Description

ujust dns-selector will fail to enable DNSSEC and global DNS when a VPN connection is active.

Reproduce

run: ujust dns-selector, 3, 1. Output recieved:

Finished configuring DNS. DNS Resolver: 
Unbound DNSSEC: enabled 
Global DNS: enabled 
Global DNS servers:   
dns+tls://194.242.2.5#extended.dns.mullvad.net   dns+tls://[2a07:e340::5]#extended.dns.mullvad.net 
Trivalent DoH: enabled 
Trivalent DoH endpoint: https://extended.dns.mullvad.net/dns-query

, then run ujust audit-secureblue, DNSSEC and global DNS shows as not configured.

Expected

Ensuring system DNS resolution is secure ... [PASS]

Actual

Ensuring system DNS resolution is secure …………………………………………………………………………………………………………………… [ FAIL ] 
> Local DNSSEC validation is disabled. 
> Secure global DNS is not configured.

Image

silverblue-nvidia-open-hardened

Upstream

doesn't apply to upstream

Declaration

• I agree to follow this project's Code of Conduct.
• I declare that this is not a request for alternate community messaging or social platforms.
• I declare that I have read the secureblue website and my feature request is in-scope.