Ubuntu
systemd package

systemd-resolved recommends libnss-resolve in kinetic, pulls it into minimal system where it was explicitly excluded before

Bug #1990187 reported by Steve Langasek
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

In kinetic, systemd-resolved now Recommends: libnss-resolve, pulling it into the ubuntu-minimal seed.

In the past we briefly had libnss-resolve seeded (between xenial and bionic LTSes but not in any LTS) but it was removed because:

 - it was redundant; /etc/resolv.conf was consistent and correct.
 - its presence could mask wrong DNS configuration resulting in difficult-to-debug differences in behavior between applications that did use nss_resolved via /etc/nsswitch.conf and those that did not (examples: i386 binaries that could not use nss_resolved because it was not installed; statically-linked go implementations that parsed /etc/resolve.conf directly and did not load NSS modules)

This new recommends was noticed specifically because of some broken kinetic container images where /etc/resolv.conf was broken (empty) and *some* applications still worked via nss but others failed by trying to use the DNS protocol directly. (I.e.: 2nd point above)

I believe systemd-resolved should drop its recommends on libnss-resolve for Ubuntu.

Related branches

~enr0n/ubuntu/+source/systemd:ubuntu-kinetic
Steve Langasek: Approve
Diff: 117 lines (+51/-5)
4 files modified
debian/changelog (+28/-0)
debian/control (+4/-5)
debian/patches/lp1989969-test-deny-list-TEST-36-NUMAPOLICY-on-ppc64el.patch (+18/-0)
debian/patches/series (+1/-0)
Heinrich Schuchardt (xypron)
Changed in systemd (Ubuntu):
status: New → Confirmed
Revision history for this message
Heinrich Schuchardt (xypron) wrote :

Jammy's systemd 249.11-0ubuntu3.6 does not provide package systemd-resolved at all.
Could we drop systemd-resolved from ubuntu-minimal?

Revision history for this message
Nick Rosbrook (enr0n) wrote :

systemd-resolved was previously shipped in the systemd package, and became a separate binary package during the kinetic cycle. This package provides the default DNS resolver for Ubuntu, so we want it in ubuntu-minimal.

Changed in systemd (Ubuntu):
importance: Undecided → Low
status: Confirmed → Triaged
Heinrich Schuchardt (xypron)
tags: added: foundations-todo
Simon Chopin (schopin)
Changed in systemd (Ubuntu):
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 251.4-1ubuntu6

---------------
systemd (251.4-1ubuntu6) kinetic; urgency=medium

  * test: deny-list TEST-36-NUMAPOLICY on ppc64el (LP: #1989969)
    File: debian/patches/lp1989969-test-deny-list-TEST-36-NUMAPOLICY-on-ppc64el.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0f61b31fbeb57cf7e47a5f0922fd2ff47b81caa7
  * debian/control: drop systemd-resolved Recommends: (LP: #1990187)
    libnss-resolve was previously explicitly excluded from ubuntu-minimal,
    and this Recommends: reverses that change. While here, drop
    libnss-myhostname too, because it is in universe and there is no real
    need for systemd-resolved to Recommends: it.
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=88c134fac13b738efdcc657e160350c061d0a018
  * debian/control: set Priority: important on systemd-resolved (LP: #1990278)
    Since this package used to be a part of the systemd binary package,
    systemd-resolved would be installed by debootstrap by default. Retain
    this previous behavior by setting Priority: important on
    systemd-resolved.
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1d9ca06dfe8351ed4d03073fbafa5e2212fe4fcb

systemd (251.4-1ubuntu5) kinetic; urgency=medium

  * enable building systemd-boot for riscv64 (LP: #1989457)

 -- Nick Rosbrook <email address hidden> Tue, 20 Sep 2022 11:19:06 -0400

Changed in systemd (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

we do not need or want libnss-resolve anymore, because we created stub-resolv.conf which exports 1) local nameserver resolver 2) with correct options 3) and search domains. We only needed libnss-resolve back when we dind't have /run/systemd/resolve/stub-resolv.conf

Matthieu Clemenceau (mclemenceau)
tags: removed: foundations-todo
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.