Bug ID | 1200182 |
---|---|
Summary | systemd-resolved cannot bind port 53 |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | openSUSE Tumbleweed |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | MicroOS |
Assignee | kubic-bugs@opensuse.org |
Reporter | paul@pbarker.dev |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
On a fresh installation of OpenSUSE MicroOS, I have attempted to switch to systemd-networkd and systemd-resolved to manage my network connections following the instructions in https://en.opensuse.org/Network_Management_With_Systemd. However, when trying to enable systemd-resolved I hit an error: alpha:~ # systemctl enable --now systemd-resolved Created symlink /etc/systemd/system/dbus-org.freedesktop.resolve1.service ��������� /usr/lib/systemd/system/systemd-resolved.service. Created symlink /etc/systemd/system/multi-user.target.wants/systemd-resolved.service ��������� /usr/lib/systemd/system/systemd-resolved.service. Job for systemd-resolved.service failed because the control process exited with error code. See "systemctl status systemd-resolved.service" and "journalctl -xeu systemd-resolved.service" for details. alpha:~ # journalctl -xeu systemd-resolved.service ������������������ Subject: Automatic restarting of a unit has been scheduled ������������������ Defined-By: systemd ������������������ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ������������������ ������������������ Automatic restarting of the unit systemd-resolved.service has been scheduled, as the result for ������������������ the configured Restart= setting for the unit. Jun 02 21:51:19 alpha.cephei.uk systemd[1]: Stopped Network Name Resolution. ������������������ Subject: A stop job for unit systemd-resolved.service has finished ������������������ Defined-By: systemd ������������������ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ������������������ ������������������ A stop job for unit systemd-resolved.service has finished. ������������������ ������������������ The job identifier is 1376 and the job result is done. Jun 02 21:51:19 alpha.cephei.uk systemd[1]: Starting Network Name Resolution... ������������������ Subject: A start job for unit systemd-resolved.service has begun execution ������������������ Defined-By: systemd ������������������ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ������������������ ������������������ A start job for unit systemd-resolved.service has begun execution. ������������������ ������������������ The job identifier is 1376. Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Positive Trust Anchors: Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.> Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Using system hostname 'alpha.cephei.uk'. Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv4(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Failed to process RTNL link message: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv4(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Failed to process RTNL link message: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv4(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Failed to process RTNL link message: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv6(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv4(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Failed to listen on UDP socket 127.0.0.53:53: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: Failed to start manager: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv4(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd-resolved[1643]: LLMNR-IPv6(UDP): Failed to bind socket: Permission denied Jun 02 21:51:19 alpha.cephei.uk systemd[1]: systemd-resolved.service: Main process exited, code=exited, status=1/FAILURE ������������������ Subject: Unit process exited ������������������ Defined-By: systemd ������������������ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ������������������ ������������������ An ExecStart= process belonging to unit systemd-resolved.service has exited. ������������������ ������������������ The process' exit code is 'exited' and its exit status is 1. Jun 02 21:51:19 alpha.cephei.uk systemd[1]: systemd-resolved.service: Failed with result 'exit-code'. ������������������ Subject: Unit failed ������������������ Defined-By: systemd ������������������ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ������������������ ������������������ The unit systemd-resolved.service has entered the 'failed' state with result 'exit-code'. Jun 02 21:51:19 alpha.cephei.uk systemd[1]: Failed to start Network Name Resolution. It appears that the permission denied errors when systemd-resolved tried to bind port 53 are caused by SELinux. I confirmed that this is the case by disabling SELinux and retrying the command - this resulted in systemd-resolved successfully starting. Therefore I think there is an error in the SELinux policy here - systemd-resolved should be able to bind port 53 on localhost to offer DNS resolution services.