** Description changed: + === Begin SRU Template === + [Impact] + + For releases using systemd-resolved (yakkety and zesty); the unit + configuration does not require that the service be active before + allowing systemd to reach 'network-online.target' which is a special + target used to allow other units which require networking access to + run. + + In some cases, units which run After=network-online.target may + encounter DNS failures if systemd-resolved is not yet completely + active. + + The fix is to add Before=network-online.target to the Unit directives + for systemd-resolved.service. + + [Test Case] + + 1. lxc launch ubuntu-daily:yakkety y1 + 2. lxc exec y1 -- journalctl -o short-precise \ + --unit systemd-resolved --unit network-online.target + + 3. Check order of units; If 'Reached target Network is Online' is + listed before 'Started Network Name Resolution', then DNS may not + be up. + + Example FAIL output: + + # apt-cache policy systemd + systemd: + Installed: 231-9ubuntu3 + Candidate: 231-9ubuntu3 + Version table: + *** 231-9ubuntu3 500 + 500 http://archive.ubuntu.com/ubuntu yakkety-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 231-9git1 500 + 500 http://archive.ubuntu.com/ubuntu yakkety/main amd64 Packages + + # journalctl -o short-precise -u systemd-resolved -u network-online.target + -- Logs begin at Thu 2017-03-23 21:22:42 UTC, end at Thu 2017-03-23 21:22:49 UTC. -- + Mar 23 21:22:47.173454 y1 systemd[1]: Reached target Network is Online. + Mar 23 21:22:47.197566 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted + Mar 23 21:22:47.198023 y1 systemd[1]: Starting Network Name Resolution... + Mar 23 21:22:47.207216 y1 systemd-resolved[438]: Positive Trust Anchors: + Mar 23 21:22:47.207265 y1 systemd-resolved[438]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3 + Mar 23 21:22:47.207319 y1 systemd-resolved[438]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add + Mar 23 21:22:47.216370 y1 systemd-resolved[438]: Using system hostname 'y1'. + Mar 23 21:22:47.237441 y1 systemd-resolved[438]: Switching to system DNS server 10.245.119.1. + Mar 23 21:22:47.399614 y1 systemd[1]: Started Network Name Resolution. + + + Example PASS output: + # journalctl -o short-precise -u systemd-resolved -u network-online.target + -- Logs begin at Thu 2017-03-23 21:25:08 UTC, end at Thu 2017-03-23 21:25:11 UTC. -- + Mar 23 21:25:10.206276 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted + Mar 23 21:25:10.206685 y1 systemd[1]: Starting Network Name Resolution... + Mar 23 21:25:10.229430 y1 systemd-resolved[445]: Positive Trust Anchors: + Mar 23 21:25:10.229449 y1 systemd-resolved[445]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3 + Mar 23 21:25:10.229491 y1 systemd-resolved[445]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add + Mar 23 21:25:10.229759 y1 systemd-resolved[445]: Using system hostname 'y1'. + Mar 23 21:25:10.231969 y1 systemd-resolved[445]: Switching to system DNS server 10.245.119.1. + Mar 23 21:25:10.291591 y1 systemd[1]: Started Network Name Resolution. + Mar 23 21:25:10.291944 y1 systemd[1]: Reached target Network is Online. + + + [Regression Potential] + Changing order in boot can be dangerous. This is a possiblity of + units using the defaults in /etc/resolv.conf (which doesn't point to + systemd-resolved until later during boot) would now run when + /etc/resolv.conf points to systemd-resolved service (127.0.0.53). + + + [Original Description] 1) Xenial, Yakkety and Zesty; (Xenial is affected if you're using networkd and resolved, but it's not the default) 2) 229-4ubuntu16, 231-9ubuntu3, 232-18ubuntu1 respectively to (1) 3) DNS resolution should be available once systemd has reached 'network-online.target' state 4) Sometimes systemd-resolved has not become active prior to network-online.target and DNS service is not available. - - The remaining issue for the systemd-resolved.service unit is that it needs to include a Before=network-online.target to ensure it's ordered to run before systemd reaches 'network-online.target' + The remaining issue for the systemd-resolved.service unit is that it + needs to include a Before=network-online.target to ensure it's ordered + to run before systemd reaches 'network-online.target'
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1673860 Title: systemd-resolved unit should run Before=network-online.target Status in systemd package in Ubuntu: Fix Committed Status in systemd source package in Xenial: New Status in systemd source package in Yakkety: New Bug description: === Begin SRU Template === [Impact] For releases using systemd-resolved (yakkety and zesty); the unit configuration does not require that the service be active before allowing systemd to reach 'network-online.target' which is a special target used to allow other units which require networking access to run. In some cases, units which run After=network-online.target may encounter DNS failures if systemd-resolved is not yet completely active. The fix is to add Before=network-online.target to the Unit directives for systemd-resolved.service. [Test Case] 1. lxc launch ubuntu-daily:yakkety y1 2. lxc exec y1 -- journalctl -o short-precise \ --unit systemd-resolved --unit network-online.target 3. Check order of units; If 'Reached target Network is Online' is listed before 'Started Network Name Resolution', then DNS may not be up. Example FAIL output: # apt-cache policy systemd systemd: Installed: 231-9ubuntu3 Candidate: 231-9ubuntu3 Version table: *** 231-9ubuntu3 500 500 http://archive.ubuntu.com/ubuntu yakkety-updates/main amd64 Packages 100 /var/lib/dpkg/status 231-9git1 500 500 http://archive.ubuntu.com/ubuntu yakkety/main amd64 Packages # journalctl -o short-precise -u systemd-resolved -u network-online.target -- Logs begin at Thu 2017-03-23 21:22:42 UTC, end at Thu 2017-03-23 21:22:49 UTC. -- Mar 23 21:22:47.173454 y1 systemd[1]: Reached target Network is Online. Mar 23 21:22:47.197566 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted Mar 23 21:22:47.198023 y1 systemd[1]: Starting Network Name Resolution... Mar 23 21:22:47.207216 y1 systemd-resolved[438]: Positive Trust Anchors: Mar 23 21:22:47.207265 y1 systemd-resolved[438]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3 Mar 23 21:22:47.207319 y1 systemd-resolved[438]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add Mar 23 21:22:47.216370 y1 systemd-resolved[438]: Using system hostname 'y1'. Mar 23 21:22:47.237441 y1 systemd-resolved[438]: Switching to system DNS server 10.245.119.1. Mar 23 21:22:47.399614 y1 systemd[1]: Started Network Name Resolution. Example PASS output: # journalctl -o short-precise -u systemd-resolved -u network-online.target -- Logs begin at Thu 2017-03-23 21:25:08 UTC, end at Thu 2017-03-23 21:25:11 UTC. -- Mar 23 21:25:10.206276 y1 systemd[1]: systemd-resolved.service: Failed to reset devices.list: Operation not permitted Mar 23 21:25:10.206685 y1 systemd[1]: Starting Network Name Resolution... Mar 23 21:25:10.229430 y1 systemd-resolved[445]: Positive Trust Anchors: Mar 23 21:25:10.229449 y1 systemd-resolved[445]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde3 Mar 23 21:25:10.229491 y1 systemd-resolved[445]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-add Mar 23 21:25:10.229759 y1 systemd-resolved[445]: Using system hostname 'y1'. Mar 23 21:25:10.231969 y1 systemd-resolved[445]: Switching to system DNS server 10.245.119.1. Mar 23 21:25:10.291591 y1 systemd[1]: Started Network Name Resolution. Mar 23 21:25:10.291944 y1 systemd[1]: Reached target Network is Online. [Regression Potential] Changing order in boot can be dangerous. This is a possiblity of units using the defaults in /etc/resolv.conf (which doesn't point to systemd-resolved until later during boot) would now run when /etc/resolv.conf points to systemd-resolved service (127.0.0.53). [Original Description] 1) Xenial, Yakkety and Zesty; (Xenial is affected if you're using networkd and resolved, but it's not the default) 2) 229-4ubuntu16, 231-9ubuntu3, 232-18ubuntu1 respectively to (1) 3) DNS resolution should be available once systemd has reached 'network-online.target' state 4) Sometimes systemd-resolved has not become active prior to network-online.target and DNS service is not available. The remaining issue for the systemd-resolved.service unit is that it needs to include a Before=network-online.target to ensure it's ordered to run before systemd reaches 'network-online.target' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1673860/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
