Bug#1079819: systemd-resolved: Feed DNS information from network-manager in postinst

Sunil Mohan Adapa sunil at medhas.org
Tue Aug 27 20:03:29 BST 2024 

Package: systemd-resolved
Severity: wishlist

Dear Maintainer,

Currently, when systemd-resolved is installed on systems with network-manager,
DNS resolution stops working until a reboot (or until NM brings down and up a
connection with global DNS). This is because 1) systemd-resolved package
correctly sets a link from /etc/resolv.conf to /run/systemd/resolve/stub-
resolv.conf 2) Currently known DNS servers at the time of package installation
are not loaded into systemd-resolved and 3) Understandably, Debian has removed
fallback DNS servers in systemd-resolved (using --dns-server=''). In case
systemd-networkd is the network configuration tool instead of network-manager,
systemd-resolved will pickup DNS servers from .network configuration files (and
possibly from DNS servers known to systemd-networkd via DHCP?).

On desktops and mobiles where network-manager is common, this experience can be
improved by loading DNS servers and search domains known to network-manager
(static or obtained from DHCP) into systemd-resolved. Postinst script ought to
do something like:

if [ -d /run/NetworkManager ]; then
    nmcli general reload dns-rc
fi

FreedomBox is switching to systemd-resolved from resolvconf. These machines
shall automatically upgrade and can't become unreachable over network or
request user intervention. Reboots, when necessary, can only be done once a day
at a fixed time. We are running 'reload dns-rc' after installing systemd-
resolved. This change will also help if/when systemd-resolved becomes default
in Debian and users upgrade from a stable release to the next.

Thank you for maintaining systemd packaging,

--
Sunil Mohan Adapa


-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-23-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_IN.UTF-8, LC_CTYPE=en_IN.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd-resolved depends on:
ii  dbus [default-dbus-system-bus]  1.14.10-1~deb12u1
ii  libc6                           2.36-9+deb12u7
ii  libssl3                         3.0.11-1~deb12u2
ii  libsystemd-shared               252.22-1~deb12u1
ii  systemd                         252.22-1~deb12u1

Versions of packages systemd-resolved recommends:
ii  libnss-myhostname  252.22-1~deb12u1
pn  libnss-resolve     <none>

Versions of packages systemd-resolved suggests:
ii  policykit-1  122-3
ii  polkitd      122-3

More information about the Pkg-systemd-maintainers mailing list