FS#67069 - [iwd] resolvconf as DNS manager doesn't work when IWD is launched as systemd service

Attached to Project: Community Packages
Opened by Vuk Mirovic (wooque) - Monday, 22 June 2020, 00:20 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:01 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Andreas Radke (AndyRTR)
Christian Rebischke (Shibumi)
Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 4
Private No

Details

Description:

I'm using simple configuration

[General]
EnableNetworkConfiguration=true
[Network]
NameResolvingService=resolvconf

when I launch iwd manually with "sudo /usr/lib/iwd/iwd" everything works fine, but when I launch systemd service there is error

iwd[4113]: Cannot write to /run/resolvconf/lock
iwd[4004]: resolve: /usr/bin/resolvconf exited with status (256).

I manage to fix this by setting ProtectSystem to true instead of strict in systemd service file

Additional info:
* package version(s)

1.8-1

* config and/or log files etc.

[General]
EnableNetworkConfiguration=true
[Network]
NameResolvingService=resolvconf

* link to upstream bug report, if any

Steps to reproduce:

Start iwd systemd service with this config and observe DNS resolving not working
This task depends upon

Closed by  Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:01 GMT
Reason for closing:  Moved
Additional comments about closing:  https://gitlab.archlinux.org/archlinux/p ackaging/packages/iwd/issues/1
Comment by Levente Polyak (anthraxx) - Monday, 22 June 2020, 09:11 GMT
does it work with using ReadWritePaths instead?
Comment by Vuk Mirovic (wooque) - Monday, 22 June 2020, 11:16 GMT
I succeed with following additional config lines instead of changing ProtectSystem:

RuntimeDirectory=resolvconf
ReadWritePaths=/etc/resolv.conf

I tried to set /run/resolvconf in ReadWritePaths, but first it complained that directory doesn't exist and after prefixing it with "-" to ignore if it doesn't exist, than there was complaint that process can't create /run/resolvconf on read-only filesystem, probably would need to set whole /run in ReadWritePaths, so I've put it in RuntimeDirectory
Comment by Clemmitt Sigler (cmsigler) - Saturday, 22 August 2020, 14:57 GMT
Hi,

The solution posted by Vuk Mirovic WFM. Please see:

https://bbs.archlinux.org/viewtopic.php?id=258084

Perhaps iwd.service needs to be patched during package build? HTH.

Clemmitt Sigler
Comment by Vuk Mirovic (wooque) - Thursday, 10 September 2020, 10:30 GMT
Issue still present in 1.9-1, same fix is needed, adding two lines in systemd service:

RuntimeDirectory=resolvconf
ReadWritePaths=/etc/resolv.conf
Comment by Christian Rebischke (Shibumi) - Sunday, 20 September 2020, 14:08 GMT
I would prefer to have this fixed upstream. I asked the devs if they can include these two lines.
Comment by Jason P. (jasonp) - Saturday, 06 March 2021, 17:44 GMT
Still present in iwd 1.12. Suggested fix works.
Comment by Christian Rebischke (Shibumi) - Saturday, 06 March 2021, 21:43 GMT
Hi,

I am not confident that the proposed fixes in this bug ticket are without side effects.
What will happen for users who are using systemd-resolved for resolving, when the mentioned patches got applied?

This issue needs more discussion and I would like to hear more voices.


Comment by Christian Rebischke (Shibumi) - Saturday, 27 March 2021, 13:19 GMT
Please, Re-Open if you are still interested in this.
Comment by Atomic (Atomic) - Thursday, 14 October 2021, 22:28 GMT
  • Field changed: Percent Complete (100% → 0%)
I'm still interested in having this fixed. Though this should probably be done upstream.

The fix proposed here isn't complete either. For instance it misses the /etc/resolv.conf.bak file generated by openresolv. Additionally openresolv can also create files, for instance for unbound to configure DNS. I don't think it's restricted in where it can drop those files.

I assume this cannot be done within the service file without removing those protections.

I think this should be asked upstream.

Shibumi where did you report it upstream? Otherwise I could just message the upstream mailing list.
Comment by Yuri Kanivetsky (x-yuri) - Monday, 27 December 2021, 11:44 GMT
I posted a letter to the mailing list:

https://lists.01.org/hyperkitty/list/iwd%40lists.01.org/thread/76VOMUJIFH7P3JFICTM6CPLDL5VZHMJX/

UPD a working link supposedly to my post: https://bit.ly/3LLli2B

Not sure if it's for reporting bugs though.

For me it also works with:

touch /etc/resolv.conf.bak

and:

[Service]
ReadWritePaths=/etc/resolv.conf.bak
ReadWritePaths=/etc/resolv.conf

Not sure if RuntimeDirectory is needed. Or maybe no longer needed.
Comment by Yuri Kanivetsky (x-yuri) - Tuesday, 11 January 2022, 08:45 GMT
So, on the mailing list they replied:

https://lists.01.org/hyperkitty/list/iwd<@>lists.01.org/thread/76VOMUJIFH7P3JFICTM6CPLDL5VZHMJX/ (replace <@> with @, not sure if there're better ways to make it not break the link)

UPD a working link supposedly to the reply: https://bit.ly/44kJjEH

If you have any ideas, you're free to voice them. Or else, this probably is going to be unresolved. Describe it in the wiki?
Comment by Andreas Radke (AndyRTR) - Sunday, 30 April 2023, 09:26 GMT
There's currently no simple solution here. Please add your fix to the wiki:
https://wiki.archlinux.org/title/Iwd#Select_DNS_manager

and maybe link to the upstream ML thread discussion:
https://lore.kernel.org/iwd/2249097a-97e0-175a-6b02-e5d6be484498%40gmail.com/

I suggest going to close this as "upstream".
Comment by Buggy McBugFace (bugbot) - Tuesday, 08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.

Loading...