Am 01.08.2018 um 12:00 schrieb Andreas Beckmann: Hi, I can reproduce this in a container upgrading Stretch to Buster.
Configuration file '/etc/bind/named.conf.options' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** named.conf.options (Y/I/N/O/D/Z) [default=N] ? d --- /etc/bind/named.conf.options 2018-08-01 15:40:01.840772576 +0000 +++ /etc/bind/named.conf.options.dpkg-new 2018-07-16 18:49:50.000000000 +0000 @@ -20,7 +20,5 @@ //======================================================================== dnssec-validation auto; - auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; - AFAICT this is caused by the version in Stretch, which did not ship /etc7bind/named.conf.options at all, but created it in postinst === if [ -f /etc/bind/named.conf.options ]; then [...] else cp /usr/share/bind9/named.conf.options /etc/bind/named.conf.options chmod 644 /etc/bind/named.conf.options fi === So the file is there and not marked as conffile, because it has been created in postinst. Now in Buster the file is properly shipped as conffile (since commit 9ddbb41a71236815d246180b454850ec4ef7862d, included in 9.11.2+dfsg-6. It is only appearing now because the named.conf.options has now been changed from the version contained in Stretch in 9.11.4+dfsg-2. But the underlying bug is in Stretch. I have no idea how to properly deal with this. Best Regards, Bernhard