Hi, On Thu, Jan 15, 2026 at 02:59:28PM +0100, LRob wrote: > I've checked my servers and must add a detail for transparency: > Some of my servers have resolvconf, some don't. > Including some at the same providers. > I myself don't recall ever installing it consciously.
Maybe this is where we should actually look. While the resolvconf package used to be commonly recommended, systemd-resolved and NetworkManager provide a sensible alternative for significant use cases. Maybe it is time to lower recommends on resolvconf to suggests in some places such that it does not get installed as often? > So it is possible that it's my first time having both resolvconf > and Unbound installed on a single machine and therefore > it would still be my first time encountering the case/issue. Please spend some more time figuring out how it came onto your system. I think this is a key aspect here. You appear to believe that the forwarding behavior was opt-out, because you do not perceive the installation of resolvconf as opting in. > Daniel's proposition seems reasonable to me. Daniel's proposal is enabling the hook via a separate package. How about naming that package "resolvconf"? Seriously, turning unbound into a forwarding resolver very much is what I would expect to happen when installing resolvconf without any extra steps involved. That's what its package description says. > A separate package for the forwarding hook would make the choice > explicit and conscious, which addresses the core issue: users > should not have their privacy silently reduced without opting in. > Though it adds complexity for maintainers. A cynical voice suggests that we finally reached agreement the other way round as the resolvconf package very much is an opt-in mechanism. As you confirmed, it is not installed by default. Can we close this bug now? Of course this is not what you want, so let us continue the discussion until we really reach consensus or agree to disagree. Helmut
