On Wed, Aug 02, 2017 at 08:10:23PM +0200, Pascal Hambourg wrote: > Le 02/08/2017 à 16:19, Greg Wooledge a écrit : > > > > 1) Make sure the Debian "resolvconf" package is *not* installed. > > You should reconsider this advice. resolvconf may be your best ally to > handle such a situation.
OK, I've scanned <https://manpages.debian.org/stretch/openresolv/resolvconf.8.en.html> and <https://manpages.debian.org/stretch/openresolv/resolvconf.conf.5.en.html>. Looks complicated, with lots of specialized words being thrown around but not defined. E.g. resolvconf(8) says "In some situations resolvconf needs to act as a deterrent to writing to /etc/resolv.conf. Where this file cannot be made immutable or you just need to toggle this behaviour, resolvconf can be disabled by adding resolvconf=NO to resolvconf.conf(5)." Looks promising, eh? But then resolvconf.conf(5) says "Set to NO to disable resolvconf from running any subscribers. Defaults to YES." What is a "subscriber"? Definitely not defined in (8). There's a section called "SUBSCRIBER OPTIONS" in (5) but it still doesn't explain what they are. Back to (8), it says "Where this file cannot be made immutable". Is it *admitting* that making the file immutable is the preferred solution, and resolvconf is just a backup plan? That's what I'm getting out of it. I don't see the advantage of installing a package and configuring it in order to make it do *nothing*, when I can achieve the same thing by making the resolv.conf file immutable. (On Linux.) Don't get me wrong; I'm sure there is a genuine need for resolvconf and all this complexity on some systems. Especially systems that are designed to be moved around, dynamically connecting and disconnecting various wireless networks, instantiating and decommissioning VPN sessions, and so on. But for a great many *other* systems, we just want to be able edit the resolv.conf file by hand and have our changes *stay* there, untouched. We know what we are doing, and the DHCP server is not under our direct control, and we just need to make the DHCP client keep its hands OFF the god damned file. It should *not* be this hard to be allowed to edit a three line text file that has been in common use across every Unix-like operating system for decades. Nevertheless, if someone can definitively state that the following is true: "If you install resolvconf and then do: echo resolvconf=NO >> /etc/resolvconf.conf no Debian package will ever modify your /etc/resolv.conf again." then I will be glad to accept it as yet another alternative solution for some users/systems.
