On Tue, 02 Jul 2013, Tollef Fog Heen wrote: > Automatic processes overwrite explicit admin setups.
If /etc/resolv.conf is a symlink to somewhere else, then it's appropriate for automatic processes to override it by writing to "somewhere else". If it's not a symlink, then it shouldn't be overridden. > It seems resolvconf wants to get its name servers from > /etc/network/interfaces? Resolvconf can get its nameservers from anywhere that calls echo 'namserver information'|resolvconf -a interface.program; > Also, I don't think updating files in /etc at runtime is a sensible > idea, it should be possible to run with / read-only if you want to. Yes, which is exactly why resolvconf doesn't update /etc during normal operation. > I specified that: settings are overridden, the file in /run is not > masked. Whether you want to append the nameserver list or override the > one from /run should probably be specified. I'd say override, since > appending can easily lead to security breaches. The only difference here between using resolvconf and this setup is that instead of having the configuration be specified in the /etc/resolv.conf file or symlink, it's specified in the resolver. > In that case, feel free to provide a framework for packages to > coordinate updates to /run/resolv.conf and have stacking and whatnot. > (They could write to /run/resolv.conf.d/$num_$basename and resolvconf > or a similar tool could build a /run/resolv.conf from that.) This is already what resolvconf does. It has information on interface primacy (/etc/resolvconf/interface order), knows how many nameservers it is useful to have in /etc/resolv.conf. -- Don Armstrong http://www.donarmstrong.com This message brought to you by weapons of mass destruction related program activities, and the letter G. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130702182805.ga12...@teltox.donarmstrong.com
