Birch Street Computing -

about me

John M is a Linux fan in Lowell, MA.

I work at at a company writing software. I fool around with Free and Open Source software for fun & profit.

I was big into Last.fm and you can still see some of what I listen to there. I can also be found using github and recently sourcehut as well as bitbucket (historically). I don't care for most popular social media sites. If I have an account on one or the other it's probably either old and unused or was created just for tinkering.

promo

Links to things I like, use, or otherwise feel is worth sharing. Things I'd like to see get more popular.

Disabling systemd-resolved on Fedora CoreOS 33

I was recently working on a side-task for $DAYJOB and decided, rightly or wrongly, that I needed to run a container image that hosts a DNS server, among other components, on a FCOS (Fedora CoreOS) VM image. I chose to use FCOS 33 because Fedora 33 has recently been released and I wanted my stuff to be a bit more forward looking than I usually do.

However, I ran into difficulties due to systemd-resolved listening on port 53. To turn off systemd-resolved completely I needed to do a few things that I've captured in the FCC sample below. If you want to do something similar, you can add the relevant parts of this example FCC to yours. Beneath the sample, I will touch on what the various subsections accomplished.

variant: fcos
version: 1.1.0
# (skipping passwd section)
storage:
  files:
    # Set network manager to use default dns
    - path: /etc/NetworkManager/NetworkManager.conf
      overwrite: true
      contents:
        inline: |
          [main]
          dns=default

          [logging]
      mode: 0644
      user:
        id: 0
      group:
        id: 0
    # Ensure resolv.conf is a real file, not a symlink
    - path: /etc/resolv.conf
      overwrite: true
      contents:
        inline: ""
      mode: 0644
      user:
        id: 0
      group:
        id: 0
systemd:
  units:
    - name: coreos-migrate-to-systemd-resolved.service
      enabled: false
      mask: true
    - name: systemd-resolved.service
      enabled: false
      mask: true

The simplest steps involve stopping the systemd-resolved and a "helper" migration service that is FCOS specific. That got me to the point where port 53 was not longer being used by anything else.

After that it was a matter of getting "normal" DNS working again. Configuring Network Manager should have been enough according to the Network Manager docs I read, but because /etc/resolv.conf was already a symlink it was apparently unable to write the typical contents to the file and silently (?) failing. To work around this, I determined that adding an empty file to the storage/files section of the FCC was sufficient to get Network Manager writing resolv.conf in the ye-olde way and I could move on with my life.

Perhaps there are better ways to handle this situation than turning off systemd-resolved to get the port free. But this is the route I chose. Feel free to shoot me an email if you think there's a better approach.

Every blog page or article on this site is available under the CC-BY-SA license unless otherwise noted.