Web lists-archives.com

Re: Network config




On Wed, Aug 02, 2017 at 08:10:23PM +0200, Pascal Hambourg wrote:
> Le 02/08/2017 à 16:19, Greg Wooledge a écrit :
> > 
> > 1) Make sure the Debian "resolvconf" package is *not* installed.
> 
> You should reconsider this advice. resolvconf may be your best ally to
> handle such a situation.

OK, I've scanned
<https://manpages.debian.org/stretch/openresolv/resolvconf.8.en.html> and
<https://manpages.debian.org/stretch/openresolv/resolvconf.conf.5.en.html>.

Looks complicated, with lots of specialized words being thrown around
but not defined.

E.g. resolvconf(8) says "In some situations resolvconf needs to act as
a deterrent to writing to /etc/resolv.conf. Where this file cannot be
made immutable or you just need to toggle this behaviour, resolvconf
can be disabled by adding resolvconf=NO to resolvconf.conf(5)."

Looks promising, eh?  But then resolvconf.conf(5) says "Set to NO to
disable resolvconf from running any subscribers. Defaults to YES."

What is a "subscriber"?  Definitely not defined in (8).  There's a section
called "SUBSCRIBER OPTIONS" in (5) but it still doesn't explain what they
are.

Back to (8), it says "Where this file cannot be made immutable".  Is it
*admitting* that making the file immutable is the preferred solution, and
resolvconf is just a backup plan?  That's what I'm getting out of it.

I don't see the advantage of installing a package and configuring it
in order to make it do *nothing*, when I can achieve the same thing
by making the resolv.conf file immutable.  (On Linux.)

Don't get me wrong; I'm sure there is a genuine need for resolvconf
and all this complexity on some systems.  Especially systems that are
designed to be moved around, dynamically connecting and disconnecting
various wireless networks, instantiating and decommissioning VPN sessions,
and so on.

But for a great many *other* systems, we just want to be able edit the
resolv.conf file by hand and have our changes *stay* there, untouched.
We know what we are doing, and the DHCP server is not under our direct
control, and we just need to make the DHCP client keep its hands OFF
the god damned file.

It should *not* be this hard to be allowed to edit a three line text
file that has been in common use across every Unix-like operating system
for decades.

Nevertheless, if someone can definitively state that the following
is true:

   "If you install resolvconf and then do:
      echo resolvconf=NO >> /etc/resolvconf.conf
    no Debian package will ever modify your /etc/resolv.conf again."

then I will be glad to accept it as yet another alternative solution
for some users/systems.