2

I am facing a strange situation on all my RHEL 7 servers. All the RHEL 7 VMs are provisioned using a provisioning tool which connects to a VM offering a DHCP IP, once provisioning is complete we run a batch script to make the NICs static and update resolv.conf with valid values.

But we can see that /usr/sbin/dhcpclient-script is updating the resolv.conf with its values.

Both NIC's config file has BOOTPROTO=static, DNS1=x.x.x.x, DNS2=x.x.x.x, PEERDNS=no and other required values.

I am not able to understand why resolv.conf is modified by the DHCP server used for provisioning even after setting the NIC to static.

Kusalananda
  • 320,670
  • 36
  • 633
  • 936
Ashish George
  • 21
  • 1
  • 2
  • May be related to systemd - see https://unix.stackexchange.com/questions/389774/namservers-reverted-to-normal-shortly-after-connecting-vpn-using-openconnect/389779#389779 – Patrick Oct 31 '17 at 10:28
  • Might also be related to NetworkManager. – Pierre-Alain TORET Oct 31 '17 at 10:39
  • the netwokManager is not installed on the server, what i can see is that whiile provisioning the server the NIC is named as ksdev0 and at a later point after provisioning we run the script to rename ksdev0 to eth-xxxx, but even now i can see in var/log/messages DHCPREQUEST to ksdev0, so i guess the kernel still refers to ksdev0 even though the NIC does not exist, and a reboot is not performed after ksdev0 is renamed to eth-xxx. – Ashish George Oct 31 '17 at 10:43
  • Does a reboot solve the problem? – fpmurphy Oct 31 '17 at 12:21
  • Can you post the script? Maybe it's renewing the dhcp lease and so updating the resolv.conf... – Zip Oct 31 '17 at 12:29

3 Answers3

3

Create a /etc/dhcp/dhclient-enter-hooks file with the following content:

#!/bin/sh
make_resolv_conf(){
    :
}

Make it executable chmod +x /etc/dhcp/dhclient-enter-hooks

The explanation on the man dhclient-script

Hooks

When it starts, the client script first defines a shell function, make_resolv_conf , which is later used to create the /etc/resolv.conf file. To override the default behaviour, redefine this function in the enter hook script.

On after defining the make_resolv_conf function, the client script checks for the presence of an executable /etc/dhcp/dhclient-enter-hooks script, and if present, it invokes the script inline, using the Bourne shell '.' command. The entire environment documented under OPERATION is available to this script, which may modify the environment if needed to change the behaviour of the script.

How To: Make Sure /etc/resolv.conf Never Get Updated By DHCP Client

Community
  • 1
GAD3R
  • 63,407
  • 31
  • 131
  • 192
  • I've posted a slightly adapted answer if you have a /etc/dhcp/dhclient-enter-hooks.d directory, like I see on Debian Buster. – Martin Dorey Mar 07 '21 at 17:24
2

All credit to @GAD3R for this answer. The directory structure on my system encouraged me to put the file in a .d directory. That seems like the more maintainable way of the future. I'd edit it into the answer from @GAD3R but I don't know if that would be welcome and perhaps systems that don't have the .d directory are still around. I like to have solutions I can just copy-and-paste:

sudo tee /etc/dhcp/dhclient-enter-hooks.d/unhand-resolv-conf <<EOF
#!/bin/sh
make_resolv_conf(){
    :
}
EOF
sudo chmod +x /etc/dhcp/dhclient-enter-hooks.d/unhand-resolv-conf
Martin Dorey
  • 214
  • 2
  • 8
0

Likely you're hitting how resolvconf works by default.

If you'd like nothing to change your /etc/resolv.conf at all, ever, then arrange to run the following command. Be sure to arrange for this to run at reboot time too...

resolvconf --disable-updates
David Favor
  • 423
  • 3
  • 5