On 8/1/23 09:56, Zdenek Dohnal wrote:
Hi Pavel,
since authselect already advertises features for profiles regarding mdns
as:
--with-mdns4
--with-mdns6
it would be great if the profile feature logically matched what is going
to be enabled - --with-mdn4 will put 'mdns4' into 'hosts' in
nsswitch.conf instead of current mdns_minimal.
AFAIK from Avahi people (pemensik in CC) I wouldn't go for mdns and
mdns_minimal, because hostname->IPv6 + hostname->IPv4 address
resolutions are currently made in sequence in Avahi, so the getting the
result will be unnecessary delayed if one of them is not defined.
IIUC nss-mdns README, the main difference between mdns4 and
mdns4_minimal is /etc/mdns.allow file support, which can allow bypassing
heuristics and allows user to do mDNS queries in conflict to mDNS
standard (f.e. standard specifies that only .local or .local. domains
can be used for mDNS) - although it would be great if networks were up
to the standards, it is not a case in reality. We had this issue
https://bugzilla.redhat.com/show_bug.cgi?id=2148500 , where ISP injected
DNS server which defined 'local' domain as classic DNS record, breaking
mDNS resolution in whole user's environment. Fortunately Petr came up
with solution for it (now nss-mdns does always mDNS lookup for .local,
but if there is DNS SOA for .local and mDNS lookup didn't succeed, moves
to DNS), so this scenario doesn't need mdns.allow anymore, but IMO there
could be other divergence from standards in the networks, so having the
option to use mdns.allow in default configuration is welcome.
So what I would propose:
- use mdns4/mdns6 with authselect --with-mdns4 and --with-mdns6 profile
features instead of _minimal to honor name logic,
- don't use mdns/mdns_minimal - if someone wants to use it, he can
enable both features separately,
- if someone would like to use mdns4/6_minimal, he can opt-out from
authselect and update nsswitch.conf manually.
@Adam, @Petr, please let me know if there are other things to consider
or disadvantages in this.
Hi Zdenek,
the current logic is:
- with-mdns4: mdns4_minimal
- with-mdns6: mdns6_minimal
- with-mdns4 and with-mdns6? mdns_minimal
If I understand your message correctly, you propose to keep this logic
but use mdns4/mdns6/mdns instead of minimal and drop support for minimal
completely. Is that right?
Thank,
Pavel
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
