DNS Issue on first update of Fedora 38

antoniusv · July 4, 2023, 7:22am

Hi
I updated Fedora 38 yesterday after reinstalling for the first time and I have a DNS issue such that I cant access the internet via any web browser. I can ping 8.8.8.8 and it works fine. The little wifi icon in the top right corner has a little question mark on it.
I am sure something has changed when the system updated for the first time.

UPDATE
OK so a systemctl restart systemd-resolved fixed the issue. However, when I log back off and back on again, same issue. I have to reset systemctl restart systemd-resolved again. How to make this permanent?

Thanks

vgaetera · July 4, 2023, 1:22pm

Check when the issue happens:

systemctl status systemd-resolved.service
resolvectl --no-pager status
nmcli connection show

carlosrodrifernandez · July 4, 2023, 3:38pm

Beside the troubleshooting commands posted by @vgaetera, make sure it is setup fully and resolv.conf is pointing to the stub:

systemctl enable --now systemd-resolved.service
ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

antoniusv · July 4, 2023, 4:42pm

Thank you both, the wifi is fine until I shutdown and reboot the machine. At that point I have to enter systemctl restart systemd-resolved. I then have to go into “Settings” turn wifi off and then back on again and then it works. Carlos, I ran your commands to point resolv.conf to the stub.

Seems shutdown is interfering with systemd resolved somehow.

carlosrodrifernandez · July 4, 2023, 5:17pm

Try disabling PXE boot and Wake on Lan in your BIOS.
Sometimes the transition of the wifi device from the BIOS to the OS doesn’t work that well. Better to tell the BIOS to just don’t mess with it to support WoL or PXE.

carlosrodrifernandez · July 4, 2023, 5:19pm

When you reboot the computer, before fixing anything, run and get the output of the commands posted by @vgaetera

antoniusv · July 5, 2023, 7:34pm

Thank you, I will give this a go. I will also check firewalld in case this is blocking the connection.

daveome · July 5, 2023, 9:58pm

I solved this by running “SELinux Troubleshooter” from the Administration menu.
Commands like;

ausearch -c ‘systemd-resolve’ --raw | audit2allow -M my-systemresolve
semodule -X 300 -i my-systemdresolve.pp

carlosrodrifernandez · July 6, 2023, 12:29am

Wow, I’m very surprised that the systemd-resolved package didn’t have the selinux policies to not need to do that manual policy. Also, it is not systemd-resolve, but systemd-resolved.

I have Fedora 38, and SELinux enforcing, and systemd-resolved running, and no issues. The selinux-policy-targeted should have brought all of that. If adding that policy manually worked, something must have broke badly during an update.

vgaetera · July 6, 2023, 2:02am

Normally, it requires no extra policies, otherwise this would be a common issue.
There must be some customization or legacy leftovers involved altering the default setup.

antoniusv · July 7, 2023, 5:15am

Hi vgaetera,
Here are the outputs you requested, apologies for the delay

systemd-resolved.service - Network Name Resolution
Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; preset: enabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: failed (Result: exit-code) since Fri 2023-07-07 05:52:45 BST; 5min ago
Docs: man:systemd-resolved.service(8)
man:org.freedesktop.resolve1(5)
writing-network-configuration-managers
writing-resolver-clients
Process: 810 ExecStart=/usr/lib/systemd/systemd-resolved (code=exited, status=1/FAILURE)
Main PID: 810 (code=exited, status=1/FAILURE)
Error: 13 (Permission denied)
CPU: 99ms

Jul 07 05:52:45 fedora systemd[1]: systemd-resolved.service: Scheduled restart job, restart counter is at 5.
Jul 07 05:52:45 fedora systemd[1]: Stopped systemd-resolved.service - Network Name Resolution.
Jul 07 05:52:45 fedora systemd[1]: systemd-resolved.service: Start request repeated too quickly.
Jul 07 05:52:45 fedora systemd[1]: systemd-resolved.service: Failed with result ‘exit-code’.
Jul 07 05:52:45 fedora systemd[1]: Failed to start systemd-resolved.service - Network Name Resolution.
Jul 07 05:52:51 fedora systemd[1]: systemd-resolved.service: Start request repeated too quickly.
Jul 07 05:52:51 fedora systemd[1]: systemd-resolved.service: Failed with result ‘exit-code’.
Jul 07 05:52:51 fedora systemd[1]: Failed to start systemd-resolved.service - Network Name Resolution.

resolvectl --no-pager status
Global
Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 8.8.8.8
DNS Servers: 8.8.8.8
Fallback DNS Servers: 8.8.4.4

Link 2 (enp0s25)
Current Scopes: none
Protocols: -DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlp3s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.254
DNS Servers: 192.168.1.254 fe80::ca99:b2ff:fea0:a623
DNS Domain: home

nmcli connection show

NAME UUID TYPE DEVICE
The Eagles Nest 93d24cc8-7866-4d34-bf60-84293a5d5a09 wifi wlp3s0
lo 8f806c7b-6bec-47f1-97d5-01440cedf057 loopback lo
BTWi-fi eece241d-db96-4828-8f79-59dc18045c24 wifi –
Wired connection 1 a4402aee-4bbd-320d-aa00-79ff366b6f2a ethernet –
[tony@fedora ~]$

antoniusv · July 7, 2023, 7:51am

SOLVED
sudo fixfiles onboot has solved the issue. Thank you to everyone for assisting me here, much appreciate your valuable time.
Best regards
Tony