From 5eb772cfb367a99c1db1083f1213e1de6fb403a7 Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Jul 14 2020 19:16:00 +0000 Subject: Add scriptlet to enable nss-resolve The default line is > hosts: files dns myhostname Some people might insert mymachines, most likely as: > hosts: mymachines files dns myhostname The scriptlet for nss-mdns inserts mdns before dns: > hosts: ... files mdns4_minimal [NOTFOUND=return] dns ... The scriptlet replaces 'files dns myhostname' with > resolve [!UNAVAIL=return] myhostname files dns This follows the upstream recommendation. myhostname is ordered earlier because a) it's more trustworthy than files or especially dns b) resolve synthetizes the same answers as myhostname, so it doesn't make much sense to have myhostname at any other place than directly after resolve, so that if resolve is not available, we get answers for the names that myhostname is able to synthesize with the same priority. See https://fedoraproject.org/wiki/Changes/systemd-resolved. --- diff --git a/systemd.spec b/systemd.spec index e937940..2fdefb9 100644 --- a/systemd.spec +++ b/systemd.spec @@ -627,7 +627,13 @@ function mod_nss() { # Add nss-systemd to passwd and group grep -E -q '^(passwd|group):.* systemd' "$1" || sed -i.bak -r -e ' - s/^(passwd|group):(.*)/\1: \2 systemd/ + s/^(passwd|group):(.*)/\1:\2 systemd/ + ' "$1" &>/dev/null || : + + # Add nss-resolve to hosts + grep -E -q '^hosts:.* resolve' "$1" || + sed -i.bak -r -e ' + s/^(hosts):(.*) files( mdns4_minimal .NOTFOUND=return.)? dns myhostname/\1:\2 resolve [!UNAVAIL=return] myhostname files\3 dns/ ' "$1" &>/dev/null || : fi }