Public bug reported:
unbound.service in Ubuntu 20.04LTS Focal has insufficient dependencies
for the ExecStartPre package-helper root_trust_anchor_update command to
reliably succeed, while it depends on network.target that is no
guarantee that network is available.
While unbound startup succeeds, the following error can typically be
seen on boot on physical hosts with NICs that have long setup/startup
times (approx 10 seconds on this host):
package-helper[899]: fail: the anchor is NOT ok and could not be fixed
Our workaround is to add an appropriate dependency on network-online.target in
/etc/systemd/system/unbound.service.d/network-online.conf like so:
----------------------8<----------------------------
[Unit]
# Needs network online to be able to verify/update dnssec root key on startup
After=network-online.target
----------------------8<----------------------------
With this workaround in place, after reboot we see success:
package-helper[1025]: success: the anchor is ok
** Affects: unbound (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1923733
Title:
unbound.service needs network online
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1923733/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
