Hi, Toni Mueller writes: > On Sun, Feb 24, 2019 at 08:03:38AM +0100, Martin Pitt wrote: >> resolved doesn't run in pid 1 (that would be a really bad architecture!). >> This >> just means that pid 1 connected to localhost's name server to resolve a name >> (i. e. a DNS client). A better command to find out which processes are >> *listening* on UDP ports is "ss -ulpen", or for port 53 specifically, >> "ss -ulpen 'sport = 53'". > > # ss -ulpen 'sport = 53' > State Recv-Q Send-Q Local Address:Port Peer Address:Port > UNCONN 0 0 192.168.122.1:53 0.0.0.0:* > users:(("dnsmasq",pid=13861,fd=5)) ino:5159825 sk:a1 <-> > UNCONN 0 0 127.0.0.1:53 0.0.0.0:* users:(("systemd",pid=1,fd=113)) > ino:10583 sk:a2 <-> > UNCONN 0 0 [::1]:53 [::]:* users:(("systemd",pid=1,fd=111)) ino:362 > sk:a3 v6only:1 <->
Could you run `systemctl list-sockets`? systemd-init should only listen to network interfaces to start socket-activated services. The command above should list what sockets systemd listens on and for which service it does so. systemd-resolved doesn't seem to support socket activation (at least I could not see a *.socket unit in /lib/systemd/system). So I suspect this might be some other service. Ansgar