Web lists-archives.com

Re: Network config




On Wed, Aug 02, 2017 at 02:55:50PM -0400, Greg Wooledge wrote:
> On Wed, Aug 02, 2017 at 08:10:23PM +0200, Pascal Hambourg wrote:
> > Le 02/08/2017 à 16:19, Greg Wooledge a écrit :
> > > 
> > > 1) Make sure the Debian "resolvconf" package is *not* installed.
> > 
> > You should reconsider this advice. resolvconf may be your best ally to
> > handle such a situation.
> 
> OK, I've scanned
> <https://manpages.debian.org/stretch/openresolv/resolvconf.8.en.html> and
> <https://manpages.debian.org/stretch/openresolv/resolvconf.conf.5.en.html>.
> 
> Looks complicated, with lots of specialized words being thrown around
> but not defined.
> 
> E.g. resolvconf(8) says "In some situations resolvconf needs to act as
> a deterrent to writing to /etc/resolv.conf. Where this file cannot be
> made immutable or you just need to toggle this behaviour, resolvconf
> can be disabled by adding resolvconf=NO to resolvconf.conf(5)."
> 
> Looks promising, eh?  But then resolvconf.conf(5) says "Set to NO to
> disable resolvconf from running any subscribers. Defaults to YES."
> 
> What is a "subscriber"?  Definitely not defined in (8).  There's a section
> called "SUBSCRIBER OPTIONS" in (5) but it still doesn't explain what they
> are.
> 
> Back to (8), it says "Where this file cannot be made immutable".  Is it
> *admitting*

To be precise, "implying" is perhaps accurate.


> that making the file immutable is the preferred solution, and
> resolvconf is just a backup plan?  That's what I'm getting out of it.

Perhaps in certain scenarios, yes - the world's full of wierd
networks :)

> I don't see the advantage of installing a package and configuring it
> in order to make it do *nothing*, when I can achieve the same thing
> by making the resolv.conf file immutable.  (On Linux.)
> 
> Don't get me wrong; I'm sure there is a genuine need for resolvconf
> and all this complexity on some systems.  Especially systems that are
> designed to be moved around, dynamically connecting and disconnecting
> various wireless networks, instantiating and decommissioning VPN sessions,
> and so on.
> 
> But for a great many *other* systems, we just want to be able edit the
> resolv.conf file by hand and have our changes *stay* there, untouched.
> We know what we are doing, and the DHCP server is not under our direct
> control, and we just need to make the DHCP client keep its hands OFF
> the god damned file.

If you're wanting a static resolv.conf, are you manually
running dhclient, or using /etc/network/interfaces ?

I.e. is this a one-shot scenario, or a "static" config situation?

> It should *not* be this hard to be allowed to edit a three line text
> file that has been in common use across every Unix-like operating system
> for decades.
> 
> Nevertheless, if someone can definitively state that the following
> is true:
> 
>    "If you install resolvconf and then do:
>       echo resolvconf=NO >> /etc/resolvconf.conf
>     no Debian package will ever modify your /etc/resolv.conf again."
> 
> then I will be glad to accept it as yet another alternative solution
> for some users/systems.

I'm not that knowledgeable, but dhclient is listen in the resolvconf
man page as a "^SUPPLIERS OF NAMESERVER INFORMATION"... so appears to
be intended to work together.

Have you tried also reading man dhclient.conf ?

Good luck,