Public bug reported: I use a VPN (network manager "vpnc" config) to connect to my work network. The gateway is "webvpn.purestorage.com". When I connect, I get "purestorage.com" added to the "search" line in my /etc/resolv.conf (and /run/resolvconf/interface/systemd-resolved) - which makes perfect sense, the VPN passes this info to me and then I can connect to systems within the work network without having to use a FQDN.
The bug (which is a regression from older versions of Ubuntu) is that when I lose my connection to the VPN (either because I disconnect explicitly, or because the network goes down or I suspend my laptop), the "purestorage.com" domain is not removed from those "search" lines. And for some reason this prevents me from resolving webvpn.purestorage.com (which prevents me from reconnecting to the VPN). In particular, if I connect and disconnect my VPN, I get: $ systemd-resolve webvpn.purestorage.com webvpn.purestorage.com: resolve call failed: No appropriate name servers or networks for name found If I then edit /etc/resolv.conf by hand to remove all the purestorage.com entries from the search line - in other words, change $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 search home.digitalvampire.org purestorage.com dev.purestorage.com to $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 search home.digitalvampire.org and change nothing else, then: $ systemd-resolve webvpn.purestorage.com webvpn.purestorage.com: 192.30.189.1 (vpn.purestorage.com) -- Information acquired via protocol DNS in 25.9ms. -- Data is authenticated: no I'm not sure if the bug is in systemd, network manager, or some other package, but I'm happy to try any debugging that is helpful to resolve this (no pun intended). ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: systemd 234-2ubuntu10 ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10 Uname: Linux 4.12.0-13-generic x86_64 ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CurrentDesktop: GNOME Date: Mon Sep 18 11:20:17 2017 InstallationDate: Installed on 2016-09-01 (381 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Alpha amd64 (20160901) MachineType: LENOVO 20FRS2FK00 ProcEnviron: TERM=screen PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.12.0-13-generic root=UUID=30d5ada5-835d-4cf7-96cf-3329c0316107 ro quiet splash vt.handoff=7 SourcePackage: systemd UpgradeStatus: Upgraded to artful on 2017-07-26 (53 days ago) dmi.bios.date: 07/13/2017 dmi.bios.vendor: LENOVO dmi.bios.version: N1FET53W (1.27 ) dmi.board.asset.tag: Not Available dmi.board.name: 20FRS2FK00 dmi.board.vendor: LENOVO dmi.board.version: SDK0J40697 WIN dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 31 dmi.chassis.vendor: LENOVO dmi.chassis.version: None dmi.modalias: dmi:bvnLENOVO:bvrN1FET53W(1.27):bd07/13/2017:svnLENOVO:pn20FRS2FK00:pvrThinkPadX1Yoga1st:rvnLENOVO:rn20FRS2FK00:rvrSDK0J40697WIN:cvnLENOVO:ct31:cvrNone: dmi.product.family: ThinkPad X1 Yoga 1st dmi.product.name: 20FRS2FK00 dmi.product.version: ThinkPad X1 Yoga 1st dmi.sys.vendor: LENOVO ** Affects: systemd (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug artful wayland-session -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1717995 Title: extra domains not removed from resolv.conf when VPN disconnects Status in systemd package in Ubuntu: New Bug description: I use a VPN (network manager "vpnc" config) to connect to my work network. The gateway is "webvpn.purestorage.com". When I connect, I get "purestorage.com" added to the "search" line in my /etc/resolv.conf (and /run/resolvconf/interface/systemd-resolved) - which makes perfect sense, the VPN passes this info to me and then I can connect to systems within the work network without having to use a FQDN. The bug (which is a regression from older versions of Ubuntu) is that when I lose my connection to the VPN (either because I disconnect explicitly, or because the network goes down or I suspend my laptop), the "purestorage.com" domain is not removed from those "search" lines. And for some reason this prevents me from resolving webvpn.purestorage.com (which prevents me from reconnecting to the VPN). In particular, if I connect and disconnect my VPN, I get: $ systemd-resolve webvpn.purestorage.com webvpn.purestorage.com: resolve call failed: No appropriate name servers or networks for name found If I then edit /etc/resolv.conf by hand to remove all the purestorage.com entries from the search line - in other words, change $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 search home.digitalvampire.org purestorage.com dev.purestorage.com to $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 search home.digitalvampire.org and change nothing else, then: $ systemd-resolve webvpn.purestorage.com webvpn.purestorage.com: 192.30.189.1 (vpn.purestorage.com) -- Information acquired via protocol DNS in 25.9ms. -- Data is authenticated: no I'm not sure if the bug is in systemd, network manager, or some other package, but I'm happy to try any debugging that is helpful to resolve this (no pun intended). ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: systemd 234-2ubuntu10 ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10 Uname: Linux 4.12.0-13-generic x86_64 ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CurrentDesktop: GNOME Date: Mon Sep 18 11:20:17 2017 InstallationDate: Installed on 2016-09-01 (381 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Alpha amd64 (20160901) MachineType: LENOVO 20FRS2FK00 ProcEnviron: TERM=screen PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.12.0-13-generic root=UUID=30d5ada5-835d-4cf7-96cf-3329c0316107 ro quiet splash vt.handoff=7 SourcePackage: systemd UpgradeStatus: Upgraded to artful on 2017-07-26 (53 days ago) dmi.bios.date: 07/13/2017 dmi.bios.vendor: LENOVO dmi.bios.version: N1FET53W (1.27 ) dmi.board.asset.tag: Not Available dmi.board.name: 20FRS2FK00 dmi.board.vendor: LENOVO dmi.board.version: SDK0J40697 WIN dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 31 dmi.chassis.vendor: LENOVO dmi.chassis.version: None dmi.modalias: dmi:bvnLENOVO:bvrN1FET53W(1.27):bd07/13/2017:svnLENOVO:pn20FRS2FK00:pvrThinkPadX1Yoga1st:rvnLENOVO:rn20FRS2FK00:rvrSDK0J40697WIN:cvnLENOVO:ct31:cvrNone: dmi.product.family: ThinkPad X1 Yoga 1st dmi.product.name: 20FRS2FK00 dmi.product.version: ThinkPad X1 Yoga 1st dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1717995/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp