Description of problem: It seams that the "hosts: resolve" entry in /etc/nsswitch.conf doesn't work on Fedora 34. It works on Fedora 33. Version-Release number of selected component (if applicable): systemd-248-2.fc34.x86_64 glibc-2.33-8.fc34.x86_64 How reproducible: Always. Steps to Reproduce: 1. Create or change the file /etc/nsswitch.conf, so that the line that starts with "hosts:" contain only hosts: resolve [!UNAVAIL=return] It should not contain other entries, because we want to test the result / answer of systemd-resolved. 2. Chech that systemd-resolved is running and correctly configured. Run "resolvectl status" to see the active configuration. 3. Choose a host which is running and you know the dns name and the ip address. It should be reachable by "ping". 4. Test that resolvectl can resolve this dns name and this ip address. Example: resolvectl query pinghost.example.com resolvectl query 192.0.2.6 5. Run "ping" to this host. ping pinghost.example.com 6. Change the hosts entry in /etc/nsswitch.conf and append " dns". 7. Repeat step 5. Actual results: Step 5: ping doesn't know the dns name of the host (it cannot resolve it (from the ip address?)): PING pinghost.example.com (192.0.2.6) 56(84) bytes of data. 64 Bytes von 192.0.2.6 (192.0.2.6): icmp_seq=1 ttl=64 Zeit=0.627 ms Step7: ping works as expected and prints the dns name and the ip address. Expected results: Step 5: ping prints the dns name and the ip address: PING pinghost.example.com (192.0.2.6) 56(84) bytes of data. 64 Bytes von pinghost.example.com (192.0.2.6): icmp_seq=1 ttl=64 Zeit=0.627 ms Step7: ping works as expected and prints the dns name and the ip address. Additional info: The behavior is problematic when programs does an dns / ip address check from dns name to ip address and back from ip address to dns name.
If authselect is activ (check "authselect current"), then /etc/nsswitch.conf should not be edited directly, but it should be done by editing the "hosts:" line in /etc/authselect/user-nsswitch.conf and activating it with "authselect enable-feature with-custom-hosts" and deactivating by "authselect disable-feature with-custom-hosts".
Based on this systemd commit, I assume this is a systemd bug: commit 77fac974fe396dbe4fb679b748bfa89db1136e0c Author: Zbigniew Jędrzejewski-Szmek <zbyszek.pl> Date: Wed Mar 31 16:20:30 2021 +0200 nss-resolve: fix parsing of io.systemd.Resolve.ResolveAddress reply Since the switch to varlink in 0c73f4f075a2d23f7cabe708b589f19f4bbbec37, the code wasn't functional. The JSON_VARIANT_UNSIGNED/JSON_VARIANT_STRING mismatch meant that we'd reject any reply. Once past that, the code would use unitialized 'c' and 'n' variables, so it's lucky we never got that far ;)
FEDORA-2021-775e2373a1 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-775e2373a1
FEDORA-2021-775e2373a1 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-775e2373a1` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-775e2373a1 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-775e2373a1 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.