Bug#1101532: systemd: unable to migrate to Testing because of removed packages

Noah Meyerhans noahm at debian.org
Tue Apr 1 00:31:10 BST 2025 

On Mon, Mar 31, 2025 at 10:30:41PM +0100, Luca Boccassi wrote:
> > Please try to find a less disruptive way to handle the resolved
> situation.
> 
> I am really sorry for the disruption, but unfortunately when features
> need to be dropped, there's bound to be some of that. Let's keep in
> mind though, that we are talking about an optional 2% popcon package.

Popcon undercounts, that is well known.  In this case, it undercounts
significantly.  Systemd-resolved is active on approximately ever single
cloud VM based on the cloud team's images, and those number in the
millions.

> There are several issues. First and most importantly, the TC wants half
> of resolved (mdns) gone, but there seems to be some misunderstanding
> going around that it can just be compiled out, but that's not true, at
> most you can flip a boolean entry in a config file. They will never
> accept something like that. I already tried to propose some
> alternatives that are less disruptive but with much stronger guarantees
> that ensure avahi always wins, and their answer was escalating to DAM.
> 
> Secondly, even if there was a way to just carve out half of it, that
> still leaves every single host relying on it for reachability dead in
> the water on a simple in-place upgrade, requiring physical access to
> fix. At least if the package is completely removed, chances it gets
> noticed in time are _much_ higher, as you need to dist-upgrade, and
> acknowledge that it gets removed - autoupdaters largely will refuse to
> do so automatically. So the choice is, drop it and get shit for it now,
> or leave it nerfed and get shit for it later. Lovely.

These are legitimately nontrivial problems to solve.  But from a
practical point of view, unless some bespoke user process is managing
resolv.conf, systemd-resolved is the best solution to DNS client
management when systemd-networkd is operating as the DHCP client.  This
is why we use it in the cloud images.

Ripping out systemd-resolved entirely leaves gap in functionality that
is not filled by available alternatives.  I'd very much prefer to work
constructively toward a solution that addresses the TC's requirements
without giving up on providing systemd-resolved altogether.  I'm sure
such a thing exists.

In the interest of trying to contribute potential solutions, one
possibility that comes to mind is to use a generator to avoid
conflicting with avahi.  If the generator determines that avahi is
installed (I don't think it's possible to determine if it's actually
enabled at that phase), we can disable MDNS support with a drop-in
fragment in /run/systemd/resolved.conf.d/.  Have you considered such an
approach?

> Finally, and I understand you can't possibly care, but the only things
> I am getting out of working on this are burnout and grief, a constant
> barrage. Getting hate from random anonymous trolls is one thing and
> pretty much comes with the job description of systemd maintainer, but
> for some reason pile-ons from fellow project members just hit
> differently. My problem, of course.

This is also a legitimate problem.  Have you considered recruiting
additional maintainers to help deal with this?  Please consider this an
offer to help.  Dropping the resolved package altogether won't make this
problem go away.  The cloud team and our users have been quietly happy
with the state of the systemd network management stack for some time.
The fact that the unhappy people are the ones making noise is
unfortunate.

> Besides, the generic feedback from random Debian users seems to be
> largely positive, joyous even:
> 
> https://fosstodon.org/@daltux@snac.daltux.net/114241049303960781
> https://fosstodon.org/@dwardoric@chaos.social/114241412595005926
> https://fosstodon.org/@eugenio@snac.eutampieri.eu/114241396099978535
> https://fosstodon.org/@nafmo@vivaldi.net/114242626006732520
> https://fosstodon.org/@asl@mastodon.launay.org/114245405068810570
> https://fosstodon.org/@TheGingerDog/114245701525734541
> https://fosstodon.org/@ttyS1@bsd.network/114242208525201480
> https://fosstodon.org/@ParadeGrotesque@mastodon.sdf.org/114242559527495102
> 
> So, just one simple question: why the **** should I even bother
> anymore?

Please try to ignore them; they're not contributing anything of value to
the conversation. I assert that they also represent a tiny minority.
Within the cloud team, I certainly can't recall any users complaining
about our choice to enable systemd-resolved, and there are a lot of
them.

noah

More information about the Pkg-systemd-maintainers mailing list