id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 1278,Loading wrong resolv.conf from wrong namespace,yurtesen,Antonio Quartulli,"I am running openvpn client in a namespace. I am starting it as: {{{ ip netns exec vpn openvpn --fast-io --config /etc/openvpn/OpenVPN-Configs/Random-TCP.ovpn }}} It works fine for a long time but sometimes it ends up printing: {{{ Apr 26 13:48:43 ubuntu openvpn[5182]: RESOLVE: Cannot resolve host address: XXXXXXX:XXXX (Temporary failure in name resolution) }}} I ran strace on the process and found out that it is reading the default /etc/resolv.conf file. (I can see it as the first line in file is ""# This file is managed"") and it seems to be using 127.0.0.1 for DNS resolving but it won't work inside namespace! {{{ sendto(3, ""<27>Apr 26 13:53:43 openvpn[5182""..., 137, MSG_NOSIGNAL, NULL, 0) = 137 openat(AT_FDCWD, ""/etc/resolv.conf"", O_RDONLY|O_CLOEXEC) = 4 fstat(4, {st_mode=S_IFREG|0644, st_size=719, ...}) = 0 read(4, ""# This file is managed by man:sy""..., 4096) = 719 read(4, """", 4096) = 0 close(4) = 0 getpid() = 5182 stat(""/etc/resolv.conf"", {st_mode=S_IFREG|0644, st_size=719, ...}) = 0 openat(AT_FDCWD, ""/etc/hosts"", O_RDONLY|O_CLOEXEC) = 4 lseek(4, 0, SEEK_CUR) = 0 fstat(4, {st_mode=S_IFREG|0644, st_size=287, ...}) = 0 read(4, ""127.0.0.1\tlocalhost.localdomain\t""..., 4096) = 287 lseek(4, 0, SEEK_CUR) = 287 read(4, """", 4096) = 0 close(4) = 0 }}} Normally I have an /etc/netns/vpn/resolv.conf file (which does NOT have a line like ""# This file..."") which should be used by processes running inside the namespace. When I check the process with `ip netns identify OPENVPN_PID` I see that OpenVPN process is still inside the namespace it started in. resolv.conf is a link: /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf When I execute `ip netns exec vpn cat /etc/resolv.conf` I receive the contents of /etc/netns/vpn/resolv.conf as it should be... Furthermore, DNS resolution works fine for other programs which are inside the namespace. So how come OpenVPN opens the wrong resolv.conf? I believe this is a bug? Thanks!",Bug / Defect,closed,major,release 2.4.11,Networking,OpenVPN 2.4.7 (Community Ed),"Not set (select this one, unless your'e a OpenVPN developer)",worksforme,"namespace, resolv.conf,",