fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-20 04:40:04 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

dns/unbound: drop deprecated "unbound" DNS plugin

Browse source 
The "unbound" DNS plugin was very rudimentary and is deprecated since
commit 4a2fe09853 ('man: mark [main].dns=unbound as deprecated') (Jun
2021).

It is part of dnssec-trigger tool, but the dnssec-trigger tool doesn't
actually use it. Instead it installs a dispatcher script
"/usr/lib/NetworkManager/dispatcher.d/01-dnssec-trigger".

Especially, since the plugin requires "/usr/libexec/dnssec-trigger-script",
which is provided by "dnssec-trigger" package on Fedora. At the same
time, the package provides the dispatcher script. So I don't this works
or anybody is using this.

https://mail.gnome.org/archives/networkmanager-list/2022-April/msg00002.html
This commit is contained in:
Thomas Haller 2022-04-12 11:59:56 +02:00
parent bbbb1b7339
commit 5da17c689b
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
10 changed files with 11 additions and 158 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile.am
View file

@ -2530,8 +2530,6 @@ src_core_libNetworkManager_la_SOURCES = \
src/core/dns/nm-dns-dnsmasq.h \
src/core/dns/nm-dns-systemd-resolved.c \
src/core/dns/nm-dns-systemd-resolved.h \
src/core/dns/nm-dns-unbound.c \
src/core/dns/nm-dns-unbound.h \
\
src/core/dnsmasq/nm-dnsmasq-manager.c \
src/core/dnsmasq/nm-dnsmasq-manager.h \

3
config.h.meson
View file

@ -13,9 +13,6 @@
/* Define to path of dnsmasq binary */
#mesondefine DNSMASQ_PATH
/* Define to path of unbound dnssec-trigger-script */
#mesondefine DNSSEC_TRIGGER_PATH
/* Gettext package */
#mesondefine GETTEXT_PACKAGE

12
configure.ac
View file

@ -1006,18 +1006,6 @@ fi
AC_DEFINE_UNQUOTED(DNSMASQ_PATH, "$DNSMASQ_PATH", [Define to path of dnsmasq binary])
AC_SUBST(DNSMASQ_PATH)
# dnssec-trigger-script path
AC_ARG_WITH(dnssec_trigger,
AS_HELP_STRING([--with-dnssec-trigger=/path/to/dnssec-trigger-script], [path to unbound dnssec-trigger-script]))
if test "x${with_dnssec_trigger}" = x; then
AC_PATH_PROG(DNSSEC_TRIGGER_PATH, dnssec-trigger-script, /usr/libexec/dnssec-trigger-script,
/usr/local/libexec:/usr/local/lib:/usr/local/lib/dnssec-trigger:/usr/libexec:/usr/lib:/usr/lib/dnssec-trigger)
else
DNSSEC_TRIGGER_PATH="$with_dnssec_trigger"
fi
AC_DEFINE_UNQUOTED(DNSSEC_TRIGGER_PATH, "$DNSSEC_TRIGGER_PATH", [Define to path of unbound dnssec-trigger-script])
AC_SUBST(DNSSEC_TRIGGER_PATH)
# system CA certificates path
AC_ARG_WITH(system-ca-path,
AS_HELP_STRING([--with-system-ca-path=/path/to/ssl/certs], [path to system CA certificates]))

11
man/NetworkManager.conf.xml
View file

@ -345,19 +345,12 @@ no-auto-default=*
<para><literal>systemd-resolved</literal>: NetworkManager will
push the DNS configuration to systemd-resolved</para>
<para><literal>unbound</literal>: NetworkManager will talk
to unbound and dnssec-triggerd, using "Conditional Forwarding"
with DNSSEC support. <filename>/etc/resolv.conf</filename>
will be managed by dnssec-trigger daemon. This option is
deprecated. Note that dnssec-trigger ships a NetworkManager dispatcher
script so this DNS plugin is not necessary.</para>
<para><literal>none</literal>: NetworkManager will not
modify resolv.conf. This implies
<literal>rc-manager</literal>&nbsp;<literal>unmanaged</literal></para>
<para>Note that the plugins <literal>dnsmasq</literal>, <literal>systemd-resolved</literal>
and <literal>unbound</literal> are caching local nameservers.
<para>Note that the plugins <literal>dnsmasq</literal> and <literal>systemd-resolved</literal>
are caching local nameservers.
Hence, when NetworkManager writes <filename>&nmrundir;/resolv.conf</filename>
and <filename>/etc/resolv.conf</filename> (according to <literal>rc-manager</literal>
setting below), the name server there will be localhost only.

13
meson.build
View file

@ -683,18 +683,11 @@ endforeach
# external misc tools paths
default_paths = ['/sbin', '/usr/sbin']
dnssec_ts_paths = ['/usr/local/libexec',
'/usr/local/lib',
'/usr/local/lib/dnssec-trigger',
'/usr/libexec',
'/usr/lib',
'/usr/lib/dnssec-trigger']
# 0: cmdline option, 1: paths, 2: fallback
progs = [['iptables', default_paths, '/usr/sbin/iptables'],
['nft', default_paths, '/usr/sbin/nft'],
['dnsmasq', default_paths, ''],
['dnssec_trigger', dnssec_ts_paths, join_paths(nm_libexecdir, 'dnssec-trigger-script') ],
progs = [['iptables', default_paths, '/usr/sbin/iptables'],
['nft', default_paths, '/usr/sbin/nft'],
['dnsmasq', default_paths, ''],
]
foreach prog : progs

1
meson_options.txt
View file

@ -7,7 +7,6 @@ option('kernel_firmware_dir', type: 'string', value: '/lib/firmware', descriptio
option('iptables', type: 'string', value: '', description: 'path to iptables')
option('nft', type: 'string', value: '', description: 'path to nft')
option('dnsmasq', type: 'string', value: '', description: 'path to dnsmasq')
option('dnssec_trigger', type: 'string', value: '', description: 'path to unbound dnssec-trigger-script')
# platform
option('dist_version', type: 'string', value: '', description: 'Define the NM\'s distribution version string')

15
src/core/dns/nm-dns-manager.c
View file

@ -35,7 +35,6 @@
#include "nm-dns-dnsmasq.h"
#include "nm-dns-plugin.h"
#include "nm-dns-systemd-resolved.h"
#include "nm-dns-unbound.h"
#include "nm-ip-config.h"
#include "nm-l3-config-data.h"
#include "nm-manager.h"
@ -2379,16 +2378,14 @@ again:
priv->plugin = nm_dns_dnsmasq_new();
plugin_changed = TRUE;
}
} else if (nm_streq0(mode, "unbound")) {
if (force_reload_plugin || !NM_IS_DNS_UNBOUND(priv->plugin)) {
_clear_plugin(self);
priv->plugin = nm_dns_unbound_new();
plugin_changed = TRUE;
}
} else {
if (!NM_IN_STRSET(mode, "none", "default")) {
if (mode)
_LOGW("init: unknown dns mode '%s'", mode);
if (mode) {
if (nm_streq(mode, "unbound"))
_LOGW("init: ns mode 'unbound' was removed. Update your configuration");
else
_LOGW("init: unknown dns mode '%s'", mode);
}
mode = "default";
}
if (_clear_plugin(self))

84
src/core/dns/nm-dns-unbound.c
View file

@ -1,84 +0,0 @@
/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* Copyright (C) 2014 Red Hat, Inc.
* Author: Pavel Šimerda <psimerda@redhat.com>
*/
#include "src/core/nm-default-daemon.h"
#include "nm-dns-unbound.h"
#include "NetworkManagerUtils.h"
/*****************************************************************************/
struct _NMDnsUnbound {
NMDnsPlugin parent;
};
struct _NMDnsUnboundClass {
NMDnsPluginClass parent;
};
G_DEFINE_TYPE(NMDnsUnbound, nm_dns_unbound, NM_TYPE_DNS_PLUGIN)
/*****************************************************************************/
static gboolean
update(NMDnsPlugin *plugin,
const NMGlobalDnsConfig *global_config,
const CList *ip_config_lst_head,
const char *hostdomain,
GError **error)
{
char *argv[] = {DNSSEC_TRIGGER_PATH, "--async", "--update", NULL};
gs_free_error GError *local = NULL;
int status;
/* TODO: We currently call a script installed with the dnssec-trigger
* package that queries all information itself. Later, the dependency
* on that package will be optional and the only hard dependency will
* be unbound.
*
* Unbound configuration should be later handled by this plugin directly,
* without calling custom scripts. The dnssec-trigger functionality
* may be eventually merged into NetworkManager.
*/
if (!g_spawn_sync("/", argv, NULL, 0, NULL, NULL, NULL, NULL, &status, &local)) {
nm_utils_error_set(error,
NM_UTILS_ERROR_UNKNOWN,
"error spawning dns-trigger: %s",
local->message);
return FALSE;
}
if (status != 0) {
nm_utils_error_set(error,
NM_UTILS_ERROR_UNKNOWN,
"dns-trigger exited with error code %d",
status);
return FALSE;
}
return TRUE;
}
/*****************************************************************************/
static void
nm_dns_unbound_init(NMDnsUnbound *unbound)
{}
NMDnsPlugin *
nm_dns_unbound_new(void)
{
return g_object_new(NM_TYPE_DNS_UNBOUND, NULL);
}
static void
nm_dns_unbound_class_init(NMDnsUnboundClass *klass)
{
NMDnsPluginClass *plugin_class = NM_DNS_PLUGIN_CLASS(klass);
plugin_class->plugin_name = "unbound";
plugin_class->is_caching = TRUE;
plugin_class->update = update;
}

27
src/core/dns/nm-dns-unbound.h
View file

@ -1,27 +0,0 @@
/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* Copyright (C) 2014 Red Hat, Inc.
*/
#ifndef __NETWORKMANAGER_DNS_UNBOUND_H__
#define __NETWORKMANAGER_DNS_UNBOUND_H__
#include "nm-dns-plugin.h"
#define NM_TYPE_DNS_UNBOUND (nm_dns_unbound_get_type())
#define NM_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnbound))
#define NM_DNS_UNBOUND_CLASS(klass) \
(G_TYPE_CHECK_CLASS_CAST((klass), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass))
#define NM_IS_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NM_TYPE_DNS_UNBOUND))
#define NM_IS_DNS_UNBOUND_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NM_TYPE_DNS_UNBOUND))
#define NM_DNS_UNBOUND_GET_CLASS(obj) \
(G_TYPE_INSTANCE_GET_CLASS((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass))
typedef struct _NMDnsUnbound NMDnsUnbound;
typedef struct _NMDnsUnboundClass NMDnsUnboundClass;
GType nm_dns_unbound_get_type(void);
NMDnsPlugin *nm_dns_unbound_new(void);
#endif /* __NETWORKMANAGER_DNS_UNBOUND_H__ */

1
src/core/meson.build
View file

@ -123,7 +123,6 @@ libNetworkManager = static_library(
'dns/nm-dns-manager.c',
'dns/nm-dns-plugin.c',
'dns/nm-dns-systemd-resolved.c',
'dns/nm-dns-unbound.c',
'dnsmasq/nm-dnsmasq-manager.c',
'dnsmasq/nm-dnsmasq-utils.c',
'ppp/nm-ppp-manager-call.c',