[Bug 1769016] Re: nsswitch.conf doesn't specify 'resolve' to support systemd-resolved

Ubfan 1769016 at bugs.launchpad.net
Sun Mar 31 02:43:36 UTC 2019 

The necessary (for systemd-resolvd to work properly) package libnss-
resolve is still not included with Ubuntu 18.04 nor Ubuntu 18.10
installs.  Manually adding the package fixed the name resolution
problems on an otherwise unaltered installation using DHCP from a
gateway.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1769016

Title:
  nsswitch.conf doesn't specify 'resolve' to support systemd-resolved

Status in glibc package in Ubuntu:
  Confirmed

Bug description:
  After upgrading from Ubuntu 16.04 to 18.04, my openconnect vpn
  connection stopped working.  The problem appeared to be related to DNS
  resolution.  After some digging, I discovered that the vpnc-script
  hook executed by openconnect was adding my VPN DNS servers to
  /etc/resolv.conf, which systemd-resolve --status was reporting as part
  of the global config instead of being associated with my VPN interface
  (tun0).  This appeared to break all VPN and non-VPN traffic in my
  configuration.

  I found that vpnc-script needed to find 'resolve' in
  /etc/nsswitch.conf in order to correctly configure the VPN DNS servers
  with systemd-resolved instead of prepending them to /etc/resolv.conf.

  http://git.infradead.org/users/dwmw2/vpnc-
  scripts.git/commitdiff/62e86babac9f734ba031a547501cbe8e5940d83b

  Adding 'resolve' to the 'hosts:' line in my /etc/nsswitch.conf allowed
  normal traffic flow.

  It seems like if 18.04 defaults to using systemd-resolve for DNS
  resolutions, then the default nsswitch.conf configuration should also
  declare 'resolve' in the 'hosts:' line, which does not appear to be
  the case.  This would have allowed my VPN connection to continue
  working successfully after the upgrade.

  $ lsb_release -rd
  Description:	Ubuntu 18.04 LTS
  Release:	18.04

  $ dpkg -l libc-bin openconnect systemd vpnc-scripts
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name          Version            Architecture  Description
  +++-=============-==================-=============-================================================
  ii  libc-bin      2.27-3ubuntu1      amd64   GNU C Library: Binaries
  ii  openconnect   7.08-3             amd64   open client for Cisco AnyConnect VPN
  ii  systemd       237-3ubuntu10      amd64   system and service manager
  ii  vpnc-scripts  0.1~git20171005-1  all     Network configuration scripts for VPNC and OpenConnect

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1769016/+subscriptions

More information about the foundations-bugs mailing list