Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

After running into this a while ago when I was rebuilding my system and getting annoyed by all the different things that try to modify it, I ended up giving up and just setting the file to immutable. It has been working fine for the past couple of months as nothing seems to autodetect the flag and try to remove it.

  chattr +i /etc/resolv.conf


I started doing this exact same thing in Debian, I think around Wheezy. Lately I’m back onSlackware and a little *BSD. Thankfully these systems still go the traditional route so it’s not much of an issue anymore.


Same.

I'm just a Linux "amateur", but what a huge mess to configure something so trivial/simple... (in Debian/Ubuntu compared to Mac/Windows.)


I've been doing this for months as well. Works beautifully, I thought I was the only one.


I have used this in the past. There are only a few places where this bites you, for instance wifi authentication portals. Some of these wifi access points change your resolv.conf so that you can load their internal page for terms and conditions.


I solved the captive portal issue by using captive browser

https://github.com/FiloSottile/captive-browser


Very cool, thanks. I will probably be using this in the future


Is there a tool that can log processes trying to modify a file?


  auditd(8)


Thank you!


In addition, if you're using dhcp, you can add an enter hook to override make_resolv_conf so /etc doesn't get cluttered with a ton of extra files.


This is usually the easiest way especially if you use a caching resolver like unbound and you expect resolv.conf to always point to localhost.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: