[CentOS] NetworkManager and /etc/resolv.conf

anax anax at ayni.com
Mon Nov 19 06:02:33 UTC 2018


On 11/19/18 6:49 AM, Simon Matter wrote:
>> On 11/17/18 8:31 AM, Alice Wonder wrote:
>>> On 11/17/2018 07:01 AM, Alice Wonder wrote:
>>>> On 11/17/2018 06:43 AM, Alice Wonder wrote:
>>>>> CentOS 7.5 image running on linode.
>>>>>
>>>>> unbound running on localhost.
>>>>>
>>>>> Have to use a cron job once a minute to keep /etc/resolv.conf using
>>>>> the localhost for name resolution - whenever NetworkManager gets
>>>>> restarted (usually only a system boot) it gets over-written.
>>>>>
>>>>> It seems every distro has a different way of preventing
>>>>> NetworkManager from replacing that file.
>>>>>
>>>>> I found instructions for Fedora that said create
>>>>> /etc/NetworkManager/conf.d/no-dns.conf containing
>>>>>
>>>>> [main]
>>>>> dns=none
>>>>>
>>>>> That doesn't seem to have any effect.
>>>>>
>>>>> Poking around, I find a file on boot seems to be created called
>>>>>
>>>>> /var/run/NetworkManager/resolv.conf
>>>>>
>>>>> It has most of the contents of what ends up in /etc/resolv.conf -
>>>>> except w/o the last line, which just reads rotate in generated
>>>>> /etc/resolv.conf.
>>>>>
>>>>> It says it's generated by NetworkManager (both /etc/resolv.conf and
>>>>> the one in /var/run/NetworkManager) but neither are specific enough
>>>>> to indicate what is causing them to be created so I can turn it off.
>>>>>
>>>>> Anyone know how to tell NetworkManager to just not create that file?
>>>>>
>>>>> Using a cron job to overwrite it once a minute works but there must
>>>>> be a proper way.
>>>>>
>>>>> I really wish KISS was a design goal when designing system
>>>>> configuration.
>>>>> _______________________________________________
>>>>> CentOS mailing list
>>>>> CentOS at centos.org
>>>>> https://lists.centos.org/mailman/listinfo/centos
>>>>
>>>> Just found this -
>>>>
>>>> # cat dhclient-exit-hooks
>>>> echo 'options rotate' >> /etc/resolv.conf
>>>>
>>>> That's where the last line in /etc/resolv.conf is coming from.
>>>
>>> Okay replacing the contents of dhclient-exit-hooks with
>>>
>>> echo -e 'nameserver 127.0.0.1\nnameserver ::1' > /etc/resolv.conf
>>>
>>> seems to do what I need.
>>>
>>> I hope RHEL/CentOS 8 do networking better, as in, not have spaghetti
>>> scripts called here and there making something that should be a config
>>> option hard to do.
>>>
>>> With DNS the only way to trust results is if the zone is signed and
>>> local resolver validates. You can't ever trust external nameservers
>>> defined by dhcp to validate. So there's very valid reasons to want to
>>> use local unbound.
>>> _______________________________________________
>>
>>
>> I don't know about CentOS 7 because I'm running CentOS 6, but on other
>> systemd distributions where I've run into similar issues I was either
>> able to add a hardcoded DNS server to network manager or resolve the
>> problem through systemd-resolved.
>>
>> In one case I resolved the issue best by disabling systemd-resolved, but
>> if you check the man page for systemd-resolved as wells as the man page
>> for  resolved.conf (/etc/systemd/resolved.conf on other distributions)
>> my sense is you will find a cleaner solution.  It would seem to me that
>> if you are running bind or powerdns on your local host, then it would
>> make sense to me to disable systemd-resolved, since you don't need so
>> many layers of caching dns resolvers.
> 
> Alice was talking about CentOS 7.5, which doesn't have systemd-resolved
> nor does it have systemd-networkd. I didn't look at EL8 betas yet but we
> can probably expect systemd-networkd to be included there. If that's the
> case, we'll probably have legacy script based configs, NetworkManager and
> systemd-networkd/systemd-resolved.
> 
> In other words, things may not get easier in the future but even more
> confusing. At least that's already the case if you run different
> distributions.
> 
> Regards,
> Simon
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 

Hi
in august 1017 i had put away the following remark about this item:


#edit
gvim /var/run/NetworkManager/resolv.conf
# to your needs
# make /etc/resolv.conf a link to the above file
rm /etc/resolv.conf
ln -s /lib/systemd/resolv.conf /etc/resolv.conf

# dns=none does not work in either /etc/NetworkManager/NetworkManager.conf
# nor in /etc/NetworkManager/conf.d/dns.conf

-------------------

OR, much simpler:

in /etc/sysconfig/network-scripts/ifcfg-ethX
....
PEERDNS=no
IPV6_PEERDNS=no
....



suomi



More information about the CentOS mailing list