Discoveryd Alternative to Replace mDNSResponder Argument?

This is a direct follow-on to this question. Before Yosemite, I'd add the "-AlwaysAppendSearchDomains" argument to the mDNSResponder plist file so that all local resolver lookups added the search domains, regardless of whether there was a period in the label to be looked up. For example, whether I try to ssh to hostname foo.bar or foo, the search domain of baz.com should be tried, not only for the latter case, as was (and is) the default behavior.

Now, it looks like the mDNSResponder is gone, replaced with discoveryd. I cannot find a similar option to get it to always appending the search domain. Suggestions? I'd rather not go the route of using a non-default local resolver, but I'd consider it as an option. For now, I'll just type in the long FQDNs, but I'd really rather not.

Thanks, Pete


Solution 1:

Since 10.10.1, the simplest way to fix this is to add --AlwaysAppendSearchDomains to ProgramArguments in plist file /System/Library/LaunchDaemons/com.apple.discoveryd.plist

Then restart com.apple.discoveryd.plist with:

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.discoveryd.plist
sudo launchctl load /System/Library/LaunchDaemons/com.apple.discoveryd.plist

All this according to the help printed by:

/usr/libexec/discoveryd --help

That will do the same as it did for mDNSResponder as far as I can tell.

Solution 2:

Run sudo discoveryutil mdnsactivedirectory yes in Terminal. According to https://discussions.apple.com/message/26927843#26927843 it is the solution.

This can be made to run automatically whenever launching a terminal without a password:

  • sudo visudo
    • add a line to the bottom %admin ALL=NOPASSWD: /usr/sbin/discoveryutil
    • If admin group doesn't work, run groups at the terminal and use an appropriate group - perhaps 'staff' or 'everyone'. Or just use an individual username without the leading %
  • To test visudo change
    • sudo -k
    • sudo su and verify that you are asked for password. Then control-c without entering your password
    • sudo discoveryutil mdnsactivedirectory and verify that you aren't asked for password
  • Add a line to ~/.bash_profile sudo discoveryutil mdnsactivedirectory yes
  • Add Terminal to your user's Login Items
    • on 10.10: System Preferences->Users & Groups, Select User
    • Goto "Login Items" tab, and add /Applications/Utilities/Terminal

Solution 3:

No solution unfortunately, but I've found out you can at least check the resolver config using 'discoveryutil', like so:

mdbraber-mba:~ mdbraber$ sudo discoveryutil configresolver
Configuration Resolvers: Resolver domain [default], type Unicast, ifIndex 4, port 0, timeout 30, A yes, AAAA no, serviceID 0, scope None, order 0
    server 192.168.143.1
    search domain ourhouse
Configuration Resolvers: Resolver domain [default], type Unicast, ifIndex 4, port 0, timeout 30, A yes, AAAA no, serviceID 0, scope InterfaceID, order 0
    server 192.168.143.1

Apparently the first resolver lists a searchdomain, although it doesn't seem to work as under OS X < 10.10 versions. No idea why there is a second resolver without a search domain listed.

Solution 4:

Here is a hacked up solution using a local nameserver - works for me:

https://github.com/joedj/yosemite_dnsfix