network-manager-fortisslvpn breaks mode of /run/systemd/resolv/stub-resolv.conf
I filed this on Ubuntu Launchpad here: https://bugs.launchpad.net/ubuntu/+source/network-manager-fortisslvpn/+bug/1793427
I don't actually know if this is a fortisslvpn problem or a network manager problem or a systemd problem, but I do know that when I use the NetworkManager openvpn VPN client, I don't see this problem.
I'm using Ubuntu 18.04.1 on 64bit Intel with:
network-manager 1.10.6-2ubuntu1
network-manager-fortisslvpn 1.2.8-1build1
network-manager-fortisslvpn-gnome 1.2.8-1build1
network-manager-gnome 1.8.10-2ubuntu1
systemd 237-3ubuntu10.3
When I connect then disconnect from my VPN using the network-manager-fortisslvpn VPN interface, it will break the permissions on /run/systemd/resolv/stub-resolv.conf such that I can't use DNS anymore until I fix the permissions.
On my system I see:
$ ls -al /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Oct 22 2017 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
When there's no VPN connection, I see:
$ ls -al /run/systemd/resolve/
total 8
drwxr-xr-x 3 systemd-resolve systemd-resolve 100 Sep 19 23:05 ./
drwxr-xr-x 21 root root 480 Sep 15 14:19 ../
drwx------ 2 systemd-resolve systemd-resolve 60 Sep 19 23:05 netif/
-rw-r--r-- 1 systemd-resolve systemd-resolve 714 Sep 19 23:05 resolv.conf
-rw-r--r-- 1 systemd-resolve systemd-resolve 783 Sep 19 19:31 stub-resolv.conf
Now I start the fortisslvpn VPN then:
$ ls -al /run/systemd/resolve/
total 16
drwxr-xr-x 3 systemd-resolve systemd-resolve 140 Sep 19 23:06 ./
drwxr-xr-x 21 root root 480 Sep 15 14:19 ../
drwx------ 2 systemd-resolve systemd-resolve 80 Sep 19 23:06 netif/
-rw-r--r-- 1 systemd-resolve systemd-resolve 714 Sep 19 23:06 resolv.conf
-rw-r--r-- 1 systemd-resolve systemd-resolve 783 Sep 19 23:06 stub-resolv.conf
-rw------- 1 root root 783 Sep 19 19:31 stub-resolv.conf.pppd-backup.ppp0
-rw-r--r-- 1 root root 805 Sep 19 23:06 stub-resolv.conf.tmp
Note how the stub-resolv.conf.pppd-backup-ppp0 has 0600 file permissions.
Now I stop the fortisslvpn VPN:
$ ls -al /run/systemd/resolve/
total 12
drwxr-xr-x 3 systemd-resolve systemd-resolve 120 Sep 19 23:06 ./
drwxr-xr-x 21 root root 480 Sep 15 14:19 ../
drwx------ 2 systemd-resolve systemd-resolve 60 Sep 19 23:06 netif/
-rw-r--r-- 1 systemd-resolve systemd-resolve 714 Sep 19 23:06 resolv.conf
-rw------- 1 root root 783 Sep 19 19:31 stub-resolv.conf
-rw-r--r-- 1 root root 805 Sep 19 23:06 stub-resolv.conf.tmp
Now the stub-resolv.conf file has 0600 permissions and my DNS is broken.