CRIT Error in dnsmasq configuration: failed to create listening socket for port 53: Address in use

The issue I am facing:
I am getting the dreaded DNS server failure in my pihole. I can't figure out what is using my port 53 though. I see that dnsmasq shows up as using port 53, but doesn't pihole use dnsmasq? I've tried disabling, stopping and removing dnsmasq, but I still get DNS server failure and it still shows dnsmasq is using port 53. How do I get rid of this??
Details about my system:
I'm running pihole through a docker container on a UGreen NAS DXP4800Plus.
What I have changed since installing Pi-hole:
I think this started may have started when I tried implementing a Cloudflare tunnel. But I have since removed it from my system and deleted it from Cloudflare, and I still get the same error in pihole.

Here is the output of my ss -tulpn sport 53:

Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 
udp UNCONN 213504 0 0.0.0.0:53 0.0.0.0:* users:(("pihole-FTL",pid=3694764,fd=20)) 
udp UNCONN 0 0 192.100.0.1:53 0.0.0.0:* users:(("dnsmasq",pid=2133,fd=7)) 
udp UNCONN 0 0 192.100.1.1:53 0.0.0.0:* users:(("dnsmasq",pid=2219,fd=7)) 
udp UNCONN 0 0 192.100.2.1:53 0.0.0.0:* users:(("dnsmasq",pid=2170,fd=7)) 
tcp LISTEN 0 32 192.100.1.1:53 0.0.0.0:* users:(("dnsmasq",pid=2219,fd=8)) 
tcp LISTEN 0 32 192.100.2.1:53 0.0.0.0:* users:(("dnsmasq",pid=2170,fd=8)) 
tcp LISTEN 0 32 192.100.0.1:53 0.0.0.0:* users:(("dnsmasq",pid=2133,fd=8))

You can not have both dnsmasq and pihole-FTL running at the same time. Yes, FTL is based on dnsmasq but it does not use it directly or cause it to run.

I'm not sure how to disable or remove dnsmasq on the NAS host operating system.

Ok, so you're saying because my OS runs dnsmasq, and I can't seem to find a way to remove it, I cannot run pihole-FTL? It's weird because it was working fine for a couple weeks before everything just stopped...

No, I'm saying that I don't know your NAS or it's operating system so I can't tell you how to remove dnsmasq. You will need to either remove or disable dnsmasq if you would like to use Pi-hole, they can not co-exist.

Gotcha. Thanks for the info!

So my post here is now asking if anyone knows how to remove dnsmasq from a UGreen NAS system so I can use pihole. And maybe also, why would it work for a couple weeks without issue, and then just stop? For those following along, I have tried removing dnsmasq using apt remove, and it just says that there is no dnsmasq installed, so it can't remove it. I am able to disable it, but it doesn't fix this issue in my pihole instance.

Did you turn on the DNS server on the NAS's OS by chance?

I just checked and DNS is not enabled in the OS settings.

Can you do another ss -tulpn sport 53 and in the resulting pids for dnsmasq, can you run ps <dnsmasq pid>

For your first output, it would be ps 2219 ps 2170 ps 2133

I wonder if below one also was a UGreen.
The OP never mentioned.
But its got some hints.

It is indeed on a UGreen NAS, though I have a DXP2800. The custom OS that UGreen uses should be the same across models.

OP: I’ve done systemctl disable dnsmasq and systemctl mask dnsmasq and UGreen still tries to run dnsmasq so I’m not sure how to permanently disable it but I’ve just been killing the service after each reboot and it works fine after that. It’s not a permanent solution but I only restart maybe once a week and I’m at the NAS’s physical location so it’s not a big deal for me. I still haven’t noticed any issues with stopping the service this way.

Thats maybe bc another process booted up a dnsmasq instance.
Not directly through the systemd unit/service.
Maybe below one shows which process is its parent if dnsmasq is still running:

pstree -pst $(pidof -s dnsmasq)

Or if you browse the systemd journal since --boot with below:

sudo journalctl --full --no-hostname --boot

And search the journal by pressing the forward slash "/" plus type in dnsmasq plus press enter.
Maybe the lines above and below will show who is fiddling with dnsmasq.
Thats if the NAS has configured less or more as a pager:

$ man journalctl
[..]
       The output is paged through less by default, and long lines are
       "truncated" to screen width. The hidden part can be viewed by using
       the left-arrow and right-arrow keys. Paging can be disabled; see
       the --no-pager option and the "Environment" section below.

EDIT: dnsmasq is used for its many features DNS, DHCP, TFTP etc so it can be running for a plethora of applications.
A common one is for virtualization, VPN's or connection sharing like for example a WiFi hotspot.

$ man dnsmasq
[..]
DESCRIPTION
       dnsmasq  is  a lightweight DNS, TFTP, PXE, router advertisement and
       DHCP server.

But it can also be running as just a simple stub resolver for cashing.
Stub as in sub bc it doesnt do recursion like the Unbound resolver can.

EDIT2: Oh with which arguments is dnsmasq booted?

ps -o uid,user,gid,group,pid,cmd -C dnsmasq -C pihole-FTL

Sometimes you can deduce who is booting up dnsmasq from above output.

What you want to see is below

$ ps -o uid,user,gid,group,pid,cmd -C dnsmasq -C pihole-FTL
  UID USER       GID GROUP      PID CMD
  100 100        101 adminis+ 17608 /usr/bin/pihole-FTL no-daemon

$ sudo docker exec -it pihole6 ps -o uid,user,gid,group,pid,cmd -C dnsmasq -C pihole-FTL
  UID USER       GID GROUP      PID CMD
  100 pihole     101 pihole     154 /usr/bin/pihole-FTL no-daemon

I had to do a reboot today for an update so I took the opportunity to test a theory. TL;DR it didnt result in anything. UGreen OS has an option to make the NAS's 'desktop' enviroment accessible to the internet through a subdomain (its called UGreenlink). I thought that this might be why its trying to reserve port 53. I dont use it but never bothered to turn it off till now. After the reboot, the 192.100.0.1 was still listening at port 53 so that idea is out.

Resulted in:

dnsmasq[1462]: started, version 2.90 cachesize 150
dnsmasq[1462]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile
dnsmasq[1462]: warning: no upstream servers configured
dnsmasq-dhcp[1462]: DHCP, IP range 192.100.0.2 -- 192.100.0.254, lease time 1h
dnsmasq-dhcp[1462]: DHCPv6, IP range 2222:db8:85a3::2 -- 2222:db8:85a3::ff, lease time 1d
dnsmasq-dhcp[1462]: router advertisement on 2222:db8:85a3::
dnsmasq-dhcp[1462]: IPv6 router advertisement enabled
dnsmasq-dhcp[1462]: DHCP, sockets bound exclusively to interface virbr1
libvirtd[1312]: libvirt version: 9.0.0, package: 9.0.0-4+deb12u2 (Debian)
libvirtd[1312]: hostname: NAS
libvirtd[1312]: internal error: Network is already in use by interface virbr1
dnsmasq[1462]: read /etc/hosts - 8 names
dnsmasq[1462]: read /var/lib/libvirt/dnsmasq/vnet-host.addnhosts - 0 names
dnsmasq-dhcp[1462]: read /var/lib/libvirt/dnsmasq/vnet-host.hostsfile

It loops through this start sequence a couple times but the first instance of dnsmasq is directly after loading the kernal, and after that is nginx but it doesnt seem to have any relevant errors. I did cat /etc/hosts and it has a duplicate of my host name, not sure if thats an issue or not.

For your edit 2 lines, I got these.

$ ps -o uid,user,gid,group,pid,cmd -C dnsmasq -C pihole-FTL
  UID USER       GID GROUP        PID CMD
 1000 user+  1000 1000      109009 /usr/bin/pihole-FTL no-daemon

and

$ sudo docker exec -it pihole ps -o uid,user,gid,group,pid,cmd -C dnsmasq -C pihole-FTL
  UID USER       GID GROUP        PID CMD
 1000 pihole    1000 pihole        49 /usr/bin/pihole-FTL no-daemon

Edit: Another interesting thing that Ive noticed after my unexpected restart is that there are no longer any clients on pi hole other than host. Im using tailscale to resolve DNS to pi hole (even for home network traffic) and prior to this issue I would see the client IP from tailscale. Now all queries are made from the local host IP. Again, Im not sure if this an issue. Pi hole is still receiving queries and working, from what I can tell, properly.

See here:

Thank you for all the great data on this issue! I should also say that I also use tailscale on all my devices, including this one. So I spent a couple days trying to get dnsmasq off my system. I must admit, I did not document everything, just entered commands I found as I rabbit-holed my way through posts. It appears that dnsmasq is not on my system now. If I run sudo systemctl status dnsmasq I get Unit dnsmasq.service could not be found. in red.

However, now I can't access my pihole instance at all, as well as many other containers running on that docker instance. I'm afraid I've messed things up beyond repair. Just a week ago everything was running smoothly. I could access all of my services, my npm was dialed in with all of my reverse proxy hostnames, and I thought I understood how it all worked. Then I started down this pihole and now a lot is broken. I need to get better at documenting what I'm doing on this network!! I don't know how I removed dnsmasq, I don't know if that is the cause of my current problems accessing services, and I don't know how to put it back if it is. I am most definitely in over my head.

FYI, when I run ss -tulpn sport 53 I get:

Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process udp UNCONN 0 0 0.0.0.0:53 0.0.0.0:* udp UNCONN 0 0 *:53. *:* tcp LISTEN 0 32 0.0.0.0:53 0.0.0.0:* tcp LISTEN 0 32 [::]:53 [::]:*

You didnt have dnsmasq running at the time you run my commands!

Please say more. I didn't have it running when I ran your commands?

You need sudo/root powers to also be able to list the process:

sudo ss -tulpn sport 53

I remembered another UGreen:

Post results for below ones pls?

Also do you have this "Virtual Machine App" installed on the NAS as pointed out in the link below?

You're right. Actually, nothing is running on port 53 now. I mistakenly ran that command on my raspberry pi, not the UGREEN. When I run it on UGREEN, with sudo powers, I get no entries at all. I uninstalled VM, but that didn't seem to make any difference. I still can't login to npm, and pihole doesn't load at all. None of my reverse proxy hosts load any more.