Manage value of SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME

systemd version v258 >= (e.g EL10) now synthesizes the resolution
of the local hostname by default.

Under certain circumstances it is useful to disable this feature.

Setting the parameter `resolved_synthesize_hostname` to false will
disable localhost hostname synthesis.

https://github.com/systemd/systemd/blob/f784a63cfad6a5425af2ebc02a1f9effec4fd079/docs/ENVIRONMENT.md?plain=1#L388C5-L388C41

Author: traylenator

REFERENCE.md

@@ -205,6 +205,7 @@ The following parameters are available in the `systemd` class:
 * [`resolved_ensure`](#-systemd--resolved_ensure)
 * [`resolved_package`](#-systemd--resolved_package)
 * [`resolved_libraries`](#-systemd--resolved_libraries)
+* [`resolved_synthesize_hostname`](#-systemd--resolved_synthesize_hostname)
 * [`manage_nspawn`](#-systemd--manage_nspawn)
 * [`nspawn_package`](#-systemd--nspawn_package)
 * [`dns`](#-systemd--dns)
@@ -351,6 +352,14 @@ List of library packages needed for systemd-resolved.
 
 Default value: `[]`
 
+##### <a name="-systemd--resolved_synthesize_hostname"></a>`resolved_synthesize_hostname`
+
+Data type: `Optional[Boolean]`
+
+Control if the hostname lookup via systemd should be synthesized.
+
+Default value: `undef`
+
 ##### <a name="-systemd--manage_nspawn"></a>`manage_nspawn`
 
 Data type: `Boolean`

manifests/init.pp

@@ -34,6 +34,9 @@
 # @param resolved_libraries
 #   List of library packages needed for systemd-resolved.
 #
+# @param resolved_synthesize_hostname
+#   Control if the hostname lookup via systemd should be synthesized.
+#
 # @param manage_nspawn
 #   Manage the systemd-nspawn@service and machinectl subsystem.
 #
@@ -265,6 +268,7 @@
   Optional[Enum['systemd-resolved']]                  $resolved_package = undef,
   Array[String[1]]                                    $resolved_libraries = [],
   Enum['stopped','running']                           $resolved_ensure = 'running',
+  Optional[Boolean]                                   $resolved_synthesize_hostname = undef,
   Optional[Variant[Array[String],String]]             $dns = undef,
   Optional[Variant[Array[String],String]]             $fallback_dns = undef,
   Optional[Variant[Array[String],String]]             $domains = undef,

manifests/resolved.pp

@@ -48,6 +48,9 @@
 #   Takes a boolean argument. When "false" (default) it uses /run/systemd/resolve/resolv.conf
 #   as /etc/resolv.conf. When "true", it uses /run/systemd/resolve/stub-resolv.conf
 #
+# @param resolved_synthesize_hostname
+#   Should systemd-resolved synthesize the lookup of the hostname
+#
 class systemd::resolved (
   Enum['stopped','running'] $ensure                                  = $systemd::resolved_ensure,
   Optional[Variant[Array[String],String]] $dns                       = $systemd::dns,
@@ -61,6 +64,7 @@
   Optional[Variant[Boolean,Enum['udp', 'tcp','absent']]] $dns_stub_listener = $systemd::dns_stub_listener,
   Optional[Variant[Array[String[1]],Enum['absent']]] $dns_stub_listener_extra = $systemd::dns_stub_listener_extra,
   Boolean $use_stub_resolver                                         = $systemd::use_stub_resolver,
+  Optional[Boolean] $resolved_synthesize_hostname                    = $systemd::resolved_synthesize_hostname,
 ) {
   assert_private()
 
@@ -99,6 +103,21 @@
     }
   }
 
+  $_syn_ensure = $resolved_synthesize_hostname ? {
+    Boolean => 'present',
+    default => 'absent',
+  }
+  $_syn_service = $resolved_synthesize_hostname ? {
+    Boolean => { 'Environment' => "SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME=${bool2str($resolved_synthesize_hostname,'1','0')}" },
+    default => undef,
+  }
+  systemd::manage_dropin { 'synthesize_hostname.conf':
+    ensure         => $_syn_ensure,
+    unit           => 'systemd-resolved.service',
+    service_entry  => $_syn_service,
+    notify_service => true,
+  }
+
   if $dns {
     if $dns =~ String {
       $_dns = $dns

spec/classes/init_spec.rb

@@ -40,11 +40,13 @@
           it { is_expected.to create_service('systemd-networkd').with_ensure('running') }
           it { is_expected.to create_service('systemd-networkd').with_enable(true) }
           it { is_expected.not_to contain_file('/etc/systemd/network') }
+          it { is_expected.to contain_systemd__manage_dropin('synthesize_hostname.conf').with_ensure('absent') }
 
           if facts[:os]['family'] == 'RedHat'
             it { is_expected.to contain_package('systemd-networkd') }
           else
             it { is_expected.not_to contain_package('systemd-networkd') }
+
           end
 
           if (facts[:os]['family'] == 'RedHat' && facts[:os]['release']['major'] != '8') || (facts[:os]['name'] == 'Debian' && facts[:os]['release']['major'].to_i >= 12) || (facts[:os]['name'] == 'Ubuntu' && facts[:os]['release']['major'].to_i >= 24)
@@ -259,6 +261,43 @@
           }
         end
 
+        context 'when resolved_synthesize_hostname true' do
+          let(:params) do
+            {
+              manage_resolved: true,
+              resolved_synthesize_hostname: true,
+            }
+          end
+
+          it {
+            is_expected.to contain_systemd__manage_dropin('synthesize_hostname.conf').with(
+              {
+                ensure: 'present',
+                service_entry: { 'Environment' => 'SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME=1' },
+              }
+            )
+          }
+        end
+
+        context 'when resolved_synthesize_hostname false' do
+          let(:params) do
+            {
+              manage_resolved: true,
+              resolved_synthesize_hostname: false,
+            }
+          end
+
+          it {
+            is_expected.to contain_systemd__manage_dropin('synthesize_hostname.conf').with(
+              {
+                ensure: 'present',
+                unit: 'systemd-resolved.service',
+                service_entry: { 'Environment' => 'SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME=0' },
+              }
+            )
+          }
+        end
+
         context 'with alternate target' do
           let(:params) do
             {