[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-devel-list
Subject:    Re: Fedora 33 System-Wide Change proposal: systemd-resolved
From:       "John M. Harris Jr" <johnmh () splentity ! com>
Date:       2020-09-02 2:24:44
Message-ID: 2057079.KlZ2vcFHjT () mail ! malum ! me
[Download RAW message or body]

On Tuesday, September 1, 2020 7:22:49 AM MST Michael Catanzaro wrote:
> On Tue, Sep 1, 2020 at 8:17 am, Nico Kadel-Garcia <nkadel@gmail.com> 
> wrote:
> 
> > Hiding it inside yet another systemd structure without following the
> > existing standards is, sadly, typical of systemd. It also puts at risk
> > restricted environments where providing no DNS is deliberately used to
> > restrict outbound network use, such as virtual machines or chroot
> > cages without an enabled /etc/resolv.conf. That includes the "mock"
> > build environment where "pip install" is kept network disabled by the
> > lack of DNS.
> 
> 
> So open up /etc/systemd/resolved.conf and set FallbackDNS= (set it to 
> nothing). That will override fallback to Cloudflare or Google. Then 
> you're done.

This is not something that any user should ever have to do. If there are no 
configured DNS servers, either by DHCP or manual configuration, the user 
doesn't want DNS.

> Realistically, this fallback is unlikely to ever be used anyway, so it 
> doesn't matter very much. And if you're operating a restricted 
> environment and you don't know how to configure DNS, you likely have 
> bigger problems than systemd....

If this is unlikely to be used, can we get this set to empty by default in 
Fedora?

-- 
John M. Harris, Jr.

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

[prev in list] [next in list] [prev in thread] [next in thread]