FallbackDNS shouldn't have values set at compile time

[imcsk8]

Currently systemd-resolved has it's fallback DNS hardcoded at compile time, this values might not even be used since there are a lot of layers that configure this stuff (DHCP, NetworkManager, /etc/systemd/resolved.conf, etc...) but still having this buried inside the code might lead to confusion on the user side and if for some reason you want to change this value you'll have to compile at least systemd-resolved.

I think this value shouldn't be hardcoded an should be explicitly set in the configuration file, which BTW already has this value commented as an example configuration.

This is the place where the DNS values are set:
https://github.com/systemd/systemd/blob/master/configure.ac#L1106

[poettering]

I very much disagree. Note that FallbackDNS= is really just the last resort setting, if no other DNS servers are known: if none could be learnt via dhcp or ppp, and none have been configured explicitly in /etc/resolv.conf or in the DNS= setting.

We generally try to make our code work so that it works fine even without any configuration in /etc being around. As such resolved should come with compiled-in settings that make things work as last resort.

[imcsk8]

I understand and i agree that this has the best of intentions my point here is that having values like DNS hardcoded in the binary might result in confusion.
I would be better just to pre configure it in /etc/systemd/resolved.conf, this can be addressed at distro level but i thought it might be good to take the shot and try to contribute upstream with this observation.
thanks for your time

[poettering]

Well, DNS is not hardcoded, it's just the fallback DNS that is hardcoded. It's the one that is used if nobody configured anything, if /etc is empty, if the resolved configuration is missing. That's a major distinction. Also note that this is explicitly documented in the resolved.conf man page.

Also note that the default /etc/systemd/resolved.conf that we install actually lists the very same DNS servers in the FallbackDNS= line that are also compiled in (following our general logic that the default configuration file contains the default settings that are also compiled in and is thus fully redundant, resulting in the exact same behaviour if the file is missing and if it is in the vendor default state).

[imcsk8]

Oh yeah i'm assuming we're talking about the fallback DNS, and yes i noticed that it's well documented.
The fact that the /etc/systemd/resolved.conf file already has the (commented) FallbackDNS settings motivated me to open this issue. If there's already a mechanism of filling the file and showing the settings to the user. ¿Why add them to the binary? ¿Is the implicit redundancy needed?

this are just my 5 cents, keep up the good work!

[poettering]

As written twice above: we want systems that can boot up without /etc around, and they should do the right thing then. Hence: resolved should have fallback dns servers configured in the binary if /etc/systemd/resolved.conf is missing.

[xnox]

No files should be shipped in /etc fullstop. I even dislike the commented .conf files in /etc and for clearlinux we even purge those. There are man-pages describing everything what's listed there anyway.

Arguably the compiled in defaults should be expressed somewhere, e.g. manpage or --help output or somewhere else under /usr, but not in /etc. /etc is for admin configuration & modifications, not documentation.

[avindra]

The build moved to Meson, so the configure.ac link in the OP is no longer valid. Anyone looking for the up to date definition, see

systemd/meson_options.txt

Line 227 in b895fa0

value : '1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700::1111 2001:4860:4860::8888 2606:4700:4700::1001 2001:4860:4860::8844')

At time of writing, the fallback list is set to :

1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700::1111 2001:4860:4860::8888 2606:4700:4700::1001 2001:4860:4860::8844