<Mic92>
todo so one needs to override stdenv with llvmStdenv and pass -fsanitize=address as compile option and ASAN_OPTIONS=detect_leaks=1 as environment variabl
<andi->
IIRC GCC also supports that these days
<andi->
I've been using that for a bunch of local C-"scripts"
<Mic92>
Not sure if it also supports the leak detector though
<Mic92>
DNS over tls is not new, but hostname-based certificates are.
<Mic92>
One thing I noticed at some point that it would degrade itself to UDP also I set `DNSOverTLS=yes`. This is not so great.
<andi->
Yeah, I wish that thing would be in a better shape. I fear upstream is just not as invested in DNS as in i.e. service management. Looking at how little networkd contributions (and review "knowledge") in the domain they have :'(
<andi->
Once I am done with systemd-networkd and IPv6 PD I wanted to investigate resolved since I hate to keep it calling systemd-hobby-resolved due to all the issues I do encounter when trying to use it.
<Mic92>
I might be able to debug this downgrade issue.
<andi->
have you played with OpenBSD's unwind? The system integration there felt actually really on point
<hexa->
from my experience with resolved it can downgrade itself into nothingness, especially if features like DoT or DNSSEC are used
<hexa->
I wouldn't use that thing on anything production grade
<Mic92>
andi-: mhm. unwind also seems to fallback to dhcp-acquired resolvers. I don't need that I can use captive-browser to solve wifi portoals
<Mic92>
*portals
<Mic92>
I am also not sure about the semantics when network is not reachable. Right now applications believe the domain not exists if local resolver fail
<Mic92>
I am actually not concerned about dnssec as my own kresd on my server already does dnssec
<arianvp>
Fedora CoreOS is using Networkmanager
<arianvp>
Instead of networkd and resolved
<arianvp>
I guess for similar reasons? Not stable enough yet
globin has quit [Remote host closed the connection]