Your message dated Sun, 01 Jan 2017 21:33:39 +0000 with message-id <[email protected]> and subject line Bug#767071: fixed in ndisc6 1.0.3-2 has caused the Debian Bug report #767071, regarding rdnssd service periodically overwriting /etc/resolv.conf to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 767071: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767071 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: rdnssd Version: 1.0.1-2 Severity: normal Dear Maintainer, * What led up to the situation? After reinstalling Debian Testing and upgrading to Unstable, I was having issues to automatically configure, on /etc/resolv.conf, the set of DNS servers provided via DHCP by my router. Why? Because a few seconds after being properly set (for example, by running `dhclient -r; dhclient`), the content of /etc/resolv.conf was suddenly reverted back to something else. More precisely, it was reverted back to: $ cat /etc/resolv.conf nameserver fd46:7873:6984::1 Each time, I restored /etc/resolv.conf back (by issuing a DHCP request) to the values provided by my router. But a few seconds later, the contents of the file, once again, were reverted back. * What exactly did you do (or not do) that was effective (or ineffective)? It was evident that there was some conflicting program, but it took me a (long) time to figure that out as, at first, I thought it was some misconfiguration/misunderstanding on my side. I tried: - disabling networking service, and enabling systemd-networkd & systemd-resolved. It wasn't effective, as the /etc/resolv.conf got the correct values at first, but a few seconds then, it was reverted back. - installing a different dhcpclient (dhcpcd5). No effect. - reconfiguring my router, and disabling some obscure IPv6-related settings. No effect. - making /etc/resolv.conf read-only or changing some attributes using chattr. No effect. Finally, what put me on the right track was using the auditd daemon to audit which process was tinkering with /etc/resolv.conf. Looking at the logs, an obscure "merge-hook" command was the one changing the contents of /etc/resolv.conf After some research, I arrived to the conclusion that the rdnssd service (enabled and running on the background) was the cause. More precisely, it was the script located in /etc/rdnssd/merge-hook. I'm not sure what rdnssd nor this merge-hook script does, but looking at the script, it seems it depends on /sbin/resolvconf being present to do something. And, if /sbin/resolv.conf isn't present, it falls back to overwriting /etc/resolv.conf with some content. So, bottom line: I solved my issue by disabling rdnssd service. Only after solving it, my google-fu led me to an article that would have saved me many hours of hair-pulling. https://www.aeyoun.com/how-to/debian-dns-resolv.html Suggestions / posible solutions: - don't enable rdnssd service by default. - check if the "merge-hook" script could be more "graceful" by, well, not overwriting /etc/resolv.conf. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 4.1.0-1-686-pae (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages rdnssd depends on: ii adduser 3.113+nmu3 ii libc6 2.19-19 Versions of packages rdnssd recommends: pn resolvconf <none> Versions of packages rdnssd suggests: pn ndisc6 <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: ndisc6 Source-Version: 1.0.3-2 We believe that the bug you reported is fixed in the latest version of ndisc6, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernhard Schmidt <[email protected]> (supplier of updated ndisc6 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 01 Jan 2017 20:33:46 +0100 Source: ndisc6 Binary: ndisc6 ndisc6-udeb rdnssd rdnssd-udeb Architecture: source Version: 1.0.3-2 Distribution: unstable Urgency: medium Maintainer: Bernhard Schmidt <[email protected]> Changed-By: Bernhard Schmidt <[email protected]> Description: ndisc6 - IPv6 diagnostic tools ndisc6-udeb - IPv6 diagnostic tools (udeb) rdnssd - IPv6 recursive DNS server discovery daemon rdnssd-udeb - IPv6 recursive DNS server discovery daemon (udeb) Closes: 767071 Changes: ndisc6 (1.0.3-2) unstable; urgency=medium . [ Bernhard Schmidt ] * Mostly use upstream rdnssd-hook to merge resolv.conf (Closes: #767071) Checksums-Sha1: e73cd9a4e315f57932cd23fd2fa4715f7f4804bb 2056 ndisc6_1.0.3-2.dsc b7e3c3d8d0f4257c84c7924f3344902a1810c636 6632 ndisc6_1.0.3-2.debian.tar.xz Checksums-Sha256: c1f8af601d0bc327141fbcc5b4b83e3be2ba178d9c57a5362a769c3e91ac79bc 2056 ndisc6_1.0.3-2.dsc 35bd3b17fb7229b1bd40b2634a9587c879026957c00db301297e52cb525fa629 6632 ndisc6_1.0.3-2.debian.tar.xz Files: 6e1694e0e2299bac650e2e36abbf79d5 2056 net optional ndisc6_1.0.3-2.dsc b4c58142b796e3f2c9b3459e0f4bdd36 6632 net optional ndisc6_1.0.3-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJFBAEBCAAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAlhpcVERHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJNyTA/+M5B4tVyhuKjMXJT3tG6iFWOQk7083k9c w8nf7mz2V7qNRYiX0C6AoqS/8jGXvztkwfCsQ85b2QfMZCf9qaWBUKrutJUz3uas shMVPu9kPzlGP/N2eX8tzt9lk2SU0IhbmXvA7grNwzWX/TS8CALhRJSg2aHzf+H2 cF1fCsuDxxwEzMkDBIeOMQx/HzixMoG192NvQho4YaffjCnxuAUgpYnl07tu695w 84efRmFsgM9ZRr8oZ2Km2//SyaKSqNFlyLyodB2GHqIxixdG01db1WPTCyteCCFX DmmSmE8JZz/k4GMsy6DVu8nqgBiMsL3FnKpWC04LR2u47SDEr/tfZdPkt235Ufe4 g91BFMlc47k1ypgGJlRrhcgPnpOag6HqrE3jws/owuxe0nCdrDxhKVydE576KdYn KLF8+9l028LCkg0oooyOBtZMkMniE9v69+xId8dAbsTU5JtqrZhmtz181ZhOIuLT 0DBFPDS+N4jECpsH+X39+BDUQTFqAP75KH7NKeU8WaGI/nX7vb1Lw8CbA9820Zmk Ky6in8fx9ecRDoZHfDM6Mv+PR+7uHdQ4+thQpjdDPjSBZ7JgMBo+kvBgGpxb60gB GyRkDuz2B62SczSQK6Uj/+8M3G28FP9ga5SVM5uR49CEWoNQSiJ87H2IFgLa8tTf xAcgzVGhkm0= =pQPd -----END PGP SIGNATURE-----
--- End Message ---
