On Tuesday 26 September 2017 13:51:33 David Wright wrote: > On Mon 25 Sep 2017 at 17:32:28 (-0400), Gene Heskett wrote: > > > On Mon, Sep 25, 2017 at 11:33:50AM -0400, Gene Heskett wrote: > > > > For me, its a root session, and a "chattr +i resolv.conf" > > > > If for some reason you need to edit it later, you'll have to use > > > > the -i argument first. As long as that +i bit is set, its > > > > protected from everything but a mke2fs. > > > > Unforch, this isn't /root stuffs, but /etc stuffs. And it works. > > And I could care less how disappointed n-m or dhcpd is. Or even > > resolvconf itself. Particularly when its as buggy as a 10 day old > > road kill in August. > > > > Yes, there is a place for dhcp, but its for sure not on a home, > > small number of machines network thats all static. > > I don't recognise this as a very frequent use case nowadays, with > so many laptops etc.
Probably true, but the lappy I bought for while I was out playing consultant after I retired, which put me in a motel or the owner guest house for months at a time for several years, is now quite aged and hasn't been powered up in several months for anything but updates to its mint 15 install. So I could be the exception to that "rule". > So for simplicity, I configure my laptops and > desktops alike, with wicd, dhcp and resolvconf. I put hostnames, MACs, > and static nameservers' addresses into the "cheap plastic > consumer-grade router" (which has no DNS server) because that doesn't > travel anywhere, And in turn that cheap plastic consumer grade router no doubt has an NSA back door clear into the smallest machine on your network. My router is a plastic buffalo netfinity, paid about $70 for it and it has been reflashed with the real dd-wrt, not the version that it came with, which among many other features has a dhcp client to get its address from my isp, but it also has a server that can if configured to do so, hand out 200 some leases. It also has no back doors for the NSA, and in 15 years of running dd-wrt on 3 different pieces of hardware, has had only one person come thru it and I gave him the username and pw to do so. Lots of features I don't enable are there. Port forwarding is one, you can see my web page (in the sig) which I run in a sandbox on this machine. > and /etc/hosts looks after LAN addresses. And if I > want to do fast bulk transfers between machines in the same room, > I connect a cat5 cable and use the IPv6 addresses to avoid disturbing > the normal networking through the router. I'll have to plead ipv6 ignorance as the nearest outside ipv6 is at least 100 miles away from me. My questions as to how to enable it between the 10 or so ipv4 addresses available here if everything is booted up, have been ignored. I don't know if the first of two switches I have here even passes it, and haven't seen a "getting started with ipv6 for dummies" tutorial, if it even exists. I suspect it will arrive here after I've not made morning roll call for several years. So like a jar of pickles I found while cleaning out the veggie drawer today, its been shoved to the back of the bottom shelf. :) But you should get yourself a real router, and reflash it with some real router firmware, dd-wrt, tomato or one of the other lesser known router firmwares. dd-wrt is bulletproof to the point I don't run iptables or its ilk on the machines of my local network. Don't need it. > Cheers, > David. You too, David. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>