I can see that behavior with normal queries. What triggers it is if the
name you are requesting has a subdomain component or not.
host foo <--- searches for foo and foo.<searchdomain>
host foo.bar <--- only searches for foo.bar
That is also the behavior in xenial 16.04.
The resolv.conf manpage has this to say:
"""
Resolver queries having fewer than ndots dots (default is 1) in them will be
attempted using each component of the search path in turn until a match is
found. For environments with multiple subdomains please read options ndots:n
below to avoid man-in-the-middle attacks and unnecessary traffic for the
root-dns-servers.
"""
And:
"""
ndots:n
Sets a threshold for the number of dots which must appear in a name given to
res_query(3) (see resolver(3)) before an initial absolute query will be made.
The default for n is 1, meaning that if there are any dots in a
name, the name will be tried first as an absolute name before any search list
elements are appended to it. The value for this option is silently capped to
15.
"""
So if you add this line to /etc/resolv.conf:
options ndots:2
your query "host -a -t SRV _kerberos._udp" should be attempted also with
the search domain appended.
Could you please try? That is not the final fix, though, even if it
works, because that file is managed by systemd-resolved, but as a quick
check it's good enough to try.
** Changed in: bind9 (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1771304
Title:
host don't use search domain for service record
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1771304/+subscriptions
--
Ubuntu-server-bugs mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
