Merging upstream version 4.23.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 39 insertions, 3 deletions

diff --git a/upstream/opensuse-tumbleweed/man5/resolved.conf.5 b/upstream/opensuse-tumbleweed/man5/resolved.conf.5
index c98e4082..6c9bfff3 100644
--- a/upstream/opensuse-tumbleweed/man5/resolved.conf.5
+++ b/upstream/opensuse-tumbleweed/man5/resolved.conf.5
@@ -1,5 +1,5 @@
 '\" t
-.TH "RESOLVED\&.CONF" "5" "" "systemd 254" "resolved.conf"
+.TH "RESOLVED\&.CONF" "5" "" "systemd 255" "resolved.conf"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -83,6 +83,8 @@ for IPv6\&. DNS requests are sent to one of the listed DNS servers in parallel t
 or set at runtime by external applications\&. For compatibility reasons, if this setting is not specified, the DNS servers listed in
 /etc/resolv\&.conf
 are used instead, if that file exists and any servers are configured in it\&. This setting defaults to the empty list\&.
+.sp
+Added in version 213\&.
 .RE
 .PP
 \fIFallbackDNS=\fR
@@ -95,6 +97,8 @@ take precedence over this setting, as do any servers set via
 \fIDNS=\fR
 above or
 /etc/resolv\&.conf\&. This setting is hence only used if no other DNS server information is known\&. If this option is not given, a compiled\-in list of DNS servers is used instead\&.
+.sp
+Added in version 216\&.
 .RE
 .PP
 \fIDomains=\fR
@@ -132,6 +136,14 @@ to indicate the DNS root domain that is the implied suffix of all DNS domains) t
 See "Protocols and Routing" in
 \fBsystemd-resolved.service\fR(8)
 for details of how search and route\-only domains are used\&.
+.sp
+Note that configuring the MulticastDNS domain
+"local"
+as search or routing domain has the effect of routing lookups for this domain to classic unicast DNS\&. This may be used to provide compatibility with legacy installations that use this domain in a unicast DNS context, against the IANA assignment of this domain to pure MulticastDNS purposes\&. Search and routing domains are a unicast DNS concept, they
+\fIcannot\fR
+be used to resolve single\-label lookups via MulticastDNS\&.
+.sp
+Added in version 229\&.
 .RE
 .PP
 \fILLMNR=\fR
@@ -141,6 +153,8 @@ Takes a boolean argument or
 "resolve", only resolution support is enabled, but responding is disabled\&. Note that
 \fBsystemd-networkd.service\fR(8)
 also maintains per\-link LLMNR settings\&. LLMNR will be enabled on a link only if the per\-link and the global setting is on\&.
+.sp
+Added in version 216\&.
 .RE
 .PP
 \fIMulticastDNS=\fR
@@ -150,6 +164,8 @@ Takes a boolean argument or
 "resolve", only resolution support is enabled, but responding is disabled\&. Note that
 \fBsystemd-networkd.service\fR(8)
 also maintains per\-link Multicast DNS settings\&. Multicast DNS will be enabled on a link only if the per\-link and the global setting is on\&.
+.sp
+Added in version 234\&.
 .RE
 .PP
 \fIDNSSEC=\fR
@@ -196,6 +212,8 @@ mode is selected, it is attempted to detect site\-private DNS zones using top\-l
 .sp
 Defaults to
 "no"\&.
+.sp
+Added in version 229\&.
 .RE
 .PP
 \fIDNSOverTLS=\fR
@@ -229,6 +247,8 @@ setting is in effect\&. For per\-link DNS servers the per\-link setting is in ef
 .sp
 Defaults to
 "no"\&.
+.sp
+Added in version 239\&.
 .RE
 .PP
 \fICache=\fR
@@ -243,6 +263,8 @@ as argument\&. If
 Note that caching is turned off by default for host\-local DNS servers\&. See
 \fICacheFromLocalhost=\fR
 for details\&.
+.sp
+Added in version 231\&.
 .RE
 .PP
 \fICacheFromLocalhost=\fR
@@ -250,6 +272,8 @@ for details\&.
 Takes a boolean as argument\&. If
 "no"
 (the default), and response cames from host\-local IP address (such as 127\&.0\&.0\&.1 or ::1), the result wouldn\*(Aqt be cached in order to avoid potential duplicate local caching\&.
+.sp
+Added in version 248\&.
 .RE
 .PP
 \fIDNSStubListener=\fR
@@ -267,6 +291,8 @@ and
 The DNS stub resolver on 127\&.0\&.0\&.53 provides the full feature set of the local resolver, which includes offering LLMNR/MulticastDNS resolution\&. The DNS stub resolver on 127\&.0\&.0\&.54 provides a more limited resolver, that operates in "proxy" mode only, i\&.e\&. it will pass most DNS messages relatively unmodified to the current upstream DNS servers and back, but not try to process the messages locally, and hence does not validate DNSSEC, or offer up LLMNR/MulticastDNS\&. (It will translate to DNS\-over\-TLS communication if needed however\&.)
 .sp
 Note that the DNS stub listener is turned off implicitly when its listening address and port are already in use\&.
+.sp
+Added in version 232\&.
 .RE
 .PP
 \fIDNSStubListenerExtra=\fR
@@ -299,6 +325,7 @@ DNSStubListenerExtra=udp:[2001:db8:0:f102::13]:9953
 .RE
 .\}
 .sp
+Added in version 247\&.
 .RE
 .PP
 \fIReadEtcHosts=\fR
@@ -309,6 +336,8 @@ Takes a boolean argument\&. If
 \fBsystemd\-resolved\fR
 will read
 /etc/hosts, and try to resolve hosts or address by using the entries in the file before sending query to DNS servers\&.
+.sp
+Added in version 240\&.
 .RE
 .PP
 \fIResolveUnicastSingleLabel=\fR
@@ -323,15 +352,22 @@ above), or using other mechanisms, in particular via LLMNR or from
 This option is provided for compatibility with configurations where
 \fIpublic DNS servers are not used\fR\&. Forwarding single\-label names to servers not under your control is not standard\-conformant, see
 \m[blue]\fBIAB Statement\fR\m[]\&\s-2\u[3]\d\s+2, and may create a privacy and security risk\&.
+.sp
+Added in version 246\&.
 .RE
 .PP
 StaleRetentionSec=\fISECONDS\fR
 .RS 4
 Takes a duration value, which determines the length of time DNS resource records can be retained in the cache beyond their Time To Live (TTL)\&. This allows these records to be returned as stale records\&. By default, this value is set to zero, meaning that DNS resource records are not stored in the cache after their TTL expires\&.
 .sp
-This is useful when a DNS server failure occurs or becomes unreachable\&. In such cases, systemd\-resolved continues to use the stale records to answer DNS queries, particularly when no valid response can be obtained from the upstream DNS servers\&. However, this doesn\*(Aqt apply to NXDOMAIN responses, as those are still perfectly valid responses\&. This feature enhances resilience against DNS infrastructure failures and outages\&.
+This is useful when a DNS server failure occurs or becomes unreachable\&. In such cases,
+\fBsystemd-resolved\fR(8)
+continues to use the stale records to answer DNS queries, particularly when no valid response can be obtained from the upstream DNS servers\&. However, this doesn\*(Aqt apply to NXDOMAIN responses, as those are still perfectly valid responses\&. This feature enhances resilience against DNS infrastructure failures and outages\&.
+.sp
+\fBsystemd\-resolved\fR
+always attempts to reach the upstream DNS servers first, before providing the client application with any stale data\&. If this feature is enabled, cache will not be flushed when changing servers\&.
 .sp
-systemd\-resolved always attempts to reach the upstream DNS servers first, before providing the client application with any stale data\&. If this feature is enabled, cache will not be flushed when changing servers\&.
+Added in version 254\&.
 .RE
 .SH "SEE ALSO"
 .PP