NM trashing resolv.conf when a connection fails

[Paul Smith <paul mad-scientist net>]

Hi all.  I'm using the openconnect/network-manager-openconnect-gnome VPN
packages (Ubuntu 10.10) to connect to work via a VPN.  For the most part
it works pretty well.  I have the following issues though and I wonder
if these are expected or if I should file bugs (or if there's any
workaround):


The first is minor, but my password for the VPN is not saved in the
Gnome keyring (or anywhere else) and I have to re-enter it every time I
want to connect.


The second is a major problem: I actually have multiple VPNs going and
the other one uses proprietary VPN software (Juniper Network Connect),
not NetworkManager.  So, my resolv.conf has search domains for my local
LAN (wired DHCP, managed with NM), for my openconnect VPN, AND for this
3rdparty VPN connection.  I get them all running the way I want and
resolv.conf is set, etc.  If the openconnect connection fails, or even
if it's not running and I try to start it and that fails (say the VPN
server doesn't respond so it was never actually connected), Network
Manager is rewriting my /etc/resolv.conf file and throwing away all the
information about my 3rdparty VPN connection, making it unusable unless
I go in and re-edit by hand.

It looks like instead of NetworkManager tracking which interfaces added
which search domain/nameserver entries and removing those from
resolv.conf when the interface goes down, instead when an interface
changes state NetworkManager will regenerate the resolv.conf file from
scratch using only those interfaces it manages and throwing away any
other information.  This is Very Not Good behavior.


Anyone have any thoughts or help for me?