Hello, can someone please help me fix this: https://github.com/systemd/systemd/issues/28694?
The transmission-daemon that is started via systemd in a dedicated network namespace <vpn> is seeing the main namespace resolv.conf instead of the one mounted by netns. If I manually pop into the vpn namespace, the /etc/resolv.conf is correctly identified as the same in /etc/netns/vpn/resolv.conf.
This used to work before 254. I tried to set PrivateMounts=false also for the transmission drop-in, but it doesn't work. Transmission is still querying the main namespace DNS instead of the specific one for the <vpn> netns.
What am I missing?
Cheers
::::::::::::::::: Archlinux Transmission Unit ::::::::::::::::::
[Unit] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
Description=Transmission BitTorrent Daemon │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
Wants=network-online.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
After=network-online.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
│Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
[Service] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: explodie.org
User=transmission │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
Type=notify │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
ExecStart=/usr/bin/transmission-daemon -f --log-level=error │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
ExecReload=/bin/kill -s HUP $MAINPID │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
NoNewPrivileges=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
MemoryDenyWriteExecute=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
ProtectSystem=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
PrivateTmp=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
│Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
[Install] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
WantedBy=multi-user.target::::::::::::::::: Drop in ::::::::::::::::::::::
[Unit] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
After=vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
BindsTo=vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
│Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
[Service] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
NetworkNamespacePath=/run/netns/vpn │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
Environment="TR_CURL_VERBOSE=1" │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection
ExecStart= │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org
ExecStart=/usr/bin/transmission-daemon -f --log-level=debug
:::::::::::::::: vpn.service ::::::::::::::::::::[Unit] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Description=Start Wireguard VPN with a random peer │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection Wants=network-online.target nss-lookup.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Requires=wireguard.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection After=network-online.target nss-lookup.target wireguard.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org PartOf=wireguard.service netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection JoinsNamespaceOf=netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: explodie.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection [Service] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Type=oneshot │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection RemainAfterExit=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStartPre=-/usr/bin/env ip -n vpn addr flush dev wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStartPre=-/usr/bin/env ip -n vpn link set down wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStartPre=-/usr/bin/env ip netns exec vpn /usr/local/bin/teardown_wg │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Set wg │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStart=/usr/bin/env ip netns exec vpn /usr/local/bin/setup_wg │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org # Set interface up │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStart=/usr/bin/env ip -n vpn link set up dev wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Set default route │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStart=/usr/bin/env ip -n vpn route add default dev wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org [Install] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection WantedBy=multi-user.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org WantedBy=network-online.target
::::::::::::::::::: wireguard.service :::::::::::::::::
[Unit] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Description=Wireguard interface in a dedicated namespace │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection Requires=netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Wants=network-online.target nss-lookup.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection After=network-online.target nss-lookup.target netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org PartOf=netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection JoinsNamespaceOf=netns@vpn.service │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: explodie.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection [Service] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Type=oneshot │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection RemainAfterExit=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStartPre=-/usr/bin/env ip -n vpn link delete wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Create wg0 interface in normal namespace │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStart=/usr/bin/env ip link add dev wg0 type wireguard │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org # Move wg0 interface to the vpn namespace │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStart=/usr/bin/env ip link set wg0 netns vpn │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Stop process │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStop=/usr/bin/env ip -n vpn link delete wg0 │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org [Install] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection WantedBy=multi-user.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org WantedBy=network-online.target
:::::::::::::::::: netns@.service :::::::::::::::::::::
[Unit] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Description=%I Namespace wrapper │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection After=network-online.target nss-lookup.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org Wants=network-online.target nss-lookup.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org [Service] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection Type=oneshot │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: explodie.org RemainAfterExit=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection PrivateNetwork=true │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org PrivateMounts=false │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStartPre=-/usr/bin/env ip netns delete %i │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org # Add vpn dedicated namespace │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStart=/usr/bin/env ip netns add %i │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Pause │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStart=/usr/bin/env echo %i │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org # Set loopback device up │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection ExecStart=/usr/bin/env ip -n %i link set dev lo up │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection # Stop process │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org ExecStop=/usr/bin/env ip netns delete %i │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org [Install] │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Closing connection WantedBy=multi-user.target │Aug 05 21:28:11 gagazet transmission-daemon[226124]: * Could not resolve host: tracker.tleechreload.org WantedBy=network-online.target
--
rdb
