How to take back control of /etc

2022-02-01  本文已影响0人  迷路的木瓜

Several DNS-related programs want to automatically manage the DNS name server and resolution configuration file at /etc/resolv.conf. In some situations, you may want to manage this file yourself. Here is how you identify which programs are automatically managing this file on your Linux distribution, and how you can take back manual control of the file.

There are quite a few different tools that fight to control a Linux system’s DNS resolution configuration file /etc/resolv.conf including netconfig, NetworkManager, resolvconf, rdnssd, and systemd-resolved.

Except for NetworkManager, most of these tools are oblivious to each other’s presence which can cause DNS resolution problems. If you simply try to make changes to the file without disabling the managing program, it may overwrite your changes after a few minutes or revert them when you reboot the system.

Identifying which utility currently controls your /etc/resolv.conf

The following command will read the first few lines the resolv.conf file, which should include a comment identifying any programs that have automatically taken over management over the file.

head /etc/resolv.conf

Some utilities don’t include a comment in the resolv.conf file, but you can identify these programs by checking for symbolic links with the following command:

ls -l /etc/resolv.conf

As a last resort, you can check your init system to see if any of the programs mentioned in this article are running. If you can’t identify any management programs using these methods, chances are you should be in control over the resolv.conf file and your system’s DNS resolution.

ps -A

The next sections will teach you how to disable various programs that automatically manage resolv.conf.

Opting-out of NetworkManager

NetworkManager is by far the most common auto-configuration tool for the entire networking stack including DNS resolution. It’s responsible for /etc/resolv.conf on many popular Linux distributions including Debian and Fedora.

After you’ve disabled all other programs that try to manage resolv.conf, you may also discover that NetworkManager will jump in to fill the job  -  as happens on Ubuntu 16.10 and later.

Set the dns option in the main configuration section to none to disable DNS handling in NetworkManager. The below commands sets this option in a new conf.d/no-dns.conf configuration file, restarts the NetworkManager service, and deletes the NetworkManager-generated resolv.conf file.

echo -e "[main]\ndns=none" > /etc/NetworkManager/conf.d/no-dns.conf
systemctl restart NetworkManager.service
rm /etc/resolv.conf

If you discover that NetworkManager is still managing your resolv.conf, then you may have a configuration conflict (usually caused by dnsmasq.) Recursively search through your NetworkManager configuration to discover any conflicts.

grep -ir /etc/NetworkManager/

Refer to the last section of this article for instructions on recreating a /etc/resolv.conf file with manual configuration

Opting-out of netconfig

You’ll encounter netconfig on openSUSE, SUSE, and derivative distributions.

You can disable netconfig’s handling of /etc/resolv.conf by disabling the NETCONFIG_DNS_POLICY option in /etc/sysconfig/network/config to an empty string as shown below.

NETCONFIG_DNS_POLICY=""

Afterward, you should delete the netconfig-generated resolv.conf file, and reboot the system.

rm /etc/resolv.conf
reboot

Refer to the last section of this article for instructions on recreating a /etc/resolv.conf file with manual configuration.

Disabling resolvconf and rdnssd

If you installed Debian 8.0 or Ubuntu 15.04 with an active IPv6 connection and have upgraded your system, you may end up with both resolvconf and rdnssd fighting each other for control over resolv.conf. Both services want to control the file, which may lead to intermittent DNS resolution outages as the two services overwrite each other’s changes every few milliseconds.

You can disable both services with the following commands. You can just go ahead and run both commands, as nothing unexpected should happen if disable an already disabled service.

systemctl disable --now resolvconf.service rdnssd.service
rm /etc/resolv.conf

You may also need to follow the instructions in the section on NetworkManager, as it may step in automatically to handle the resolv.conf file after you remove it.

Disabling systemd-resolved

If you’re running Ubuntu 16.10 or later, your DNS resolution will be managed by the systemd-resolved service. You can disable this service without any further ado using the following commands.

systemctl disable --now systemd-resolved.service
rm /etc/resolv.conf

You may also need to follow the instructions in the section on NetworkManager, as it may step in automatically to handle the resolv.conf file after you remove it.

Recreating /etc/resolv.conf

By this point, you shouldn’t have anything automatically creating the /etc/resolv.conf file anymore. Please begin again from the top of this article to troubleshoot if the file still exists on your system. You now need to create a world-readable (permission 644) resolv.conf and add some nameservers to it.

The below shows two examples that set IPv4 and IPv6 nameservers. The first example uses the free security-hardened public DNS service from Quad9, and the second example assumes there’s a DNS server like Knot Resolver or dnsmasq running on your local device. Both examples are set up for dual-stack IPv4/6 routing for improved reliance and compatibility.

Example /etc/resolv.conf files:

Quad9

nameserver 9.9.9.9
nameserver 2620:fe::fe
nameserver 149.112.112.112

Localhost

nameserver 127.0.0.1
nameserver ::1

You generally don’t need to restart any network management services for the changes to take effect. However, some system services or programs may have entered a failed state while DNS resolution was disabled. Do a quick reboot to kick-start them unless you want to manually double-check that all running services and programs have recovered.

You may want to configure additional parameters for the resolv.conf file. See the man 5 resolv.conf manual for details on other domain resolution configuration options.

Sources

  1. https://www.ctrl.blog/entry/resolvconf-tutorial.html
  2. resolved.conf man page, version 238, 2018-03-05, systemd project, FreeDesktop.org
  3. Basic Networking, version Leap 42.2, 2018-02-26, Reference, openSUSE Documentation, SUSE
  4. Frequently Asked Questions, 2018-02, Quad9
  5. NetworkConfiguration, revision 99, 2017-12-31, Debian Wiki, Debian
  6. NetworkManager.conf, version 1.10, 2017-11, GNOME Developer Center, GNOME
  7. Network Configuration, version 16.04, 2016-04-16, Ubuntu Server Guide, Ubuntu Documentation, Canonical
  8. Bug #740998: NetworkManager and rdnssd don’t play well together, 2014-03-07, Debian Bug report logs, Debian
上一篇下一篇

猜你喜欢

热点阅读