Your message dated Tue, 09 Jan 2007 18:02:03 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#405327: fixed in nss-mdns 0.9-0.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libnss-mdns
Severity: critical
Version: 0.8-6.1
Hi Loïc,
On Tuesday 02 January 2007 12:45, Loïc Minier wrote:
> > package libnss-mdns
> > found 392813 0.8-6.1
>
> I would prefer you to open a separate bug report or perhaps we can
> clone this one for now.
Done.
>
> Now to get to your particular problem:
> > Update from 0.8-6 to 0.8-6.1 broke DNS for me again. libnss-mdns
> > must not edit nsswitch.conf if "local" is exists in the "search"
> > line in resolv.conf or remove the "local" or at least give some
> > warning.
>
> It seems to me your site is using the .local TLD; this is sadly an
> inherently problematic situation in combination with mDNS and you
> should consider changing to a different TLD if you want to use
> mDNS. I imagine this might not be an easy thing to achieve, and we
> have built a workaround in the nss-mdns + avahi-daemon packages to
> "support" these situations (by disabling mDNS lookups).
>
> The solution you describe might sound like a good thing to do for
> setups similar to yours, but the problem is a bit more complex
> once you start considering roaming laptops which attach to
> different networks, which might or might not use the .local TLD.
>
> Since version 0.8-6.1, nss-mdns is configured to systematically
> contact avahi-daemon for mDNS lookups; if avahi-daemon isn't
> running, the lookup should fail fast. avahi-daemon ships an
> ifupdown hook since version 0.6.16-1 which will disable
> avahi-daemon when a .local TLD is detected.
>
> The intent of this layout is to check for the existence of a
> .local TLD after each change in the DNS (which will typically
> involve a networking change).
>
> Stefan, could you report the version of avahi-daemon you had when
> you experienced the bug? Is the bug still present in version
> 0.6.16-1? If the bug is still present, could you check whether the
> ifupdown avahi hook works as expected? This can be achieved by
> reporting the output of:
> host -t soa local.
>
> Perhaps the test needs to be enhanced to match your particular
> configuration; I imagine this can be caused by .local entries in
> your /etc/hosts but no real .local DNS zone at your DNS server.
>
> You might also find this page of interest to understand the
> problem: http://avahi.org/wiki/AvahiAndUnicastDotLocal
When I did the upgrade I had avahi-daemon 0.6.15-2 installed.
The problem is still there with avahi-daemon 0.6.16-1, when I change
nsswitch.conf to the configuration added by libnss-mdns.
I don't use .local TLD anymore, but I used it in the past, so that the
entry in the resolv.conf was still there. The "search local" entry
*alone* prevents DNS from working, it is not necessary to have .local
anywhere in DNS or /etc/hosts.
It is absolutely no problem for me to change my configuration but this
case should be handled somehow (ask to change resolv.conf, not modify
nsswitch.conf, add hint to release notes, ...) because the problem is
very difficult to find if you update a lot of packages and then can't
google for a solution. (Therefore severity critical)
Some more thoughts:
- dnsmasq which is used on the openWRT routers by default will not
return SOA records, even if it serves A records:
$ host x.lan
x.lan has address 10.1.2.3
$ host -t SOA lan.
lan has no SOA record
Maybe there would be a problem if someone has configured addresses
for .local hostnames on such a router. (But maybe it just means that
the unicast .local hostnames would not be found anymore?)
- if you check for "search local" in /resolv.conf, don't forget that
there can be several domains in one line and "domain" works
like "search" (IIRC)
- maybe an entry in the release notes would be a good idea in any
case, even if you handle the "search local" case, because there might
be other corner cases where DNS breaks. People should either remove
everything with .local from {DNS,/etc/hosts,/etc/resolv.conf} or
uninstall libnss-mdns (or avahi-daemon?).
- I consider it very unexpected behaviour for a package to modify a
file in /etc without asking. Policy 10.7.3 says: "local changes must
be preserved during a package upgrade". After the upgrade to 0.8-5 I
changed nsswitch.conf to not use mdns but my change was overwritten
on upgrade to 0.8-6.1. Maybe a debconf note or NEWS.Debian entry
would be in order. Or maybe libnss-mdns should remember that it
changed nsswitch.conf once already and not touch it again.
Cheers,
Stefan
pgpehq1lP5PTT.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: nss-mdns
Source-Version: 0.9-0.1
We believe that the bug you reported is fixed in the latest version of
nss-mdns, which is due to be installed in the Debian FTP archive:
libnss-mdns_0.9-0.1_i386.deb
to pool/main/n/nss-mdns/libnss-mdns_0.9-0.1_i386.deb
nss-mdns_0.9-0.1.diff.gz
to pool/main/n/nss-mdns/nss-mdns_0.9-0.1.diff.gz
nss-mdns_0.9-0.1.dsc
to pool/main/n/nss-mdns/nss-mdns_0.9-0.1.dsc
nss-mdns_0.9.orig.tar.gz
to pool/main/n/nss-mdns/nss-mdns_0.9.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Loic Minier <[EMAIL PROTECTED]> (supplier of updated nss-mdns package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 9 Jan 2007 18:45:27 +0100
Source: nss-mdns
Binary: libnss-mdns
Architecture: source i386
Version: 0.9-0.1
Distribution: unstable
Urgency: high
Maintainer: Anand Kumria <[EMAIL PROTECTED]>
Changed-By: Loic Minier <[EMAIL PROTECTED]>
Description:
libnss-mdns - NSS module for Multicast DNS name resolution
Closes: 404266 404534 405327 406198
Changes:
nss-mdns (0.9-0.1) unstable; urgency=high
.
* Non-maintainer upload to fix broken dependencies in the 0.8-6.1 NMU.
* Fix Depends on perl and avahi-daemon.
* Bump up dependency on avahi-daemon to >= 0.6.16-1 for the auto-disabling
functionality on sites with a .local SOA.
* New upstream release.
- Does not export unnecessary symbols and fixes segfault in nmbclient
which had symbols with the same name; closes: #404266.
- Does not use the "search" keyword of resolv.conf anymore;
closes: #404534, #405327.
* Re-add a postrm to cleanup the mdns_* entries from nsswitch.conf but act on
package removal instead of purge to avoid breaking the DNS when the lib is
removed and to ensure perl is still present; closes: #406198.
* Document the changes made to postinst in NOTES.Debian and document the
history of the postrm as well.
* Updates to README.Debian; add upstream URL for troubleshooting.
Files:
21fa76254d01fd821858b7b3099fddd4 574 admin optional nss-mdns_0.9-0.1.dsc
bc72f5b19cc6ce8cacde448236b30868 346397 admin optional nss-mdns_0.9.orig.tar.gz
27d24ffcc729a1020e2af8896b3e53ec 8333 admin optional nss-mdns_0.9-0.1.diff.gz
8f860a6816f54f621c63b7bfb2c8f34b 22858 admin optional
libnss-mdns_0.9-0.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFo9Uc4VUX8isJIMARAtLyAJ9wCxfQPSmE2loBls2pTo3ovLLmpwCgnGdf
jcVW8b1sRZrQVim9vwH1on8=
=WSZS
-----END PGP SIGNATURE-----
--- End Message ---
