GnuPG and dnsmasq can't resolve a DNS without /etc/resolv.conf using systemd-resolve
I have installed the Arch Linux distribution. Arch Linux uses systemd
as a system service suite, so it also uses systemd-resolved
to resolve a DNS. I use DHCP to receive DNS servers and resolve the DNS. I needed to enable the systemd-resolved
service to automatically detect and resolve the DNS. And it works, for example, for curl
and a simple web browser, even with an empty /etc/resolv.conf
. The problem is that it doesn't work for gpg
and dnsmasq
.
-
GPG. Command
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv *some key*
printsgpg: keyserver search failed: Server indicated a failure
if there is no DNS specified in/etc/resolv.conf
. But if I specify some DNS server in/etc/resolv.conf
, for examplenameserver 1.1.1.1
, thengpg
would work correctly and would find the key. -
dnsmasq. I want to make something like a DNS forwarder. I want to start a DHCP server that will provide also DNS servers. But is it possible to detect the DNS servers automatically, not only from
/etc/resolv.conf
? To use the DNS servers that the local machine uses? The DNS that might be also received from another DHCP server, the server from which the local machine receives an IPv4 address?
Hope that it is possible! I would be glad for any help! Thanks in advance!
For the 1st problem, put the nameserver 127.0.0.53
in your /etc/resolv.conf. Systemd-resolved does not require programs to be using its native API through nsswitch – it is also listening on localhost for standard DNS requests (like dnsmasq would do).
This is most commonly done by symlinking /resolv.conf to /run/systemd/resolve/stub-resolv.conf
, that way you also get the domain suffixes from DHCP.
For the 2nd problem, tell dnsmasq to read from /run/systemd/resolve/resolv.conf
(note that's a different file than above) using the "resolv-file" option – this file will contain the actual nameservers that were obtained from DHCP.
(If you want, you can symlink your /etc/resolv.conf to that file, too – GnuPG's DNS queries would then bypass systemd-resolved completely.)