Replying to #35: > So, I'm downgrading this from critical to high since it only hits users of > 16.10 server in a few corner cases (i.e. containers, chroots without > libnss-resolve installed). It should still be SRUed.
Another corner case seems to be binaries linked against musl libc, since they do not use NSS. We're getting many reports related the problem on the Haskell stack tool (https://github.com/commercialhaskell/stack/issues/2536#issuecomment-285327722), and we indeed link against musl libc (https://github.com/commercialhaskell/stack/issues/3060). To be sure, is the plan to make the local DNS proxy at least resolve CNAME correctly on Yakkety and future releases, either by fixing systemd or switching to dnsmasq? Only providing `libnss-resolve` is not enough. I'm not aware of us needing fancier DNS features, but correct CNAME support would be great. I understand you don't include musl libc, but except for this bug it's an attractive option for shipping one universal Linux binary, which I suggest Ubuntu should keep supporting. Since the bug affects other scenarios anyway, I think it's reasonable to hope for a fix. I appreciate your effort. ** Bug watch added: github.com/commercialhaskell/stack/issues #2536 https://github.com/commercialhaskell/stack/issues/2536 ** Bug watch added: github.com/commercialhaskell/stack/issues #3060 https://github.com/commercialhaskell/stack/issues/3060 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1647031 Title: systemd-resolved’s 127.0.0.53 server does not follow CNAME records Status in Nextcloud: Unknown Status in systemd: New Status in network-manager package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Fix Released Status in network-manager source package in Yakkety: Invalid Status in systemd source package in Yakkety: Triaged Bug description: $ systemd-resolve www.freedesktop.org www.freedesktop.org: 131.252.210.176 2610:10:20:722:a800:ff:feda:470f (annarchy.freedesktop.org) -- Information acquired via protocol DNS in 673.6ms. -- Data is authenticated: no $ ping www.freedesktop.org ping: www.freedesktop.org: Name or service not known $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 $ dig +no{cmd,comments,stats} www.freedesktop.org @127.0.0.53 ;www.freedesktop.org. IN A www.freedesktop.org. 7146 IN CNAME annarchy.freedesktop.org. $ dig +no{cmd,comments,stats} www.freedesktop.org @8.8.8.8 ;www.freedesktop.org. IN A www.freedesktop.org. 14399 IN CNAME annarchy.freedesktop.org. annarchy.freedesktop.org. 14399 IN A 131.252.210.176 I trust it needn’t be explained why this makes the internet almost completely useless in zesty. To manage notifications about this bug go to: https://bugs.launchpad.net/nextcloud-snap/+bug/1647031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
