diff options
| -rw-r--r-- | src/dns-manager/nm-dns-dnsmasq.c | 331 | ||||
| -rw-r--r-- | src/dns-manager/nm-dns-plugin.c | 106 | ||||
| -rw-r--r-- | src/org.freedesktop.NetworkManager.conf | 10 |
3 files changed, 308 insertions, 139 deletions
diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c index 5ead5ecf3b..77ac548d8c 100644 --- a/src/dns-manager/nm-dns-dnsmasq.c +++ b/src/dns-manager/nm-dns-dnsmasq.c @@ -32,6 +32,7 @@ #include "nm-ip4-config.h" #include "nm-ip6-config.h" #include "nm-dns-utils.h" +#include "nm-bus-manager.h" #include "NetworkManagerUtils.h" G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN) @@ -39,11 +40,17 @@ G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN) #define NM_DNS_DNSMASQ_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_DNS_DNSMASQ, NMDnsDnsmasqPrivate)) #define PIDFILE NMRUNDIR "/dnsmasq.pid" -#define CONFFILE NMRUNDIR "/dnsmasq.conf" #define CONFDIR NMCONFDIR "/dnsmasq.d" +#define DNSMASQ_DBUS_SERVICE "org.freedesktop.NetworkManager.dnsmasq" +#define DNSMASQ_DBUS_PATH "/uk/org/thekelleys/dnsmasq" + typedef struct { - guint32 foo; + GDBusProxy *dnsmasq; + GCancellable *dnsmasq_cancellable; + gboolean running; + + GVariant *set_server_ex_args; } NMDnsDnsmasqPrivate; /*****************************************************************************/ @@ -61,8 +68,28 @@ typedef struct { /*****************************************************************************/ +static void +add_dnsmasq_nameserver (NMDnsDnsmasq *self, + GVariantBuilder *servers, + const char *ip, + const char *domain) +{ + g_return_if_fail (ip); + + _LOGD ("adding nameserver '%s'%s%s%s", ip, + NM_PRINT_FMT_QUOTED (domain, " for domain \"", domain, "\"", "")); + + g_variant_builder_open (servers, G_VARIANT_TYPE ("as")); + + g_variant_builder_add (servers, "s", ip); + if (domain) + g_variant_builder_add (servers, "s", domain); + + g_variant_builder_close (servers); +} + static gboolean -add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split) +add_ip4_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP4Config *ip4, gboolean split) { char buf[INET_ADDRSTRLEN]; in_addr_t addr; @@ -84,9 +111,10 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split) /* searches are preferred over domains */ n = nm_ip4_config_get_num_searches (ip4); for (i = 0; i < n; i++) { - g_string_append_printf (str, "server=/%s/%s\n", - nm_ip4_config_get_search (ip4, i), - buf); + add_dnsmasq_nameserver (self, + servers, + buf, + nm_ip4_config_get_search (ip4, i)); added = TRUE; } @@ -94,9 +122,10 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split) /* If not searches, use any domains */ n = nm_ip4_config_get_num_domains (ip4); for (i = 0; i < n; i++) { - g_string_append_printf (str, "server=/%s/%s\n", - nm_ip4_config_get_domain (ip4, i), - buf); + add_dnsmasq_nameserver (self, + servers, + buf, + nm_ip4_config_get_domain (ip4, i)); added = TRUE; } } @@ -107,7 +136,7 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split) domains = nm_dns_utils_get_ip4_rdns_domains (ip4); if (domains) { for (iter = domains; iter && *iter; iter++) - g_string_append_printf (str, "server=/%s/%s\n", *iter, buf); + add_dnsmasq_nameserver (self, servers, buf, *iter); g_strfreev (domains); added = TRUE; } @@ -118,7 +147,8 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split) if (!added) { for (i = 0; i < nnameservers; i++) { addr = nm_ip4_config_get_nameserver (ip4, i); - g_string_append_printf (str, "server=%s\n", nm_utils_inet4_ntop (addr, NULL)); + add_dnsmasq_nameserver (self, servers, + nm_utils_inet4_ntop (addr, NULL), NULL); } } @@ -148,7 +178,7 @@ ip6_addr_to_string (const struct in6_addr *addr, const char *iface) } static void -add_global_config (GString *str, const NMGlobalDnsConfig *config) +add_global_config (NMDnsDnsmasq *self, GVariantBuilder *dnsmasq_servers, const NMGlobalDnsConfig *config) { guint i, j; @@ -163,16 +193,16 @@ add_global_config (GString *str, const NMGlobalDnsConfig *config) for (j = 0; servers && servers[j]; j++) { if (!strcmp (name, "*")) - g_string_append_printf (str, "server=%s\n", servers[j]); + add_dnsmasq_nameserver (self, dnsmasq_servers, servers[j], NULL); else - g_string_append_printf (str, "server=/%s/%s\n", name, servers[j]); + add_dnsmasq_nameserver (self, dnsmasq_servers, servers[j], name); } } } static gboolean -add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split) +add_ip6_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP6Config *ip6, gboolean split) { const struct in6_addr *addr; char *buf = NULL; @@ -196,9 +226,10 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split) /* searches are preferred over domains */ n = nm_ip6_config_get_num_searches (ip6); for (i = 0; i < n; i++) { - g_string_append_printf (str, "server=/%s/%s\n", - nm_ip6_config_get_search (ip6, i), - buf); + add_dnsmasq_nameserver (self, + servers, + buf, + nm_ip6_config_get_search (ip6, i)); added = TRUE; } @@ -206,9 +237,10 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split) /* If not searches, use any domains */ n = nm_ip6_config_get_num_domains (ip6); for (i = 0; i < n; i++) { - g_string_append_printf (str, "server=/%s/%s\n", - nm_ip6_config_get_domain (ip6, i), - buf); + add_dnsmasq_nameserver (self, + servers, + buf, + nm_ip6_config_get_domain (ip6, i)); added = TRUE; } } @@ -223,7 +255,7 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split) addr = nm_ip6_config_get_nameserver (ip6, i); buf = ip6_addr_to_string (addr, iface); if (buf) { - g_string_append_printf (str, "server=%s\n", buf); + add_dnsmasq_nameserver (self, servers, buf, NULL); g_free (buf); } } @@ -232,105 +264,219 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split) return TRUE; } -static gboolean -update (NMDnsPlugin *plugin, - const GSList *vpn_configs, - const GSList *dev_configs, - const GSList *other_configs, - const NMGlobalDnsConfig *global_config, - const char *hostname) +static void +dnsmasq_update_done (GObject *source, GAsyncResult *res, gpointer user_data) { - NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin); + NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data); + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); + gs_free_error GError *error = NULL; + gs_unref_variant GVariant *response = NULL; + + response = g_dbus_proxy_call_finish (priv->dnsmasq, res, &error); + if (!response) + _LOGW ("dnsmasq update failed: %s", error->message); + else + _LOGD ("dnsmasq update successful"); +} + +static void +send_dnsmasq_update (NMDnsDnsmasq *self) +{ + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); + + if (!priv->set_server_ex_args) + return; + + if (priv->running) { + _LOGD ("trying to update dnsmasq nameservers"); + + g_dbus_proxy_call (priv->dnsmasq, + "SetServersEx", + priv->set_server_ex_args, + G_DBUS_CALL_FLAGS_NONE, + -1, + NULL, + (GAsyncReadyCallback) dnsmasq_update_done, + self); + g_clear_pointer (&priv->set_server_ex_args, g_variant_unref); + } else + _LOGD ("dnsmasq not found on the bus. The nameserver update will be sent when dnsmasq appears"); +} + +static void +name_owner_changed (GObject *object, + GParamSpec *pspec, + gpointer user_data) +{ + NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data); + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); + gs_free char *owner = NULL; + + owner = g_dbus_proxy_get_name_owner (G_DBUS_PROXY (object)); + if (owner) { + _LOGI ("dnsmasq appeared as %s", owner); + priv->running = TRUE; + send_dnsmasq_update (self); + } else { + _LOGI ("dnsmasq disappeared"); + priv->running = FALSE; + g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED); + } +} + +static void +dnsmasq_proxy_cb (GObject *source, GAsyncResult *res, gpointer user_data) +{ + NMDnsDnsmasq *self; + NMDnsDnsmasqPrivate *priv; + gs_free_error GError *error = NULL; + gs_free char *owner = NULL; + GDBusProxy *proxy; + + proxy = g_dbus_proxy_new_finish (res, &error); + if ( !proxy + && g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) + return; + + self = NM_DNS_DNSMASQ (user_data); + + if (!proxy) { + _LOGW ("failed to connect to dnsmasq via DBus: %s", error->message); + g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED); + return; + } + + priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); + + priv->dnsmasq = proxy; + nm_clear_g_cancellable (&priv->dnsmasq_cancellable); + + _LOGD ("dnsmasq proxy creation successful"); + + g_signal_connect (priv->dnsmasq, "notify::g-name-owner", + G_CALLBACK (name_owner_changed), self); + owner = g_dbus_proxy_get_name_owner (priv->dnsmasq); + priv->running = (owner != NULL); + + if (priv->running) + send_dnsmasq_update (self); +} + +static void +start_dnsmasq (NMDnsDnsmasq *self) +{ + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); const char *dm_binary; - GString *conf; - GSList *iter; const char *argv[15]; - GError *error = NULL; - int ignored; GPid pid = 0; guint idx = 0; + NMBusManager *dbus_mgr; + GDBusConnection *connection; + - /* Kill the old dnsmasq; there doesn't appear to be a way to get dnsmasq - * to reread the config file using SIGHUP or similar. This is a small race - * here when restarting dnsmasq when DNS requests could go to the upstream - * servers instead of to dnsmasq. - */ - nm_dns_plugin_child_kill (plugin); + if ( priv->running + || priv->dnsmasq + || priv->dnsmasq_cancellable) + return; dm_binary = nm_utils_find_helper ("dnsmasq", DNSMASQ_PATH, NULL); if (!dm_binary) { _LOGW ("could not find dnsmasq binary"); - return FALSE; + return; } - /* Build up the new dnsmasq config file */ - conf = g_string_sized_new (150); + argv[idx++] = dm_binary; + argv[idx++] = "--no-resolv"; /* Use only commandline */ + argv[idx++] = "--keep-in-foreground"; + argv[idx++] = "--no-hosts"; /* don't use /etc/hosts to resolve */ + argv[idx++] = "--bind-interfaces"; + argv[idx++] = "--pid-file=" PIDFILE; + argv[idx++] = "--listen-address=127.0.0.1"; /* Should work for both 4 and 6 */ + argv[idx++] = "--cache-size=400"; + argv[idx++] = "--proxy-dnssec"; /* Allow DNSSEC to pass through */ + argv[idx++] = "--enable-dbus=" DNSMASQ_DBUS_SERVICE; + + /* dnsmasq exits if the conf dir is not present */ + if (g_file_test (CONFDIR, G_FILE_TEST_IS_DIR)) + argv[idx++] = "--conf-dir=" CONFDIR; + + argv[idx++] = NULL; + nm_assert (idx <= G_N_ELEMENTS (argv)); + + /* And finally spawn dnsmasq */ + pid = nm_dns_plugin_child_spawn (NM_DNS_PLUGIN (self), argv, PIDFILE, "bin/dnsmasq"); + if (!pid) + return; + + dbus_mgr = nm_bus_manager_get (); + g_return_if_fail (dbus_mgr); + + connection = nm_bus_manager_get_connection (dbus_mgr); + g_return_if_fail (connection); + + priv->dnsmasq_cancellable = g_cancellable_new (); + g_dbus_proxy_new (connection, + G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START, + NULL, + DNSMASQ_DBUS_SERVICE, + DNSMASQ_DBUS_PATH, + DNSMASQ_DBUS_SERVICE, + priv->dnsmasq_cancellable, + dnsmasq_proxy_cb, + self); +} + +static gboolean +update (NMDnsPlugin *plugin, + const GSList *vpn_configs, + const GSList *dev_configs, + const GSList *other_configs, + const NMGlobalDnsConfig *global_config, + const char *hostname) +{ + NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin); + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self); + const GSList *iter; + GVariantBuilder servers; + + start_dnsmasq (self); + + g_variant_builder_init (&servers, G_VARIANT_TYPE ("aas")); if (global_config) - add_global_config (conf, global_config); + add_global_config (self, &servers, global_config); else { /* Use split DNS for VPN configs */ - for (iter = (GSList *) vpn_configs; iter; iter = g_slist_next (iter)) { + for (iter = vpn_configs; iter; iter = g_slist_next (iter)) { if (NM_IS_IP4_CONFIG (iter->data)) - add_ip4_config (conf, NM_IP4_CONFIG (iter->data), TRUE); + add_ip4_config (self, &servers, iter->data, TRUE); else if (NM_IS_IP6_CONFIG (iter->data)) - add_ip6_config (conf, NM_IP6_CONFIG (iter->data), TRUE); + add_ip6_config (self, &servers, iter->data, TRUE); } /* Now add interface configs without split DNS */ - for (iter = (GSList *) dev_configs; iter; iter = g_slist_next (iter)) { + for (iter = dev_configs; iter; iter = g_slist_next (iter)) { if (NM_IS_IP4_CONFIG (iter->data)) - add_ip4_config (conf, NM_IP4_CONFIG (iter->data), FALSE); + add_ip4_config (self, &servers, iter->data, FALSE); else if (NM_IS_IP6_CONFIG (iter->data)) - add_ip6_config (conf, NM_IP6_CONFIG (iter->data), FALSE); + add_ip6_config (self, &servers, iter->data, FALSE); } /* And any other random configs */ - for (iter = (GSList *) other_configs; iter; iter = g_slist_next (iter)) { + for (iter = other_configs; iter; iter = g_slist_next (iter)) { if (NM_IS_IP4_CONFIG (iter->data)) - add_ip4_config (conf, NM_IP4_CONFIG (iter->data), FALSE); + add_ip4_config (self, &servers, iter->data, FALSE); else if (NM_IS_IP6_CONFIG (iter->data)) - add_ip6_config (conf, NM_IP6_CONFIG (iter->data), FALSE); + add_ip6_config (self, &servers, iter->data, FALSE); } } - /* Write out the config file */ - if (!g_file_set_contents (CONFFILE, conf->str, -1, &error)) { - _LOGW ("failed to write dnsmasq config file %s: %s", - CONFFILE, - error->message); - g_clear_error (&error); - goto out; - } - ignored = chmod (CONFFILE, 0644); - - _LOGD ("dnsmasq local caching DNS configuration:"); - _LOGD ("%s", conf->str); - - argv[idx++] = dm_binary; - argv[idx++] = "--no-resolv"; /* Use only commandline */ - argv[idx++] = "--keep-in-foreground"; - argv[idx++] = "--no-hosts"; /* don't use /etc/hosts to resolve */ - argv[idx++] = "--bind-interfaces"; - argv[idx++] = "--pid-file=" PIDFILE; - argv[idx++] = "--listen-address=127.0.0.1"; /* Should work for both 4 and 6 */ - argv[idx++] = "--conf-file=" CONFFILE; - argv[idx++] = "--cache-size=400"; - argv[idx++] = "--proxy-dnssec"; /* Allow DNSSEC to pass through */ - - /* dnsmasq exits if the conf dir is not present */ - if (g_file_test (CONFDIR, G_FILE_TEST_IS_DIR)) - argv[idx++] = "--conf-dir=" CONFDIR; + g_clear_pointer (&priv->set_server_ex_args, g_variant_unref); + priv->set_server_ex_args = g_variant_ref_sink (g_variant_new ("(aas)", &servers)); - argv[idx++] = NULL; - g_warn_if_fail (idx <= G_N_ELEMENTS (argv)); + send_dnsmasq_update (self); - /* And finally spawn dnsmasq */ - pid = nm_dns_plugin_child_spawn (NM_DNS_PLUGIN (self), argv, PIDFILE, "bin/dnsmasq"); - -out: - g_string_free (conf, TRUE); - return pid ? TRUE : FALSE; + return TRUE; } /****************************************************************/ @@ -374,7 +520,6 @@ child_quit (NMDnsPlugin *plugin, gint status) _LOGW ("dnsmasq died with signal %d", WTERMSIG (status)); else _LOGW ("dnsmasq died from an unknown cause"); - unlink (CONFFILE); if (failed) g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED); @@ -410,7 +555,13 @@ nm_dns_dnsmasq_init (NMDnsDnsmasq *self) static void dispose (GObject *object) { - unlink (CONFFILE); + NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (object); + + nm_clear_g_cancellable (&priv->dnsmasq_cancellable); + + g_clear_object (&priv->dnsmasq); + + g_clear_pointer (&priv->set_server_ex_args, g_variant_unref); G_OBJECT_CLASS (nm_dns_dnsmasq_parent_class)->dispose (object); } diff --git a/src/dns-manager/nm-dns-plugin.c b/src/dns-manager/nm-dns-plugin.c index 47322d2ae2..d5cb882246 100644 --- a/src/dns-manager/nm-dns-plugin.c +++ b/src/dns-manager/nm-dns-plugin.c @@ -48,7 +48,29 @@ enum { }; static guint signals[LAST_SIGNAL] = { 0 }; -/********************************************/ +/******************************************************************************/ + +#define _NMLOG_PREFIX_NAME "dns-plugin" +#define _NMLOG_DOMAIN LOGD_DNS +#define _NMLOG(level, ...) \ + G_STMT_START { \ + const NMLogLevel __level = (level); \ + \ + if (nm_logging_enabled (__level, _NMLOG_DOMAIN)) { \ + char __prefix[20]; \ + const NMDnsPlugin *const __self = (self); \ + \ + _nm_log (__level, _NMLOG_DOMAIN, 0, \ + "%s%s: " _NM_UTILS_MACRO_FIRST (__VA_ARGS__), \ + _NMLOG_PREFIX_NAME, \ + (!__self \ + ? "" \ + : nm_sprintf_buf (__prefix, "[%p]", __self)) \ + _NM_UTILS_MACRO_REST (__VA_ARGS__)); \ + } \ + } G_STMT_END + +/******************************************************************************/ gboolean nm_dns_plugin_update (NMDnsPlugin *self, @@ -96,8 +118,7 @@ _clear_pidfile (NMDnsPlugin *self) if (priv->pidfile) { unlink (priv->pidfile); - g_free (priv->pidfile); - priv->pidfile = NULL; + g_clear_pointer (&priv->pidfile, g_free); } } @@ -138,7 +159,7 @@ kill_existing (const char *progname, const char *pidfile, const char *kill_match if (!strstr (cmdline_contents, kill_match)) goto out; - nm_utils_kill_process_sync (pid, start_time, SIGKILL, LOGD_DNS, + nm_utils_kill_process_sync (pid, start_time, SIGKILL, _NMLOG_DOMAIN, progname ?: "<dns-process>", 0, 0, 1000); @@ -154,9 +175,7 @@ watch_cb (GPid pid, gint status, gpointer user_data) priv->pid = 0; priv->watch_id = 0; - g_free (priv->progname); - priv->progname = NULL; - + g_clear_pointer (&priv->progname, g_free); _clear_pidfile (self); g_signal_emit (self, signals[CHILD_QUIT], 0, status); @@ -168,43 +187,47 @@ nm_dns_plugin_child_spawn (NMDnsPlugin *self, const char *pidfile, const char *kill_match) { - NMDnsPluginPrivate *priv = NM_DNS_PLUGIN_GET_PRIVATE (self); + NMDnsPluginPrivate *priv; GError *error = NULL; - char *cmdline; + GPid pid; + gs_free char *cmdline = NULL; + gs_free char *progname = NULL; - g_return_val_if_fail (argv != NULL, 0); - g_return_val_if_fail (argv[0] != NULL, 0); + g_return_val_if_fail (argv && argv[0], 0); + g_return_val_if_fail (NM_IS_DNS_PLUGIN (self), 0); - g_warn_if_fail (priv->progname == NULL); - g_free (priv->progname); - priv->progname = g_path_get_basename (argv[0]); + priv = NM_DNS_PLUGIN_GET_PRIVATE (self); - kill_existing (priv->progname, pidfile, kill_match); + g_return_val_if_fail (!priv->pid, 0); + nm_assert (!priv->progname); + nm_assert (!priv->watch_id); + nm_assert (!priv->pidfile); - g_warn_if_fail (priv->pidfile == NULL); - g_clear_pointer (&priv->pidfile, g_free); - priv->pidfile = g_strdup (pidfile); + progname = g_path_get_basename (argv[0]); + kill_existing (progname, pidfile, kill_match); - nm_log_info (LOGD_DNS, "DNS: starting %s...", priv->progname); - cmdline = g_strjoinv (" ", (char **) argv); - nm_log_dbg (LOGD_DNS, "DNS: command line: %s", cmdline); - g_free (cmdline); + _LOGI ("starting %s...", progname); + _LOGD ("command line: %s", + (cmdline = g_strjoinv (" ", (char **) argv))); - priv->pid = 0; - if (g_spawn_async (NULL, (char **) argv, NULL, + if (!g_spawn_async (NULL, (char **) argv, NULL, G_SPAWN_DO_NOT_REAP_CHILD, nm_utils_setpgid, NULL, - &priv->pid, + &pid, &error)) { - nm_log_dbg (LOGD_DNS, "%s started with pid %d", priv->progname, priv->pid); - priv->watch_id = g_child_watch_add (priv->pid, (GChildWatchFunc) watch_cb, self); - } else { - nm_log_warn (LOGD_DNS, "Failed to spawn %s: %s", - priv->progname, error->message); + _LOGW ("failed to spawn %s: %s", + progname, error->message); g_clear_error (&error); + return 0; } - return priv->pid; + _LOGD ("%s started with pid %d", progname, pid); + priv->watch_id = g_child_watch_add (pid, (GChildWatchFunc) watch_cb, self); + priv->pid = pid; + priv->progname = nm_unauto (&progname); + priv->pidfile = g_strdup (pidfile); + + return pid; } gboolean @@ -213,14 +236,12 @@ nm_dns_plugin_child_kill (NMDnsPlugin *self) NMDnsPluginPrivate *priv = NM_DNS_PLUGIN_GET_PRIVATE (self); nm_clear_g_source (&priv->watch_id); - if (priv->pid) { - nm_utils_kill_child_sync (priv->pid, SIGTERM, LOGD_DNS, priv->progname, NULL, 1000, 0); + nm_utils_kill_child_sync (priv->pid, SIGTERM, _NMLOG_DOMAIN, + priv->progname ?: "<dns-process>", NULL, 1000, 0); priv->pid = 0; - g_free (priv->progname); - priv->progname = NULL; + g_clear_pointer (&priv->progname, g_free); } - _clear_pidfile (self); return TRUE; @@ -244,18 +265,6 @@ dispose (GObject *object) } static void -finalize (GObject *object) -{ - NMDnsPlugin *self = NM_DNS_PLUGIN (object); - NMDnsPluginPrivate *priv = NM_DNS_PLUGIN_GET_PRIVATE (self); - - g_free (priv->progname); - g_free (priv->pidfile); - - G_OBJECT_CLASS (nm_dns_plugin_parent_class)->finalize (object); -} - -static void nm_dns_plugin_class_init (NMDnsPluginClass *plugin_class) { GObjectClass *object_class = G_OBJECT_CLASS (plugin_class); @@ -264,7 +273,6 @@ nm_dns_plugin_class_init (NMDnsPluginClass *plugin_class) /* virtual methods */ object_class->dispose = dispose; - object_class->finalize = finalize; plugin_class->is_caching = is_caching; /* signals */ diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf index dd630e1986..d130f7e271 100644 --- a/src/org.freedesktop.NetworkManager.conf +++ b/src/org.freedesktop.NetworkManager.conf @@ -26,6 +26,13 @@ <allow send_destination="org.freedesktop.NetworkManager.fortisslvpn"/> <allow send_destination="org.freedesktop.NetworkManager.strongswan"/> <allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/> + + <!-- Allow the custom name for the dnsmasq instance spawned by NM + from the dns dnsmasq plugin to own it's dbus name, and for + messages to be sent to it. + --> + <allow own="org.freedesktop.NetworkManager.dnsmasq"/> + <allow send_destination="org.freedesktop.NetworkManager.dnsmasq"/> </policy> <policy context="default"> <deny own="org.freedesktop.NetworkManager"/> @@ -127,6 +134,9 @@ <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Settings" send_member="ReloadConnections"/> + + <deny own="org.freedesktop.NetworkManager.dnsmasq"/> + <deny send_destination="org.freedesktop.NetworkManager.dnsmasq"/> </policy> <limit name="max_replies_per_connection">1024</limit> |