adjust resolv.conf order in the generator scripts

This commit is contained in:
Aminda Suomalainen 2024-08-10 11:32:22 +03:00
parent e316f929d3
commit 8702c16ac0
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
2 changed files with 3 additions and 4 deletions

View File

@ -17,7 +17,7 @@ rm -v /etc/resolv.conf
# Actual resolv.conf creation. OK, this could read resolv.conf in this
# directory, but I like this being self-contained.
# tee -p = operate in a more appropriate MODE with pipes.
printf 'nameserver ::1\nnameserver 127.0.0.1\nnameserver 127.0.0.53\nsearch .\noptions timeout:1 attempts:5 rotate edns0 trust-ad\n' | tee -p /etc/resolv.conf
printf 'nameserver 127.0.0.53\nnameserver 127.0.0.1\nnameserver ::1\nsearch .\noptions timeout:1 attempts:5 rotate edns0 trust-ad\n' | tee -p /etc/resolv.conf
# Remove all other permissions than everyone reading resolv.conf
chmod -v a=r /etc/resolv.conf

View File

@ -20,10 +20,9 @@ chmod -v +w /etc/resolv.conf
# Or it's a symlink to e.g. /run/systemd/resolve/stub-resolv.conf
rm -v /etc/resolv.conf
# No trust-ad here as chances are these resolvers are unencrypted and the
# path to them isn't trusted.
# trust-ad is here, because are you really going to use untrusted remote resolvers?
# tee -p = operate in a more appropriate MODE with pipes.
printf "nameserver %b\nnameserver %b\nnameserver %b\nsearch .\noptions timeout:1 attempts:5 rotate edns0\n" "$1" "$2" "$3" | tee -p /etc/resolv.conf
printf "nameserver %b\nnameserver %b\nnameserver %b\nsearch .\noptions timeout:1 attempts:5 rotate edns0 trust-ad\n" "$1" "$2" "$3" | tee -p /etc/resolv.conf
# Remove all other permissions than everyone reading resolv.conf
chmod -v a=r /etc/resolv.conf