FS#59391 : [systemd] don't disable DNSSEC

FS#59391 - [systemd] don't disable DNSSEC

Attached to Project: Arch Linux
Opened by nl6720 (nl6720) - Thursday, 19 July 2018, 15:36 GMT
Last edited by Christian Hesse (eworm) - Thursday, 26 July 2018, 11:56 GMT

Task Type	Feature Request
Category	Packages: Core
Status	Closed
Assigned To	Dave Reisner (falconindy) Christian Hesse (eworm)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Andrey Vihrov (andreyv) (2018-07-19)
Private	No

Details

Description:
systemd's default DNSSEC mode is "allow-downgrade", but the systemd package is built with -Ddefault-dnssec=no .
"allow-downgrade" is little better than "no".

Please remove -Ddefault-dnssec=no from the PKGBUILD.

Additional info:
* package version(s)
* config and/or log files etc.
systemd 239.0-2

Steps to reproduce:
grep DNSSEC /etc/systemd/resolved.conf
resolvectl status

This task depends upon

Closed by Christian Hesse (eworm)
Thursday, 26 July 2018, 11:56 GMT
Reason for closing: Implemented
Additional comments about closing: in SVN

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#59391 - [systemd] don't disable DNSSEC

Details

Loading...