** Description changed: [ Impact ] Installing unbound and restarting unbound.service results in a failing systemd unit, unbound-resolvconf.service. This happens because systemd's resolvconf emulation (introduced in Debian in systemd 251.4-3) isn't complete for the local loopback. Failing services mark the system state as "degraded" in `systemctl status` and are likely to be picked up by monitoring automation; Ubuntu shouldn't ship broken services by default. This was reported & fixed in Debian [1][2]; see the Debian report for additional details on the failure. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106186 [2] https://salsa.debian.org/dns-team/unbound/-/commit/e05ce6b19648c3256ab4a000d66b732f5fac53a7 [ Test Plan ] In LXD containers: ``` sudo apt install unbound sudo systemctl restart unbound.service # Sanity check systemctl status unbound.service unbound-resolvconf.service systemctl list-units --failed ``` Expected behavior: Noble/Questing: $ systemctl list-units --failed - UNIT LOAD ACTIVE SUB DESCRIPTION + UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. - Resolute (console-getty fails on startup, unrelated): + Resolute (console-getty fails on startup, unrelated, see https://github.com/canonical/lxd/issues/16860): $ systemctl list-units --failed - UNIT LOAD ACTIVE SUB DESCRIPTION + UNIT LOAD ACTIVE SUB DESCRIPTION ● console-getty.service loaded failed failed Console Getty Legend: LOAD → Reflects whether the unit definition was properly loaded. - ACTIVE → The high-level unit activation state, i.e. generalization of SUB. - SUB → The low-level unit activation state, values depend on unit type. + ACTIVE → The high-level unit activation state, i.e. generalization of SUB. + SUB → The low-level unit activation state, values depend on unit type. 1 loaded units listed. Actual behavior: $ systemctl list-units --failed - UNIT LOAD ACTIVE SUB DESCRIPTION + UNIT LOAD ACTIVE SUB DESCRIPTION ● unbound-resolvconf.service loaded failed failed Unbound asyncronous resolvconf update helper Legend: LOAD → Reflects whether the unit definition was properly loaded. - ACTIVE → The high-level unit activation state, i.e. generalization of SUB. - SUB → The low-level unit activation state, values depend on unit type. + ACTIVE → The high-level unit activation state, i.e. generalization of SUB. + SUB → The low-level unit activation state, values depend on unit type. 1 loaded units listed. [ Where problems could occur ] The upload makes changes in the `unbound-helper` wrapper script, short- circuiting if /usr/sbin/resolvconf is provided by systemd. `unbound- helper` is used for Exec{Start,Stop} in both unbound.service and unbound-resolvconf.service. The upload only changes the functions that are used by unbound-resolvconf.service; if the upload is wrong/bad we would expect to see failures when starting/stopping these services. Those failures should be reported via the systemctl commands in the test plan. [ Other information ] Test builds containing the fix (with autopkgtest passing locally) can be found in the following PPAs: - https://launchpad.net/~whershberger/+archive/ubuntu/lp2078599-proposed - https://launchpad.net/~whershberger/+archive/ubuntu/lp2078599-updates [ Original bug description ] Hi, after upgrading an LXD guest machine from 22.04 to 24.04.1, systemctl complains that units are failing: ● unbound-resolvconf.service loaded failed failed Unbound asyncronous resolvconf update helper Aug 31 19:19:25 install systemd[1]: Started unbound-resolvconf.service - Unbound asyncronous resolvconf update helper. Aug 31 19:19:25 install resolvconf[414]: Dropped protocol specifier '.unbound' from 'lo.unbound'. Using 'lo' (ifindex=1). Aug 31 19:19:25 install resolvconf[414]: No DNS servers specified, refusing operation. Aug 31 19:19:25 install systemd[1]: unbound-resolvconf.service: Main process exited, code=exited, status=1/FAILURE Aug 31 19:19:25 install systemd[1]: unbound-resolvconf.service: Failed with result 'exit-code'. # /usr/libexec/unbound-helper resolvconf_start Dropped protocol specifier '.unbound' from 'lo.unbound'. Using 'lo' (ifindex=1). No DNS servers specified, refusing operation. Looks like https://groups.google.com/g/linux.debian.bugs.dist/c/rdluvEnL6BE https://discuss.linuxcontainers.org/t/erratic-network-initialization-in- lxc-container-with-unbound-dns/18680 ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: unbound 1.19.2-1ubuntu3.1 ProcVersionSignature: Ubuntu 6.8.0-41.41-generic 6.8.12 Uname: Linux 6.8.0-41-generic x86_64 ApportVersion: 2.28.1-0ubuntu3.1 Architecture: amd64 CasperMD5CheckResult: unknown CloudBuildName: server CloudSerial: 20221101.1 Date: Sun Sep 1 02:17:43 2024 SourcePackage: unbound UpgradeStatus: Upgraded to noble on 2024-08-31 (0 days ago) modified.conffile..etc.init.d.apport: [modified] mtime.conffile..etc.init.d.apport: 2024-07-22T17:59:07
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2078599 Title: unbound-resolvconf.service fails with systemd-resolved To manage notifications about this bug go to: https://bugs.launchpad.net/unbound/+bug/2078599/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
