Zsh: permission denied: /etc/resolv.conf

I created an alias that

-connects me to ProtonVPN
-changes my dns from ProtonVPNs dns to Pi-hole’s dns (127.0.0.1)
-enables redshift

in just one command.

alias vpn='protonvpn-cli connect JP-FREE#2 -p udp && protonvpn-cli s'
alias vpnpi='vpn && cat /home/soumi/Fcxt-3001/pi_dns.txt >> /etc/resolv.conf'
alias startup='vpnpi && redshift -P -O 4250'

However, when I try to run it, it throws me the error zsh: permission denied: /etc/resolv.conf when it reaches the part where it’s supposed to edit /etc/resolv.conf. How can I fix this?

This is what’s inside my pi_dns.txt file

~ » cat '/home/soumi/Fcxt-3001/pi_dns.txt'                           soumi@Hori
# pi-hole dns
nameserver 127.0.0.1

That’s normal.

You need root permissions to write to /etc/resolv.conf

Add sudo before your command to gain root permission.

~ » cat /home/soumi/Fcxt-3001/pi_dns.txt >> /etc/resolv.conf         soumi@Hori
zsh: permission denied: /etc/resolv.conf
--------------------------------------------------------------------------------
~ » sudo cat /home/soumi/Fcxt-3001/pi_dns.txt >> /etc/resolv.conf
zsh: permission denied: /etc/resolv.conf
--------------------------------------------------------------------------------
~ » cat /home/soumi/Fcxt-3001/pi_dns.txt >> sudo /etc/resolv.conf
--------------------------------------------------------------------------------
~ » cat /etc/resolv.conf                                             soumi@Hori
# Generated by NetworkManager
nameserver 10.17.0.1
--------------------------------------------------------------------------------
~ »             

It doesn’t seem to work. Did I do it wrong?

You would need something like

 cat file.txt | sudo tee -a /etc/resolv.conf

Have you consider using the resolvconf to change the resolver?

man resolvconf

Why are you appending a text file to your resolv.conf? ProtonVPN does that automagically.

If you always append your file will grow every time you run the command?

This command worked for me. But, it added pihole’s dns, I want to replace it, not just add it

~/Fcxt-3001 » cat /etc/resolv.conf                                   soumi@Hori
# Generated by NetworkManager
nameserver 10.17.0.1
# pi-hole dns
nameserver 127.0.0.1

But your previous command appends to your resolve.conf. If you want to replace it something like

echo nameserver 127.0.0.1 | sudo tee /etc/resolv.conf

But as the resolv.conf is managed by NetworkManager your change may be overwritten without notification.

You can instruct proteonvpn to use a custom DNS but doing so makes no sense as it would leak your public IP to the DNS the Pihole is asking.

ProtonVPN can block ads and malware too - at least the paid version I use.

Which raises the question…

@soumi why not just configure the nameserver and ProtonVPN in KDE’s network manager?

There’s an override named Automatic (address only) in which you specify the nameserver IP address when you configure ProtonVPN in the KDE Network Manager.

You probably could but doing so defeats the purpose of a VPN - the purpose being to channel all traffic through the VPN endpoint.

If you do what OP tries the Pihole will resolve all queries outside the VPN - leaking the public IP of the PiHole whether this the same computer or a raspberry pi.

Which traffic would leak outside the VPN? It appears that Pi-hole is running on the same computer. Wouldn’t using Network Manager (with the advanced options) essentially route all traffic through ProtonVPN, and DNS requests direct to 127.0.0.1?

I am using Pi-hole on the same laptop via docker and has quad9 as it’s sub dns. As of now, I don’t have the money to subscribe to protonVPN plus…I live in a third world country so ya. The main reason why I use a VPN is so I can watch region blocked content in Crunchyroll and Funimation. If that helps. Thank you for the help. I tried it and it worked.

Then it make sense

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.