Your message dated Sun, 24 Dec 2006 19:47:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#393711: fixed in nss-mdns 0.8-6.1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: libnss-mdns Version: 0.8-6 Severity: serious Hi! The configuration that is patched into /etc/nsswitch.conf by libnss-mdns 0.8-6 is just plain broken and against everything upstream (who happens to be me) or any other person who has any clue about mDNS recommends. The line upstream suggests looks like this: hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 This line resembles closely the behaviour MacOSX - the OS which pioneered mDNS - exposes. Everything else is much worse in its behaviour. In contrast, the line your package version adds has several disadvantages, among them: * Slows down all mDNS lookups * Breaks mDNS lookups when the configured DNS server is not reachable (!) * Is a security hole, because local host info is leaked on unicast dns server and as such the internet * Is a security hole, because people on the internet can redirect local services to other hosts * Increases the burden on internet DNS servers needlessly. (This is a major problem which caused the creation of projects like AS112) * Breaks mDNS RR consistency because the unicast DNS zone .local is kind-of merged with the multicast DNS zone .local. However, the conflict protocol which makes sure that no two host names or service names conflict in the .local zone simply doesn't work against names from the .local unicast domain. In short: while upstream proposes a sensible, working line, your package pointlessly fucks it up and is thus simply broken. Sure, the line upstream recommends has also one disadvantage, which is that it is inherently incompatible with unicast DNS domains called .local. But that's the way mDNS has been designed, and is a simple fact that has to be dealt with administratively and not through applying ugly kludges to upstream's clean code. For further discussion see bug #388864 where many points mentioned above were already discussed. Several people showed interest in maintaining nss-mdns in Debian. As you seem to give a fuck about upstream's technical opinion on these issues or even on the opinions of the mDNS/DNS-SD *designers*, and it is clear that your relationship to upstream is not the best, may I suggest that you simply orphan this package and have someone else looking after it? I am fully aware that you happen to have access to a network where .local is a unicast domain name. Due to this you seem to value compatiblity with that network more than correct behaviour of mDNS. However, Debian is not just about you, but about its users - all of them. If you insist that your line is the better one and refuse to change it to the line I recommend and don't want to orphan the package, then I kindly ask you to fork my package and rename your copy. And please don't put "mdns" in the new package name, since the behaviour you advocate is clearly not the standard mDNS behaviour. Please understand that I don't want to be connected to the broken behaviour your nss-mdns package exposes any longer. Lennart -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages libnss-mdns depends on: ii base-files 3.1.16 Debian base system miscellaneous f ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries libnss-mdns recommends no packages. -- no debconf information -- Lennart Poettering; lennart [at] poettering [dot] net ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/
--- End Message ---
--- Begin Message ---Source: nss-mdns Source-Version: 0.8-6.1 We believe that the bug you reported is fixed in the latest version of nss-mdns, which is due to be installed in the Debian FTP archive: libnss-mdns_0.8-6.1_i386.deb to pool/main/n/nss-mdns/libnss-mdns_0.8-6.1_i386.deb nss-mdns_0.8-6.1.diff.gz to pool/main/n/nss-mdns/nss-mdns_0.8-6.1.diff.gz nss-mdns_0.8-6.1.dsc to pool/main/n/nss-mdns/nss-mdns_0.8-6.1.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Loic Minier <[EMAIL PROTECTED]> (supplier of updated nss-mdns package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 24 Dec 2006 20:27:30 +0100 Source: nss-mdns Binary: libnss-mdns Architecture: source i386 Version: 0.8-6.1 Distribution: unstable Urgency: low Maintainer: Anand Kumria <[EMAIL PROTECTED]> Changed-By: Loic Minier <[EMAIL PROTECTED]> Description: libnss-mdns - NSS module for Multicast DNS name resolution Closes: 353131 392590 393608 393711 399297 Changes: nss-mdns (0.8-6.1) unstable; urgency=low . * Non-maintainer upload to fix a long-standing RC bug and to beat the package into shape before etch with suggestions from upstream; thanks Lennart Poettering. * Configure with --disable-legacy, as recommended by upstream for security reasons; the legacy mode might be offered in a separate binary package for the corner cases where it can be useful; see full discussion in #393711; depend on avahi-daemon as nss-mdns will not work without avahi when compiled like this; closes: #399297. * Only suggest zeroconf instead of Recommending it: even if it can act as a nice complement to nss-mdns, it is intrusive and orthogonal to nss-mdns and conflicts with avahi-autoipd; closes: #353131, #392590. * Suggest avahi-autoipd as an alternative to zeroconf. * Remove offensive comments in postinst and README.Debian. * Document the history of postinst snippets in debian/NOTES.Debian to permit handling all upgrade paths. * Depend on Perl for the postinst snippets using the perl interpreter. * Rewrite postinst to handle all upgrade paths. - Does not wipe NSS configuration which matches the upstream recommended configuration during upgrades from versions 0.8-4.2 or 0.8-5; closes: #393608. - Install the upstream recommended configuration for first installs and upgrades from versions which did not automatically insert mdns in the NSS setup (unless mdns is already setup); closes: #393711. - Keep configuration intact when upgrading from versions which installed the upstream recommended configuration. - Remove whitespaces added in upgrades from version 0.8-4.2 or 0.8-5 to 0.8-6. - For upgrades from 0.8-6, attempt to revert the problematic "mdns_minimal dns mdns" configuration and to install the upstream recommended configuration. * Update README.Debian to match the above changes and a planned changes in avahi-daemon which should disable itself if a .local SOA is found after a change in the DNS settings. Files: 676fab86e111748f7ea0c7927b085233 574 admin optional nss-mdns_0.8-6.1.dsc fc9e3817375219563584d1f76ff0f4a4 7400 admin optional nss-mdns_0.8-6.1.diff.gz 03debe5c7f40fe87e555cf1bc427a121 23354 admin optional libnss-mdns_0.8-6.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFjtUe4VUX8isJIMARAtq7AKCcyb//ChjA/rvPzaIqIR7KxPOGGwCdGvPE 46sy3rf4FKqb4JcHrSr3sY4= =m3lf -----END PGP SIGNATURE-----
--- End Message ---
