After configuring OpenVPN to use the update-systemd-resolved
scripts 1
, some applications started to show connectivity issues. This feels like hunting a Heisenbug, as many subsystems are involved that tightly integrate.
Changes were manually made to /etc/nsswitch.conf
and systemd-resolved
was enabled to be the sole DNS resolver for NetworkManager via a /etc/resolv.conf
symlink to /lib/systemd/resolv.conf
. 2
This routes all DNS requests from glibc
applications that do not already make use of nsswitch.conf
, but use resolv.conf
instead, through the systemd-resolved
stub resolver at 127.0.0.53:53
.
Note that /etc/nsswitch.conf
will be deprecated for Ubuntu 3
due to continuation of the introduction of systemd-resolved
into the networking stack. This produces a serious cascade of further issues for systemd
itself, and other packages like NetworkManager or OpenVPN. Can similar repercussions be expected for Fedora, too?
Also it appears useful to consider with the authselect
maintainers, how the transition to systemd-resolved
will influence the nsswitch
behaviour on Fedora further. Who would be responsible for putting the correct resolve
configuration for nsswitch
in place, the authselect
maintainers, or those from systemd-resolved
? 4
References
1 https://github.com/jonathanio/update-systemd-resolved
2 https://www.mankier.com/5/NetworkManager.conf#dns
3 https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1685045
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1659195
https://bugs.launchpad.net/network-manager/+bug/1624317
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1671606
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1688018
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1685391
https://github.com/systemd/systemd/issues/3421
https://github.com/systemd/systemd/issues/5755
https://github.com/systemd/systemd/issues/5573
https://github.com/systemd/systemd/issues/6076
https://github.com/systemd/systemd/issues/6224
https://github.com/systemd/systemd/issues/9944
https://github.com/systemd/systemd/issues/10125
https://github.com/systemd/systemd/commit/e16cb2e4ef
https://github.com/systemd/systemd/pull/11050
4
https://pagure.io/fesco/issue/1815
https://src.fedoraproject.org/rpms/systemd/pull-request/12
https://fedoraproject.org/wiki/Changes/AuthselectAsDefault
https://fedoraproject.org/wiki/User:Pbrezina/Authselect_and_packages_that_modifies_nsswitch
https://github.com/pbrezina/authselect/wiki/Design-Document:-nsswitch.conf-modification
https://github.com/pbrezina/authselect/issues/47
https://github.com/pbrezina/authselect/issues/51
https://github.com/pbrezina/authselect/issues/77
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/PNKKVG3K6WAU42CCPVIEV6LZY7PWUG4P/
Following suit, snapd
stopped working.
Is the package even unmaintained, given the amount of issues?
https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&component=snapd&product=Fedora&query_format=advanced
Further on, gnome-software
was first presenting a timeout similar to the one presented in
but now stopped working and does nothing, similar to
Following the pastes within the above issue and trying out gdb
with both gnome-software
or packagekitd
did not yield any results. PackageKit seems to be working as expected and does not seem to run into similar events as described in
Now the intuition stays that something is wrong with name resolution via systemd-resolved
or nsswitch
on this system, as `gnome-calendar occasionally also cannot connect to calendars anymore, and fails with:
Failed to authenticate: Name or service not known
What is it that I am missing in trying to triage here?