from a Focal installation to a Jammy one, and the problem _does not happen_ when such hook is in place.

[ . . . ]

Let me know if further clarification is needed to proceed. Thank you.

BR,
pprincipeza

[0] https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1889068
[1] https://paste.ubuntu.com/p/bvqPZXZZ8w/
[2] https://paste.ubuntu.com/p/YQdG6z4WS7/

Heitor Alves de Siqueira (halves)
tags: added: sts sts-sponsor-halves
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in isc-dhcp (Ubuntu):
status: New → Confirmed
Matthieu Clemenceau (mclemenceau)
tags: added: rls-jj-incoming
Lukas Märdian (slyon)
tags: added: fr-2552
tags: removed: rls-jj-incoming
Revision history for this message
Lukas Märdian (slyon) wrote :

I can reproduce this, did some investigation on it and I agree that this behavior of overriding /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf (managed by sd-resolved) is very bad.

The sd-resolved hook was moved from https://launchpad.net/ubuntu/+source/systemd/246-2ubuntu1 to https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.1ubuntu7 in Groovy.

It was moved from an enter-hook to an exit-hook, too. And it looks like the part overriding/disabling "make_resolv_conf()" got dropped and went missing.

IIUC we could place a tiny enter-hook to disable "make_resolv_conf()" if systemd-resolved is being used, to avoid it from overriding /etc/resolv.conf -> /run/systemd/resolv/stub-resolv.conf, managed by sd-resolved. Everything else seems to be working as expected.

Would you mind testing my isc-dhcp-client package from this PPA?
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4635/+packages

Revision history for this message
Pedro Principeza (pprincipeza) wrote :

Hi, Lukas.

Thank you very much for the reply, here. I tested the isc-dhcp-client in the mentioned PPA on a Kinetic uvt-kvm-based VM, and with it in place, I no longer see the stub-resolv.conf being overwritten whenever I run `sudo dhclient`. Indeed, I now see a `resolved-enter` enter-hook script disabling the make_resolv_conf() execution when sd-resolved is in.

It works! Thanks again!

Revision history for this message
Lukas Märdian (slyon) wrote :

Thanks for confirming, Pedro. My local testing and running of some rev-deps autopkgtests in Bileto passed as well.

I've now uploaded this into Kinetic and proposed it for Jammy SRU. Thanks for already preparing the testcase/SRU template on this bug.

Changed in isc-dhcp (Ubuntu Kinetic):
status: Confirmed → Fix Committed
Changed in isc-dhcp (Ubuntu Jammy):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package isc-dhcp - 4.4.1-2.3ubuntu5

---------------
isc-dhcp (4.4.1-2.3ubuntu5) kinetic; urgency=medium

  * Disable make_resolv_conf() if systemd-resolved is in use (LP: #1972029)
    This functionality was moved from systemd 246-2ubuntu1 (enter-hook) to
    isc-dhcp 4.4.1-2.1ubuntu7 (exit-hook). The part overriding
    make_resolv_conf() was dropped, but is needed to avoid it overriding
    /etc/resolv.conf, managed by sd-resolved (stub-resolv.conf).

 -- Lukas Märdian <email address hidden> Mon, 18 Jul 2022 15:50:13 +0200

Changed in isc-dhcp (Ubuntu Kinetic):
status: Fix Committed → Fix Released
Heitor Alves de Siqueira (halves)
tags: removed: sts sts-sponsor-halves
Revision history for this message
Lukas Märdian (slyon) wrote :

I've uploaded the fix into Kinetic and proposed it for Jammy SRU.

But @vorlon had some reservations: "I want to understand why the partner is invoking dhclient at all, when it is not part of our standard network stack in jammy (or even focal)."
I'll leave the decision to accept/reject this to him.

IMO the bug is real and should be fixed. But at the same time they should not be using dhclient, which is deprecated: https://www.isc.org/blogs/dhcp-client-relay-eom/

Changed in isc-dhcp (Ubuntu Jammy):
status: In Progress → Incomplete
Revision history for this message
Steve Langasek (vorlon) wrote :

The question regarding partner usage of dhclient is in progress elsewhere and does not block this SRU.

Changed in isc-dhcp (Ubuntu Jammy):
status: Incomplete → Fix Committed
tags: added: verification-needed verification-needed-jammy
Revision history for this message
Steve Langasek (vorlon) wrote : Please test proposed package

Hello Pedro, or anyone else affected,

Accepted isc-dhcp into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.3ubuntu2.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (isc-dhcp/4.4.1-2.3ubuntu2.2)

All autopkgtests for the newly accepted isc-dhcp (4.4.1-2.3ubuntu2.2) for jammy have finished running.
The following regressions have been reported in tests triggered by the package:

systemd/249.11-0ubuntu3.4 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/jammy/update_excuses.html#isc-dhcp

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message
Pedro Principeza (pprincipeza) wrote :

@vorlon,

Upon installing the jammy-proposed version of the isc-dhcp-client on a Jammy instance (4.4.1-2.3ubuntu2.2), I am no longer able to reproduce the reported issue; running `dhclient` does not get the resolv.conf/stub-resolv.conf files overwritten.

As of the reported regression, I did not find anything in the excuses page at all.

Anyway, marking as complete from my side. Thanks!

BR,
pprincipeza

tags: added: verification-done verification-done-jammy
removed: verification-needed verification-needed-jammy
Revision history for this message
Lukas Märdian (slyon) wrote :

Thanks for doing the SRU verification @pprincipeza!
I re-triggered the flaky autopkgtest on systemd/249.11-0ubuntu3.4 (armhf) to make it pass.

All looking good.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package isc-dhcp - 4.4.1-2.3ubuntu2.2

---------------
isc-dhcp (4.4.1-2.3ubuntu2.2) jammy; urgency=medium

  * Disable make_resolv_conf() if systemd-resolved is in use (LP: #1972029)
    This functionality was moved from systemd 246-2ubuntu1 (enter-hook) to
    isc-dhcp 4.4.1-2.1ubuntu7 (exit-hook). The part overriding
    make_resolv_conf() was dropped, but is needed to avoid it overriding
    /etc/resolv.conf, managed by sd-resolved (stub-resolv.conf).

 -- Lukas Märdian <email address hidden> Tue, 19 Jul 2022 09:56:44 +0200

Changed in isc-dhcp (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for isc-dhcp has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.