On Wed, Aug 02, 2017 at 02:55:50PM -0400, Greg Wooledge wrote: > On Wed, Aug 02, 2017 at 08:10:23PM +0200, Pascal Hambourg wrote: > > Le 02/08/2017 à 16:19, Greg Wooledge a écrit : > > > > > > 1) Make sure the Debian "resolvconf" package is *not* installed. > > > > You should reconsider this advice. resolvconf may be your best ally to > > handle such a situation. > > OK, I've scanned > <https://manpages.debian.org/stretch/openresolv/resolvconf.8.en.html> and > <https://manpages.debian.org/stretch/openresolv/resolvconf.conf.5.en.html>. > > Looks complicated, with lots of specialized words being thrown around > but not defined. > > E.g. resolvconf(8) says "In some situations resolvconf needs to act as > a deterrent to writing to /etc/resolv.conf. Where this file cannot be > made immutable or you just need to toggle this behaviour, resolvconf > can be disabled by adding resolvconf=NO to resolvconf.conf(5)." > > Looks promising, eh? But then resolvconf.conf(5) says "Set to NO to > disable resolvconf from running any subscribers. Defaults to YES." > > What is a "subscriber"? Definitely not defined in (8). There's a section > called "SUBSCRIBER OPTIONS" in (5) but it still doesn't explain what they > are. > > Back to (8), it says "Where this file cannot be made immutable". Is it > *admitting*
To be precise, "implying" is perhaps accurate. > that making the file immutable is the preferred solution, and > resolvconf is just a backup plan? That's what I'm getting out of it. Perhaps in certain scenarios, yes - the world's full of wierd networks :) > I don't see the advantage of installing a package and configuring it > in order to make it do *nothing*, when I can achieve the same thing > by making the resolv.conf file immutable. (On Linux.) > > Don't get me wrong; I'm sure there is a genuine need for resolvconf > and all this complexity on some systems. Especially systems that are > designed to be moved around, dynamically connecting and disconnecting > various wireless networks, instantiating and decommissioning VPN sessions, > and so on. > > But for a great many *other* systems, we just want to be able edit the > resolv.conf file by hand and have our changes *stay* there, untouched. > We know what we are doing, and the DHCP server is not under our direct > control, and we just need to make the DHCP client keep its hands OFF > the god damned file. If you're wanting a static resolv.conf, are you manually running dhclient, or using /etc/network/interfaces ? I.e. is this a one-shot scenario, or a "static" config situation? > It should *not* be this hard to be allowed to edit a three line text > file that has been in common use across every Unix-like operating system > for decades. > > Nevertheless, if someone can definitively state that the following > is true: > > "If you install resolvconf and then do: > echo resolvconf=NO >> /etc/resolvconf.conf > no Debian package will ever modify your /etc/resolv.conf again." > > then I will be glad to accept it as yet another alternative solution > for some users/systems. I'm not that knowledgeable, but dhclient is listen in the resolvconf man page as a "^SUPPLIERS OF NAMESERVER INFORMATION"... so appears to be intended to work together. Have you tried also reading man dhclient.conf ? Good luck,