These are leaking from the Qubes build VM into the image during the official build process for redistributable builds, which isn’t great, but also isn’t a big deal. It’s functional by accident rather than design.
grml-debootstrap copies /etc/resolv.conf.
[ -f “${MNTPOINT}”/etc/resolv.conf ] || cp ${VERBOSE:±v} /etc/resolv.conf “${MNTPOINT}”/etc/resolv.conf
Handling of /etc/resolv.conf during the build process is difficult. For details, see mentions of:
/etc/resolv.conf
in derivative-maker/help-steps/chroot-raw at master · Kicksecure/derivative-maker · GitHub.
The question is what would be a good default value for /etc/resolv.conf for Kicksecure KVM and Kicksecure VirtualBox?
Why mention Kicksecure VirtualBox? Because these are built at the same time to safe build time. The only difference is the image format conversion later during the build process (.qcow for KVM, .ova for VirtualBox).
So the VM image default /etc/resolv.conf needs to be compatible with both virtualizers.
It would be preferable to have an explicit default /etc/resolv.conf.
Should /etc/resolv.conf be managed by package? Probably not. A good default value written explicitly during the build process would be better. Otherwise, this file should later be user managed (not managed by a package).
That is, unless… Related: