Bug#1032937: systemd-resolved: Overwriting /etc/resolv.conf with link to /run/systemd/resolve/stub-resolv.conf breaks install in chroot

Samuli Suonpää suonpaa at diurnalis.fi
Tue Mar 14 12:37:46 GMT 2023 

Package: systemd-resolved
Version: 252.6-1
Severity: important

I'd like to use systemd-resolved in my Debian live cd/usb, built with
live-build. This fails, as I believe will fail any other attempt to use
systemd-resolved in debootstrapped chroot environment.

Installing systemd-resolved overwrites /etc/resolv.conf with link to
../run/systemd/resolve/stub-resolve.conf.

From systemd-resolved.postinst:

        echo "Converting /etc/resolv.conf to a symlink to /run/systemd/resolve/stub-resolv.conf..."
        if [ -f "${DPKG_ROOT}/etc/resolv.conf" ]; then
            mv "${DPKG_ROOT}/etc/resolv.conf" "${DPKG_ROOT}/etc/.resolv.conf.systemd-resolved.bak" || echo "Cannot take a backup of /etc/resolv.conf."
        fi
        ln -sf ../run/systemd/resolve/stub-resolv.conf "${DPKG_ROOT}/etc/resolv.conf" || echo "Cannot install symlink from /etc/resolv.conf to ../run/systemd/resolve/stub-resolv.conf"

This is fine, as long as systemd-resolved.service it started right away.

However, when building a Debian live image or quite possibly when doing
any Debian install in debootstrapped chroot environment, the service is
not started.

Now we are in a chroot environment, but name resolution does not work.

Would it be possible to defer overwriting /etc/resolv.conf? Does it have
to happen at .postinst and not at, say, at the start of the service?

Example:

# mkdir bootstrapped
# debootstrap bookworm bootstrapped
I: Target architecture can be executed
I: Retrieving InRelease
I: Checking Release signature
I: Valid Release signature (key id A7236886F3CCCAAD148A27F80E98404D386FA1D9)
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Checking component main on http://deb.debian.org/debian...
[ ... ]
I: Base system installed successfully.
# mount --make-private --rbind /dev bootstrapped/dev/
# mount --make-private --rbind /proc bootstrapped/proc/
# mount --make-private --rbind /sys bootstrapped/sys
# chroot bootstrapped/
# ping -c 1 deb.debian.org
PING deb.debian.org(2a04:4e42:8e::644 (2a04:4e42:8e::644)) 56 data bytes
64 bytes from 2a04:4e42:8e::644 (2a04:4e42:8e::644): icmp_seq=1 ttl=59 time=5.26 ms

--- deb.debian.org ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 5.256/5.256/5.256/0.000 ms
# apt install systemd-resolved
Reading package lists... Done
Building dependency tree... Done
[ ...]
Selecting previously unselected package systemd-resolved.
Preparing to unpack .../8-systemd-resolved_252.6-1_amd64.deb ...
Unpacking systemd-resolved (252.6-1) ...
[...]
Setting up dbus (1.14.6-1) ...
Running in chroot, ignoring request.
Setting up systemd-resolved (252.6-1) ...
Converting /etc/resolv.conf to a symlink to /run/systemd/resolve/stub-resolv.conf...
Creating group 'systemd-resolve' with GID 997.
Creating user 'systemd-resolve' (systemd Resolver) with UID 997 and GID 997.
Created symlink /etc/systemd/system/dbus-org.freedesktop.resolve1.service → /lib/systemd/system/systemd-resolved.service.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-resolved.service → /lib/systemd/system/systemd-resolved.service.
Setting up libnss-resolve:amd64 (252.6-1) ...
Processing triggers for libc-bin (2.36-8) ...
# ping -c1 deb.debian.org
ping: deb.debian.org: Name or service not known
# ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Mar 14 12:34 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
# cat /etc/resolv.conf
cat: /etc/resolv.conf: No such file or directory



-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (800, 'testing'), (700, 'unstable'), (500, 'testing-security'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable'), (50, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd-resolved depends on:
ii  dbus [default-dbus-system-bus]  1.14.6-1
ii  libc6                           2.36-8
ii  libssl3                         3.0.8-1
ii  libsystemd-shared               252.6-1
ii  systemd                         252.6-1

Versions of packages systemd-resolved recommends:
ii  libnss-myhostname  252.6-1
ii  libnss-resolve     252.6-1

Versions of packages systemd-resolved suggests:
ii  policykit-1  122-3
ii  polkitd      122-3

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list