[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: boot ordering and resolvconf

]] Bob Proulx 

> Tollef Fog Heen wrote:
> > ]] Don Armstrong 
> > > Tollef Fog Heen wrote:
> > > > It seems resolvconf wants to get its name servers from
> > > > /etc/network/interfaces?
> > > 
> > > Resolvconf can get its nameservers from anywhere that calls
> > > 
> > > echo 'namserver information'|resolvconf -a interface.program;
> > 
> > If I do that by hand, that information will never ever be overwritten by
> > dhclient, NM, openvpn or tools, and it persists through reboots?
> 
> Now that we have so many mobile devices the network may come and go
> dynamically.  Therefore we need a dynamic method to update
> nameservers.  When a network is activated it would call the above to
> configure the nameservers found for that network interface.  When the
> network interface is deactivated then those nameservers will need to
> be removed.  Having them fixed statically would defeat the purpose.

No, in my setup it should not do that without admin intervention.  Doing
that means it's likely to cause security-related problems.  I use DNSSEC
and don't want to trust random resolvers, I want to trust the one that
I've set up myself and that I know verifies signatures and that lives on
::1.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: