** Description changed: + [impact] + + /etc/systemd/resolved.conf file indicates the default value for 'Cache=' + is 'yes', but the actual default is 'no-negative' + + [test case] + + $ grep Cache /etc/systemd/resolved.conf + #Cache=yes + + [regression potential] + + any regression would likely result in a mismatch between the commented + default value of the Cache parameter and the actual build-time default + value, or possibly a problem while systemd-resolved is parsing the + resolved.conf file. + + [scope] + + this is needed only in focal. + + this was changed already in groovy as indicated in comment 1. + + bionic and earlier still use 'yes' as the default value of Cache=, which + matches the resolved.conf file. + + [original description] + Back in December, the default for systemd-resolved caching in Ubuntu systemd was changed to "no-negative" from the upstream default "yes" [0] In this change, the default value in the resolved.conf file was missed. As the defaults in this file are commented, the effective default is still "no-negative", however when viewing the config file, the commented default "yes" is at odds with the man page resolved.conf(5), which correctly states the default as "no-negative". This was an issue for me as I set DNSSEC to "yes", and expected Caching to also be "yes". Running DNSSEC with the default "no-negative" Caching is detrimental to performance resolving unsigned zones, as the non- existence of DNSSEC RRs must be looked up every time. The issue with the intersection of DNSSEC and Caching is for upstream, but the least that needs to be done here is updating the resolved.conf template with "Caching=no-negative" to match the man page and behaviour, and perhaps even adding a note to the "DNSSEC=" section of resolved.conf(5) that Caching should be enabled. Now that I'm looking at that man page, the default for DNSSEC is also listed as "allow- downgrade", whereas the default for Ubuntu is "no". [0] https://git.launchpad.net/~ubuntu-core- dev/ubuntu/+source/systemd/commit/?id=b42658843a9496d6b6bb68ac159f2a9f0a8ba9db&h =ubuntu-focal
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1895418 Title: systemd-resolved default config for Caching is still "yes" Status in systemd package in Ubuntu: Fix Committed Status in systemd source package in Focal: In Progress Status in systemd source package in Groovy: Fix Committed Bug description: [impact] /etc/systemd/resolved.conf file indicates the default value for 'Cache=' is 'yes', but the actual default is 'no-negative' [test case] $ grep Cache /etc/systemd/resolved.conf #Cache=yes [regression potential] any regression would likely result in a mismatch between the commented default value of the Cache parameter and the actual build-time default value, or possibly a problem while systemd-resolved is parsing the resolved.conf file. [scope] this is needed only in focal. this was changed already in groovy as indicated in comment 1. bionic and earlier still use 'yes' as the default value of Cache=, which matches the resolved.conf file. [original description] Back in December, the default for systemd-resolved caching in Ubuntu systemd was changed to "no-negative" from the upstream default "yes" [0] In this change, the default value in the resolved.conf file was missed. As the defaults in this file are commented, the effective default is still "no-negative", however when viewing the config file, the commented default "yes" is at odds with the man page resolved.conf(5), which correctly states the default as "no-negative". This was an issue for me as I set DNSSEC to "yes", and expected Caching to also be "yes". Running DNSSEC with the default "no- negative" Caching is detrimental to performance resolving unsigned zones, as the non-existence of DNSSEC RRs must be looked up every time. The issue with the intersection of DNSSEC and Caching is for upstream, but the least that needs to be done here is updating the resolved.conf template with "Caching=no-negative" to match the man page and behaviour, and perhaps even adding a note to the "DNSSEC=" section of resolved.conf(5) that Caching should be enabled. Now that I'm looking at that man page, the default for DNSSEC is also listed as "allow- downgrade", whereas the default for Ubuntu is "no". [0] https://git.launchpad.net/~ubuntu-core- dev/ubuntu/+source/systemd/commit/?id=b42658843a9496d6b6bb68ac159f2a9f0a8ba9db&h =ubuntu-focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1895418/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
