3

I updated to Ubuntu Vivid the other day, and now I am having problems. I cannot get dnscrypt-proxy to start (amongst other programs). I am guessing it has to do with the systemd switch. This is what happens when I try to start dnscrypt-proxy: 

$ sudo service dnscrypt-proxy start 
[sudo] password for anon:
Failed to start dnscrypt-proxy.service: Unit
dnscrypt-proxy.service failed to load: No such file or directory.

There's nothing wrong with my init script or installation, I tried reinstalling and then rebooting... no go.

I'm sure there is a simple answer to this that I am overlooking. If someone could help me understand the key differences with systemd and what I need to do to get services to start, I would really really appreciate it.

Chev_603
  • 1,666
  • 3
  • 18
  • 29
  • Not sure why this got so many downvotes; it's a legitimate issue. None of the dnscrypt-proxy PPAs I've found offer systemd support as of writing, so they're all broken on 15.04. They try to use upstart and end up creating a mess. Plus, this is a good example of how to manually add a systemd service. – Zenexer Jul 15 '15 at 22:36
  • Oh by the way, check this script out. This works across all Debian-ish distros flawlessly now: https://github.com/simonclausen/dnscrypt-autoinstall – Chev_603 Jul 15 '15 at 23:14

4 Answers4

2

First of all let me thank all of those that commented above.

UPDATED - This is what worked on Ubuntu Mate 15.10.

Download Simon Clausen's script linked below.

https://github.com/simonclausen/dnscrypt-autoinstall.

Ubuntu 15:10 breaks Simon Clausen's script so that it only works until you reboot. This is because Ubuntu 15.10 has a symlink from /run/resolvconf/resolv.conf to /etc/resolv.conf. Simon tries to lock down the /etc/resolv.conf using chattr +i /etc/resolv.conf which fails. To fix this do the following before running his script.

sudo rm /etc/resolv.conf

sudo cp /run/resolvconfig/resolv.conf /etc/resolv.conf

Note: The new versions of dnscrypt downloaded by Simons script take systemd into account without modification.

Once the script was run and tested, I did the following.

I used the above systemd file, but needed the resolver added to the last line after all.

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/local/sbin/dnscrypt-proxy -R dnscrypt.eu-nl

create a text file from the text above and name it

dnscrypt-proxy.service

then put your new dnscrypt-proxy.service file into

/etc/systemd/system/

We do not overwrite /lib/systemd default service definitions or we'll have troubles when the package is updated. Systemd checks /etc/systemd/system first before /lib so you're safe putting your customized service definitions in /etc/systemd.

When done, the full path is

/etc/systemd/system/dnscrypt-proxy.service

same thing - use /etc/

Next create the dnscrypt-proxy.socket file from the sample below.

[Unit]
Description=dnscrypt-proxy listening socket
After=network.target

[Socket]
ListenStream=127.0.0.2:53
ListenDatagram=127.0.0.2:53

[Install]
WantedBy=sockets.target

it also goes in

/etc/systemd/system/

The full path is

/etc/systemd/system/dnscrypt-proxy.socket

Activate the scripts (which creates symlinks in the correct folders)

sudo systemctl enable /etc/systemd/system/dnscrypt-proxy.socket

sudo systemctl enable /etc/systemd/system/dnscrypt-proxy.service

stop the service so systemd can start it correctly.

sudo /etc/init.d/dnscrypt-proxy stop

you should take all the settings you have in /init.d/dnscrypt and move them to /etc/systemd/system/dnscrypt-proxy.service -- else systemd takes the scripts found in etc/init.d and makes a temp service definition you can find in /run/systemd/generator/XYZ.service. If you have a service in /etc/ with the same name as a script in init.d, the script gets ignored in favor of the service def'n

you shouldn't see any errors when starting the service with.

sudo systemctl start dnscrypt-proxy.service

sudo service dnscrypt-proxy start

This method survives a reboot for me on Ubuntu 15.10.

I am NOT an advanced user of Linux in any way. I just started. Thanks go to Chev_603 and all those he credited, not me. I hope you find this help full. Any comments about improving the scripts would be appreciated. It would be nice to have a secondary DNS server. Anyone know how?

Jonathan
  • 133
  • 9
user469212
  • 21
  • 3
  • By default (at least on my systems) two resolvers are added by default. If you only have one, try adding another listening on 127.0.0.2. You can do that from the /etc/init.d/dnscrypt-proxy. See my configuration here... https://chev.tech/dnscrypt-proxy/#header – Chev_603 Nov 06 '15 at 22:53
1

Okay, I finally figured out to get this to work. I purged my current installation and removed the ppa, because as solsTiCe mentioned, the package is broken. Than I grabbed this auto-install script from github. I compiled the package, however the configure script has a bug where it does not properly detect if systemd is present (even if you use the --with-systemd flag). To fix that, I opened the configure script and set the variable HAVE_SYSTEMD to TRUE manually. Than I reran configure, than make, and finally sudo make install.

Next, I created a directory, /etc/systemd/system/dnscrypt-proxy.service and placed these two scripts in that directory:

Update:This solution worked until I rebooted, but than the service did not start. I ended up using this script which now works flawlessly. Simclausen is my hero for writing this. Thanks to zenester for telling me the correct syntax:

/etc/systemd/system/dnscrypt-proxy.service/dnscrypt-proxy.service :

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/local/sbin/dnscrypt-proxy \

-R dnscrypt.eu-nl

Apparently this is not necessary:

And also /etc/systemd/dnscrypt-proxy.service/dnscrypt-proxy.socket :

[Unit]
Description=dnscrypt-proxy listening socket
After=network.target

[Socket]
ListenStream=127.0.0.2:53
ListenDatagram=127.0.0.2:53

[Install]
WantedBy=sockets.target

Finally, I ran /usr/local/sbin/dnscrypt-proxy start -R dnscrypt.eu-nl --local-address 127.0.0.2:53

The program started succesfully. To confirm that, I ran this command:

dig @127.0.0.2 debug.opendns.com txt

And everything looks good!

; <<>> DiG 9.9.5-9-Ubuntu <<>> @127.0.0.2 debug.opendns.com txt
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45692
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;debug.opendns.com.     IN  TXT
;; ANSWER SECTION:
debug.opendns.com.  0   IN  TXT "server 3.otp"
debug.opendns.com.  0   IN  TXT "flags 20 0 70 5950800000000000000"
debug.opendns.com.  0   IN  TXT "originid 0"
debug.opendns.com.  0   IN  TXT "actype 0"
debug.opendns.com.  0   IN  TXT "source xxxxxxxxxx:35164"
debug.opendns.com.  0   IN  TXT "dnscrypt enabled (xxxxxxxxxxxxxx)"
;; Query time: 154 msec
;; SERVER: 127.0.0.2#53(127.0.0.2)
;; WHEN: Fri May 22 17:24:32 EDT 2015
;; MSG SIZE  rcvd: 248

Or to correctly register it as a service:

sudo systemctl enable dnscrypt-proxy.service

And than call it with sudo service dnscrypt-proxy start I hope this helps someone.

Chev_603
  • 1,666
  • 3
  • 18
  • 29
  • Correction: Put the service file in `/etc/systemd/system/`. Remove everything from the file related to dnscrypt-proxy.socket. Then, run `sudo systemctl enable dnscrypt-proxy.service`. You can then start dnscrypt-proxy just as you would any other service (either with `systemctl start dnscrypt-proxy` or `service dnscrypt-proxy start`). – Zenexer Jul 15 '15 at 22:52
  • Yeah, you're right. When I rebooted, I had to manually restart dnscrypt-proxy. I will update the answer to reflect this. – Chev_603 Jul 15 '15 at 23:09
0

How did you install dnscrypt-proxy ? There is no such package in vivid.

Your package is broken as it should have included a systemd .service file to run it.

Try this file and name it /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/sbin/dnscrypt-proxy -R dnscrypt.eu-nl

And this one /etc/systemd/system/sockets.target.wants/dnscrypt-proxy.socket

[Unit]
Description=dnscrypt-proxy listening socket
After=network.target

[Socket]
ListenStream=127.0.0.1:53
ListenDatagram=127.0.0.1:53

[Install]
WantedBy=sockets.target
solsTiCe
  • 9,071
  • 3
  • 36
  • 64
  • Same error..."Failed to start dnscrypt-proxy.service: Unit dnscrypt-proxy.service failed to load: No such file or directory. " I installed it from Anton+ 's vivid ppa. And why all the downvotes? – Chev_603 May 12 '15 at 08:29
  • Technically, a systemd `.service` file is not required; if a package provides an `init` startup script, then systemd converts that file at run-time and uses that script. – saiarcot895 Aug 05 '15 at 00:34
0

I am the one owning the PPA Anton+ for dnscrypt-proxy. I learned during my vacations of the problem affecting Ubuntu systems using only systemd vs. upstart (or both) for previous releases.

I just managed to build dnscrypt-proxy for Vivid 15.04 today. It is using systemd.

However I do not have Vivid 15.04 installed in my systems. I still use Trusty 14.04 for now.

Can you test this new release on your system ? It is still version 1.5.0. If the tests are successful I will provide the newer version 1.6.0.

https://launchpad.net/~anton+/+archive/ubuntu/dnscrypt

New test build is : dnscrypt-proxy 1.5.0-1pmo1.8~vivid

It should provide for the 2 DNS from dnscrypt.eu

Contact me through Launchpad.

Thanks.

Antonio
  • 1,536
  • 2
  • 14
  • 24