> > On 11/19/18 6:49 AM, Simon Matter wrote: >>> On 11/17/18 8:31 AM, Alice Wonder wrote: >>>> On 11/17/2018 07:01 AM, Alice Wonder wrote: >>>>> On 11/17/2018 06:43 AM, Alice Wonder wrote: >>>>>> CentOS 7.5 image running on linode. >>>>>> >>>>>> unbound running on localhost. >>>>>> >>>>>> Have to use a cron job once a minute to keep /etc/resolv.conf using >>>>>> the localhost for name resolution - whenever NetworkManager gets >>>>>> restarted (usually only a system boot) it gets over-written. >>>>>> >>>>>> It seems every distro has a different way of preventing >>>>>> NetworkManager from replacing that file. >>>>>> >>>>>> I found instructions for Fedora that said create >>>>>> /etc/NetworkManager/conf.d/no-dns.conf containing >>>>>> >>>>>> [main] >>>>>> dns=none >>>>>> >>>>>> That doesn't seem to have any effect. >>>>>> >>>>>> Poking around, I find a file on boot seems to be created called >>>>>> >>>>>> /var/run/NetworkManager/resolv.conf >>>>>> >>>>>> It has most of the contents of what ends up in /etc/resolv.conf - >>>>>> except w/o the last line, which just reads rotate in generated >>>>>> /etc/resolv.conf. >>>>>> >>>>>> It says it's generated by NetworkManager (both /etc/resolv.conf and >>>>>> the one in /var/run/NetworkManager) but neither are specific enough >>>>>> to indicate what is causing them to be created so I can turn it off. >>>>>> >>>>>> Anyone know how to tell NetworkManager to just not create that file? >>>>>> >>>>>> Using a cron job to overwrite it once a minute works but there must >>>>>> be a proper way. >>>>>> >>>>>> I really wish KISS was a design goal when designing system >>>>>> configuration. >>>>>> _______________________________________________ >>>>>> CentOS mailing list >>>>>> CentOS at centos.org >>>>>> https://lists.centos.org/mailman/listinfo/centos >>>>> >>>>> Just found this - >>>>> >>>>> # cat dhclient-exit-hooks >>>>> echo 'options rotate' >> /etc/resolv.conf >>>>> >>>>> That's where the last line in /etc/resolv.conf is coming from. >>>> >>>> Okay replacing the contents of dhclient-exit-hooks with >>>> >>>> echo -e 'nameserver 127.0.0.1\nnameserver ::1' > /etc/resolv.conf >>>> >>>> seems to do what I need. >>>> >>>> I hope RHEL/CentOS 8 do networking better, as in, not have spaghetti >>>> scripts called here and there making something that should be a config >>>> option hard to do. >>>> >>>> With DNS the only way to trust results is if the zone is signed and >>>> local resolver validates. You can't ever trust external nameservers >>>> defined by dhcp to validate. So there's very valid reasons to want to >>>> use local unbound. >>>> _______________________________________________ >>> >>> >>> I don't know about CentOS 7 because I'm running CentOS 6, but on other >>> systemd distributions where I've run into similar issues I was either >>> able to add a hardcoded DNS server to network manager or resolve the >>> problem through systemd-resolved. >>> >>> In one case I resolved the issue best by disabling systemd-resolved, >>> but >>> if you check the man page for systemd-resolved as wells as the man page >>> for resolved.conf (/etc/systemd/resolved.conf on other distributions) >>> my sense is you will find a cleaner solution. It would seem to me that >>> if you are running bind or powerdns on your local host, then it would >>> make sense to me to disable systemd-resolved, since you don't need so >>> many layers of caching dns resolvers. >> >> Alice was talking about CentOS 7.5, which doesn't have systemd-resolved >> nor does it have systemd-networkd. I didn't look at EL8 betas yet but we >> can probably expect systemd-networkd to be included there. If that's the >> case, we'll probably have legacy script based configs, NetworkManager >> and >> systemd-networkd/systemd-resolved. >> >> In other words, things may not get easier in the future but even more >> confusing. At least that's already the case if you run different >> distributions. >> >> Regards, >> Simon >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > Hi > in august 1017 i had put away the following remark about this item: > > > #edit > gvim /var/run/NetworkManager/resolv.conf > # to your needs > # make /etc/resolv.conf a link to the above file > rm /etc/resolv.conf > ln -s /lib/systemd/resolv.conf /etc/resolv.conf > > # dns=none does not work in either /etc/NetworkManager/NetworkManager.conf > # nor in /etc/NetworkManager/conf.d/dns.conf > > ------------------- > > OR, much simpler: > > in /etc/sysconfig/network-scripts/ifcfg-ethX > .... > PEERDNS=no > IPV6_PEERDNS=no > .... With the init scripts I have in /etc/sysconfig/network-scripts/ifcfg-ethX RESOLV_MODS="no" Regards, Simon