Friday, December 6, 2013

Linux Immutable resolv.conf.

I often find that dhcp overwrites my resolv.conf not in the most optimal way. One example of this is when logging into more than one vpn tunnels that both set search domains. The simple answer to resolve this issue is to create the resolve.conf files and then set it as immutable.


Setup resov.conf:
/etc/resov.conf
options timeout:1 attempts:2
domain domain1.com domain2.net ... ... 
nameserver <work dns server>
nameserver <vpn dns server>
nameserver <home dns server>
nameserver 8.8.8.8 #googles dns server

Set /etc/resov.conf immutable:
#chattr +i /etc/resolv.conf


View files attributes:
$lsattr /etc/resolv.conf ----i--------e-- /etc/resolv.conf

The output shows that my resolv.conf file is set immutable (i) and and the it is on an ext4 filesystem (e).

To edit the file do the following:
#chattr -i /etc/resolv.conf


Side note about chattr:
I also use the append (chattr +a) attribute often. By setting the append attribute content can be added to the file but not altered. 

An example of using the append attribute is as follows:
#touch test.txt ; chattr +a ./test.txt; lsattr ./test.txt; 

 -----a-------e-- ./test.txt

We now can add to the file but can not replace the current file.
#echo test >> ./test.txt 

#sudo echo test > ./test.txt 
bash: ./test.txt: Operation not permitted

Posted by at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)