DNSMasq fails to start in post-install on fresh system

djx · January 26, 2020, 8:08am

My YunoHost server

Hardware: VPS
YunoHost version: 3.6.5.3
I have access to my server : Through SSH, through the webadmin & direct access via keyboard
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no special changes.

Description of my issue

Do a fresh install using the manual curl install script.
Log in to the web page to do the post-install
Create a DynDNS domain with YunoHost
post-install fails to start DNSMasq
Manually starting the DNSMasq service after seems to get things working fine

Messages inside YunoHost Panel:

The post-install is finished but YunoHost needs at least one user to work correctly, you should add one using 'yunohost user create $username' or the admin interface.
YunoHost has been configured
The configuration has been updated for category 'ssh'
The configuration file '/etc/ssh/sshd_config' is now managed by YunoHost (category ssh).
Script execution failed: /usr/share/yunohost/hooks/conf_regen/43-dnsmasq
See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
Job for dnsmasq.service failed because a timeout was exceeded.
The configuration has been updated for category 'slapd'

SystemCtl info:

● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
   Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
   Active: failed (Result: timeout) since Sun 2020-01-26 07:29:30 UTC; 7min ago
  Process: 3365 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=killed, signal=TERM)
  Process: 3471 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=killed, signal=TERM)
  Process: 3459 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
  Process: 3458 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 3470 (code=exited, status=0/SUCCESS)

Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: using nameserver 80.67.169.12#53
Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: using nameserver 2a00:5881:8100:1000::3#53
Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: using nameserver 89.234.141.66#53
Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: using nameserver 84.200.70.40#53
Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: using nameserver 80.67.190.200#53
Jan 26 07:28:00 testblog123.noho.st dnsmasq[3470]: read /etc/hosts - 7 addresses
Jan 26 07:29:30 testblog123.noho.st systemd[1]: dnsmasq.service: Start-post operation timed out. Stopping.
Jan 26 07:29:30 testblog123.noho.st systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Jan 26 07:29:30 testblog123.noho.st systemd[1]: dnsmasq.service: Unit entered failed state.
Jan 26 07:29:30 testblog123.noho.st systemd[1]: dnsmasq.service: Failed with result 'timeout'.

ljf · January 26, 2020, 7:04pm

Have you reproduce several times this issue or it arrived just one time ?

djx · January 28, 2020, 4:54am

I have reproduced this several times now. Using this as a startup script on the VPS:

#!/bin/sh
apt install ca-certificates
curl https://install.yunohost.org | bash -s – -a

Would usually result in a timeout in dnsmasq starting up. I tried this on multiple instances in US and also France.

I updated the startup script to automatically try to start dnsmasq after the “no confirm” install, and now things seem to work OK.

#!/bin/sh
apt install ca-certificates
curl https://install.yunohost.org | bash -s – -a
systemctl start dnsmasq

ljf · January 28, 2020, 9:34am

Is ipv6 enable on your server ?
Could you return the result of a “ping6 wikipedia.org” ?

My theory is your dnsmasq timeout due to a broken ipv6 (or broken ipv4 o_O) configuration. If ipv6 is enable, but you are not able to ping correctly outside, IPv6 DNS could be unreachable and it might cause the failure of dnsmasq “timeout”.

So the idea to check that could be to diagnose your nude VPS connectivity (without yunohost installed), by running ping wikipedia.org and ping6 wikipedia.org

djx · January 28, 2020, 10:10am

ipv6 is enabled and working. Actually, I had this problem at first because the YunoHost DynDNS only supports authenticating through ipv6. Though, I have noticed that after creating a new dynamic domain name with the YunoHost service it takes a minute or two for the “Let’s Encrypt” button to be available. Perhaps there is some general slowness or time that it takes to get ready?

djx · January 29, 2020, 10:16am

I just tried the ping6 on a fresh machine and it works fine.

system · February 13, 2020, 10:16am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.