On 11/19/18 6:49 AM, Simon Matter wrote: >> On 11/17/18 8:31 AM, Alice Wonder wrote: >>> On 11/17/2018 07:01 AM, Alice Wonder wrote: >>>> On 11/17/2018 06:43 AM, Alice Wonder wrote: >>>>> CentOS 7.5 image running on linode. >>>>> >>>>> unbound running on localhost. >>>>> >>>>> Have to use a cron job once a minute to keep /etc/resolv.conf using >>>>> the localhost for name resolution - whenever NetworkManager gets >>>>> restarted (usually only a system boot) it gets over-written. >>>>> >>>>> It seems every distro has a different way of preventing >>>>> NetworkManager from replacing that file. >>>>> >>>>> I found instructions for Fedora that said create >>>>> /etc/NetworkManager/conf.d/no-dns.conf containing >>>>> >>>>> [main] >>>>> dns=none >>>>> >>>>> That doesn't seem to have any effect. >>>>> >>>>> Poking around, I find a file on boot seems to be created called >>>>> >>>>> /var/run/NetworkManager/resolv.conf >>>>> >>>>> It has most of the contents of what ends up in /etc/resolv.conf - >>>>> except w/o the last line, which just reads rotate in generated >>>>> /etc/resolv.conf. >>>>> >>>>> It says it's generated by NetworkManager (both /etc/resolv.conf and >>>>> the one in /var/run/NetworkManager) but neither are specific enough >>>>> to indicate what is causing them to be created so I can turn it off. >>>>> >>>>> Anyone know how to tell NetworkManager to just not create that file? >>>>> >>>>> Using a cron job to overwrite it once a minute works but there must >>>>> be a proper way. >>>>> >>>>> I really wish KISS was a design goal when designing system >>>>> configuration. >>>>> _______________________________________________ >>>>> CentOS mailing list >>>>> CentOS at centos.org >>>>> https://lists.centos.org/mailman/listinfo/centos >>>> >>>> Just found this - >>>> >>>> # cat dhclient-exit-hooks >>>> echo 'options rotate' >> /etc/resolv.conf >>>> >>>> That's where the last line in /etc/resolv.conf is coming from. >>> >>> Okay replacing the contents of dhclient-exit-hooks with >>> >>> echo -e 'nameserver 127.0.0.1\nnameserver ::1' > /etc/resolv.conf >>> >>> seems to do what I need. >>> >>> I hope RHEL/CentOS 8 do networking better, as in, not have spaghetti >>> scripts called here and there making something that should be a config >>> option hard to do. >>> >>> With DNS the only way to trust results is if the zone is signed and >>> local resolver validates. You can't ever trust external nameservers >>> defined by dhcp to validate. So there's very valid reasons to want to >>> use local unbound. >>> _______________________________________________ >> >> >> I don't know about CentOS 7 because I'm running CentOS 6, but on other >> systemd distributions where I've run into similar issues I was either >> able to add a hardcoded DNS server to network manager or resolve the >> problem through systemd-resolved. >> >> In one case I resolved the issue best by disabling systemd-resolved, but >> if you check the man page for systemd-resolved as wells as the man page >> for resolved.conf (/etc/systemd/resolved.conf on other distributions) >> my sense is you will find a cleaner solution. It would seem to me that >> if you are running bind or powerdns on your local host, then it would >> make sense to me to disable systemd-resolved, since you don't need so >> many layers of caching dns resolvers. > > Alice was talking about CentOS 7.5, which doesn't have systemd-resolved > nor does it have systemd-networkd. I didn't look at EL8 betas yet but we > can probably expect systemd-networkd to be included there. If that's the > case, we'll probably have legacy script based configs, NetworkManager and > systemd-networkd/systemd-resolved. > > In other words, things may not get easier in the future but even more > confusing. At least that's already the case if you run different > distributions. > > Regards, > Simon > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos > Hi in august 1017 i had put away the following remark about this item: #edit gvim /var/run/NetworkManager/resolv.conf # to your needs # make /etc/resolv.conf a link to the above file rm /etc/resolv.conf ln -s /lib/systemd/resolv.conf /etc/resolv.conf # dns=none does not work in either /etc/NetworkManager/NetworkManager.conf # nor in /etc/NetworkManager/conf.d/dns.conf ------------------- OR, much simpler: in /etc/sysconfig/network-scripts/ifcfg-ethX .... PEERDNS=no IPV6_PEERDNS=no .... suomi