On Mon, May 11, 2020 at 01:02:56PM -0500, Chris Adams wrote:
Once upon a time, Igor Raits <ignatenkobrain(a)fedoraproject.org>
said:
> * #2381 F33 System-Wide Change: systemd-resolved (ignatenkobrain,
> 15:10:20)
> * AGREED: APPROVED (+4, ±5, -0) (ignatenkobrain, 15:18:40)
> * AGREED: APPROVED (+5, ±4, -0) (ignatenkobrain, 15:20:51)
> * AGREED: APPROVED (+6, ±3, -0) (ignatenkobrain, 15:21:23)
So, this is kind of annoying. Last week's meeting had this as "Post
feedback on the devel list and restart discussion"... but that never
happened.
This change means applications will no longer be able to find the
working DNS servers for any kind of lookups not handled by systemd
(systemd-resolved is intentionally not a true DNS server). The only
interface for that has been /etc/resolv.conf,
One of the purposes of this change is to have per-interface DNS
servers (so that split-DNS with VPN works). This means that the
"single list of DNS servers" doesn't actually describe reality any
more. So please note that even if we *do* provide a resolv.conf-style
file with some list of name servers, it is of limited use.
but as I understand it,
that will go away (replaced with a stub that refers to 127.0.0.53).
Yep.
There's also /run/systemd/resolve/resolv.conf, where systemd-resolved
always exposes a list (with the limitations described above).
If actual DNS servers are not going to be listed in
/etc/resolv.conf,
then there needs to be a well-defined way for applications to discover
the current DNS servers. resolv.conf has been the way to find DNS
servers for decades; dropping it (and with no clear replacement) is a
bad idea.
Is /run/systemd/resolve/resolv.conf good enough? Would a comment in
/etc/resolv.conf pointing the user to that file help?
Zbyszek