On Sun, Apr 24, 2022 at 12:00:50PM -0500, Michael Hennebry wrote:
On Sat, 23 Apr 2022, Samuel Sieb wrote:
> The benefits have been well explained. The problem is that some people
> really don't like change even if it's for the better. And sometimes
> things do break when changed and instead of finding out why it breaks
> and how to fix, they just say how terrible the new software is and that
> it should never have been used.
Nyet.
OP was not complaining about change.
OP was complaining about his inability to change his system.
OP did discover the reason.
OP discovered the reason was systemd code
apparently designed to frustrate just that change.
OP's complaint was not about systemd generally,
'twas about a single rather awful policy decision.
What would a systemd evangelist suggest as a minimal workaround?
I suggest the OP misunderstood the setup or intended setup.
The scriptlets will set /etc/resolv.conf to point to the
systemd-resolved resolver if:
* The /etc/resolv.conf file doesn't exist yet
AND
* systemd is being used to boot (so, it's not a container, etc)
AND
* systemd-resolved service is enabled
AND
* DNSStubListener is not set to no/false/off in systemd/resolved.conf
So, if you wish to have systemd-resolved not manage your dns, you can:
* make a /etc/resolv.conf file and put whatever you want in it.
* disable the systemd-resolved service
* Set DNSStubListener to no/false/off in systemd/resolved.conf
There's no reason you can't disable this if you like (barring bugs which
there have been some of definitely).
That said, there's lots of advantages to systemd-resolved... it allows
you to split dns based on interface (ie, vpn requests can go to a server
on the vpn instead of to all nameservers in the public interfaces), you
can override lots of other things on a per interface basis, you can
manage the dns cache easily, you can enable/disable/set dnssec prefs,
etc.
kevin