With the enhancement, by enabling the
systemd-resolved service by default, the GNU C Library (glibc) will perform name resolution using the
nss-resolve module rather than the
nss-dns module. Notable changes include:
systemd-resolvedprovides a system-level DNS cache that can substantially improve performance for applications that do not cache their own DNS results;
systemd-resolvedallows correct handling of split DNS scenarios such as when VPNs are in use;
/etc/resolv.confwill now be managed by systemd-resolved rather than by NetworkManager;
/etc/resolv.confwill no longer be read when performing name resolution using
glibc; however, it is still provided for compatibility with applications that manually read this file to perform name resolution;
/etc/resolv.confwill no longer work as expected.
Applications that use the Network Security Services (NSS) library often use a database for storing keys, certificates and trust. NSS supports two different storage formats:
Nowadays, NSS uses the SQLite file format by default and provides a transparent migration mechanism from
dbm to SQLite.
dbm file format has been deprecated since Fedora 28 due to various drawbacks, and from Fedora 33
dbm will not be supported.
This support removal will slightly reduce the size of the NSS library binary and the developers will be able to focus on the sole file format.