Hi Mark! Thank you for pointing me to this bug. I spent some time looking into this.
It seems that there is currently no established mechanism for ordering NSS modules into nsswitch.conf automatically. Instead every package is doing its own parsing mangling of the file on install. libnss-resolve is appending "[!UNAVAIL=return]" which causes the mdns4_minimal entry to get shadowed, depending on installation order of the packages involved (libnss-mdns and libnss-resolve). A workaround was implemented in Debian in https://anonscm.debian.org/cgit/collab-maint/nss- mdns.git/commit/?id=44550bcc6b49116f927dea52395867ff47d7d3b9 (tests in https://anonscm.debian.org/cgit/collab-maint/nss- mdns.git/commit/?id=0e9b82b91cd9bf9464cf63df2c3f1cbbec3553e0) which appears in Zesty (17.04) which will explain why Zesty appears to work correctly. Though this is still a hack, I think it should work in both ordering cases, so in the short term this should be fixed from a user's perspective. In the long term, Debian have a bug open (https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=846944) to fix the hack. It may be that mDNS resolution moves to libnss-resolve, or that some kind of configuration wrapper is arranged to improve on the ad-hoc mangling of nsswitch.conf. So, for Ubuntu: This is fixed in Zesty onwards. The workaround for Yakkety (as you explained) is to edit /etc/nsswitch.conf and bring "mdns4_minimal [NOTFOUND=return]" in front of "resolve [!UNAVAIL=return]". We could propose an update for Yakkety (16.10). But we have to do it carefully - if there is a bug in the update, we could break DNS resolution for all users. However, Debian have already written the essential "swap it round" code so that will already have had some real world testing. But Yakkety has only two months left before it EOLs, and the workaround for affected users is fairly trivial. So is it worth trying? Opinions welcome. For bug triage, there are effectively two bugs. 1) The fact that it doesn't work for users in Yakkety; and 2) the bigger picture fix for the hack or move of mDNS resolution to libnss-resolve. I see this bug as having been reported for the first issue, and the Debian bug as tracking the second. So I'll mark the systemd task as Invalid, as the fix for this bug was in libnss-mdns (and we can track any SRU for libnss-mdns here). I'm not linking the Debian bug, as that's the separate second issue. If we want to track that in Launchpad, we should file a separate bug for it, so as not to mix up the separate statuses of the two issues. ** Bug watch added: Debian Bug tracker #846944 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846944 ** Changed in: systemd (Ubuntu) Status: Confirmed => Invalid ** Also affects: nss-mdns (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Yakkety) Importance: Undecided Status: New ** Changed in: systemd (Ubuntu Yakkety) Status: New => Invalid ** Changed in: nss-mdns (Ubuntu) Status: Confirmed => Fix Released ** Changed in: nss-mdns (Ubuntu Yakkety) Status: New => Triaged ** Changed in: nss-mdns (Ubuntu Yakkety) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1641328 Title: Ordering of mdns4_minimal and resolve in /etc/nsswitch.conf causes mDNS lookups to fail -- breaks network printing Status in nss-mdns package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Invalid Status in nss-mdns source package in Yakkety: Triaged Status in systemd source package in Yakkety: Invalid Bug description: (See also libnss-resolve:amd64 231-9ubuntu1 amd64 nss module to resolve names via systemd-resolved) # fresh install of yakkety mtearle@liberation:/etc$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.10 Release: 16.10 Codename: yakkety # package details mtearle@liberation:~$ apt-cache policy libnss-resolve libnss-resolve: Installed: 231-9ubuntu1 Candidate: 231-9ubuntu1 Version table: *** 231-9ubuntu1 500 500 http://mirror.rackspace.com/ubuntu yakkety-updates/main amd64 Packages 100 /var/lib/dpkg/status 231-9git1 500 500 http://mirror.rackspace.com/ubuntu yakkety/main amd64 Packages mtearle@liberation:~$ apt-cache policy systemd systemd: Installed: 231-9ubuntu1 Candidate: 231-9ubuntu1 Version table: *** 231-9ubuntu1 500 500 http://mirror.rackspace.com/ubuntu yakkety-updates/main amd64 Packages 100 /var/lib/dpkg/status 231-9git1 500 500 http://mirror.rackspace.com/ubuntu yakkety/main amd64 Packages # attempt to ping VM elsewhere on network with mDNS hostname mtearle@liberation:/etc$ ping bazzavan.local ping: bazzavan.local: Name or service not known # can find both ipv4 and ipv6 addresses for the host mtearle@liberation:/etc$ avahi-resolve-host-name bazzavan.local bazzavan.local fe80::a00:27ff:fea5:3f51 mtearle@liberation:/etc$ avahi-resolve-host-name -4 bazzavan.local bazzavan.local 172.16.44.48 # can ping it mtearle@liberation:/etc$ ping -c 1 172.16.44.48 PING 172.16.44.48 (172.16.44.48) 56(84) bytes of data. 64 bytes from 172.16.44.48: icmp_seq=1 ttl=64 time=0.265 ms --- 172.16.44.48 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.265/0.265/0.265/0.000 ms # original ordering mtearle@liberation:/etc$ grep hosts /etc/nsswitch.conf hosts: files resolve [!UNAVAIL=return] mdns4_minimal [NOTFOUND=return] dns # go away and edit /etc/nsswitch.conf # change ordering of resolve and mdns4_minimal mtearle@liberation:/etc$ grep hosts /etc/nsswitch.conf hosts: files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns # check mdns lookups now work, and it now pings mtearle@liberation:/etc$ ping -c 1 bazzavan.local PING bazzavan.local (172.16.44.48) 56(84) bytes of data. 64 bytes from 172.16.44.48 (172.16.44.48): icmp_seq=1 ttl=64 time=0.161 ms --- bazzavan.local ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.161/0.161/0.161/0.000 ms # check libnss-resolve is still doing its thing mtearle@liberation:/etc$ ping -c 1 localhost.localdomain PING localhost.localdomain(localhost (::1%1)) 56 data bytes 64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.016 ms --- localhost.localdomain ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.016/0.016/0.016/0.000 ms To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss-mdns/+bug/1641328/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
