0

bug: resolv.conf auto-populates search and nameserver seeking: permanent or temporary (run each time system boots.)

recommended solution: resolvconf package solves the auto-population issue (not to be confused with resolv.conf)

-https://www.youtube.com/watch?v=NEyXDdBrw2c
-https://unix.stackexchange.com/q/209760/441088
-https://unix.stackexchange.com/q/362587/441088

My question is identical to the last (441088) except need resolv.conf to no longer update (auto-populate) search and nameservers

#sudo vi resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by    resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual   nameservers.
nameserver 84.200.70.40
nameserver 84.200.69.80
nameserver 192.168.4.1 
nameserver 192.168.4.1
nameserver 192.168.1.1
nameserver 1.1.1.1
search autopopulated-isp-router 1.1.1.1

apparently it just adds additional auto-populated nameservers below the already existing. (it is a little sneaky so you must keep checking resolv.conf to catch the auto-population of nameservers & search server, which are auto-appended to resolvconf settings)

how can i change the resolv.conf to prevent auto-populating of nameserver and search with isp ip addresses?

Tried with:

# service networking stop && service network-manager start
# service networking start && service network-manager stop

Network managers:
Wicd with both networking and network-manager stopped,
then no wicd just nmtui with networking start then with network-manager start

Replicable on debian 10.1 and kali 2020 (any version - tried them all)

Replicable with dhcp or static configuation (yes able to ping local gateway network router and other ip's on network)

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed,     try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files systemd
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files mdns4_minimal [NOTFOUND=return] dns myhostname     mymachines
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
terdon
  • 234,489
  • 66
  • 447
  • 667
rakis
  • 11
  • 1
  • 4

2 Answers2

0

I think the issue here is with NetworkManager that is populating your resolv.conf file.

To disable dns updates.

1- Open the conf file with an editor :

sudo vi /etc/NetworkManager/NetworkManager.conf

2- Add the above to [main] section : dns=none

3- Restart NetworkManager :

sudo service network-manager restart

SINCE you last EDIT :

As I see here you are using NetworkManager.service :

A- If you are using dhcp for your interface, then check the DNS setup by your DHCP server :

cat /var/lib/NetworkManager/*.lease | grep 'domain-name-servers'

You can set directly your dns entries needed in this case and disabling DHCP from supplying them :

# Edit dhclient configuration file
vi /etc/dhcp/dhclient.conf
# Set the fixed your dns server entries
supersede domain-name-servers 84.200.69.80, 84.200.70.40;

B- It's clear here that your /etc/resolv.conf is clearly managed by systemd-resolved service.

So you can disable this service or let it running and edit its configuration in /etc/systemd/resolved.conf, so to disable it :

1- First check the output of the current systemd-resolved.conf file & check systemd-resolved is running :

sudo cat /run/systemd/resolve/resolv.conf
sudo systemd-resolve status

2- Stop / Disable the service :

  sudo systemctl disable systemd-resolved.service
  sudo systemctl stop systemd-resolved.service

3- Set the DNS processing mode in NetworkManager so it will not be anymore managed by systemd-resolved nor NetworKService ( Edit /etc/NetworkManager/NetworkManager.conf ) :

  [main]
  dns=none

4- Destroy the symlink /etc/resolv.conf -> /run/systemd/resolve/resolv.conf :

sudo unlink /etc/resolv.conf

5- Restart NetworkManager :

sudo systemctl restart NetworkManager

6- Recreate resolv.conf file :

sudo touch /etc/resolv.conf
sudo chown root:root /etc/resolv.conf
sudo chmod 644 /etc/resolv.conf

7- Populate manually resolv.conf file :

echo 'nameserver 84.200.70.40
nameserver 84.200.69.80
nameserver 192.168.4.1 
nameserver 192.168.4.1
nameserver 192.168.1.1
nameserver 1.1.1.1' > /etc/resolv.conf
Reda Salih
  • 1,724
  • 4
  • 9
  • yeah, i service network-manger stop && service networking stop....using wicd to avoid network manger from doing its thing... but still dns autopopulates even with resolveconf package installed. I will try editing the networkmanger.conf...maybe ip is picking it up somewhere. IP tends to mysteriously popup sometimes even with ip down – rakis Nov 08 '20 at 23:15
  • ok then use only network service and disable network-manager you have to use only one of these two services. Could you mark my response as answered. – Reda Salih Nov 08 '20 at 23:17
  • after a day of testing. neither network service (networking) nor network-manager being used prevents search from auto-populating. – rakis Nov 10 '20 at 17:32
  • so what is the networking service you are using ? what is your distribution & VERSION ? also if you can publish resolv.conf file and /etc/nsswitch.conf ? are you using dhcp ? you can edit your question to be more clearer. – Reda Salih Nov 10 '20 at 17:35
  • will try fixes https://unix.stackexchange.com/q/273565/441088 and add findings to post. – rakis Nov 10 '20 at 20:37
0

I've made a script to change resolv.conf file permanently:

#!/usr/bin/env bash
f="/etc/resolv.conf"
chattr -i "$f"
rm -f "$f"
echo "nameserver 1.1.1.1" >> "$f"
echo "nameserver 8.8.8.8" >> "$f"
chattr +i "$f"

This script makes the file immutable, so it will not be changed and cannot be deleted. To delete the file you need to use command:

chattr -i /etc/resolv.conf

Then delete the file.

pbies
  • 424
  • 4
  • 15