Hi,

On Tue, 2025-03-18 at 16:44 -0300, altoid via Dng wrote:
> Hello:
>
> Users of [connman] and [network-manager] (and possibly maybe other
> such applications) who want to run their boxes with their own DNS
> settings know exactly what I am referring to in the subject title.
>
> I was one of them till I decided to go the [ifupdown] route and rid
> myself of both the headache and a layer of abstraction.
>
> Then, while searching on how to fix something else, I came across 
> [/sbin/dhclient-script] and within it, this bit which instantly
> called my attention:
>
> [code]
> --- snip ---
> # update /etc/resolv.conf based on received values    # <---- wthf?
>   make_resolv_conf() {
>       local new_resolv_conf
> --- snip ---
> [/code]
>
> Not in any way script savvy but it seemed I had found the hijacker,
> so to speak.
>
> Those who know more could confirm my suspicions.
>
> According to [jed], the whole snippet is from line 39 to line 125 and
> it would seem (?) to be the routine that constantly overwrites
> [/etc/resolv.conf] just because some idiot thought it was a good idea
> to do so.
>
> The web is full of posts complaining about this issue from quite a
> few years back, all of which have been ignored.
>
> But I digress ...
>
> I was wondering if this could be put to death without much ado or
> causing extra work for the Devuan maintainers.
>
> Maybe a small / specific Devuan meta-package with a script to edit
> [/sbin/dhclient-script] and bring some peace to independent DNS
> users.
>
> Just a thought.
> Opinions/solutions welcome.
>
I use network manager but also use dnscrypt-proxy running on my own PC
to supply my DNS lookups.
 
So my resolv.conf just contains the line 
nameserver 127.0.0.1

dnscrypt-proxy listens on 127.0.0.1:53

And I have moved /etc/resolv.conf elsewhere and replaced it by a
symbolic link to where it actually is (/etc/dnscrypt-
proxy/resolv.conf).

You can also simply make it immutable (chattr +i /etc/resolv.conf).

--
Marjorie