resolveconf -u keeps adding an unwanted search domain to resolve.conf

dns resolv.conf static-ip resolvconf

8,643

Solution 1

For ipv4, @stalet's suggestion to edit /etc/dhcp/dhclient.conf should work; also try removing domain-search and domain-name from the request. Verify the settings worked in /var/lib/NetworkManager/dhclient-[connection-uuid]-[ifname].lease.

However, the unwanted search domain may be coming from the ipv6 dhcp server, as I found on 16.04/Xenial. If NetworkManager's dhclient -6 command succeeds and the dhcp server sets search domains, NetworkManager will merge those into the ipv4 search domain list.

A simple way to fix this on a connection-by-connection basis is to configure the connection's ipv6 settings to "Method: Automatic, addresses only" or even "Method: Ignore".

Setting this for each connection could become annoying, and I looked pretty hard but couldn't find a way to fix this globally. Adding supersede dhcp6.domain-search to and removing request dhcp6.domain-search from /etc/dhcp/dhclient.conf doesn't seem to help. Also, copying that file to /etc/dhcp/dhclient6.conf caused NetworkManager to correctly template it to /var/lib/NetworkManager/dhclient6-[ifname].conf, but NetworkManager insists on adding also request dhcp6.domain-search;, and the unwanted search domain is still added.

Solution 2

The search content is provided by dhcp, and can be overridden in /etc/dhcp/dhclient.conf by supersede these variables with empty values.

Add these lines at the bottom of the /etc/dhcp/dhclient.conf

supersede domain-name "";
supersede domain-search "";
supersede search "";

To make the change affect your system you can reconnect to your network or just restart the network-manager service.

sudo service network-manager restart

8,643

Stephen Ostermiller

Contact Me Website GitHub Facebook LinkedIn

Updated on September 18, 2022

Comments

Stephen Ostermiller over 1 year
I have my desktop computer configured with a static IP address:

However, /etc/resolve.conf keeps getting overwritten with:
```
nameserver 127.0.0.1
search localdomain example.com
```
This seems to happen periodically or when I run sudo resolvconf -u.

I would really like to get example.com removed from the dns search domain list. I used to have it in there but its causing problems now. I just can't seem to get it out. I don't know where it is coming from or why it keeps getting put back. As far as I can grep, there is nothing referring to example.com anywhere in my /etc directory anymore.

What is putting this search domain into my resolv.conf file and how can I prevent it from doing so?
- Admin about 8 years
  
  Whats the output of sudo grep -rn example.com /etc/network/interfaces /etc/NetworkManager/system-connections /etc/resolvconf/ ?
- Admin about 8 years
  
  example.com is not found in any of those locations.
- Admin about 8 years
  
  It is possible that a DHCP server is providing it, but I'm not sure how to check that, nor to disable it if that is actually the case. I would already expect not be using DHCP because I have tried to configure the IP as static.
- Admin about 8 years
  
  not sure if it is related. But, I've had a file named "hyphen" within my home directory under firefox, where it was hard linked to 127.0.0.1:<port>. It's entirely possible that 127 has been taken over by malware.
- Admin about 8 years
  
  127.0.0.1 is my expected DNS server in this case. I'm running dnsmasq locally so that I can hardcode names for the machines on the local network and share them with my laptop.
- Admin about 8 years
  
  have you checked your logs, or debugged the command that's changing the file?
- Admin about 8 years
  
  When I run resolveconf -u it doesn't add anything to the syslog that I have been able to find, nor do I know of any other log files that it might use.
- Admin about 8 years
  
  Look in the files under /run/resolvconf/interface. The line "search example.com" or "domain example.com" probably appears in one of those files. The name of the file indicates the source of the information.
- Admin about 8 years
  
  That looks promising @jdthood. ` /run/resolvconf/interface/NetworkManager` has a line in it with the incorrect information. Should I be editing that file to remove it, or do I need to reconfigure the settings for NetworkManager elsewhere?
- Admin about 8 years
  
  Editing that file won't do any good: it's a dynamic file that gets created every time NetworkManager configures a connection. The name "example.com" has been supplied to resolvconf by NetworkManager. So you just have to figure out where NetworkManager is getting it from. ;)
- Admin about 4 years
  
  @StephenOstermiller Regarding "It is possible that a DHCP server is providing it, but I'm not sure how to check that" -- nmcli --terse connection show <nmconnection> includes what's in the .nmconnection file plus what comes back from the DHCP server.
Stephen Ostermiller about 7 years

Even after following those instructions, example.com remains in the search section of /etc/resolve.conf.
dw1 over 5 years

just removing domain-name from the request then doing ifdown eth0 && ifup eth0 worked for me on amazon EC2
Dan M. almost 3 years

Same. In my case I've tried to add search entries with prepend/append search and this had no effect on it.