This bug was fixed in the package systemd - 229-4ubuntu11

systemd (229-4ubuntu11) xenial; urgency=medium

  * 73-usb-net-by-mac.rules: Split kernel command line import line.
    Reportedly this makes the rule actually work on some platforms. Thanks
    Alp Toker! (LP: #1593379)
  * fsckd: Do not exit on idle timeout if there are still clients connected
    (Closes: #788050, LP: #1547844)
  * libnss-*.prerm: Remove possible [key=value] options from NSS modules as
    well. (LP: #1625584)
  * Backport networkd 231. Compared to 229 this has a lot of fixes, some of
    which we need for good netplan support. Backporting them individually
    would be a lot more work and a lot less robust, and we did not use/support
    networkd in 16.04 so far. Drop the other network related patches as they
    are included in this backport now. (LP: #1627641)
  * debian/tests/networkd: Re-enable the the DHCPv6 tests. The DHCPv6
    behaviour is fixed with the above backport now.
  * pid1: process zero-length notification messages again. Just remove the
    assertion, the "n" value was not used anyway. This fixes a local DoS due
    to unprocessed/unclosed fds which got introduced by the previous fix.
    (LP: #1628687)
  * pid1: Robustify manager_dispatch_notify_fd(). If
    manager_dispatch_notify_fd() fails and returns an error then the handling
    of service notifications will be disabled entirely leading to a
    compromised system. (side issue of LP: #1628687)

 -- Martin Pitt <>  Tue, 04 Oct 2016 21:43:04

** Changed in: systemd (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.

  Removing libnss-* does not remove corresponding options

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  Fix Released

Bug description:
  libnss-{resolve,mymachines,myhostname} automatically add/remove
  themselves from /etc/nsswitch.conf on installation/removal.

  But when (manually) adding NSS action specifiers, these do not get
  removed along.


    * Install libnss-mymachines. This will change the "hosts" line in 
/etc/nsswitch.conf from e. g. "files dns" to "files dns mymachines".
    * Edit the file to add an action specifier: "files dns mymachines 
    * Remove/purge libnss-mymachines.
    * In current xenial (229-4ubuntu7)/yakkety (231-6) the hosts line ends up 
as "files dns [!UNAVAIL=return]", i. e. the action specifier now applies to 
"dns" but should have been removed.
    * With the fixed version, the action specifier is completely gone.
    * Re-test with installing libnss-resolve (which inserts itself before 
"dns") and modifying to "files resolve [!UNAVAIL=return] dns [foo=bar]", then 
purge libnss-resolve again -- this should again remove the [!UNAVAIL=return] 
but *NOT* "dns [foo=bar]".

  Regression potential: This only affects package removal, so upgrades
  or new installs are not affected. Removals of
  libnss-{mymachines,myhostname,resolvle} must be tested carefully to
  ensure that they don't break nsswitch.conf in any way.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to