default local DNS caching name server
Paul Wouters
paul at nohats.ca
Sat Apr 12 15:51:03 UTC 2014
On Sat, 12 Apr 2014, Richard W.M. Jones wrote:
>>> chattr +i /etc/resolv.conf
>>
>> That is the trick currently used by dnssec-triggerd to prevent other
>> applications from messing with that file.
>
> Oh crap, that means I'm going to need a "really really don't touch
> this file" flag, perhaps a one-way flag that can never be un-set.
>
> I'm already setting chattr +i /etc/resolv.conf to stop anything
> touching the file, and I don't want apps to mess with that flag (or
> the file).
Which is we need native NM integration, and applications telling NM what
to do with resolv.conf so only NM modifies it (and provides with
overrides to accomodate your "hardcoded" version). Preferably enforced
by SElinux.
Paul
More information about the devel
mailing list