default local DNS caching name server

Paul Wouters paul at
Sat Apr 12 15:51:03 UTC 2014

On Sat, 12 Apr 2014, Richard W.M. Jones wrote:

>>> chattr +i /etc/resolv.conf
>> That is the trick currently used by dnssec-triggerd to prevent other
>> applications from messing with that file.
> Oh crap, that means I'm going to need a "really really don't touch
> this file" flag, perhaps a one-way flag that can never be un-set.
> I'm already setting chattr +i /etc/resolv.conf to stop anything
> touching the file, and I don't want apps to mess with that flag (or
> the file).

Which is we need native NM integration, and applications telling NM what
to do with resolv.conf so only NM modifies it (and provides with
overrides to accomodate your "hardcoded" version). Preferably enforced
by SElinux.


More information about the devel mailing list