Removing resolvconf would make our configuration tree, build system and runtime configuration a bit simpler, less kludgy, easier to hack and to audit.
We use resolvconf to ensure the nameserver in
always pointing to 127.0.0.1. Our Tor_enforcement/DNS design doc says
it’s here so that NetworkManager and dhclient don’t modify
- On Jessie, according to NetworkManager.conf(5), one can use
“dns=none”, so that NM never modifies
- For dhclient, we can redefine the
make_resolv_conffunction to be a no-op, via a
/etc/dhcp/dhclient-enter-hooks.d/hook, just like resolvconf does.