How do i forbid resolv.conf change by dhclient on boot?
Thank you. Solved.You can deduce the needed options from dhclient.conf(5) (and its related documentation),
add_new_resolv_conf() {
# We don't want /etc/resolv.conf changed
# So this is an empty function
return 0
}
Is this still necessary with FreeBSD 10?SirDice said:Create a file called /etc/dhclient-enter-hooks and add this:
Code:add_new_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 }
That will prevent /etc/resolv.conf being overwritten as it 'overloads' the function of dhclient.
Would this be a better solution?tzoi516 said:Is this still necessary with FreeBSD 10?SirDice said:Create a file called /etc/dhclient-enter-hooks and add this:
Code:add_new_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 }
That will prevent /etc/resolv.conf being overwritten as it 'overloads' the function of dhclient.
chflags schg /etc/resolv.conf
tzoi516 said:Would this be a better solution?tzoi516 said:Is this still necessary with FreeBSD 10?SirDice said:Create a file called /etc/dhclient-enter-hooks and add this:
Code:add_new_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 }
That will prevent /etc/resolv.conf being overwritten as it 'overloads' the function of dhclient.
Code:chflags schg /etc/resolv.conf
$LOGGER "Loading dhclient-enter-hooks"
add_new_resolv_conf() {
# We don't want /etc/resolv.conf changed
# So this is an empty function
$LOGGER "Running blank add_new_resolv_conf() from dhclient-enter-hooks"
return 0
}
dhclient
by hand as root on a working command line; but it fails during boot. Before taking action according to $reason, dhclient-script will check for
the existence of /etc/dhclient-enter-hooks. If found, it will be sourced
(see sh(1)). After taking action according to $reason, dhclient-script
will check for the existence of /etc/dhclient-exit-hooks. If found, it
will be sourced (see sh(1)). These hooks scripts can be used to dynami-
cally modify the environment at appropriate times during the DHCP negoti-
ations.
resolvconf_enable=no
SirDice said:The script should be sourced, regardless of when or how dhclient(8) is executed. See dhclient-script(8):
Code:Before taking action according to $reason, dhclient-script will check for the existence of /etc/dhclient-enter-hooks. If found, it will be sourced (see sh(1)). After taking action according to $reason, dhclient-script will check for the existence of /etc/dhclient-exit-hooks. If found, it will be sourced (see sh(1)). These hooks scripts can be used to dynami- cally modify the environment at appropriate times during the DHCP negoti- ations.
Jul 23 20:23:54 <console.info> milicent kernel: nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Jul 23 20:23:54 <console.info> milicent kernel: Configuring keyboard: keymap.
Jul 23 20:23:54 <console.info> milicent kernel: Starting dhclient.
Jul 23 20:23:54 <console.info> milicent kernel: dhclient: Loading dhclient-enter-hooks
Jul 23 20:23:54 <console.info> milicent kernel: Starting ums0 moused.
Jul 23 20:23:54 <console.info> milicent kernel: add net fe80::: gateway ::1
Jul 23 20:23:54 <console.info> milicent kernel: add net ff02::: gateway ::1
syslogd
isn't running yet; so there is no corresponding entry in /var/log/user. You can see the one log entry written as dhclient-enter-hooks is sourced; but there is no subsequent log entry from within the replacement version of add_new_resolv_conf(); and /etc/resolv.conf is overwritten. dhclient
, dhclient-enter-hooks is sourced, the replacement version of add_new_resolv_conf() is run, two log entries appear on the console, and /etc/resolv.conf remains untouched.Jul 23 21:23:51 <user.notice> milicent dhclient: Loading dhclient-enter-hooks
Jul 23 21:23:51 <user.notice> milicent dhclient: Running blank add_new_resolv_conf() from dhclient-enter-hooks
ljboiler said:You wouldn't happen to have a /etc/resolv.conf.save lying around, would you? There is a path in the dhclient-script logic where that file will be used to overwrite the contents of /etc/resolv.conf: lease expires (perhaps because the machine has been turned off for many hours and you're just booting it up) on the "default" (perhaps only) network interface and you have setin /etc/rc.conf.Code:resolvconf_enable=no
Just a thought...
resolvconf_enable=no