DNS resolution outside NSS shouldn’t be dismissed as an edge case for
software that’s too conceited to use NSS.  NSS only exposes A, AAAA, and
PTR records.  There’s plenty of software in the official archive that
needs other records from DNS (off the top of my head: SRV, TXT, MX,
SSHFP, AFSDB) and cannot get them from NSS.

> resolved reads their DNS servers *from* resolv.conf.

Right, so perhaps when resolvconf is in use, systemd-resolved should
read those from /run/resolvconf/resolv.conf directly, and
/etc/resolv.conf should be a symlink to /lib/systemd/resolv.conf rather
than /run/resolvconf/resolv.conf?

> you can't both chose to *not* use NSS *and* rely on NSS to do DNSSEC
for you.

Why not?  It was working with NetworkManager managing a dnsmasq, since
NetworkManager installed the local proxy as the only nameserver visible
in resolv.conf, and it would work again if systemd-resolved did the

This will also be needed to fix problems like
https://github.com/systemd/systemd/issues/3421 for programs that cannot
use NSS.

** Bug watch added: github.com/systemd/systemd/issues #3421

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  systemd-resolved appends to resolv.conf alongside existing

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to