systemd update breaks DNS resolution on Fedora 33 cloud instances

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all!

I was recently hit by this and it took me some time to figure out what
was going on.

I provisioned a fresh Fedora 33 cloud instance on DigitalOcean.
After completing the initial upgrade via 'dnf update' and rebooting the
system, DNS resolution stopped working.

I did a little debugging and saw that no DNS servers were configured:

$ resolvectl dns
Global:
Link 2 (eth0):
Link 3 (eth1):
$ resolvectl status
Global
       Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub                                                 

Link 2 (eth0)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6                                 
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS
DNSSEC=no/unsupported

Link 3 (eth1)

I was confused how could that happen since running 'dnf update' on the
first boot clearly required DNS resolution to work.

It turns out a recent systemd update, namely systemd-246.7-2.fc33
(https://bodhi.fedoraproject.org/updates/FEDORA-2020-3616681a70),
includes this commit:
https://src.fedoraproject.org/rpms/systemd/c/ed795fb1fc9a2c20ebcac34bdf7e7c7ae17322a2?branch=f33
which removes the fallback DNS server list (i.e. Cloudflare's and/or
Google's DNS servers) due to concerns over DNS requests being
personally identifying information (PII) in the sense of GDPR?

In combination with NetworkManager's DNS server handling being disabled
via cloud-init:

$ cat /etc/NetworkManager/conf.d/99-cloud-init.conf 
# Created by cloud-init on instance boot automatically, do not edit.
#
[main]
dns = none

this results in no DNS servers being configured on the system.

The consequence is that Fedora 33 cloud instances are broken after
updating the systemd package to version 246.7-2.fc33.

(I haven't checked but if Fedora 34 cloud images include this version
of systemd, then DNS resolution won't work even on first boot.)

Please advise on the best steps to fix this issue.

Regards,
Tadej

_______________________________________________
cloud mailing list -- cloud@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to cloud-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/cloud@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Big List of Linux Books]     [Yosemite News]     [Linux Apps]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]

  Powered by Linux