Isn't it great to have the choice wether some tool manages the system or one does it manually? Thanks GNU/Linux, thanks all the Linux distributions maintained by hundreds of volunteers!
I got the opposite out of this post; not only do RH/Cent use hellish network middlemen, but other distros have their own fresh hells. Is there really a choice that doesn't commandeer your configs?
Standard practice for me was to rip out every last shred of NetworkManager on every fresh build, but I didn't realize how many other utilities broke the resolver config as well.
What's wrong with Network Manager? I've yet to find a better tool for managing wired, wireless, vpn, and mobile broadband anywhere as well as NM. Sticking with the theme of the original post, NM combined with unbound and dnssec-triggerd is downright amazing. Your vpn connection passes down a nameserver and search zone? Bam, NM pushes that into unbound, and now queries for your vpn domain go to the vpn resolvers, and your other queries go out to whatever you set for your default resolver.
To be fair, in that particular config, resolv.conf never changes as it always points to loopback, with your preferred nameservers only existing in memory in unbound, and in network manager's config.
It's opaque and hard to debug. It may have utility on laptops, but on servers, it is absolutely counterproductive. I could not for the life of me figure out what it was doing w.r.t ipv6 prefix delegation and how it was dealing with dhclient6 internally. My leases would expire but not renew. Eventually, I had to rip it out and create simple configs by hand that work well.
I'll grant you that it's extremely different from static network configs, but it's far from opaque. If anything having all the logging under NM can make troubleshooting a pleasure `journalctl -f -u NetworkManager` is a godsend.
I'll also agree that the benefits on a server are next to non-existant, but at the same time it's just a default that's trivial to turn off, and I could probably count on one hand the number of times it's bitten me while building and deploying tens of thousands of hosts over the last 15 years.
It's a tool I've learned to love on my workstations, and rarely even notice on production systems.
You don't notice until it bites you. And trust me, I spent a lot of time debugging the ipv6 issues to no avail. It may be in general the whole ipv6 ecosystem is just not as mature, but the end result is that user experience suffers.
Disagree. I've "disabled" it in policy countless times, and been bitten in the ass by it re-enabling itself countless times. The only thing that works is deleting it entirely. After the umpteenth troubleshooting session, only to find out "oh, it's that thing again? That thing we keep trying to make go away?" I'm not going to spend one more minute trying to figure out how I could keep from hurting its feelings.
I don't use these things. I run servers. It does nothing but break stuff, and it keeps butting in like that annoying acquaintance at parties. It's very difficult to make go away short of uninstalling every last vestige of it.
I'm on Debian stable and there's no systemd-resolved or NetworkManager running.
When I'm on a DHCP network dhclient runs and manages my resolv.conf asexpected.
We're still entirely in control in GNU/Linux, if you assert control. It turns out however that most people actually want the distros to do all the magic and for things to Just Work.
Choice is "do you want to <x> or <y>" not "if you don't want <x> figure out how to implement <y> on your own". That's simply known as "doing the work yourself" and is largely possible on even closed sourced systems assuming you have rights on the box.
There is nothing wrong with that but it shouldn't be conflated as choice and paraded as success of such.
The GP is referring to all the other Linux distributions who really give you <y> (or <z> or <Þ>), not to implementing <y> on your own.
There are distributions (e.g. Linux from Scratch) for when the option you want is the NULL option—i.e., doing things yourself. But there are N other managed options, not just one managed option and NULL.
Ah yes, the strawman disto which matches exactly what <user> needs and is the reason <problem> isn't actually an issue since they can just switch to strawman distro!
Unfortunately strawman distro is never real and the problems still exist after congratulating the ability to switch to it.
Well, you chose to install it, you can configure it not to do this. For the vast majority of people, myself included, NetworkManager should have control of DNS resolvers (at least, when I have WiFi on a system. I usually don't use NetworkManager on Ethernet-only systems, since there's systemd-networkd).
Absolutely. My laptop travels across a lot of networks, wifi and ethernet, with and without OpenVPN and Mobile IPSEC. I tether to my phone. I have some IPv6 networks to worry about. Firewalld is expected to do the right thing as well. I have loads of NM profiles, one of which has several RFC1918 addresses for covering most bases when starting out with routers and switches.