On Tue, Sep 01, 2020 at 08:17:49AM -0400, Nico Kadel-Garcia wrote: > > >> Big Brother will be happy. :-) > > > > > > Sure, those two companies will be thrilled, I'm sure. This is a huge > > > disservice to our users. Why in the world does systemd try to force DNS > > > servers when none are configured? If no DNS servers are configured, there > > > should be no DNS servers in use. > > > > Standard DNS has a hierarchical structure with roots and delegation. > > The idea of asking somebody to do DNS resolution for you comes from the widespread > > tendency to centralize everything (i.e. inability to understand how the Internet was > > originally designed). > > Hiding it inside yet another systemd structure without following the > existing standards is, sadly, typical of systemd. It also puts at risk > restricted environments where providing no DNS is deliberately used to > restrict outbound network use, such as virtual machines or chroot > cages without an enabled /etc/resolv.conf. That includes the "mock" > build environment where "pip install" is kept network disabled by the > lack of DNS. Other sentences in this paragraph have already been disambiguated by others, so I'll reply only to the part about mock: That's not how mock works (for the last few years). $ mock --shell # ip route default via 127.0.0.1 dev lo proto static # dig fedoraproject.org @8.8.8.8 (hangs for the duration of timeout) Relying on lack of resolv.conf configuration in the buildroot to prevent network use would be very brittle and easily circumvented, even by accident if some tool included IP addresses internally. Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
