Installer changes /etc/resolv.conf to 127.0.0.1

[t2vee]

When using the installer on a fresh instance, at the step Installing nsd (DNS server).... It will fail with the error

FAILED: apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install ldnsutils openssh-client
-----------------------------------------
Reading package lists...
Building dependency tree...
Reading state information...
openssh-client is already the newest version (1:8.2p1-4ubuntu0.4).
The following NEW packages will be installed:
  ldnsutils libldns2
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 257 kB of archives.
After this operation, 998 kB of additional disk space will be used.
Err:1 http://ap-sydney-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 libldns2 arm64 1.7.0-4.1ubuntu1
  Temporary failure resolving 'ap-sydney-1-ad-1.clouds.ports.ubuntu.com'
Err:2 http://ap-sydney-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 ldnsutils arm64 1.7.0-4.1ubuntu1  Temporary failure resolving 'ap-sydney-1-ad-1.clouds.ports.ubuntu.com'
E: Failed to fetch http://ap-sydney-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports/pool/universe/l/ldns/libldns2_1.7.0-4.1ubuntu1_arm64.deb  Temporary failure resolving 'ap-sydney-1-ad-1.clouds.ports.ubuntu.com'
E: Failed to fetch http://ap-sydney-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports/pool/universe/l/ldns/ldnsutils_1.7.0-4.1ubuntu1_arm64.deb  Temporary failure resolving 'ap-sydney-1-ad-1.clouds.ports.ubuntu.com'
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

Checking /etc/resolv.conf shows nameserver 127.0.0.1, changing it back to 1.1.1.1 or 8.8.8.8 will get reverted when the installer runs again.

Any help is appreciated. Thanks

Update: I have temporarily disabled these lines in the installer https://github.com/ddavness/power-mailinabox/blob/7df762b46bef37b8fd31d7d8417f20554f5065cf/setup/system.sh#L344 Which allows the installer to successfully continue.

From what it looks like P-MIAB seems to be changing the nameserver before installing bind9.

[ddavness]

That is really weird - the script explicitly installs bind9 first, then does the changes in /etc/resolv.conf so that it can be used.

So what's probably happening is that for some reason bind9 is actually... not working 🤔 Does the command sudo service bind9 status or sudo service named status uncover any trouble (i.e. the service is not running?)

[t2vee]

This is strange as it shows bind9 running:

ubuntu@mail:~$ sudo systemctl status bind9
● named.service - BIND Domain Name Server
     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-03-24 00:29:39 AEDT; 4 weeks 1 days ago
       Docs: man:named(8)
   Main PID: 924 (named)
      Tasks: 5 (limit: 7028)
     Memory: 17.0M
     CGroup: /system.slice/named.service
             └─924 /usr/sbin/named -f -u bind -4

But with this error:

Apr 22 14:51:36 miab-fqdn named[924]: no valid RRSIG resolving 'org/DS/IN': 199.9.14.201#53
Apr 22 14:51:37 miab-fqdn named[924]: validating org/DS: no valid signature found
Apr 22 14:51:37 miab-fqdn named[924]: no valid RRSIG resolving 'org/DS/IN': 192.36.148.17#53
Apr 22 14:51:37 miab-fqdn named[924]: validating org/DS: no valid signature found
Apr 22 14:51:37 miab-fqdn named[924]: no valid RRSIG resolving 'org/DS/IN': 192.33.4.12#53
Apr 22 14:51:37 miab-fqdn named[924]: broken trust chain resolving '_.o.lencr.org/A/IN': 172.64.32.147#53
Apr 22 14:51:37 miab-fqdn named[924]: validating r3.o.lencr.org/CNAME: bad cache hit (org/DS)
Apr 22 14:51:37 miab-fqdn named[924]: broken trust chain resolving 'r3.o.lencr.org/A/IN': 173.245.59.219#53
Apr 22 14:51:37 miab-fqdn named[924]: validating r3.o.lencr.org/CNAME: bad cache hit (org/DS)
Apr 22 14:51:37 miab-fqdn named[924]: broken trust chain resolving 'r3.o.lencr.org/AAAA/IN': 173.245.59.219#53