[Touch-packages] [Bug 1717015] Re: libc resolver stops searching domain search list after getting back NSEC record

Tue, 03 Apr 2018 02:13:33 -0700 

1) one should not manually adjust search domains in /etc/resolv.conf
2) systemd-resolved should learn about search domains

 - for example, set search domains in /etc/systemd/resolved.conf if
nothing sets them on per link basis vai resolved dbus api or
networkd.network files.

3) /etc/resolv.conf should be a symlink to 
../run/systemd/resolve/stub-resolv.conf
4) ../run/systemd/resolve/stub-resolv.conf should be dynamically updated by 
resolved to contain the correct search domains
5) resolved does not send DNSSEC info to clients that do not support DNSSEC nor 
requested a DNSSEC response
6) if you expect DNSSEC validation from responses resolved provides, please 
manually enable DNSSEC in /etc/systemd/resolved.conf and all the relevant links 
via systemd-resolve cmdline tool (if not managed vai networkd.network units)

** Changed in: systemd (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1717015

Title:
  libc resolver stops searching domain search list after getting back
  NSEC record

Status in systemd package in Ubuntu:
  Incomplete

Bug description:
  Suppose that:

  1. you have a "search" line in your /etc/resolv.conf file;
  2. it has two domains in it; and
  3. the first of the two domains does DNSSEC, including returning NSEC records 
for nonexisting hosts.

  In this situation, when you try to look up a host name in the second
  domain without specifying the domain part of the host name, the libc
  resolver will stop after it gets back the NSEC record and report that
  the host name doesn't exist, rather than moving on to the second
  domain in the search list and searching for the host in that domain.

  See also https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1717014
  .

  ProblemType: Bug
  DistroRelease: Ubuntu 17.04
  Package: libc6 2.24-9ubuntu2.2
  ProcVersionSignature: Ubuntu 4.10.0-33.37-generic 4.10.17
  Uname: Linux 4.10.0-33-generic x86_64
  ApportVersion: 2.20.4-0ubuntu4.5
  Architecture: amd64
  CurrentDesktop: Unity:Unity7
  Date: Wed Sep 13 16:00:45 2017
  Dependencies:
   gcc-6-base 6.3.0-12ubuntu2
   libc6 2.24-9ubuntu2.2
   libgcc1 1:6.3.0-12ubuntu2
  InstallationDate: Installed on 2016-08-09 (400 days ago)
  InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 
(20160719)
  SourcePackage: glibc
  UpgradeStatus: Upgraded to zesty on 2017-04-19 (147 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1717015/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to