Permanent change for resolv.conf

So, I have noticed that my /etc/resolv.conf needs to have following options added to it for some of the site I use to work.

options edns0 trust-ad
search .

I need to do this every day because the changes are not permanent.
The only article I have found so far about making permanent changes to this file requires me to install some programs, see It only talks about changing the nameserver DNS. I am however not sure if that applies to the option section as well.

I am wondering if it is possible to make the change to the file permanent without installing anything, and then how to do it. If not possible, which method is recommended?

sudo chattr +i /etc/resolv.conf

Then -i to turn it back.

So if I understand this correctly I do my changes inn /etc/resolv.conf and then I do

sudo chattr +i /etc/resolv.conf

and that will make the change permanent?

Yes, it makes the file “immutable”, test it:

echo olividir > test.txt

Make it immutable

sudo chattr +i test.txt

Then try to edit or delete.

The other method is to modify NetworkManager config :

cat /etc/NetworkManager/conf.d/dns.conf 

with this, /etc/resolv.conf is not modified anymore and no need for chattr command.

Thank you for this, I do not have any file at


And chattr +i /etc/resolv.conf did not work when restarting the computer.

I am guessing I should make the dns.conf file at /etc/NetworkManager/conf.d/ and have it like

options edns0 trust-ad
search .

So I am currently stuck.

When I made resolc.conf immutable after adding the options to it, it still went back to default (no options) after turning off the machine.

I also did make dns.conf in /etc/NetworkManager/conf.d/ there I put in

options edns0 trust-ad
search .

and of course that did not work at all. So I have been manually changing /etc/resolv.conf every day now.

Make changes in /etc/systemd/resolved.conf or drop-in .conf files in /etc/systemd/resolved.conf.d/.

With systed-resolved, the resolver can be configured by editing /etc/systemd/resolved.conf and/or drop-in .conf files in /etc/systemd/resolved.conf.d/.


Thank you for this step… how ever this does not seem to show me how to add these lines to my resolve.conf.
If I change anything in /etc/systemd/resolved.conf, it doesn’t seem to have the effect I am looking for.

I am currently trying to figure what are the differences between EOS and Fedora, besde FallbackDNS and LLMNR I have not been able to see any difference.

Right now I am afraid I have tinkered a bit too much, even if I log down my changes. System is really behaving weirdly now.

I found out that my Ubuntu knowledge can be also misleading, I spent 15 years with it and maybe 2 with EndeavourOS. What I said isn’t wrong. But: Per :enos: default, systemd-resolved isn’t enabled.

But generally speaking, the best way to make changes is either in the NetworkManager or systemd-resolved, in this case NetworkManager in the conf.d directory. resolv.conf is autogenerated and any attempt to lock it is throwing a wrench into the system.

Did you have a look at man 5 NetworkManager.conf? This is how the file should be set up to work. Maybe this information helps.

I did look at man NetworkManager 5 (should be the same thing). Didn’t make so much of it, but was in a hurry at that time.

I did read this a bit better, but I am nowhere near a solution on where to add

options edns0 trust-ad
search .

I could edit /etc/NetworkManager/resolv.conf and add

options=edns0 trust-ad

but to be honest, I am not sure that will have any effect.

This is the content of my /etc/NetworkManager/conf.d/dns.conf


And whatever change I have made to /etc/resolv.conf won’t get overwritten between reboots or restart of NetworkManager.service.


Edit: corrected the line in dns.conf

Oh, I actually found this site yesterday, but didn’t go this far down. Trying this now to see what will happen.

Maybe this is the trick I was looking for.

I think this should be only systemd-resolved=none.
I did correct it in my dns.conf file.

Yeah, I thought so, because I had no internet at all, and /etc/resolv.conf was empty. It was a bit scary.

You need to put in:

options edns0 trust-ad
search .

that you mentioned in your first post.

This one is correct one.
/etc/NetworkManager/conf.d/dns.conf should look like


Yes, I knew that :slight_smile:
Thank you for finally pointing me in the correct direction.
I should have read all the way through yesterday.


Actually I think this might not be needed at all if you don’t use systemd-resolved.service.
Mine is disabled and masked. So it seems to be superfluous. It doesn’t do any harm though :blush:

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.