Re: Debugging what is deleting/recreating /etc/resolv.conf with wrong configuration, on debian stable

[davenull@tuxfamily.org]

On 2023-02-23 10:54, tomas@tuxteam.de wrote:
> On Thu, Feb 23, 2023 at 10:44:35AM +0100, davenull@tuxfamily.org wrote:
>
> [...]
>
> > Thank you. I'll give it a try, But I won't be on remote work before 
> > next
> > week
> > Which log file is used for that?
>
> That depends: it's the perpetrator's choice where to log (or whether
> to log at all, sadly).
>
> > So instead of grepping /var/log/ recursively when the problem occurs. 
> > I'd
> > tail -f the right file to find the "rogue" process right away
>
> You know that you can tail -f more than one file, do you?
>
> I just learnt that from a colleague. Enormously handy.
>
> Cheers

Interesting! I didn't knew that. Thanks for the tip.

I knew about and I just remembered multitail, which I never used that 
much, cause can be too noisy… But I guess I'm going to use "grep 
resolv.conf"… But if the "rogue" process doesn't log anything… I'll be 
stuck… worth trying either way. Thanks