]] Don Armstrong > On Tue, 02 Jul 2013, Tollef Fog Heen wrote: > > Automatic processes overwrite explicit admin setups. > > If /etc/resolv.conf is a symlink to somewhere else, then it's > appropriate for automatic processes to override it by writing to > "somewhere else". If it's not a symlink, then it shouldn't be > overridden.
Does that mean it's an RC bug for any non-manual process to overwrite it? I'd be happy to file bugs. > > It seems resolvconf wants to get its name servers from > > /etc/network/interfaces? > > Resolvconf can get its nameservers from anywhere that calls > > echo 'namserver information'|resolvconf -a interface.program; If I do that by hand, that information will never ever be overwritten by dhclient, NM, openvpn or tools, and it persists through reboots? > > Also, I don't think updating files in /etc at runtime is a sensible > > idea, it should be possible to run with / read-only if you want to. > > Yes, which is exactly why resolvconf doesn't update /etc during normal > operation. Ok, good, that's different from the behaviour I've seen in the past, but if that's fixd, that's great. > > I specified that: settings are overridden, the file in /run is not > > masked. Whether you want to append the nameserver list or override the > > one from /run should probably be specified. I'd say override, since > > appending can easily lead to security breaches. > > The only difference here between using resolvconf and this setup is that > instead of having the configuration be specified in the /etc/resolv.conf > file or symlink, it's specified in the resolver. Not sure what you eman by «resolver»? (To me, that's the C code inside glibc that does the actual lookup, which doesn't really fit what you're describing.) -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/m27gh87bmk....@rahvafeir.err.no
