{"id":5481,"date":"2019-02-09T19:46:15","date_gmt":"2019-02-09T19:46:15","guid":{"rendered":"https:\/\/really.zonky.org\/?p=5481"},"modified":"2019-02-09T19:46:21","modified_gmt":"2019-02-09T19:46:21","slug":"dont-mess-with-my-resolv-conf","status":"publish","type":"post","link":"https:\/\/really.zonky.org\/?p=5481","title":{"rendered":"Don&#8217;t Mess With My Resolv.conf"},"content":{"rendered":"\n<p>One of the things that irritates me about fancy new service management systems like <em>systemd<\/em> is that unless you get <em>everything<\/em> exactly right, you can end up with things interfering with specific configuration files &#8211; specifically <em>\/etc\/resolv.conf<\/em>.<\/p>\n\n\n\n<p>Now as a DNS administrator, I have a certain fondness for manually controlling <em>\/etc\/resolv.conf<\/em> and it does actually come in useful for making temporary changes to test specific DNS servers and the like. The trouble comes when something else wants to control that file.<\/p>\n\n\n\n<p>The ideal fix for this conflict is to have things like <em>systemd<\/em> control a separate file such as <em>\/etc\/system\/resolv.conf.systemd<\/em>, and for <em>\/etc\/resolv.conf<\/em> be installed as a symbolic link pointing at the real file.<\/p>\n\n\n\n<p>But back in the real world, if you do disable <em>systemd-resolver<\/em>  which can be done with: <code><em>systemctl disable systemd-resolved.service<\/em><\/code>; <code><em>systemctl stop systemd-resolved.service<\/em><\/code> <\/p>\n\n\n\n<p>Then you may also want to make the file immutable: <code>chattr +i \/etc\/resolv.conf<\/code>. On at least one server, <em>systemd<\/em> merrily re-created <em>\/etc\/resolv.conf<\/em> as a symbolic link to an empty file despite <em>systemd-resolved<\/em> being disabled.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"1024\" src=\"https:\/\/i0.wp.com\/really.zonky.org\/wp-content\/uploads\/2019-01-06-Corner-Of-The-Pyramid.jpg?resize=683%2C1024&#038;ssl=1\" alt=\"\" class=\"wp-image-5462\" srcset=\"https:\/\/i0.wp.com\/really.zonky.org\/wp-content\/uploads\/2019-01-06-Corner-Of-The-Pyramid.jpg?w=683&amp;ssl=1 683w, https:\/\/i0.wp.com\/really.zonky.org\/wp-content\/uploads\/2019-01-06-Corner-Of-The-Pyramid.jpg?resize=200%2C300&amp;ssl=1 200w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><figcaption>Corner Of The Pyramid<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>One of the things that irritates me about fancy new service management systems like systemd is that unless you get everything exactly right, you can end up with things interfering with specific configuration files &#8211; specifically \/etc\/resolv.conf. Now as a DNS administrator, I have a certain fondness for manually controlling \/etc\/resolv.conf and it does actually <a href='https:\/\/really.zonky.org\/?p=5481' class='excerpt-more'>[&#8230;]<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_share_on_mastodon":"0"},"categories":[4,209,226],"tags":[1839,1306],"class_list":["post-5481","post","type-post","status-publish","format-standard","hentry","category-it","category-linux-it","category-working-notes","tag-etc-resolv-conf","tag-systemd","category-4-id","category-209-id","category-226-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"share_on_mastodon":{"url":"","error":""},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p1f2KI-1qp","_links":{"self":[{"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/posts\/5481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/really.zonky.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5481"}],"version-history":[{"count":1,"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/posts\/5481\/revisions"}],"predecessor-version":[{"id":5482,"href":"https:\/\/really.zonky.org\/index.php?rest_route=\/wp\/v2\/posts\/5481\/revisions\/5482"}],"wp:attachment":[{"href":"https:\/\/really.zonky.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/really.zonky.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/really.zonky.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}