Bug 21685 - NetworkManager 1.8 doesn’t get the search DNS option from the DHCP
Summary: NetworkManager 1.8 doesn’t get the search DNS option from the DHCP
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA6-32-OK MGA6-64-OK
Keywords: advisory, validated_update
: 22531 (view as bug list)
Depends on:
Blocks:
 
Reported: 2017-09-08 15:24 CEST by Davy Defaud
Modified: 2018-02-17 13:20 CET (History)
8 users (show)

See Also:
Source RPM: networkmanager-1.8.0-1.mga6.src.rpm
CVE:
Status comment:


Attachments

Description Davy Defaud 2017-09-08 15:24:18 CEST
Description of problem:

Since the upgrade to MGA 6, NetworkManager doesn’t get the search DNS option from the DHCP (DHCP option 119) that is then written to /etc/resolv.conf.

The problem is coming from NetworkManager 1.8 which uses a new internal DHCP client instead of dhclient. This new internal client doesn’t seem to support the DHCP option 119.

A workaround is to configure NetworkManager to use dhclient as its DHCP client as it did before version 1.8. This can be done by changing the dhcp parameter in /etc/NetworkManager/NetworkManager.conf from “internal“ to “dhclient” like this :

>[main]
>plugins=ifcfg-rh,keyfile
>#dhcp=internal
>dhcp=dhclient
Marja Van Waes 2017-09-08 22:43:51 CEST

Assignee: bugsquad => gnome
CC: (none) => marja11

Comment 1 Jani Välimaa 2017-09-27 19:08:45 CEST
Could you test internal dhcp client with networkmanager-1.8.0-1.1.mga6 from core/updates_testing?

It includes a patch from upstream:
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=nm-1-8&id=e80163c713cdd911cb79036f3f7b629040297c58

CC: (none) => jani.valimaa

Comment 2 Davy Defaud 2017-09-28 16:28:05 CEST
Unfortunately, it doesn’t fix the problem. :-(
Comment 3 Jani Välimaa 2017-09-28 19:10:59 CEST
BTW, I can't reproduce your issue. 'search foo' is always added to /etc/resolv.conf in my tests/setup.
Comment 4 Davy Defaud 2017-09-29 10:48:14 CEST
(In reply to Jani Välimaa from comment #3)
> BTW, I can't reproduce your issue. 'search foo' is always added to
> /etc/resolv.conf in my tests/setup.

The DNS domain is always added to the search line in /etc/resolv.conf, but the bug is that the extra search domains pushed by the DHCP server (as DHCP option 119) are not added after the DNS domain.

For example, if your DNS domain is foo.org, but you also want to search for hosts in bar.net and baz.com, your DHCP server has to be configured to push the option 119 with “bar.net baz.com” and the DHCP clients are supposed to populate the /etc/resolv.conf file with the DNS domain plus these extra search domains like this:

> search foo.org bar.net baz.com

Well, actually, Windows DHCP clients are not handling the option 119 and you need a GPO to push the DNS search option. It’s really a pity! :-(
Comment 5 Frank Griffin 2017-09-29 15:12:10 CEST
I had a variant of this bug a long time ago.  It didn't involve NM, but at the time we packaged dhcpcd and dhclient.  One of them supported 119 and one didn't.

I guess the question is why we specify dhcp=internal.  My installs replace NM.conf with a custom one which has no dhcp line, and 119 works fine.

CC: (none) => ftg

Comment 6 Davy Defaud 2017-09-29 15:32:21 CEST
(In reply to Frank Griffin from comment #5)
> I guess the question is why we specify dhcp=internal.  My installs replace
> NM.conf with a custom one which has no dhcp line, and 119 works fine.

 

man NetworkManager.conf
[…]
>           If this key is missing, it defaults to internal. It the chosen
>           plugin is not available, clients are looked for in this order:
>           dhclient, dhcpcd, internal.

So, no dhcp parameter defaults to dhcp=internal. That means that you are actually using the NM internal DHCP client but you are not affected by the bug. Interesting.
My DNS domain has a non-standard TLD. I saw that there’s a check on the domain :
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/dns/nm-dns-manager.c?h=nm-1-8&id=beeb8df9ac93ad432c9533362d862c0c2466cd5e#n161

This strange check could be the reason of the problem…
Comment 7 Frank Griffin 2017-09-29 16:58:41 CEST
Are you specifying your primary domain name as well as domain-search ?  The code you linked to basically says if the domain is null, return FALSE.  My dhcpd.conf has:

option domain-search "griffin.treehouse.com","treehouse.local";
option domain-name "griffin.treehouse.com";
option subnet-mask 255.255.255.0;

It looks like domain-name is required even if the same value is in domain-search.
Comment 8 Davy Defaud 2017-09-29 17:43:40 CEST
(In reply to Frank Griffin from comment #7)
> Are you specifying your primary domain name as well as domain-search ?

Yes I do.

> The code you linked to basically says if the domain is null, return FALSE. 
> My dhcpd.conf has:
> 
> option domain-search "griffin.treehouse.com","treehouse.local";
> option domain-name "griffin.treehouse.com";
> option subnet-mask 255.255.255.0;
> 
> It looks like domain-name is required even if the same value is in
> domain-search.

I can see what my DHCP client is fetching from the DHCP server in /var/lib/NetworkManager/ directory in the lease files.

When using dhclient, the file looks like the config file of an ISC DHCP server (dhcpd.conf). I have correct domain and search entries. But in the file internal-abf4c85b-57cc-4484-4fa9-b4a71689c359-eno1.lease, no search option is provided, only the domain. BTW, the file syntax is completely different…
Comment 9 Frank Griffin 2017-09-29 19:14:37 CEST
My internal NM lease file doesn't have any mention of the search entries either, but they are present in resolv.conf, e. g. 

   search griffin.treehouse.com treehouse.local

using the server-side /etc/dhcpd.conf options above.

Either NM internal supports modifying resolv.conf for the multiple search domains and doesn't think it needs to record them in the lease file, or else it doesn't support a search list and something else is modifying resolv.conf correctly.

Also, I don't think the man page default is correct.  I have no NM dhcp directive, but in journalctl all of the logged DHCP client activity is preceded by dhclient[tasknum].  I think the second sentence is accurate, and NM looks for and finds dhclient.  Since you have dhclient installed, can you try your case with no dhcp directive in NM.conf ?  If it works, then internal is not being defaulted, and internal does not support 119.
Comment 10 Jani Välimaa 2017-09-30 09:22:04 CEST
I can now reproduce the issue with my OpenWrt router and dnsmasq actings as a DHCP server (after I figured out what it's all about).

I think it's better to file a bug about the issue to upstream.
Comment 11 Davy Defaud 2017-10-01 18:44:07 CEST
NetworkManager internal DHCP client relies on (a copy of) libsystemd-network. See: https://bugzilla.gnome.org/show_bug.cgi?id=768205#c1

I found an already merged GitHub pull request that could be the necessary patch to fix the bug:
https://github.com/systemd/systemd/pull/5932

What I don’t know is whether NetworkManager still uses its own copy of libsystemd-network or the main one…
Comment 12 Jani Välimaa 2017-10-01 20:39:22 CEST
Support for DHCP option 119 was added to NetworkManager GIT master (upcoming nm-1.10) in June:

https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/dhcp/nm-dhcp-systemd.c?id=203ffede01a1295ce711e543eae87dbb00c287b0

I don't know if it's possible to backport it to 1.8.x.
Comment 13 Jani Välimaa 2017-10-01 21:12:29 CEST
(In reply to Jani Välimaa from comment #12)
> Support for DHCP option 119 was added to NetworkManager GIT master (upcoming
> nm-1.10) in June:
> 
> https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/dhcp/
> nm-dhcp-systemd.c?id=203ffede01a1295ce711e543eae87dbb00c287b0
> 
> I don't know if it's possible to backport it to 1.8.x.

Cherry-picked the commit to cauldron's 1.8.4. Will check later how big changes there are between mga6's 1.8.0 and cauldron's 1.8.4.try to backport needed changes also for mga6.
Comment 14 Jani Välimaa 2017-10-01 21:12:52 CEST
(In reply to Jani Välimaa from comment #12)
> Support for DHCP option 119 was added to NetworkManager GIT master (upcoming
> nm-1.10) in June:
> 
> https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/dhcp/
> nm-dhcp-systemd.c?id=203ffede01a1295ce711e543eae87dbb00c287b0
> 
> I don't know if it's possible to backport it to 1.8.x.

Cherry-picked the commit to cauldron's 1.8.4. Will check later how big changes there are between mga6's 1.8.0 and cauldron's 1.8.4.
Comment 15 Jani Välimaa 2017-10-01 21:23:14 CEST
(In reply to Jani Välimaa from comment #14)
> (In reply to Jani Välimaa from comment #12)
> > Support for DHCP option 119 was added to NetworkManager GIT master (upcoming
> > nm-1.10) in June:
> > 
> > https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/dhcp/
> > nm-dhcp-systemd.c?id=203ffede01a1295ce711e543eae87dbb00c287b0
> > 
> > I don't know if it's possible to backport it to 1.8.x.
> 
> Cherry-picked the commit to cauldron's 1.8.4. Will check later how big
> changes there are between mga6's 1.8.0 and cauldron's 1.8.4.

Seems that it's not that easy. I'll need to add more patches to get all needed parts from git master. Lets see if I manage to do it.
Comment 16 Jani Välimaa 2017-10-02 19:09:46 CEST
Backported a set of patches needed to get option 119 to work with mga6's networkmanager-1.8.0.

I created a temporary testing repo for dnf to test the pkg:
https://copr.fedorainfracloud.org/coprs/wallymga/nm-bug21685/

This testing repo can be enabled with 'dnf copr enable wallymga/nm-bug21685' after copr (and needed plugins) is installed. Make also sure that pkg 'mageia-repos-cauldron' isn't installed. 'dnf upgrade' should bring updated nm pkgs from the copr repo.

I will push nm from copr to core/updates_testing after a short testing period.
Comment 17 Jani Välimaa 2017-10-02 19:14:30 CEST
(In reply to Jani Välimaa from comment #16)
> This testing repo can be enabled with 'dnf copr enable wallymga/nm-bug21685'
> after copr (and needed plugins) is installed. Make also sure that pkg
> 'mageia-repos-cauldron' isn't installed. 'dnf upgrade' should bring updated
> nm pkgs from the copr repo.

And 'dnf upgrade --setopt=install_weak_deps=False' acts like 'urpmi --auto-u --no-recommends' if you don't want to install recommends.
Comment 18 Davy Defaud 2017-10-10 18:57:15 CEST
Sorry for the delay Jani. :-/

I confirm that you do fix the bug! :-)

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 19 Davy Defaud 2017-10-10 18:59:32 CEST
I shouldn’t have closed the bug before you actually pushed the update…

Status: RESOLVED => REOPENED
Resolution: FIXED => (none)

Comment 20 Jani Välimaa 2018-02-07 17:15:32 CET
Pushed networkmanager 1.8.6 to fix bug 22531 with patches to fix also this bug. Please test new nm from core/updates_testing.

Status: REOPENED => ASSIGNED
Assignee: gnome => qa-bugs

Comment 21 Thomas Backlund 2018-02-08 12:07:59 CET
*** Bug 22531 has been marked as a duplicate of this bug. ***

CC: (none) => lohmaier+mageia

Comment 22 Thomas Backlund 2018-02-08 13:28:49 CET
so packages to test are:

SRPM:
networkmanager-1.8.6-1.mga6.src.rpm


i586:
libnetworkmanager-gir1.0-1.8.6-1.mga6.i586.rpm
libnm0-1.8.6-1.mga6.i586.rpm
libnmclient-gir1.0-1.8.6-1.mga6.i586.rpm
libnm-devel-1.8.6-1.mga6.i586.rpm
libnm-gir1.0-1.8.6-1.mga6.i586.rpm
libnm-glib4-1.8.6-1.mga6.i586.rpm
libnm-glib-devel-1.8.6-1.mga6.i586.rpm
libnm-glib-vpn1-1.8.6-1.mga6.i586.rpm
libnm-glib-vpn-devel-1.8.6-1.mga6.i586.rpm
libnm-util2-1.8.6-1.mga6.i586.rpm
libnm-util-devel-1.8.6-1.mga6.i586.rpm
networkmanager-1.8.6-1.mga6.i586.rpm
networkmanager-adsl-1.8.6-1.mga6.i586.rpm
networkmanager-bluetooth-1.8.6-1.mga6.i586.rpm
networkmanager-ppp-1.8.6-1.mga6.i586.rpm
networkmanager-team-1.8.6-1.mga6.i586.rpm
networkmanager-tui-1.8.6-1.mga6.i586.rpm
networkmanager-wifi-1.8.6-1.mga6.i586.rpm
networkmanager-wwan-1.8.6-1.mga6.i586.rpm



x86_64:
lib64networkmanager-gir1.0-1.8.6-1.mga6.x86_64.rpm
lib64nm0-1.8.6-1.mga6.x86_64.rpm
lib64nmclient-gir1.0-1.8.6-1.mga6.x86_64.rpm
lib64nm-devel-1.8.6-1.mga6.x86_64.rpm
lib64nm-gir1.0-1.8.6-1.mga6.x86_64.rpm
lib64nm-glib4-1.8.6-1.mga6.x86_64.rpm
lib64nm-glib-devel-1.8.6-1.mga6.x86_64.rpm
lib64nm-glib-vpn1-1.8.6-1.mga6.x86_64.rpm
lib64nm-glib-vpn-devel-1.8.6-1.mga6.x86_64.rpm
lib64nm-util2-1.8.6-1.mga6.x86_64.rpm
lib64nm-util-devel-1.8.6-1.mga6.x86_64.rpm
networkmanager-1.8.6-1.mga6.x86_64.rpm
networkmanager-adsl-1.8.6-1.mga6.x86_64.rpm
networkmanager-bluetooth-1.8.6-1.mga6.x86_64.rpm
networkmanager-ppp-1.8.6-1.mga6.x86_64.rpm
networkmanager-team-1.8.6-1.mga6.x86_64.rpm
networkmanager-tui-1.8.6-1.mga6.x86_64.rpm
networkmanager-wifi-1.8.6-1.mga6.x86_64.rpm
networkmanager-wwan-1.8.6-1.mga6.x86_64.rpm

CC: (none) => tmb

Comment 23 Thomas Backlund 2018-02-08 16:01:25 CET
Seems to work here on a Gnome x86_64 laptop install (so only lan and wifi tested so far)
Comment 24 Ulrich Beckmann 2018-02-11 17:31:07 CET
Tested on real HW Sony Vaio E Series notebook. 
Qualcomm Atheros AR9485 Wireless Network Adapter
Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller

lan and wifi working fine, though I did not spot any network issue with Mag6 in the past. I don't install networkmanager in VMs (Qemu/KVM).
  
Mageia net-applet and network.service are disabled, because wifi never worked on this machine with net-applet.

Installed:

lib64kf5networkmanagerqt5-5.42.0-1.mga6
lib64nm-glib4-1.8.6-1.mga6
lib64nm-glib-vpn1-1.8.6-1.mga6
lib64nm-gtk0-1.8.2-1.mga6
lib64nm-util2-1.8.6-1.mga6
networkmanager-1.8.6-1.mga6
networkmanager-adsl-1.8.6-1.mga6
networkmanager-bluetooth-1.8.6-1.mga6
networkmanager-l2tp-0.9.8.7-6.mga6
networkmanager-libreswan-1.2.6-1.mga6
networkmanager-openconnect-1.2.4-1.mga6
networkmanager-openvpn-1.2.10-1.mga6
networkmanager-ppp-1.8.6-1.mga6
networkmanager-pptp-1.2.4-1.mga6
networkmanager-team-1.8.6-1.mga6
networkmanager-tui-1.8.6-1.mga6
networkmanager-vpnc-1.2.4-1.mga6
networkmanager-wifi-1.8.6-1.mga6
networkmanager-wwan-1.8.6-1.mga6
plasma-applet-nm-5.8.7-1.mga6

Ulrich

CC: (none) => bequimao.de

Comment 25 Thomas Backlund 2018-02-12 21:16:14 CET
@Davy Defaud: does theese *1.8.6* packages work for you ?

@Christian Lohmaier: does theese *1.8.6* packages work for you ?
Comment 26 Herman Viaene 2018-02-13 12:16:57 CET
MGA6-32 on Dell Latitude D600 Mate.
Never had any network connection problems on this laptop.
Installation draws on 110 updates for dependencies.
Tested by doing following:
Laptop was on Wifi connection: plugged in Ethernet to router, disconnected Wifi, connected enps0 in network manager, checked with "ping www.google.com" that internet connection was OK.
Removed ethernet cable, used network manager to reconnect wifi. All works OK.

Whiteboard: (none) => MGA6-32-OK
CC: (none) => herman.viaene

Comment 27 Christian Lohmaier 2018-02-15 11:14:14 CET
while my issue has nothing to do wiht dns options in dhcp, the packages from testing also solve the networkmanager crash re bnep0/bluetooth tethering.
Comment 28 Ulrich Beckmann 2018-02-17 12:02:01 CET
no regression found after some days of use.

Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OK

Comment 29 Thomas Backlund 2018-02-17 12:44:15 CET

Tested enough, so validating.

Advisory (added to svn):

type: bugfix
subject: Networkmanager maintenance release
src:
  5:
   core:
     - networkmanager-1.8.6-1.mga6
description: |
  This update provides the 1.8.6 maintenance release fixing various issues,
  including a problem with not getting DNS search option from DHCP (mga#21685)
  and segfaulting  when trying to connect with bluetooth tethering (mga#22531)

  For more info about fixes in this release, see the referenced NEWS.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=21685
 - https://bugs.mageia.org/show_bug.cgi?id=22531
 - https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/NEWS?h=1.8.6
[tmb@tmb-laptop advisories]$ mcedit 21685.adv

[tmb@tmb-laptop advisories]$ cat 21685.adv 
type: bugfix
subject: Networkmanager maintenance release
src:
  6:
   core:
     - networkmanager-1.8.6-1.mga6
description: |
  This update provides the 1.8.6 maintenance release fixing various issues,
  including a problem with not getting DNS search option from DHCP (mga#21685)
  and segfaulting  when trying to connect with bluetooth tethering (mga#22531)

  For more info about fixes in this release, see the referenced NEWS.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=21685
 - https://bugs.mageia.org/show_bug.cgi?id=22531
 - https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/NEWS?h=1.8.6
Thomas Backlund 2018-02-17 12:44:47 CET

Keywords: (none) => advisory, validated_update
CC: (none) => sysadmin-bugs

Comment 30 Mageia Robot 2018-02-17 13:20:06 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2018-0031.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.