diff --git a/Makefile.am b/Makefile.am
index 91eaf67aec..72f224fc20 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2530,8 +2530,6 @@ src_core_libNetworkManager_la_SOURCES = \
src/core/dns/nm-dns-dnsmasq.h \
src/core/dns/nm-dns-systemd-resolved.c \
src/core/dns/nm-dns-systemd-resolved.h \
- src/core/dns/nm-dns-unbound.c \
- src/core/dns/nm-dns-unbound.h \
\
src/core/dnsmasq/nm-dnsmasq-manager.c \
src/core/dnsmasq/nm-dnsmasq-manager.h \
diff --git a/config.h.meson b/config.h.meson
index 7d1feb53ad..7337165082 100644
--- a/config.h.meson
+++ b/config.h.meson
@@ -13,9 +13,6 @@
/* Define to path of dnsmasq binary */
#mesondefine DNSMASQ_PATH
-/* Define to path of unbound dnssec-trigger-script */
-#mesondefine DNSSEC_TRIGGER_PATH
-
/* Gettext package */
#mesondefine GETTEXT_PACKAGE
diff --git a/configure.ac b/configure.ac
index 8ed50706b9..24107f163b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1006,18 +1006,6 @@ fi
AC_DEFINE_UNQUOTED(DNSMASQ_PATH, "$DNSMASQ_PATH", [Define to path of dnsmasq binary])
AC_SUBST(DNSMASQ_PATH)
-# dnssec-trigger-script path
-AC_ARG_WITH(dnssec_trigger,
- AS_HELP_STRING([--with-dnssec-trigger=/path/to/dnssec-trigger-script], [path to unbound dnssec-trigger-script]))
-if test "x${with_dnssec_trigger}" = x; then
- AC_PATH_PROG(DNSSEC_TRIGGER_PATH, dnssec-trigger-script, /usr/libexec/dnssec-trigger-script,
- /usr/local/libexec:/usr/local/lib:/usr/local/lib/dnssec-trigger:/usr/libexec:/usr/lib:/usr/lib/dnssec-trigger)
-else
- DNSSEC_TRIGGER_PATH="$with_dnssec_trigger"
-fi
-AC_DEFINE_UNQUOTED(DNSSEC_TRIGGER_PATH, "$DNSSEC_TRIGGER_PATH", [Define to path of unbound dnssec-trigger-script])
-AC_SUBST(DNSSEC_TRIGGER_PATH)
-
# system CA certificates path
AC_ARG_WITH(system-ca-path,
AS_HELP_STRING([--with-system-ca-path=/path/to/ssl/certs], [path to system CA certificates]))
diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml
index cb6b40afa0..18b25d9370 100644
--- a/man/NetworkManager.conf.xml
+++ b/man/NetworkManager.conf.xml
@@ -345,19 +345,12 @@ no-auto-default=*
systemd-resolved: NetworkManager will
push the DNS configuration to systemd-resolved
- unbound: NetworkManager will talk
- to unbound and dnssec-triggerd, using "Conditional Forwarding"
- with DNSSEC support. /etc/resolv.conf
- will be managed by dnssec-trigger daemon. This option is
- deprecated. Note that dnssec-trigger ships a NetworkManager dispatcher
- script so this DNS plugin is not necessary.
-
none: NetworkManager will not
modify resolv.conf. This implies
rc-manager unmanaged
- Note that the plugins dnsmasq, systemd-resolved
- and unbound are caching local nameservers.
+ Note that the plugins dnsmasq and systemd-resolved
+ are caching local nameservers.
Hence, when NetworkManager writes &nmrundir;/resolv.conf
and /etc/resolv.conf (according to rc-manager
setting below), the name server there will be localhost only.
diff --git a/meson.build b/meson.build
index 45d6970894..edf4b377fa 100644
--- a/meson.build
+++ b/meson.build
@@ -683,18 +683,11 @@ endforeach
# external misc tools paths
default_paths = ['/sbin', '/usr/sbin']
-dnssec_ts_paths = ['/usr/local/libexec',
- '/usr/local/lib',
- '/usr/local/lib/dnssec-trigger',
- '/usr/libexec',
- '/usr/lib',
- '/usr/lib/dnssec-trigger']
# 0: cmdline option, 1: paths, 2: fallback
-progs = [['iptables', default_paths, '/usr/sbin/iptables'],
- ['nft', default_paths, '/usr/sbin/nft'],
- ['dnsmasq', default_paths, ''],
- ['dnssec_trigger', dnssec_ts_paths, join_paths(nm_libexecdir, 'dnssec-trigger-script') ],
+progs = [['iptables', default_paths, '/usr/sbin/iptables'],
+ ['nft', default_paths, '/usr/sbin/nft'],
+ ['dnsmasq', default_paths, ''],
]
foreach prog : progs
diff --git a/meson_options.txt b/meson_options.txt
index 42f84711d0..cec0664186 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -7,7 +7,6 @@ option('kernel_firmware_dir', type: 'string', value: '/lib/firmware', descriptio
option('iptables', type: 'string', value: '', description: 'path to iptables')
option('nft', type: 'string', value: '', description: 'path to nft')
option('dnsmasq', type: 'string', value: '', description: 'path to dnsmasq')
-option('dnssec_trigger', type: 'string', value: '', description: 'path to unbound dnssec-trigger-script')
# platform
option('dist_version', type: 'string', value: '', description: 'Define the NM\'s distribution version string')
diff --git a/src/core/dns/nm-dns-manager.c b/src/core/dns/nm-dns-manager.c
index 03f3eceddf..0d6ade2b2d 100644
--- a/src/core/dns/nm-dns-manager.c
+++ b/src/core/dns/nm-dns-manager.c
@@ -35,7 +35,6 @@
#include "nm-dns-dnsmasq.h"
#include "nm-dns-plugin.h"
#include "nm-dns-systemd-resolved.h"
-#include "nm-dns-unbound.h"
#include "nm-ip-config.h"
#include "nm-l3-config-data.h"
#include "nm-manager.h"
@@ -2379,16 +2378,14 @@ again:
priv->plugin = nm_dns_dnsmasq_new();
plugin_changed = TRUE;
}
- } else if (nm_streq0(mode, "unbound")) {
- if (force_reload_plugin || !NM_IS_DNS_UNBOUND(priv->plugin)) {
- _clear_plugin(self);
- priv->plugin = nm_dns_unbound_new();
- plugin_changed = TRUE;
- }
} else {
if (!NM_IN_STRSET(mode, "none", "default")) {
- if (mode)
- _LOGW("init: unknown dns mode '%s'", mode);
+ if (mode) {
+ if (nm_streq(mode, "unbound"))
+ _LOGW("init: ns mode 'unbound' was removed. Update your configuration");
+ else
+ _LOGW("init: unknown dns mode '%s'", mode);
+ }
mode = "default";
}
if (_clear_plugin(self))
diff --git a/src/core/dns/nm-dns-unbound.c b/src/core/dns/nm-dns-unbound.c
deleted file mode 100644
index 8a75cf08f0..0000000000
--- a/src/core/dns/nm-dns-unbound.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-or-later */
-/*
- * Copyright (C) 2014 Red Hat, Inc.
- * Author: Pavel Šimerda
- */
-
-#include "src/core/nm-default-daemon.h"
-
-#include "nm-dns-unbound.h"
-
-#include "NetworkManagerUtils.h"
-
-/*****************************************************************************/
-
-struct _NMDnsUnbound {
- NMDnsPlugin parent;
-};
-
-struct _NMDnsUnboundClass {
- NMDnsPluginClass parent;
-};
-
-G_DEFINE_TYPE(NMDnsUnbound, nm_dns_unbound, NM_TYPE_DNS_PLUGIN)
-
-/*****************************************************************************/
-
-static gboolean
-update(NMDnsPlugin *plugin,
- const NMGlobalDnsConfig *global_config,
- const CList *ip_config_lst_head,
- const char *hostdomain,
- GError **error)
-{
- char *argv[] = {DNSSEC_TRIGGER_PATH, "--async", "--update", NULL};
- gs_free_error GError *local = NULL;
- int status;
-
- /* TODO: We currently call a script installed with the dnssec-trigger
- * package that queries all information itself. Later, the dependency
- * on that package will be optional and the only hard dependency will
- * be unbound.
- *
- * Unbound configuration should be later handled by this plugin directly,
- * without calling custom scripts. The dnssec-trigger functionality
- * may be eventually merged into NetworkManager.
- */
- if (!g_spawn_sync("/", argv, NULL, 0, NULL, NULL, NULL, NULL, &status, &local)) {
- nm_utils_error_set(error,
- NM_UTILS_ERROR_UNKNOWN,
- "error spawning dns-trigger: %s",
- local->message);
- return FALSE;
- }
- if (status != 0) {
- nm_utils_error_set(error,
- NM_UTILS_ERROR_UNKNOWN,
- "dns-trigger exited with error code %d",
- status);
- return FALSE;
- }
- return TRUE;
-}
-
-/*****************************************************************************/
-
-static void
-nm_dns_unbound_init(NMDnsUnbound *unbound)
-{}
-
-NMDnsPlugin *
-nm_dns_unbound_new(void)
-{
- return g_object_new(NM_TYPE_DNS_UNBOUND, NULL);
-}
-
-static void
-nm_dns_unbound_class_init(NMDnsUnboundClass *klass)
-{
- NMDnsPluginClass *plugin_class = NM_DNS_PLUGIN_CLASS(klass);
-
- plugin_class->plugin_name = "unbound";
- plugin_class->is_caching = TRUE;
- plugin_class->update = update;
-}
diff --git a/src/core/dns/nm-dns-unbound.h b/src/core/dns/nm-dns-unbound.h
deleted file mode 100644
index feb3309913..0000000000
--- a/src/core/dns/nm-dns-unbound.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-or-later */
-/*
- * Copyright (C) 2014 Red Hat, Inc.
- */
-
-#ifndef __NETWORKMANAGER_DNS_UNBOUND_H__
-#define __NETWORKMANAGER_DNS_UNBOUND_H__
-
-#include "nm-dns-plugin.h"
-
-#define NM_TYPE_DNS_UNBOUND (nm_dns_unbound_get_type())
-#define NM_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnbound))
-#define NM_DNS_UNBOUND_CLASS(klass) \
- (G_TYPE_CHECK_CLASS_CAST((klass), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass))
-#define NM_IS_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NM_TYPE_DNS_UNBOUND))
-#define NM_IS_DNS_UNBOUND_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NM_TYPE_DNS_UNBOUND))
-#define NM_DNS_UNBOUND_GET_CLASS(obj) \
- (G_TYPE_INSTANCE_GET_CLASS((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass))
-
-typedef struct _NMDnsUnbound NMDnsUnbound;
-typedef struct _NMDnsUnboundClass NMDnsUnboundClass;
-
-GType nm_dns_unbound_get_type(void);
-
-NMDnsPlugin *nm_dns_unbound_new(void);
-
-#endif /* __NETWORKMANAGER_DNS_UNBOUND_H__ */
diff --git a/src/core/meson.build b/src/core/meson.build
index 2148d23b76..f3359ad0f5 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -123,7 +123,6 @@ libNetworkManager = static_library(
'dns/nm-dns-manager.c',
'dns/nm-dns-plugin.c',
'dns/nm-dns-systemd-resolved.c',
- 'dns/nm-dns-unbound.c',
'dnsmasq/nm-dnsmasq-manager.c',
'dnsmasq/nm-dnsmasq-utils.c',
'ppp/nm-ppp-manager-call.c',