How can you set defaults for NetworkManager connections?

Was looking to set default values for a few network connection configs like connection.permissions, etc, so that when a new connection is generated (at /etc/NetworkManager/system-connections), it’ll inherit said defaults.

Looked at a handful of places for info…

  • /etc/sysconfig/network/ seems irrelevant for NetworkManager and /etc/sysconfig/network/config particularly says ‘NetworkManager is not using any sysconfig settings’

  • man netconfig seems to have nothing

  • man nmcli doesn’t seem relevant

  • man NetworkManager.conf has a section ‘Specify default values for connections’, which’d seem usable by putting a drop-in into /etc/NetworkManager/conf.d/ However, it explains that only some configs are eligible for default values and none of those ones are pertinent to the task.

  • Did a web search: The comment at this related post says systemd-networkd can do this on ubuntu. But, it appears absent from a stock tumbleweed system, and would it be necessary to add another network service to accomplish this?

Might udev be instrumental/needed here?

What’s the easiest way to do this?

Linux openSUSE Tumbleweed 20240111


Check out systemd-network (without d)

Ok. Looks like you’re talking about the systemd-network package, which provides systemd-networkd service, and facility.
There’s relevant documentation at…

man systemd-networkd

While this facility handles network interfaces/devices, the intent is to effect network connection items. Ostensibly, configuring an interface will accordingly effect resulting network connection items.

There are three properties to try configuring, which can be shown for a given connection like so…

nmcli --fields connection.permissions,ipv4.ignore-auto-dns,ipv4.dns connection show eth0

From man, it seems that creating /etc/systemd/network/ like this, perhaps configures the second and third properties above…




Does the above seem correct?
To put into effect, it seems just enable systemd-networkd.service and reboot, or perhaps just start it. Anything else?

Anyway, there seems to be no configuration available to effect connection.permissions. Searched man for ‘perm’ ‘allow’ ‘user’ and ‘connect’, but found nothing related.
This could be a deal breaker. Is there a way to apply a default value for connection.permissions ?


NetworkManager connection definitions are text files. Just copy template with default values when creating new connection.

Right, but the idea here is setting defaults in advance of any new connections, which would be automatically applied whenever new connections are established.

@skosner why not just create a script to generate (as root user), this would use defaults and either inline options or ask the user. As indicated by @arvidjaar it’s just a text file.

Programmatic intervention is under consideration, and will presumably be the solution if such defaults are not supported. But since accomplishing by default configuration would be simpler and easier, it’s much preferred if available.

Would you all say that there is no support for such kind of default config behavior, and thus a programmatic solution is what’s needed here?

You are talking about a program, so it will always be some programmatic solution. The question is only, whether it will be inside NetworkManager code or outside. If you believe that your use case is important enough to be inside NetworkManager code, you have to write a patch (or find someone who does it for you), submit to NetworkManager maintainers for review and convince them it is worth to keep and maintain as part of the NetworkManager code.

But so far you did not even describe your use case. This is typical example of substituting goals with means. You decided that to achieve some unknown goal the only possible way is default connection settings and are asking about default connection settings instead of explaining, what you are trying to achieve with them.

1 Like

While the goal is to set certain consistent dns server addresses for the entire system, prior research indicated that there is no facility to enforce system-wide dns server addresses, and thus dns addresses differ from connection to connection (/etc/NetworkManager/system-connections/*). While /etc/resolv.conf displays the active dns addresses, it does not support their persistent (re)configuration. Also, trying to set this in /etc/sysconfig/network/config seems to have no effect on NetworkManager. Other things were tried too, with no success. Having researched all this already without success, it did not seem necessary to explain such background when posing the question.

So, instead of a central, system-wide facility, was looking for the easiest way to automatically set the same dns addresses for all the connections on the system (/etc/NetworkManager/system-connections/*). This would seem naturally, but hypothetically, to be the capability for applying default settings for NetworkManager connections.

Further, was also needing to set connection permissions for all connections, and explaining the reason for that also seems unnecessary background, and would also be solved simply if NetworkManager connections support default configs.

Ultimately, if you do have advice per this expanded problem description, it’d be great to hear. But if not, it seems the only question remaining is…
Does NetworkManager support setting connection defaults for dns server addresses (and perhaps other connection configs), or is there some other facility to easily configure connection defaults, or must code be written to handle this?

If NetworkManager is managing resolv.conf, then it should be the system wide default.
Of course programs can ignore this and query any DNS server they want unless blocked by a firewall rule.

A default for each dns query event, that can be overridden as you described, sure. But what’s in resolv.conf is in turn subject to the dns server(s) configuration of the active connection, and of course the active connection can change at any time. Thus, the point is to mandate dns server addresses for the system that won’t be subject to such operational whim, albeit still override-able by each dns query.

I suppose NetworkManager has this option, consider using some other resolv manager such as resolvconf or systemd-resolved (what we use at work on Debian servers).

Or if there’s no easy option, just chattr +i the resolv file, hopefully NM would throw an error and not crash.

1 Like

Of course there is. NetworkManager on SUSE is be default using netconfig to manage /etc/resolv.conf and you can set your own default(s) overriding any per-connection information. This has been discussed more than once on this forum.

For what it is worth.

I have one system (a laptop) that is using Network Manager.

As far as I can remember this is what I did.

/etc/resolv.conf is a symbolic link. I removed it and created a fresh /etc/resolv.conf with the contents I wanted.


What “option” do you mean?
Ok, but looking into and possibly switching resolve manager, doesn’t seem like less work than a script which loops thru the connections and sets accordingly with nmcli. Plus, said script can be written to also set other connection configs.

Since /run/netconfig/resolv.conf is on tmpfs and /etc/resolv.conf is a symlink to it, it seems an approach like this would entail what hcvv suggests below, to replace the symlink with a normal file of custom contents.

Right. Per advice in resolv.conf comments, can do like…

vim /etc/sysconfig/network/config
/usr/sbin/netconfig update --force-replace

Had already tried this to no avail. Then noticed that /etc/sysconfig/network/config says ‘…NetworkManager is not using any sysconfig settings’, which seemed to explain it.
If this really does work, can you point to some helpful info?

Hmm. Maybe should also do?..

vim /etc/sysconfig/network/config

The option to set default DNS servers, I’ve always used the dhclient config to set them on Debian systems and now systemd-resolved. Personally I hate resolvconf, but there are others who vouch for it. systemd-resolved is nice though and dead simple to configure, I’d say even easier than trying to wrangle something like NM into a workable form. That said, I haven’t used it with Suse/Fedora. YMMV.

Ah, this is not always the case as I found out recently while writing zypperoni. On my fresh installation of TW it’s just a normal file and not a symlink:

pavin@suse-pc:~> ll /etc/resolv.conf 
-rw-r--r-- 1 root root 68 Feb 14 12:33 /etc/resolv.conf

A very helpful person here (thanks @karlmistelberger ) helped me debug the issue and modify zypperoni’s mount commands to deal with various resolv managers that symlink.

This configuration was used by Wicked. It is not by NM.

1 Like

@skosner Create a /etc/NetworkManager/conf.d/90-dns-none.conf file and in that file add;


Create a /etc/resolv.conf file with your DNS servers, restart NetworkManager service…

Ref: man 5 NetworkManager.conf