From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id zt3YDaXVbGB7kQAAgWs5BA (envelope-from ) for ; Tue, 06 Apr 2021 23:41:57 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id qK/JBqXVbGBYYAAA1q6Kng (envelope-from ) for ; Tue, 06 Apr 2021 21:41:57 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8AFE6272F9 for ; Tue, 6 Apr 2021 23:41:56 +0200 (CEST) Received: from localhost ([::1]:58406 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lTtSM-0002XO-Rf for larch@yhetil.org; Tue, 06 Apr 2021 17:41:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47268) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lTtSA-0002XF-LV for help-guix@gnu.org; Tue, 06 Apr 2021 17:41:42 -0400 Received: from knopi.disroot.org ([178.21.23.139]:56520) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lTtS8-0001bm-Ga for help-guix@gnu.org; Tue, 06 Apr 2021 17:41:42 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 1439A50D5F; Tue, 6 Apr 2021 23:41:37 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y2s4fkhKnyt0; Tue, 6 Apr 2021 23:41:35 +0200 (CEST) References: <87ft09fowi.fsf@disroot.org> <87eefsg7fk.fsf@disroot.org> <87blaw1xhf.fsf@disroot.org> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1617745295; bh=NmF6QYZdUkkGj7kCKKkLxHLDV77gfnTkCJivguPjeQI=; h=References:From:To:Cc:Subject:In-reply-to:Date; b=Kh4TMSOEQPyZvibSuoAlgrIgESjHH72KDAAWHEbWxFCql21+wcTXassLUn9c5qEE8 uAdh4MqBw2+SNdn1OBamXjSVrG3y62v1B4odhRd1MbT9NwOSbqsWOmPpAzn+6qBFCm zCxlTabDf76VrzpD+p0H6gh33+Yvf8ihkbEMuAK9IFaGRD52ZEf+rBHag5zWOObwwm iTEVe8okrk4oR1q1ayvlhDTAC1mUk93orZDSVvXmxOGNTKc+Ggiza+q7X7/Q2sgY1T 5u6Novm7FHd2/iI9pdmwW369coYMKYi+4aiN+zD2F+X1TRBJbblt04OxkSIoDckpoq 68iYT6ajXhkUw== From: Bone Baboon To: Gary Johnson Cc: help-guix@gnu.org Subject: Re: Edits to `etc/resolv.conf` being overwritten In-reply-to: <87blaw1xhf.fsf@disroot.org> Date: Tue, 06 Apr 2021 17:41:33 -0400 Message-ID: <87czv7f5v6.fsf@disroot.org> Mime-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=178.21.23.139; envelope-from=bone.baboon@disroot.org; helo=knopi.disroot.org X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1617745316; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=WW9rax3hDu4UOE3H6AaMnaQsPZpAWT8WeuzQWvA1EeA=; b=O21pW2hVtO+Ke9u0o0r+W+JMXV0uHa6y9rk9QhalAexV9YvXMnT0tG6C1wT/ZjLEsjFUb7 rhQtWvnvYTKyJYTv8a1so5uHT0ep7m0IBDrylUOwv+3OUXh/5oKNbDwPWkFX/e0AJUvPDa /NhBL3eF+EwfNcc1cJy2VIsgs0I6pgQFe32KZDFifvV3QjNXeSEmnETbWF27/LOkCfW9UR y561xWQMTem2bnMGvjawk5jaS7Un8uGAIM7ZunmlQ8MAHJL0Ze2rnSk8tV3OS9k90z0PeR Vti1WIWNKpqZCDOCIEJioSwHoSB00Z1UM/2DYXLBu9bb0pDeyKRJGpZjxNL9QA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1617745316; a=rsa-sha256; cv=none; b=a0IEeEvcjkRtEdVgWDnZ0Cn8YtqfdI+U8VoQOofn53YacUlcHb7UjtLx/uEGZiKIJgzRhU lsMlHVrp6d76gTuhbZ2g3173ZL5eJUmsZccy329hk2qTWpbmEB5WE8YjLXHr/Ir8CodpI2 6wqNpExnsHUou2a/4N/T6P6QHnDZY+2jmo9HDVhQ2Z+tfUkAO9zBFByaPDPmY7bgsewlTw 3HPjFPZet6ozbmneObjaLrQSUvRjfZbMX83NfAf/SBQ16Y8KMa6WGrxqHKuvZpGiD19i6F UQH96cWKxAGLNkL8txIG6dCogZJ5vK/6Q1e8IqKGKYIq3k+7g8Dhk0DjUdB2Xg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=disroot.org header.s=mail header.b=Kh4TMSOE; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Migadu-Spam-Score: -2.64 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=disroot.org header.s=mail header.b=Kh4TMSOE; dmarc=pass (policy=quarantine) header.from=disroot.org; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Migadu-Queue-Id: 8AFE6272F9 X-Spam-Score: -2.64 X-Migadu-Scanner: scn0.migadu.com X-TUID: 3KQjZs3/WLUA Thank you for the explanation and detailed examples. I now have my system configuration providing the contents of `/etc/resolv.conf` with a service. However the contents of `/etc/resolv.conf` is still being overwritten with entries for my internet service provider's DNS. After some testing it appears to be happening when I run this command `sudo dhclient `. I also appreciate the `hosts-file` example you shared as I am thinking about using `https://github.com/StevenBlack/hosts` as a block list. In this case the contents of `my-host-aliases` would be very large. With Guile how would I have the definition of `my-host-aliases` in it's own file and import and use it in my system configuration? Gary Johnson writes: > When running Guix System, your OS configuration is meant to be fully > derived from evaluating your `operating-system` definition. This > means, in particular, that you should not manually edit any files > outside of your home directories (i.e., /root and /home/*). This > includes, of course, any files under /etc. > > Instead, any custom changes that you want to see under /etc need to be > included in your `operating-system` definition. The way to do this > depends on the change you want to make. > > For example, if you want to edit /etc/sudoers, you should include this > field in your `operating-system` definition (on the same level as > `packages`, `services`, and so on): > > (sudoers-file (plain-file "sudoers" my-sudoers)) > > Then remember to define `my-sudoers` somewhere above the > `operating-system` form. Here's an example: > > (define my-sudoers > "root ALL=(ALL) ALL > %wheel ALL=(ALL) ALL > ") > > Similarly, if you want to modify /etc/hosts, you add this to `operating-system`: > > (hosts-file (plain-file "hosts" > (string-append (local-host-aliases host-name) > my-host-aliases))) > > And again define my-host-aliases somewhere above `operating-system`: > > (define my-host-aliases > " > # Some Servers > 123.123.123.100 foo > 123.123.123.101 bar > 123.123.123.102 baz > ") > > Most other files under /etc are managed by different services. You > should review the "Guix Services" section of the info pages to find > the appropriate service for whatever files you want to modify. > > As of today, I'm not aware of a Guix service that modifies > /etc/resolv.conf other than the network-manager-service-type (which is > what I use on my system). > > However, if you are not using NetworkManager and want to manually set > the values in /etc/resolv.conf such that they persist across calls to > `guix system reconfigure`, you should add this form to the `services` > list in your `operating-system` definition: > > (simple-service 'resolv-service > etc-service-type > `(("resolv.conf" ,(plain-file "resolv.conf" my-resolv.conf)))) > > And finally remember to define `my-resolv.conf` above `operating-system`: > > (define my-resolv.conf > "# Generated by Guix! > nameserver 255.255.255.1 > nameserver ffff:ffff:ffff::1 > ")