On Mon 25 Sep 2017 at 18:41:33 (-0400), Gene Heskett wrote:
> On Monday 25 September 2017 13:53:17 Greg Wooledge wrote:
>
> > On Mon, Sep 25, 2017 at 07:32:05PM +0200, Pascal Hambourg wrote:
> > > Le 25/09/2017 à 17:33, Gene Heskett a écrit :
> > > > For me, its a root session, and a "chattr +i resolv.conf"
> > >
> > > Here we have a saying that roughly translates to :
> > > "When you have a hammer, any problem looks like a nail."
> >
> > No. Seriously, just stop.
> >
> > Those of us who have done chattr +i on one or more systems have, in
> > many cases, TRIED OTHER SOLUTIONS first and found them wanting.
> >
> > Take me for example.
> >
> > At work, I edited /etc/dhcp/dhclient.conf and removed the options that
> > tell dhclient to ask for domain-name-servers (et al.). This works
> > fine for me at work. The DHCP servers at work respect my wish not to
> > be given a domain-name-server, so dhclient never touches resolv.conf
> > and everyone is happy.
> >
> > Then I tried the same thing at home.
> >
> > The results were NOT the same.
> >
> > The Belkin plastic router at home sends me a domain-name-server even
> > if I do not ask for one. And dhclient apparently overwrites
> > resolv.conf every time it receives a domain-name-server from the DHCP
> > server.
> >
> > EVEN IF IT DID NOT REQUEST ONE.
> >
> > So, the solution that I used at work does not work at home.
> >
> > You know what DOES work, though?
> >
> > chattr +i works.
> >
> > Do I prefer this solution? No.
> >
> > Would I be happier if I could use a more elegant solution? Yes.
> >
> > Should the dhclient program have a CONFIG FILE OPTION to say
> > "NEVER TOUCH THE resolv.conf FILE"? YES!
> >
> > Does it? NO!
> >
> > Do I expect it ever to have one in the future? BWA-hahahaha! No.
> >
> > So we use what works, because the other choices don't fucking work.
> >
> > This is not about lack of creativity.
> >
> > It is not about being too blind or ignorant or stubborn to use the
> > other solutions. ("Everything looks like a nail.")
> >
> > This is about the other soluttions NOT WORKING.
> >
> > It is about ISC being too blind or ignorant or stubborn to consider
> > that many people run the DHCP client software WITHOUT being the ones
> > in charge of the DHCP server on the same network.
> >
> > Or, not considering that many people use cheap plastic consumer-grade
> > routers that don't behave the same way the ISC DHCP server behaves.
> >
> > Am I getting through yet?
>
> I am with Greg on this one. And I HAVE tried everything the man pages
> tell me, and it does NOT work, so I do what DOES WORK. Someday, maybe
> dhcpd will be smart enough to actually do what we tell it to do.
>
> But that day hasn't even shown a cloud of dust on the time horizon I can
> see from a 83 yo in <2 weeks viewpoint.
>
> Because all you so-called experts THINK it works ok the way it is, we
> get badmouthed and called idiots. Bad dog, no biscuit, not even the
> smell of one in an all static network situation.
Well sometimes I wonder if we're using different tools, so I always
treat your fixes with a great deal of salt. For example, I could
bypass the partitioner in the Debian-installer, I couldn't make
aptitude destroy my system by removing lots of packages without
explicitly being told to, and I couldn't make # passwd demand
the old password, to name a few examples.
On this topic, I still can't understand the contents of your
immutable /etc/resolv.conf file, even without the comma:
nameserver 192.168.XX.1
search host dns
domain coyote.den
Can you detail these domains called host and dns?
Cheers,
David.
