@chandradeepdey It is impossible to say which systems/users are using systemd-resolved. I think there are many, and you can't assume that they want to adjust their system (resolve) settings just for Brave.
Search Criteria
Package Details: brave-bin 1:1.73.91-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/brave-bin.git (read-only, click to copy) |
|---|---|
| Package Base: | brave-bin |
| Description: | Web browser that blocks ads and trackers by default (binary release) |
| Upstream URL: | https://brave.com |
| Keywords: | brave browser |
| Licenses: | BSD, MPL2, custom:chromium |
| Conflicts: | brave |
| Provides: | brave, brave-browser |
| Submitter: | toropisco |
| Maintainer: | alerque (alosarjos) |
| Last Packager: | alosarjos |
| Votes: | 823 |
| Popularity: | 20.30 |
| First Submitted: | 2016-04-06 13:16 (UTC) |
| Last Updated: | 2024-11-20 18:19 (UTC) |
Dependencies (8)
- alsa-lib
- gtk3 (gtk3-no_deadkeys_underlineAUR, gtk3-classicAUR, gtk3-classic-xfceAUR, gtk3-patched-filechooser-icon-viewAUR)
- libxss
- nss (nss-hgAUR)
- ttf-font (neuropol-ttfAUR, ttf-win7-fontsAUR, ttf-ms-win8AUR, ttf-ms-win8-arabicAUR, ttf-ms-win8-hebrewAUR, ttf-ms-win8-seaAUR, ttf-ms-win8-indicAUR, ttf-ms-win8-japaneseAUR, ttf-ms-win8-koreanAUR, ttf-ms-win8-zh_cnAUR, ttf-ms-win8-zh_twAUR, ttf-ms-win8-thaiAUR, ttf-ms-win8-otherAUR, ttf-kidsAUR, ttf-liberation-sans-narrowAUR, ttf-cavafy-scriptAUR, ttf-ms-fontsAUR, ttf-dejavu-ibAUR, ttf-zeldaAUR, ttf-oxygenAUR, ttf-oxygen-gfAUR, ttf-share-gfAUR, ttf-gostAUR, otf-inconsolata-dzAUR, ttf-d2codingAUR, ttf-agaveAUR, ttf-caracteresAUR, ttf-cuprumAUR, ttf-autour-oneAUR, ttf-impallari-milongaAUR, ttf-impallari-miltonianAUR, ttf-clarity-cityAUR, ttf-ms-win10AUR, ttf-ms-win10-japaneseAUR, ttf-ms-win10-koreanAUR, ttf-ms-win10-seaAUR, ttf-ms-win10-thaiAUR, ttf-ms-win10-zh_cnAUR, ttf-ms-win10-zh_twAUR, ttf-ms-win10-otherAUR, ttf-win10AUR, ttf-bmonoAUR, ttf-pt-astra-factAUR, ttf-weblysleekuiAUR, ttf-pt-astra-sansAUR, ttf-pt-astra-serifAUR, ttf-pt-sansAUR, ttf-pt-serifAUR, ttf-pt-monoAUR, ttf-pt-root_uiAUR, ttf-xo-fontsAUR, noto-fonts-liteAUR, ttf-paratypeAUR, ttf-plemoljp-binAUR, ttf-dejavu-emojilessAUR, noto-fonts-variable-liteAUR, ttf-lucida-fontsAUR, ttf-plemoljpAUR, ttf-juiseeAUR, ttf-ms-win10-autoAUR, ttf-karlaAUR, noto-fonts-latin-greek-cyrillicAUR, apple-fontsAUR, ttf-noto-sans-vfAUR, ttf-noto-serif-vfAUR, ttf-noto-sans-mono-vfAUR, ttf-ms-win11AUR, ttf-ms-win11-japaneseAUR, ttf-ms-win11-koreanAUR, ttf-ms-win11-seaAUR, ttf-ms-win11-thaiAUR, ttf-ms-win11-zh_cnAUR, ttf-ms-win11-zh_twAUR, ttf-ms-win11-otherAUR, ttf-ms-win11-autoAUR, ttf-ms-win10-cdnAUR, gnu-free-fonts, noto-fonts, ttf-bitstream-vera, ttf-croscore, ttf-dejavu, ttf-droid, ttf-ibm-plex, ttf-input, ttf-input-nerd, ttf-liberation)
- cups (cups-gitAUR, cups-gssapiAUR) (optional) – Printer support
- libgnome-keyring (optional) – Enable GNOME keyring support
- libnotify (libnotify-gitAUR) (optional) – Native notification support
Required by (10)
- brave-extension-bitwarden-git (requires brave) (optional)
- chromium-material-icons-for-github-bin (requires brave) (optional)
- chromium-vencord (requires brave) (optional)
- chromium-vencord-bin (requires brave) (optional)
- chromium-vencord-git (requires brave) (optional)
- ice-ssb-git (requires brave) (optional)
- mermaid-cli-brave (requires brave)
- mermaid-cli-brave (requires brave) (make)
- nfauthenticationkey (requires brave) (optional)
- profile-sync-daemon-brave (requires brave) (optional)
Sources (4)
francoism90 commented on 2021-08-01 07:43 (UTC)
duhdugg commented on 2021-07-31 16:10 (UTC)
Fair points, @alosarjos. The package is appropriately flagged as out-of-date currently. I think most types of AUR users are covered.
chandradeepdey commented on 2021-07-31 16:09 (UTC) (edited on 2021-07-31 16:10 (UTC) by chandradeepdey)
@duhdugg oh lol. the workaround was known for 10 days and I found out today. @alosarjos ¯\_(ツ)_/¯
alosarjos commented on 2021-07-31 14:48 (UTC)
I'm not sure it's a good idea to update the package and then show a message telling users to review/alter their system settings to keep Brave working.
We are taking for granted that all Brave-bin users should know how to:
- Review their system settings to know if they are or not affected
- In case they are, modify those settings that have been working perfectly and still do for everything else
- Not only modify, but understand what those modifications mean
Asking people to change their working system settings because of a single package that will be fixed in a matter of days, doesn't sound good to me.
Instead asking the people with the technical skills to know if they can upgrade the package to simply use the provided PKGBUILD in the comments, is by far a safer solution.
Let's remember that there are a lot of user-friendly arch based distros out there where people is using AUR, without knowing even what DNS resolver they are using, and the probably don't even care as long as it works.
duhdugg commented on 2021-07-31 14:20 (UTC)
I confirmed the solution provided by @chandradeepdey on a fresh VM install with the archinstall script's default networking option selected (this is as close to a "default" configuration as possible, although most users are probably still used to configuring their network manually during install). Removing resolve [!UNAVAIL=return] from /etc/nsswitch.conf fixes the issue even with systemd-resolved running (no restart required). Someone in the chromium thread also pointed out that this is specific to a combination of systemd-resolved and libnss_resolve.
@chandradeepdey also brings up a good point regarding security. Given everything we know about this issue right now, I don't think the update should continue to be blocked. There should be a post_install function in this package which notifies users of the problem with resolved+libnss in the current version.
chandradeepdey commented on 2021-07-31 12:28 (UTC) (edited on 2021-07-31 12:29 (UTC) by chandradeepdey)
I think something as adversary facing as Chromium should not be blocked like this. Chromium 92 has multiple security issues fixed.
- As acknowledged here already,
systemd-resolvedis only used by a fraction of the userbase. - The issue can be easily worked around by removing
systemd-resolvedfrom/etc/nsswitch.confand setting it to something likehosts: mymachines files myhostname dns*.
*DNS resolution still happens via resolved, dns uses /etc/resolv.conf which (if symlinked correctly) contains the address of the systemd-resolved stub resolver. I had this idea because Ubuntu does not use the nss module by default and there is no issue there.
alosarjos commented on 2021-07-30 13:44 (UTC)
This is the issue I'm following at least:
https://bugs.chromium.org/p/chromium/issues/detail?id=1221442
Fix is merged into Chromium, but now we have to wait until next Chromium release (Which sould be next week), and then for a new Brave release based on this Chromium release. Which I hope we can get soon after.
For example the official Arch Chromium package has a couple of patches applied that can't be applied here.
Until that the update is frozen. You can update manually if you don't want to wait by using @duhdugg PKGBUILD: https://gist.github.com/duhdugg/3cb48d09b5f3c31adbc06c55efb466c8
francoism90 commented on 2021-07-30 10:37 (UTC)
Could you guys please link to these issues? :)
Th30 commented on 2021-07-29 15:04 (UTC)
@alerque: Indeed, I do not use systemd-resolved but Unbound.
Pinned Comments
alerque commented on 2021-11-27 03:11 (UTC)
@ant0n et all, lets keep the comments here about packaging issues, general Brave usage issues should go in another forum to not clutter up this comment space. I'm deleting comments that have no relation to packaging. Grey areas like crashes that could be blamed on Arch can stay until proven otherwise, but things like how to configure Brave to handle popups or site X or whatever just don't belong here. Thanks for understanding.