On Tuesday, September 1, 2020 7:22:49 AM MST Michael Catanzaro wrote:
On Tue, Sep 1, 2020 at 8:17 am, Nico Kadel-Garcia
<nkadel(a)gmail.com>
wrote:
> Hiding it inside yet another systemd structure without following the
> existing standards is, sadly, typical of systemd. It also puts at risk
> restricted environments where providing no DNS is deliberately used to
> restrict outbound network use, such as virtual machines or chroot
> cages without an enabled /etc/resolv.conf. That includes the "mock"
> build environment where "pip install" is kept network disabled by the
> lack of DNS.
So open up /etc/systemd/resolved.conf and set FallbackDNS= (set it to
nothing). That will override fallback to Cloudflare or Google. Then
you're done.
This is not something that any user should ever have to do. If there are no
configured DNS servers, either by DHCP or manual configuration, the user
doesn't want DNS.
Realistically, this fallback is unlikely to ever be used anyway, so
it
doesn't matter very much. And if you're operating a restricted
environment and you don't know how to configure DNS, you likely have
bigger problems than systemd....
If this is unlikely to be used, can we get this set to empty by default in
Fedora?
--
John M. Harris, Jr.