selected snippets from https://wiki.debian.org/NetworkConfiguration#Defining_the_.28DNS.29_Nameservers

You can make /etc/resolv.conf immutable, so it cannot be changed by any package:

openresolv lets you tell it to do nothing whenever some daemon tries to modify resolv.conf, by putting resolvconf=NO in the /etc/resolvconf.conf file. (Note: this is not the /etc/resolv.conf file!)

The setting you want is: supersede domain-name-servers 12.34.56.78, 12.34.56.79

And my personal favorite:

echo ‘make_resolv_conf() { :; }’ > /etc/dhcp/dhclient-enter-hooks.d/leave_my_resolv_conf_alone; chmod 755 /etc/dhcp/dhclient-enter-hooks.d/leave_my_resolv_conf_alone

How the fuck did we get here? Aren’t these docs an admission that it’s a clusterfuck?

That page says don’t forget the “s” on dns-nameservers when using /etc/networking/interfaces, but https://manpages.debian.org/trixie/resolvconf/resolvconf.8.en.html omits it!

    • tal@lemmy.todayEnglish
      3·
      3 hours ago

      From my /etc/resolv.conf on Debian trixie, which isn’t using openresolv:

      # Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.

      I mean, if you want to just write a static resolv.conf, I don’t think that you normally need to have it flagged immutable. You just put the text file you want in place of the symlink.