Your message dated Mon, 27 May 2024 23:50:02 +0000 with message-id <e1sbk6m-008267...@fasolo.debian.org> and subject line Bug#851314: fixed in systemd 256~rc3-3 has caused the Debian Bug report #851314, regarding libnss-mymachines should be ordered before resolve to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 851314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851314 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libnss-resolve Version: 232-6 Severity: serious Justification: Breaks another package Hi! A freshly installed Debian Stretch system will have a /etc/nsswitch.conf like this (see libc-bin's postinst and/or /usr/share/libc-bin/nsswitch.conf): # /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: compat group: compat shadow: compat gshadow: files hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis Installing libnss-resolve makes these changes: --- nsswitch.conf 2016-12-04 15:16:42.701978711 +0100 +++ /etc/nsswitch.conf 2016-12-04 15:16:51.965961200 +0100 @@ -9,7 +9,7 @@ shadow: compat gshadow: files -hosts: files dns +hosts: files resolve [!UNAVAIL=return] dns networks: files protocols: db files If the user then installs for example the "gnome" meta package, libnss-mdns and libnss-myhostname will be installed as well because of these dependencies/recommendations: gnome -> avahi-daemon -> libnss-mdns gnome -> gnome-core -> gnome-control-center -> libnss-myhostname This results in the following hosts line: hosts: files resolve [!UNAVAIL=return] mdns4_minimal [NOTFOUND=return] dns myhostname However, because of the "[!UNAVAIL=return]" introduced with [0], nothing after "resolve" will actually be tried. This is mostly harmless, since "resolve" provides a superset of "dns" and "myhostname", but it breaks mDNS as resolved currently does not resolve mDNS names like "foo.local". Please note, that a) This bug depends on the order of package installations. Installing libnss-resolve *AFTER* everything else will avoid the problem. b) I think the rationale for the change made in [0] is sound, so simply reverting the change is not a solution. IMHO the best solution would be to a) Activate the mDNS support in resolved [1] if possible. b) Talk to the GNOME/Avahi maintainers and make them recommend libnss- resolve instead of the others c) Eventually remove libnss-mdns and libnss-myhostname from Debian as both aren't really maintained anymore and have been superseded by libnss-resolve. Best regard Alexander Kurtz [0] https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=5e0095416366eb86590d6e31242097ded5201b3a [1] https://github.com/systemd/systemd/blob/master/src/resolve/resolved-mdns.c
signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---Source: systemd Source-Version: 256~rc3-3 Done: Luca Boccassi <bl...@debian.org> We believe that the bug you reported is fixed in the latest version of systemd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 851...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luca Boccassi <bl...@debian.org> (supplier of updated systemd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 28 May 2024 00:07:57 +0100 Source: systemd Architecture: source Version: 256~rc3-3 Distribution: unstable Urgency: medium Maintainer: Debian systemd Maintainers <pkg-systemd-maintain...@lists.alioth.debian.org> Changed-By: Luca Boccassi <bl...@debian.org> Closes: 825438 851314 913061 966621 1029152 1056166 1056564 Changes: systemd (256~rc3-3) unstable; urgency=medium . [ Zbigniew Jędrzejewski-Szmek ] * tests/boot-and-services: don't wait for systemd-tmpfiles-clean.service to finish. It's a oneshot service, so the 'start' call above is effectively synchronous. * test/boot-and-services: use pidof instead of ps -C . [ Chris Hofstaedtler ] * autopkgtest: install open-iscsi and tgt for upstream suite . [ Gioele Barabucci ] * d/libnss-mymachines.nss: Install before `resolve` and `dns`. Installing `mymachines` before `dns` and `resolve` (whatever comes first) is suggested in the manpage. It also avoids leaking information about local machines to the DNS resolver. (Closes: #825438, #851314) * d/libnss-myhostname.nss: Install after `files` . [ Luca Boccassi ] * Drop /bin/systemd legacy symlink. The systemd binary should not be in the default PATH. This symlink was created due to some old documentation (long since corrected) suggesting to use init=/bin/systemd to test switching to systemd. (Closes: #913061) * initramfs: call udevadm settle before control --exit to ensure workers have stopped. Otherwise there might be lock files left under /run/ which will break 'nuke' and cause the boot to fail. (Closes: #1056564) * Restore open files limit bump on boot. Broken packages ought to have been fixed by now. (Closes: #1029152) * Set default core limit to 0 via PAM for users. Otherwise it only applies to services. * Cleanup /var/tmp/ and /tmp/ on a timer by default. Remove the downstream patch and restore the upstream behaviour set by the tmpfiles.d which is to cleanup /var/tmp/ once a month and /tmp/ once every 10 days. Can be overridden via: touch /etc/tmpfiles.d/tmp.conf (Closes: #966621) * Make /tmp/ a tmpfs by default. Restore the upstream default and make /tmp/ a tmpfs. Can be overridden with: touch /etc/systemd/system/tmp.mount or: systemctl mask tmp.mount * Drop out-of-tree /run/lock patch and use a mount unit and tmpfiles.d instead. Only lvm2 and open-iscsi have mentions of /run/lock and an early-boot unit, so it's trivial to add ordering in those units instead of maintaining an out-of-tree patch. * homed: use standalone pam config file instead of pam-auth-config pam_unix.so assumes that if anything comes before it then the password has already been queried for sure. This doesn't work for homed, so passwd breaks. pam-auth-config has this hard-coded assumption and it cannot be disabled. Use an upstream standard pam config file instead. (Closes: #1056166) * NEWS: note recent changes Checksums-Sha1: 8cf16b7e2d80faa5d9da954d40ef4f537ecd2320 7719 systemd_256~rc3-3.dsc a0aca60ecb9c3fd34bcd59a89db4a1599c0e1c29 165772 systemd_256~rc3-3.debian.tar.xz baa712bee3033594322e7ed58bd97b8b0a8dcf9a 13019 systemd_256~rc3-3_source.buildinfo Checksums-Sha256: 0bf70272578e36ce424b2d01c71721cff90b16f0b4f5dafe3bccb1be1555eeff 7719 systemd_256~rc3-3.dsc c564162535499259081c2acbcde37b4920e3084c407afba5f1b355c03f818778 165772 systemd_256~rc3-3.debian.tar.xz ebc58604e4fba4331d60610fd9c3eff08d52405a1baf8bd2ba94027909d9fa43 13019 systemd_256~rc3-3_source.buildinfo Files: d341c9500f21505e735b890baaf28a9b 7719 admin optional systemd_256~rc3-3.dsc de97771e92d379a4d8e339bf40e355af 165772 admin optional systemd_256~rc3-3.debian.tar.xz 53b9fba9eb5e3bac3266575e7bf7b25c 13019 admin optional systemd_256~rc3-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEErCSqx93EIPGOymuRKGv37813JB4FAmZVGPwRHGJsdWNhQGRl Ymlhbi5vcmcACgkQKGv37813JB7Dpw/+Pf6Ty1eA76e5kcIEj6jIfzKJqBcUKqCV O0alHmctpRi3ces8gMTL6fyZbZFe7Y414BGPoEVR2pWbznoAiW7QENa5FNQBqned wEcZDhBzNMIRs3HYoGr0/gPUG6a/RQnu4t/EUqHSMbS/9y/7F7gbaluZxszu5gw5 rgru6VZztmZ1b/IRL5OUe9HuaMxMkjFXvw58VbdH9SU9GtmMwlBBEEW+UjuC7j9m CC31+Blb+hOAzQs1WxDDND6nEJcCSlpvCYcSMDzh3v3kWfuOpvijGmeV7o5vBvpp tzbMzwjHlBg7eKsVar7cTHiLW6rc+L4egXMu7KoHfAIKhft7s9C8mzHyys0xxRW+ Z/swW+JekYOvrPCGzC+FAKyHETXs7L7CCX7e8eE2e+GWduxmPJ2pUE0EAHoLgGQf MBIwni3+tVyyjYamSq/DEVv0jywmtqawjb005iNcZpfYkXVBOOzE8L01dAUL+UjP +z8t1jV6+k3PTTP9lHLSP6OAJOui7uIasYUGNXxd5RlXKMz2F2xzLNA6kOirwE25 rSTWs3Y8EWS7+rceZoxa9QUiMwBCvQjBrf6wTtWAoSjlDJd+Yiy0qbgGg+Y5k7jO lG2yW0BL9laQwXlaNlD5lZu2Jpk6z3qElvD6r1YkQaD1XSTJfy2FPoEBv/dBmwgg Qa8MusOKCWk= =sKGw -----END PGP SIGNATURE-----
Description: PGP signature
--- End Message ---
