F23 System Wide Change: Default Local DNS Resolver

Bastien Nocera bnocera at redhat.com
Thu Jun 18 13:29:18 UTC 2015 


----- Original Message -----
> On 18.6.2015 13:14, Bastien Nocera wrote:
> > 
> > 
> > ----- Original Message -----
> >> On 12.06.2015 19:00, Matthew Miller wrote:
> >>> On Fri, Jun 12, 2015 at 11:53:32AM -0500, Dan Williams wrote:
> >>>> Yeah, we did.  From my recollection, most of that focused on the unbound
> >>>> parts and how NM could add the dns=unbound stuff (which Pavel
> >>>> contributed) but less on the NM connectivity checking, becuase Fedora
> >>>> hadn't turned that on by default yet.  I'm all fine with dns=unbound,
> >>>> that's not the issue.  The issue is more around what happens with NM's
> >>>> connectivity checking, since that's used by quite a few clients,
> >>>> including GNOME Shell.
> >>>
> >>> I personally find the anchor icon very confusing. As a non-expert in
> >>> this area, it doesn't represent anything which seems relevant to me,
> >>> and all of the right click menu options, once I figured out to right
> >>> click, are obscure to me.
> >>
> >> I plan to contact the GNOME folks about how they would be willing to
> >> better integrate the panel (most probably in a different form) into GNOME.
> > 
> > I don't think we want to integrate one more panel applet. The information
> > about
> > the DNS security should be passed on from NetworkManager. Once that's
> > figured
> > out, we can discuss how to show that information.
> > 
> > The code needs to integrate with various NetworkManager features, such as
> 
> The code already integrates with VPNs.
> 
> > VPNs and connectivity checking. Adding any UI for network information
> > provided
> > via a side-channel would be premature.
> 
> Could you elaborate how/why is the source of information tied to the UI?
> 
> I suspect that networkd and others might not be very happy if the
> NetworkManager has to be available just to pass the information from whatever
> tool doing the actual job to the UI.

networkd isn't supported as a backend for WorkStation (no gnome-shell, or gnome-control-center
integration). And systemd doesn't like its internal services depending on third-party
services. So you'd most likely have to talk directly to your DNSSEC service to get the
information.

> Could you please explain how can we do that in environments without
> NetworkManager?

Front-ends would talk directly to your service.

More information about the devel mailing list