Stubby latest patch fails to start 0.4.2-1 Arch Plasma-Dev FIX #330
Comments
|
Can you share your stubby configuration? I don’t have issues here. |
|
Same issue here after upgrading to 0.4.2-1 on two Arch machines with identical Stubby configurations. Downgrading to 0.4.0-2 restores functionality. I see this error after upgrading to 0.4.2-1 and running journalctl: Stubby then fails to start with the exit code Archcan posted. (edit - Resolved?) The workaround posted below will get Stubby 0.4.2-1 to start for me, but I'm not sure if that's an acceptable or secure thing to do. |
|
Sorry for the delay! I tested positive to COVID 19 the day I posted the bug. In the config, I never go there, stubby runs after enabling its service. The parameter PrivateUsers is already there. We must change it to false and it triggers systemd. Thanks for reporting the solution mate. Please give consideration to a permanent solution. I don't think anyone's asking you to think. stubby.service in systemd: edit unit file [Unit] |
|
Alright, this is indeed a classical issue of |
|
Are you suggesting to delete both CAP_NET_BIND_SERVICE and PrivateUsers? If the case, Stubby fails to start again. This is the only solution: PrivateUsers=false This is not a classical issue here, it's the first time ever that we have a bug with Stubby (Arch or Debian) and it comes from the last upgrade: 0.4.2.1. This version is just a waste of time and energy. |
|
same issue on ArchLinux, fix it please!!! |
No, I’m saying that we should have the default as and that all the people hitting issues because of this should know that Stubby does not do caching, and if they really want it to directly answer on port 53, then they also need to setup a systemd override as: And by classical issue, I mean that |
|
Thanks @ArchangeGabriel , Noted! I'll study this soon. One question: Would dropping user privileges from the Stubby process help and make it easier? |
|
@wtoorop @ArchangeGabriel My proposal is a quick fix that reverts to Then @wtoorop and I can look at the longer term solution for the next release with appropriate documentation/warnings! |
|
Thanks for replying and sorry for being rude. Changes made to stubby in systemd must be followed by this: In my case, there is no way to revert to previous because of the plasma-dev daily build (the cache is empty). No big deal since false works fine. Thanks again for considering a permanent solution and happy holiday. |
|
@wtoorop You could drop privileges but that kind of defeats all the benefit of using DynamicUser |
|
Removing PrivateUsers only changes the security analysis score from 1.5 OK to 1.7 OK. Note that this "security" score is more like a measure of how much systemd functionality is being used |
|
Version 0.4.2-3 fixes it. We are back to 0.4.0-x and there is no modification to be made. Thanks for the correction. |
Archcan
changed the title
|
Closing this as addressed by 0.4.3 release |
Changelog from upstream (https://github.com/getdnsapi/stubby/blob/v0.4.3/ChangeLog): * 2022-12-22: version 0.4.3 * Fix Issue getdnsapi/stubby#330 and PR getdnsapi/stubby#324: PrivateUsers=false needed in systemd stubby.service file for stubby to start. Thanks Archcan and Petr Menšík * PR getdnsapi/stubby#323: Reduce log messages when interface is offline. Thanks Russ Bubley and Andre Heider * 2022-08-19: version 0.4.2 * Fix Issue getdnsapi/stubby#320: Stubby doesn't start without "log_level" entry. Thanks Johnny S. Lee * 2022-08-19: Version 0.4.1 * Several updates to the servers in the config file: * sinodun.dnsovertls*.com servers are removed and will be decommissioned in the near future. This leaves only the getdnsapi.net server as the default. A recommendation is made that users choose additional servers from the list available. * Additional Quad9 servers added (thanks pataquets). * LDN servers removed as the service is now stopped. * Tidy up of remaining server data. * Change `comment` lines on Uncensored server data to more clearly be comments (not valid YAML) * Fix and improve descriptions of default values * getdnsapi.net DoT servers liston on port 443 now too * Fixes for parsing of quoted key values for `tls-ca-file`, `tls-curves-list` and `resolvconf` * Add Dockerfile into `contrib` - thanks to pataquets. * Strengthen version checking for LibIDN2 during the cmake step so LibIDN2 version 2.3.3 can be properly found (thanks jpbion). * Updated stubby.service file. Thanks Bruno Pagani * log level configurable in config file with log_level setting Command line setting (with -v or -l) overrules the config file setting Signed-off-by: Aquila Cooper <aquila@cpr.is>
After receiving the latest update 0.4.2-1 last week, Stubby fails to start. Plasma-dev Arch. New fresh install with latest daily ISO gives the same result.
Output:
systemctl status stubby
× stubby.service - stubby DNS resolver
Loaded: loaded (/usr/lib/systemd/system/stubby.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Mon 2022-11-28 12:32:18 EST; 11min ago
Duration: 67ms
Process: 1336 ExecStart=/usr/bin/stubby (code=exited, status=1/FAILURE)
Main PID: 1336 (code=exited, status=1/FAILURE)
CPU: 60ms
Nov 28 12:32:18 as systemd[1]: stubby.service: Scheduled restart job, restart counter is at 5.
Nov 28 12:32:18 as systemd[1]: Stopped stubby DNS resolver.
Nov 28 12:32:18 as systemd[1]: stubby.service: Start request repeated too quickly.
Nov 28 12:32:18 as systemd[1]: stubby.service: Failed with result 'exit-code'.
Nov 28 12:32:18 as systemd[1]: Failed to start stubby DNS resolver.
Not a Kernel issue (6.0-10 0r 6.1-rc7 is same):
Operating System: Manjaro Linux BTRFS
KDE Plasma Version: 5.26.80 >5.26.4 beta
KDE Frameworks Version: 5.101.0
Qt Version: 5.15.7
Kernel Version: 6.1.0-1-MANJARO (64-bit) >rc-7
Graphics Platform: Wayland
Processors: 8 × AMD Ryzen 7 2700U with Radeon Vega Mobile Gfx
The text was updated successfully, but these errors were encountered: