Permanent change for resolv.conf

olividir · November 19, 2023, 10:11am

So, I have noticed that my /etc/resolv.conf needs to have following options added to it for some of the site I use to work.

nameserver 192.168.3.1
options edns0 trust-ad
search .

I need to do this every day because the changes are not permanent.
The only article I have found so far about making permanent changes to this file requires me to install some programs, see https://kifarunix.com/make-permanent-dns-changes-on-resolv-conf-in-linux/?expand_article=1 It only talks about changing the nameserver DNS. I am however not sure if that applies to the option section as well.

I am wondering if it is possible to make the change to the file permanent without installing anything, and then how to do it. If not possible, which method is recommended?

xircon · November 19, 2023, 10:38am

sudo chattr +i /etc/resolv.conf

Then -i to turn it back.

olividir · November 19, 2023, 10:44am

So if I understand this correctly I do my changes inn /etc/resolv.conf and then I do

sudo chattr +i /etc/resolv.conf

and that will make the change permanent?

xircon · November 19, 2023, 10:52am

Yes, it makes the file “immutable”, test it:

echo olividir > test.txt

Make it immutable

sudo chattr +i test.txt

Then try to edit or delete.

vazicebon · November 19, 2023, 3:53pm

The other method is to modify NetworkManager config :

cat /etc/NetworkManager/conf.d/dns.conf 
[main]
dns=none

with this, /etc/resolv.conf is not modified anymore and no need for chattr command.

olividir · November 19, 2023, 8:18pm

Thank you for this, I do not have any file at

/etc/NetworkManager/conf.d/

And chattr +i /etc/resolv.conf did not work when restarting the computer.

I am guessing I should make the dns.conf file at /etc/NetworkManager/conf.d/ and have it like

[main]
dns=none
options edns0 trust-ad
search .

olividir · November 22, 2023, 6:17am

So I am currently stuck.

When I made resolc.conf immutable after adding the options to it, it still went back to default (no options) after turning off the machine.

I also did make dns.conf in /etc/NetworkManager/conf.d/ there I put in

[main]
dns=none
options edns0 trust-ad
search .

and of course that did not work at all. So I have been manually changing /etc/resolv.conf every day now.

emk2203 · November 22, 2023, 6:49am

Make changes in /etc/systemd/resolved.conf or drop-in .conf files in /etc/systemd/resolved.conf.d/.

With systed-resolved, the resolver can be configured by editing /etc/systemd/resolved.conf and/or drop-in .conf files in /etc/systemd/resolved.conf.d/.

Source: https://wiki.archlinux.org/title/systemd-resolved

olividir · November 22, 2023, 9:47pm

Thank you for this step… how ever this does not seem to show me how to add these lines to my resolve.conf.
If I change anything in /etc/systemd/resolved.conf, it doesn’t seem to have the effect I am looking for.

I am currently trying to figure what are the differences between EOS and Fedora, besde FallbackDNS and LLMNR I have not been able to see any difference.

Right now I am afraid I have tinkered a bit too much, even if I log down my changes. System is really behaving weirdly now.

emk2203 · November 22, 2023, 10:02pm

I found out that my Ubuntu knowledge can be also misleading, I spent 15 years with it and maybe 2 with EndeavourOS. What I said isn’t wrong. But: Per default, systemd-resolved isn’t enabled.

But generally speaking, the best way to make changes is either in the NetworkManager or systemd-resolved, in this case NetworkManager in the conf.d directory. resolv.conf is autogenerated and any attempt to lock it is throwing a wrench into the system.

Did you have a look at man 5 NetworkManager.conf? This is how the file should be set up to work. Maybe this information helps.

olividir · November 22, 2023, 10:06pm

I did look at man NetworkManager 5 (should be the same thing). Didn’t make so much of it, but was in a hurry at that time.

I did read this a bit better, but I am nowhere near a solution on where to add

options edns0 trust-ad
search .

I could edit /etc/NetworkManager/resolv.conf and add

[resolve]
options=edns0 trust-ad
search=.

but to be honest, I am not sure that will have any effect.

pebcak · November 22, 2023, 11:12pm

This is the content of my /etc/NetworkManager/conf.d/dns.conf

[main]
dns=none
systemd-resolved=false

And whatever change I have made to /etc/resolv.conf won’t get overwritten between reboots or restart of NetworkManager.service.

https://wiki.archlinux.org/title/NetworkManager#Unmanaged_/etc/resolv.conf

Edit: corrected the line in dns.conf

olividir · November 23, 2023, 6:23am

Oh, I actually found this site yesterday, but didn’t go this far down. Trying this now to see what will happen.

Maybe this is the trick I was looking for.

pebcak · November 23, 2023, 6:27am

I think this should be only systemd-resolved=none.
I did correct it in my dns.conf file.

olividir · November 23, 2023, 6:28am

Yeah, I thought so, because I had no internet at all, and /etc/resolv.conf was empty. It was a bit scary.

pebcak · November 23, 2023, 6:31am

You need to put in:

nameserver 192.168.3.1
options edns0 trust-ad
search .

that you mentioned in your first post.

olividir · November 23, 2023, 6:32am

This one is correct one.
/etc/NetworkManager/conf.d/dns.conf should look like

[main]
dns=none
systemd-resolved=false

Yes, I knew that
Thank you for finally pointing me in the correct direction.
I should have read https://wiki.archlinux.org/title/NetworkManager#Unmanaged_/etc/resolv.conf all the way through yesterday.

pebcak · November 23, 2023, 6:36am

Actually I think this might not be needed at all if you don’t use systemd-resolved.service.
Mine is disabled and masked. So it seems to be superfluous. It doesn’t do any harm though

system · November 25, 2023, 6:36am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.