| Message ID | cover.1663079342.git.fweimer@redhat.com |
|---|---|
| Headers |
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A10213851AA9 for <patchwork@sourceware.org>; Tue, 13 Sep 2022 14:36:07 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A10213851AA9 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1663079767; bh=FSAX+I/tmF90ufC+SOR+H92TdDtosaDzbYGOc28sllo=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=F+uBlLb7JB2d8hZmp9HnDmee0gIlla/Czq+w8dfbCR6GyBi6jeC1qCMTlwxWLidI2 VuXFHEtXWh5ZzHPmI0o7Ud1ayNHjwynkveao/b9qsSprotygc0TmufhRAIZC6pm2cS YY0pOvoBr+zBbij+jHb+0AfsPGxktd/mOhPXmeCY= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 580403858D1E for <libc-alpha@sourceware.org>; Tue, 13 Sep 2022 14:35:44 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 580403858D1E Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-202-ge7-JIZoPTC0VQKoAjzbRw-1; Tue, 13 Sep 2022 10:35:42 -0400 X-MC-Unique: ge7-JIZoPTC0VQKoAjzbRw-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 891143C10228 for <libc-alpha@sourceware.org>; Tue, 13 Sep 2022 14:35:42 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.210]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E49D540C6EC2 for <libc-alpha@sourceware.org>; Tue, 13 Sep 2022 14:35:41 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH 0/2] Fix nss/tst-nss-files-hosts-long on single-stack hosts (bug 24816) X-From-Line: 468dff5f8914e9db91785b32683ac0af1f4c731b Mon Sep 17 00:00:00 2001 Message-Id: <cover.1663079342.git.fweimer@redhat.com> Date: Tue, 13 Sep 2022 16:35:39 +0200 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-5.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> From: Florian Weimer via Libc-alpha <libc-alpha@sourceware.org> Reply-To: Florian Weimer <fweimer@redhat.com> Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org> |
| Series |
Fix nss/tst-nss-files-hosts-long on single-stack hosts (bug 24816)
|
|
Message
Florian Weimer
Sept. 13, 2022, 2:35 p.m. UTC
Our Fedora builders started running the container tests (after the switch to systemd-nspawn), and we encountered this test failure as well. Fix this by disabling address configuration in the getent tool. Tested on x86_64-linux-gnu. Florian Weimer (2): nss: Implement --no-addrconfig option for getent nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816) NEWS | 5 ++++- nss/getent.c | 11 ++++++++++- nss/tst-nss-files-hosts-long.c | 9 +++++---- 3 files changed, 19 insertions(+), 6 deletions(-) base-commit: f278835f594740f5913001430641cf1da4878670
Comments
On Tue, Sep 13, 2022 at 04:35:39PM +0200, Florian Weimer via Libc-alpha wrote: > Our Fedora builders started running the container tests (after the > switch to systemd-nspawn), and we encountered this test failure as well. > Fix this by disabling address configuration in the getent tool. Two things I'd like to discuss. (1) Change the getent default and drop AI_ADDRCONFIG. I'm hesitant to add a new option to getent as a solution to a testing problem. The documented description for getent ahosts talks only about enumerating the host entries or calling getaddrinfo with AF_UNSPEC. Could we just change the default and ignore the host configuration? This is less conservative but logically it seems to me that we could just drop AI_ADDRCONFIG, and add a --addrconfig option to get back the old behaviour. What could we possibly break? (2) Fix the test. Alternatively the test should be checking to see if it is in a dual stack environment or single stack environment and only call getent for the specific case when such interfaces are enabled. Can we resolve this entirely in tst-nss-files-hosts-long? > Tested on x86_64-linux-gnu. > > Florian Weimer (2): > nss: Implement --no-addrconfig option for getent > nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816) > > NEWS | 5 ++++- > nss/getent.c | 11 ++++++++++- > nss/tst-nss-files-hosts-long.c | 9 +++++---- > 3 files changed, 19 insertions(+), 6 deletions(-) > > > base-commit: f278835f594740f5913001430641cf1da4878670 > -- > 2.37.2 >
* Carlos O'Donell: > On Tue, Sep 13, 2022 at 04:35:39PM +0200, Florian Weimer via Libc-alpha wrote: >> Our Fedora builders started running the container tests (after the >> switch to systemd-nspawn), and we encountered this test failure as well. >> Fix this by disabling address configuration in the getent tool. > > Two things I'd like to discuss. > > (1) Change the getent default and drop AI_ADDRCONFIG. > > I'm hesitant to add a new option to getent as a solution to a testing > problem. The documented description for getent ahosts talks only > about enumerating the host entries or calling getaddrinfo with > AF_UNSPEC. Could we just change the default and ignore the host > configuration? This is less conservative but logically it seems to me > that we could just drop AI_ADDRCONFIG, and add a --addrconfig option to > get back the old behaviour. What could we possibly break? I'm not sure why we would make such a backwards-incompatible change just to fix a test. It sounds even more preposterous than adding the new option. There have been support cases where the --no-addrconfig option would have been useful. Today, getent isn't a great tool for diagnosing DNS issues, and I think this option improves the situation slightly. > (2) Fix the test. > > Alternatively the test should be checking to see if it is in a dual > stack environment or single stack environment and only call getent for > the specific case when such interfaces are enabled. > > Can we resolve this entirely in tst-nss-files-hosts-long? I think it's futile to try to replicate the AI_ADDRCONFIG behavior in the test. Thanks, Florian
On Wed, Sep 14, 2022 at 11:54:47AM +0200, Florian Weimer wrote: > * Carlos O'Donell: > > > On Tue, Sep 13, 2022 at 04:35:39PM +0200, Florian Weimer via Libc-alpha wrote: > >> Our Fedora builders started running the container tests (after the > >> switch to systemd-nspawn), and we encountered this test failure as well. > >> Fix this by disabling address configuration in the getent tool. > > > > Two things I'd like to discuss. > > > > (1) Change the getent default and drop AI_ADDRCONFIG. > > > > I'm hesitant to add a new option to getent as a solution to a testing > > problem. The documented description for getent ahosts talks only > > about enumerating the host entries or calling getaddrinfo with > > AF_UNSPEC. Could we just change the default and ignore the host > > configuration? This is less conservative but logically it seems to me > > that we could just drop AI_ADDRCONFIG, and add a --addrconfig option to > > get back the old behaviour. What could we possibly break? > > I'm not sure why we would make such a backwards-incompatible change just > to fix a test. It sounds even more preposterous than adding the new > option. I fully agree that the most backwards compatible change is to add an option that allows getent to operate without AI_ADDRCONFIG. What I want to explore here is: Why use AI_ADDRCONFIG at all with getent? If our collective answer is: Because that's just the way we've always done it and changing it would be a backwards incompatible change, then I'm fine with that. I just wanted to explore that a bit. I can see arguments both ways. I was looking for your opinion here. My read of your opinion is that we should make the minimum backwards compatible change. > There have been support cases where the --no-addrconfig option would > have been useful. Today, getent isn't a great tool for diagnosing DNS > issues, and I think this option improves the situation slightly. That's a good point in favour of the new option. > > (2) Fix the test. > > > > Alternatively the test should be checking to see if it is in a dual > > stack environment or single stack environment and only call getent for > > the specific case when such interfaces are enabled. > > > > Can we resolve this entirely in tst-nss-files-hosts-long? > > I think it's futile to try to replicate the AI_ADDRCONFIG behavior in > the test. I did an audit and it looks like getent, and this specific test are the only ones that we'd need cood like this for, and so there isn't a win-win here with other tests. Cheers, Carlos.
* Carlos O'Donell: > On Wed, Sep 14, 2022 at 11:54:47AM +0200, Florian Weimer wrote: >> * Carlos O'Donell: >> >> > On Tue, Sep 13, 2022 at 04:35:39PM +0200, Florian Weimer via Libc-alpha wrote: >> >> Our Fedora builders started running the container tests (after the >> >> switch to systemd-nspawn), and we encountered this test failure as well. >> >> Fix this by disabling address configuration in the getent tool. >> > >> > Two things I'd like to discuss. >> > >> > (1) Change the getent default and drop AI_ADDRCONFIG. >> > >> > I'm hesitant to add a new option to getent as a solution to a testing >> > problem. The documented description for getent ahosts talks only >> > about enumerating the host entries or calling getaddrinfo with >> > AF_UNSPEC. Could we just change the default and ignore the host >> > configuration? This is less conservative but logically it seems to me >> > that we could just drop AI_ADDRCONFIG, and add a --addrconfig option to >> > get back the old behaviour. What could we possibly break? >> >> I'm not sure why we would make such a backwards-incompatible change just >> to fix a test. It sounds even more preposterous than adding the new >> option. > > I fully agree that the most backwards compatible change is to add > an option that allows getent to operate without AI_ADDRCONFIG. > > What I want to explore here is: Why use AI_ADDRCONFIG at all with > getent? I think it dates back when it was assumed that AI_ADDRCONFIG was useful. Back then, it looked like that if your system had IPv6 addresses configured, it could reach the entire IPv6 Internet. In practice, what applications should do is to get all addresses, always, and make connections in parallel over both address families. Filtering out addresses that are clearly unusable is just an optimization (but glibc isn't very good at that, getting the IPv6 support status of a host the way we do it can be very expensive, or give inaccurate results over time). > If our collective answer is: Because that's just the way we've always > done it and changing it would be a backwards incompatible change, then > I'm fine with that. I just wanted to explore that a bit. Yeah, that too. getent ahosts is not really useful because of the address duplication. Thanks, Florian