Bug#796252: rdnssd service periodically overwriting /etc/resolv.conf

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#796252: rdnssd service periodically overwriting /etc/resolv.conf
From: Julián Landerreche <linux+debian@julianlanderreche.com.ar>
Date: Thu, 20 Aug 2015 16:28:14 -0300
Message-id: <[🔎] 20150820192814.16518.9413.reportbug@manmachine>
Reply-to: Julián Landerreche <linux+debian@julianlanderreche.com.ar>, 796252@bugs.debian.org

Package: rdnssd
Version: 1.0.1-2
Severity: normal

Dear Maintainer,

   * What led up to the situation?

After reinstalling Debian Testing and upgrading to Unstable, I was having issues to automatically configure, on /etc/resolv.conf, the set of DNS servers provided via DHCP by my router. Why? Because a few seconds after being properly set (for example, by running `dhclient -r; dhclient`), the content of /etc/resolv.conf was suddenly reverted back to something else.
More precisely, it was reverted back to:

    $ cat /etc/resolv.conf
    nameserver fd46:7873:6984::1 

Each time, I restored /etc/resolv.conf back (by issuing a DHCP request) to the values provided by my router. But a few seconds later, the contents of the file, once again, were reverted back.


   * What exactly did you do (or not do) that was effective (or
     ineffective)?

It was evident that there was some conflicting program, but it took me a (long) time to figure that out as, at first, I thought it was some misconfiguration/misunderstanding on my side.

I tried:
- disabling networking service, and enabling systemd-networkd & systemd-resolved. It wasn't effective, as the /etc/resolv.conf got the correct values at first, but a few seconds then, it was reverted back.
- installing a different dhcpclient (dhcpcd5). No effect.
- reconfiguring my router, and disabling some obscure IPv6-related settings. No effect.
- making /etc/resolv.conf read-only or changing some attributes using chattr. No effect.

Finally, what put me on the right track was using the auditd daemon to audit which process was tinkering with /etc/resolv.conf.
Looking at the logs, an obscure "merge-hook" command was the one changing the contents of /etc/resolv.conf

After some research, I arrived to the conclusion that the rdnssd service (enabled and running on the background) was the cause. 
More precisely, it was the script located in /etc/rdnssd/merge-hook. I'm not sure what rdnssd nor this merge-hook script does, but looking at the script, it seems it depends on /sbin/resolvconf being present to do something. And, if /sbin/resolv.conf isn't present, it falls back to overwriting /etc/resolv.conf with some content.

So, bottom line: I solved my issue by disabling rdnssd service.

Only after solving it, my google-fu led me to an article that would have saved me many hours of hair-pulling.
https://www.aeyoun.com/how-to/debian-dns-resolv.html

Suggestions / posible solutions: 
- don't enable rdnssd service by default.
- check if the "merge-hook" script could be more "graceful" by, well, not overwriting /etc/resolv.conf.


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rdnssd depends on:
ii  adduser  3.113+nmu3
ii  libc6    2.19-19

Versions of packages rdnssd recommends:
pn  resolvconf  <none>

Versions of packages rdnssd suggests:
pn  ndisc6  <none>

-- no debconf information

Reply to:

Prev by Date: autoproject_0.20-8_amd64.changes ACCEPTED into unstable
Next by Date: Processing of latd_1.35_amd64.changes
Previous by thread: autoproject_0.20-8_amd64.changes ACCEPTED into unstable
Next by thread: Processing of latd_1.35_amd64.changes
Index(es):
- Date
- Thread