You should use sudo, since you are changing something on the system.
But… There are two parts to this problem:
As you found, connman will periodically overwrite changes you make to /etc/resolv.conf. As @the_bo has said, this has been fixed and is waiting to be rolled out. It can also be installed from the staging repo.
For any non-local DNS resolvers, connman also adds routing entries that will bypass a VPN tunnel, causing a DNS leak. Sam has produced a patch for this that I am testing. So far, it seems to be working, but has not yet been included in the version in the staging repo.
Once Sam and I are happy that the new patch is ok, I would expect it to be added to the revised version in the staging repo.
AFAIK, this revised version of connman will not alter /etc/resolv.conf to reflect the openvpn server’s push instructions, eg dhcp-option DNS 10.10.10.1 so that you use the VPN’s own DNS resolver. However, I believe the openvpn update-resolv-conf script should now be able to do something similar. But even if you don’t use the VPN’s DNS resolver, all DNS requests should now pass through the VPN tunnel.
Which brings me to one last point. If you intend to use a VPN, you should never use your router as a DNS proxy. Many people have a DHCP set-up where the router assigns a client an IP address, default gateway, DNS server, etc. Very often, the router wil (sensibly)l be assigned as the DNS proxy for the whole network. With a VPN, you need to assign external IP addresses for your DNS resolvers. If your router is the DNS resolver, all DNS requests will bypass the VPN tunnel, causing a DNS leak. The safest way to ensure that you are using external IP addresses is to set your OSMC box to use a fixed IP address.
The openvpn script update-resolv-conf makea use of /sbin/resolvconf which does not seem to be installed. I guess that might need to be re-written to use connmanctl, and I am currently struggling to see how to do that.
As OSMC is systemd based, I also tried update-systemd-resolved (from here), but that failed with the error:
logger: option ‘–id’ doesn’t allow an argument
Which I fixed by simple removing the ="$$" after --id, but then I hit this:
Unknown command ‘call’
update-systemd-resolved.sh: ‘busctl’ exited with status 1
Here’s hoping the fix mentioned in the NFS issue resolves the DNS update problems.