Bug#343140: libc6: resolver always checks search list in /etc/resolv.conf
Hi Gabor,
Gabor Gombas wrote:
> On Wed, Dec 14, 2005 at 11:41:38AM -0800, Edward Buck wrote:
>
>>If it's a frequently used feature, it wasn't available until sarge.
>>Woody did not behave this way (I checked).
>
> Huh?
>
> $ cat /etc/debian_version
> 3.0
> $ cat /etc/resolv.conf
> search hpcc.sztaki.hu lpds.sztaki.hu sztaki.hu
> nameserver 127.0.0.1
> $ ping rs2.lvs
> PING rs2.lvs.sztaki.hu (193.6.200.132): 56 data bytes
> ...
>
> It is definitely available in Woody. I'm using it regularly.
Your test does not say much regarding this bug because it's not a
question of whether the search domains are checked eventually. It's a
question of the order in which queries are done. When you ping
'rs2.lvs', the order of queries (according to the documentation) is that
rs2.lvs is checked as rs2.lvs. (note the ending dot) FIRST because it
does not contain "fewer than ndots dots (default is 1)". If it cannot
be found in DNS, then the search domains are checked. Your test merely
confirms that at some point, the search domains are checked.
The bug I'm reporting here is that rs2.lvs is NOT checked as rs2.lvs(.)
first but rather as rs2.lvs.search.domains first. The order is
important and is the cause of the extraneous lookups.
In any case, I can't speak to 'ping' functionality as I never tested
that. I tested only telnet and postfix. And the bug only matters in
the context of postfix.
If you do a 'strace telnet mx1.hotmail.com 25' on a woody machine,
you'll see that it works according to the documentation. Sarge does
not. I can forward you more strace output if it will help. Maybe all
my woody machines are weird. I don't know. But as I said, this
functionality is new with sarge.
>>Also, this "new" feature
>>completely breaks software that doesn't expect this feature, since
>>postfix, telnet and others are doing WAY more DNS queries than they
>>should. Depending on how many search domains are listed and how many
>>caching nameservers are listed, in my case (2 search domains and 2
>>nameservers) I count at least 4 unnecessary queries. That's very bad.
>
> Well, why do you have any search domains then? It is for human
> convenience only, and a mail server usually does not have regular user
> accounts so no need for such convenience features.
You're right. It is for user convenience sake and I've temporarily
removed the search lines on these machines. But the convenience will
still be missed by those who administer these machines. Even a busy
mail server with few shell accounts need regular logins from sysadmins
for maintenance work.
The problem here is that regardless of whether the feature is needed or
not, it used to work as documented. Now it does not. And those who
have come to depend on that documentation and previous behavior have to
deal with process changes (and code changes!) that they did not expect,
not to mention significant changes to system load on affected machines.
If this functionality is intentional (as you seem to imply), then please
update the documentation to reflect that. The 'search' section of the
man page for resolv.conf is very explicit on this subject. If I'm
reading it incorrectly, please let me know how I am.
Regards,
Ed
Reply to: