At the very least, this behavior is awkward because it means installing bind9 on a machine will immediately break nameservice until it's configured, even if the admin *knows* that this configuration is needed and is planning to address it ASAP.
So I think bind9 should probably not inject itself into resolvconf by default.
I also think the cert lab should probably fix its install tests to not pull in an unconfigured bind9 server while testing.
At the very least, this behavior is awkward because it means installing bind9 on a machine will immediately break nameservice until it's configured, even if the admin *knows* that this configuration is needed and is planning to address it ASAP.
So I think bind9 should probably not inject itself into resolvconf by default.
I also think the cert lab should probably fix its install tests to not pull in an unconfigured bind9 server while testing.