GNOME.org
 

[PATCH] dns: use DBus to make dnsmasq nameserver changes

Use DBus to make nameserver updates rather than restarting the dnsmasq binary
again and again.

Signed-off-by: Mathieu Trudel-Lapierre <mathieu trudel-lapierre canonical com>
---
 src/dns-manager/nm-dns-dnsmasq.c        | 338 ++++++++++++++++++++++++++------
 src/dns-manager/nm-dns-manager.c        |  22 +++
 src/dns-manager/nm-dns-plugin.c         |  16 ++
 src/dns-manager/nm-dns-plugin.h         |   1 +
 src/org.freedesktop.NetworkManager.conf |  10 +
 5 files changed, 324 insertions(+), 63 deletions(-)

diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
index 919fa67..513ad00 100644
--- a/src/dns-manager/nm-dns-dnsmasq.c
+++ b/src/dns-manager/nm-dns-dnsmasq.c
@@ -32,6 +32,7 @@
 #include "nm-ip4-config.h"
 #include "nm-ip6-config.h"
 #include "nm-dns-utils.h"
+#include "nm-bus-manager.h"
 #include "NetworkManagerUtils.h"
 
 G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN)
@@ -42,14 +43,41 @@ G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN)
 #define CONFFILE NMRUNDIR "/dnsmasq.conf"
 #define CONFDIR NMCONFDIR "/dnsmasq.d"
 
+#define DNSMASQ_DBUS_SERVICE "org.freedesktop.NetworkManager.dnsmasq"
+#define DNSMASQ_DBUS_PATH "/uk/org/thekelleys/dnsmasq"
+
 typedef struct {
-       guint32 foo;
+       NMBusManager *dbus_mgr;
+       GDBusConnection *connection;
+       GDBusProxy *dnsmasq;
+       gboolean running;
+
+       GVariantBuilder *servers;
 } NMDnsDnsmasqPrivate;
 
 /*******************************************/
 
+static void
+add_dnsmasq_nameserver (GVariantBuilder *servers,
+                        const char *ip,
+                        const char *domain)
+{
+       nm_log_dbg (LOGD_DNS, "Adding nameserver '%s' for domain '%s'",
+                   ip, domain);
+
+       g_return_if_fail (ip);
+
+       g_variant_builder_open (servers, G_VARIANT_TYPE ("as"));
+
+       if (domain)
+               g_variant_builder_add (servers, "s", domain);
+       g_variant_builder_add (servers, "s", ip);
+
+       g_variant_builder_close (servers);
+}
+
 static gboolean
-add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split)
+add_ip4_config (GVariantBuilder *servers, NMIP4Config *ip4, gboolean split)
 {
        char buf[INET_ADDRSTRLEN];
        in_addr_t addr;
@@ -71,9 +99,9 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split)
                        /* searches are preferred over domains */
                        n = nm_ip4_config_get_num_searches (ip4);
                        for (i = 0; i < n; i++) {
-                               g_string_append_printf (str, "server=/%s/%s\n",
-                                                       nm_ip4_config_get_search (ip4, i),
-                                                       buf);
+                               add_dnsmasq_nameserver (servers,
+                                                       buf,
+                                                       nm_ip4_config_get_search (ip4, i));
                                added = TRUE;
                        }
 
@@ -81,9 +109,9 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split)
                                /* If not searches, use any domains */
                                n = nm_ip4_config_get_num_domains (ip4);
                                for (i = 0; i < n; i++) {
-                                       g_string_append_printf (str, "server=/%s/%s\n",
-                                                               nm_ip4_config_get_domain (ip4, i),
-                                                               buf);
+                                       add_dnsmasq_nameserver (servers,
+                                                               buf,
+                                                               nm_ip4_config_get_domain (ip4, i));
                                        added = TRUE;
                                }
                        }
@@ -94,7 +122,7 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split)
                        domains = nm_dns_utils_get_ip4_rdns_domains (ip4);
                        if (domains) {
                                for (iter = domains; iter && *iter; iter++)
-                                       g_string_append_printf (str, "server=/%s/%s\n", *iter, buf);
+                                       add_dnsmasq_nameserver (servers, buf, *iter);
                                g_strfreev (domains);
                                added = TRUE;
                        }
@@ -105,7 +133,8 @@ add_ip4_config (GString *str, NMIP4Config *ip4, gboolean split)
        if (!added) {
                for (i = 0; i < nnameservers; i++) {
                        addr = nm_ip4_config_get_nameserver (ip4, i);
-                       g_string_append_printf (str, "server=%s\n", nm_utils_inet4_ntop (addr, NULL));
+                       add_dnsmasq_nameserver (servers,
+                                               nm_utils_inet4_ntop (addr, NULL), NULL);
                }
        }
 
@@ -135,7 +164,7 @@ ip6_addr_to_string (const struct in6_addr *addr, const char *iface)
 }
 
 static void
-add_global_config (GString *str, const NMGlobalDnsConfig *config)
+add_global_config (GVariantBuilder *dnsmasq_servers, const NMGlobalDnsConfig *config)
 {
        guint i, j;
 
@@ -150,16 +179,16 @@ add_global_config (GString *str, const NMGlobalDnsConfig *config)
 
                for (j = 0; servers && servers[j]; j++) {
                        if (!strcmp (name, "*"))
-                               g_string_append_printf (str, "server=%s\n", servers[j]);
+                               add_dnsmasq_nameserver (dnsmasq_servers, servers[j], NULL);
                        else
-                               g_string_append_printf (str, "server=/%s/%s\n", name, servers[j]);
+                               add_dnsmasq_nameserver (dnsmasq_servers, servers[j], name);
                }
 
        }
 }
 
 static gboolean
-add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split)
+add_ip6_config (GVariantBuilder *servers, NMIP6Config *ip6, gboolean split)
 {
        const struct in6_addr *addr;
        char *buf = NULL;
@@ -183,9 +212,9 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split)
                        /* searches are preferred over domains */
                        n = nm_ip6_config_get_num_searches (ip6);
                        for (i = 0; i < n; i++) {
-                               g_string_append_printf (str, "server=/%s/%s\n",
-                                                       nm_ip6_config_get_search (ip6, i),
-                                                       buf);
+                               add_dnsmasq_nameserver (servers,
+                                                       buf,
+                                                       nm_ip6_config_get_search (ip6, i));
                                added = TRUE;
                        }
 
@@ -193,9 +222,9 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split)
                                /* If not searches, use any domains */
                                n = nm_ip6_config_get_num_domains (ip6);
                                for (i = 0; i < n; i++) {
-                                       g_string_append_printf (str, "server=/%s/%s\n",
-                                                               nm_ip6_config_get_domain (ip6, i),
-                                                               buf);
+                                       add_dnsmasq_nameserver (servers,
+                                                               buf,
+                                                               nm_ip6_config_get_domain (ip6, i));
                                        added = TRUE;
                                }
                        }
@@ -210,7 +239,7 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split)
                        addr = nm_ip6_config_get_nameserver (ip6, i);
                        buf = ip6_addr_to_string (addr, iface);
                        if (buf) {
-                               g_string_append_printf (str, "server=%s\n", buf);
+                               add_dnsmasq_nameserver (servers, buf, NULL);
                                g_free (buf);
                        }
                }
@@ -219,30 +248,155 @@ add_ip6_config (GString *str, NMIP6Config *ip6, gboolean split)
        return TRUE;
 }
 
+static void
+dnsmasq_update_done (GObject *source, GAsyncResult *res, gpointer user_data)
+{
+       NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data);
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+       GError *error = NULL;
+       GVariant *response;
+
+       response = g_dbus_proxy_call_finish (priv->dnsmasq, res, &error);
+       if (error) {
+               nm_log_warn (LOGD_DNS, "Dnsmasq update failed: (%d) %s",
+                            error ? error->code : -1,
+                            error && error->message ? error->message : "(unknown)");
+       }
+
+       if (response)
+               g_variant_unref (response);
+}
+
 static gboolean
-update (NMDnsPlugin *plugin,
-        const GSList *vpn_configs,
-        const GSList *dev_configs,
-        const GSList *other_configs,
-        const NMGlobalDnsConfig *global_config,
-        const char *hostname)
+send_dnsmasq_update (NMDnsDnsmasq *self)
 {
-       NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin);
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+
+       nm_log_dbg (LOGD_DNS, "trying to update dnsmasq nameservers");
+
+       if (!priv->servers) {
+               nm_log_warn (LOGD_DNS, "no nameservers list to send update");
+               return FALSE;
+       }
+
+       if (priv->running) {
+               g_dbus_proxy_call (priv->dnsmasq,
+                                  "SetServersEx",
+                                  g_variant_new ("(aas)",
+                                                 priv->servers),
+                                  G_DBUS_CALL_FLAGS_NONE,
+                                  -1,
+                                  NULL,
+                                  (GAsyncReadyCallback) dnsmasq_update_done,
+                                  self);
+               g_variant_builder_unref (priv->servers);
+               priv->servers = NULL;
+       } else {
+               nm_log_warn (LOGD_DNS, "Dnsmasq not found on the bus.");
+               nm_log_warn (LOGD_DNS, "The nameserver update will be sent when dnsmasq appears.");
+       }
+
+       return TRUE;
+}
+
+static void
+name_owner_changed (GObject    *object,
+                    GParamSpec *pspec,
+                    gpointer    user_data)
+{
+       NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data);
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+       gs_free char *owner = NULL;
+
+       owner = g_dbus_proxy_get_name_owner (G_DBUS_PROXY (object));
+       if (owner) {
+               nm_log_info (LOGD_DNS, "dnsmasq appeared as %s", owner);
+               priv->running = TRUE;
+               g_signal_emit_by_name (self, NM_DNS_PLUGIN_APPEARED);
+       } else {
+               nm_log_info (LOGD_DNS, "dnsmasq disappeared");
+               priv->running = FALSE;
+               g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED);
+       }
+}
+
+static void
+dnsmasq_proxy_cb (GObject *source, GAsyncResult *res, gpointer user_data)
+{
+       NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data);
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+       GError *error = NULL;
+       gs_free char *owner = NULL;
+
+       nm_log_dbg (LOGD_DNS, "dnsmasq proxy creation returned");
+
+       if (priv->dnsmasq) {
+               nm_log_dbg (LOGD_DNS, "already have an old proxy; replacing.");
+               g_object_unref (priv->dnsmasq);
+               priv->dnsmasq = NULL;
+       }
+
+       priv->dnsmasq = g_dbus_proxy_new_finish (res, &error);
+       if (!priv->dnsmasq) {
+               nm_log_warn (LOGD_DNS, "Failed to connect to dnsmasq via DBus: (%d) %s",
+                            error ? error->code : -1,
+                            error && error->message ? error->message : "(unknown)");
+       } else {
+               nm_log_dbg (LOGD_DNS, "dnsmasq proxy creation successful");
+
+               g_signal_connect (priv->dnsmasq, "notify::g-name-owner",
+                                 G_CALLBACK (name_owner_changed), self);
+               owner = g_dbus_proxy_get_name_owner (priv->dnsmasq);
+               priv->running = (owner != NULL);
+
+               if (priv->running && priv->servers)
+                       send_dnsmasq_update (self);
+       }
+}
+
+static void
+get_dnsmasq_proxy (NMDnsDnsmasq *self)
+{
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+
+       g_return_if_fail (!priv->dnsmasq);
+
+       nm_log_dbg (LOGD_DNS, "retrieving dnsmasq proxy");
+
+       if (!priv->dnsmasq) {
+               g_dbus_proxy_new (priv->connection,
+                                 G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START,
+                                 NULL,
+                                 DNSMASQ_DBUS_SERVICE,
+                                 DNSMASQ_DBUS_PATH,
+                                 DNSMASQ_DBUS_SERVICE,
+                                 NULL,
+                                 dnsmasq_proxy_cb,
+                                 self);
+       }
+}
+
+static gboolean
+start_dnsmasq (NMDnsDnsmasq *self)
+{
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
        const char *dm_binary;
-       GString *conf;
-       GSList *iter;
        const char *argv[15];
        GError *error = NULL;
        int ignored;
        GPid pid = 0;
        guint idx = 0;
+       GString *conf;
 
-       /* Kill the old dnsmasq; there doesn't appear to be a way to get dnsmasq
-        * to reread the config file using SIGHUP or similar.  This is a small race
-        * here when restarting dnsmasq when DNS requests could go to the upstream
-        * servers instead of to dnsmasq.
+       /* dnsmasq is probably already started; if it's the case, don't do
+        * anything more.
         */
-       nm_dns_plugin_child_kill (plugin);
+       if (priv->running) {
+               nm_log_dbg (LOGD_DNS, "dnsmasq is already running");
+               return TRUE;
+       }
+
+       /* Start dnsmasq */
 
        dm_binary = nm_utils_find_helper ("dnsmasq", DNSMASQ_PATH, NULL);
        if (!dm_binary) {
@@ -253,34 +407,6 @@ update (NMDnsPlugin *plugin,
        /* Build up the new dnsmasq config file */
        conf = g_string_sized_new (150);
 
-       if (global_config)
-               add_global_config (conf, global_config);
-       else {
-               /* Use split DNS for VPN configs */
-               for (iter = (GSList *) vpn_configs; iter; iter = g_slist_next (iter)) {
-                       if (NM_IS_IP4_CONFIG (iter->data))
-                               add_ip4_config (conf, NM_IP4_CONFIG (iter->data), TRUE);
-                       else if (NM_IS_IP6_CONFIG (iter->data))
-                               add_ip6_config (conf, NM_IP6_CONFIG (iter->data), TRUE);
-               }
-
-               /* Now add interface configs without split DNS */
-               for (iter = (GSList *) dev_configs; iter; iter = g_slist_next (iter)) {
-                       if (NM_IS_IP4_CONFIG (iter->data))
-                               add_ip4_config (conf, NM_IP4_CONFIG (iter->data), FALSE);
-                       else if (NM_IS_IP6_CONFIG (iter->data))
-                               add_ip6_config (conf, NM_IP6_CONFIG (iter->data), FALSE);
-               }
-
-               /* And any other random configs */
-               for (iter = (GSList *) other_configs; iter; iter = g_slist_next (iter)) {
-                       if (NM_IS_IP4_CONFIG (iter->data))
-                               add_ip4_config (conf, NM_IP4_CONFIG (iter->data), FALSE);
-                       else if (NM_IS_IP6_CONFIG (iter->data))
-                               add_ip6_config (conf, NM_IP6_CONFIG (iter->data), FALSE);
-               }
-       }
-
        /* Write out the config file */
        if (!g_file_set_contents (CONFFILE, conf->str, -1, &error)) {
                nm_log_warn (LOGD_DNS, "Failed to write dnsmasq config file %s: %s",
@@ -304,6 +430,7 @@ update (NMDnsPlugin *plugin,
        argv[idx++] = "--conf-file=" CONFFILE;
        argv[idx++] = "--cache-size=400";
        argv[idx++] = "--proxy-dnssec"; /* Allow DNSSEC to pass through */
+       argv[idx++] = "--enable-dbus=" DNSMASQ_DBUS_SERVICE;
 
        /* dnsmasq exits if the conf dir is not present */
        if (g_file_test (CONFDIR, G_FILE_TEST_IS_DIR))
@@ -315,11 +442,77 @@ update (NMDnsPlugin *plugin,
        /* And finally spawn dnsmasq */
        pid = nm_dns_plugin_child_spawn (NM_DNS_PLUGIN (self), argv, PIDFILE, "bin/dnsmasq");
 
+       if (pid && !priv->dnsmasq)
+               get_dnsmasq_proxy (self);
 out:
        g_string_free (conf, TRUE);
        return pid ? TRUE : FALSE;
 }
 
+static gboolean
+update (NMDnsPlugin *plugin,
+        const GSList *vpn_configs,
+        const GSList *dev_configs,
+        const GSList *other_configs,
+        const NMGlobalDnsConfig *global_config,
+        const char *hostname)
+{
+       NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin);
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+       GSList *iter;
+       GError *error = NULL;
+       gboolean ret = FALSE;
+
+       if (!priv->running)
+               start_dnsmasq (self);
+
+       if (priv->servers)
+               g_variant_builder_unref (priv->servers);
+       priv->servers = g_variant_builder_new (G_VARIANT_TYPE ("aas"));
+
+       if (global_config)
+               add_global_config (priv->servers, global_config);
+       else {
+               /* Use split DNS for VPN configs */
+               for (iter = (GSList *) vpn_configs; iter; iter = g_slist_next (iter)) {
+                       if (NM_IS_IP4_CONFIG (iter->data))
+                               add_ip4_config (priv->servers, NM_IP4_CONFIG (iter->data), TRUE);
+                       else if (NM_IS_IP6_CONFIG (iter->data))
+                               add_ip6_config (priv->servers, NM_IP6_CONFIG (iter->data), TRUE);
+               }
+
+               /* Now add interface configs without split DNS */
+               for (iter = (GSList *) dev_configs; iter; iter = g_slist_next (iter)) {
+                       if (NM_IS_IP4_CONFIG (iter->data))
+                               add_ip4_config (priv->servers, NM_IP4_CONFIG (iter->data), FALSE);
+                       else if (NM_IS_IP6_CONFIG (iter->data))
+                               add_ip6_config (priv->servers, NM_IP6_CONFIG (iter->data), FALSE);
+               }
+
+               /* And any other random configs */
+               for (iter = (GSList *) other_configs; iter; iter = g_slist_next (iter)) {
+                       if (NM_IS_IP4_CONFIG (iter->data))
+                               add_ip4_config (priv->servers, NM_IP4_CONFIG (iter->data), FALSE);
+                       else if (NM_IS_IP6_CONFIG (iter->data))
+                               add_ip6_config (priv->servers, NM_IP6_CONFIG (iter->data), FALSE);
+               }
+       }
+
+       ret = send_dnsmasq_update (self);
+
+       /* If all the configs lists are empty, there is just nothing to be caching --
+        * we cleared up the dnsmasq cache; but we should also fail the update, so
+        * that we don't write 127.0.0.1 to resolv.conf.
+        */
+       if (((vpn_configs && g_slist_length ((GSList *) vpn_configs) < 1) || !vpn_configs) &&
+           ((dev_configs && g_slist_length ((GSList *) dev_configs) < 1) || !dev_configs) &&
+           ((other_configs && g_slist_length ((GSList *) other_configs) < 1) || !other_configs))
+               ret = FALSE;
+
+out:
+       return ret;
+}
+
 /****************************************************************/
 
 static const char *
@@ -393,13 +586,32 @@ nm_dns_dnsmasq_new (void)
 static void
 nm_dns_dnsmasq_init (NMDnsDnsmasq *self)
 {
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+
+       priv->dbus_mgr = nm_bus_manager_get ();
+       priv->running = FALSE;
+
+       g_assert (priv->dbus_mgr);
+
+       priv->connection = nm_bus_manager_get_connection (priv->dbus_mgr);
+       if (!priv->connection)
+               nm_log_warn (LOGD_DNS, "Could not get the system bus to speak to dnsmasq.");
+       else
+               get_dnsmasq_proxy (self);
 }
 
 static void
 dispose (GObject *object)
 {
+       NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (object);
+
        unlink (CONFFILE);
 
+       if (priv->dbus_mgr) {
+               g_object_unref (priv->dbus_mgr);
+               priv->dbus_mgr = NULL;
+       }
+
        G_OBJECT_CLASS (nm_dns_dnsmasq_parent_class)->dispose (object);
 }
 
diff --git a/src/dns-manager/nm-dns-manager.c b/src/dns-manager/nm-dns-manager.c
index 79d345b..9bc037e 100644
--- a/src/dns-manager/nm-dns-manager.c
+++ b/src/dns-manager/nm-dns-manager.c
@@ -1017,6 +1017,27 @@ update_dns (NMDnsManager *self,
 }
 
 static void
+plugin_appeared (NMDnsPlugin *plugin, gpointer user_data)
+{
+       NMDnsManager *self = NM_DNS_MANAGER (user_data);
+       NMDnsManagerPrivate *priv = NM_DNS_MANAGER_GET_PRIVATE (self);
+       GError *error = NULL;
+
+       /* Not applicable to non-caching plugins */
+       if (!nm_dns_plugin_is_caching (plugin))
+               return;
+
+       /* Try to update DNS again; since it's now available on the bus this
+        * might work. */
+       if (!update_dns (self, FALSE, &error)) {
+               nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
+                            error ? error->code : -1,
+                            error && error->message ? error->message : "(unknown)");
+               g_clear_error (&error);
+       }
+}
+
+static void
 plugin_failed (NMDnsPlugin *plugin, gpointer user_data)
 {
        NMDnsManager *self = NM_DNS_MANAGER (user_data);
@@ -1366,6 +1387,7 @@ init_resolv_conf_mode (NMDnsManager *self)
        if (priv->plugin) {
                g_signal_connect (priv->plugin, NM_DNS_PLUGIN_FAILED, G_CALLBACK (plugin_failed), self);
                g_signal_connect (priv->plugin, NM_DNS_PLUGIN_CHILD_QUIT, G_CALLBACK (plugin_child_quit), 
self);
+               g_signal_connect (priv->plugin, NM_DNS_PLUGIN_APPEARED, G_CALLBACK (plugin_appeared), self);
        }
 
 out:
diff --git a/src/dns-manager/nm-dns-plugin.c b/src/dns-manager/nm-dns-plugin.c
index 6bdcbce..4e33570 100644
--- a/src/dns-manager/nm-dns-plugin.c
+++ b/src/dns-manager/nm-dns-plugin.c
@@ -43,6 +43,7 @@ G_DEFINE_TYPE_EXTENDED (NMDnsPlugin, nm_dns_plugin, G_TYPE_OBJECT, G_TYPE_FLAG_A
 
 enum {
        FAILED,
+       APPEARED,
        CHILD_QUIT,
        LAST_SIGNAL
 };
@@ -133,6 +134,12 @@ watch_cb (GPid pid, gint status, gpointer user_data)
        g_free (priv->progname);
        priv->progname = NULL;
 
+       if (priv->pidfile) {
+               unlink (priv->pidfile);
+               g_free (priv->pidfile);
+               priv->pidfile = NULL;
+       }
+
        g_signal_emit (self, signals[CHILD_QUIT], 0, status);
 }
 
@@ -262,6 +269,15 @@ nm_dns_plugin_class_init (NMDnsPluginClass *plugin_class)
                                          g_cclosure_marshal_VOID__VOID,
                                          G_TYPE_NONE, 0);
 
+       signals[APPEARED] =
+               g_signal_new (NM_DNS_PLUGIN_APPEARED,
+                                         G_OBJECT_CLASS_TYPE (object_class),
+                                         G_SIGNAL_RUN_FIRST,
+                                         G_STRUCT_OFFSET (NMDnsPluginClass, failed),
+                                         NULL, NULL,
+                                         g_cclosure_marshal_VOID__VOID,
+                                         G_TYPE_NONE, 0);
+
        signals[CHILD_QUIT] =
                g_signal_new (NM_DNS_PLUGIN_CHILD_QUIT,
                                          G_OBJECT_CLASS_TYPE (object_class),
diff --git a/src/dns-manager/nm-dns-plugin.h b/src/dns-manager/nm-dns-plugin.h
index 7ecaa42..6ed5b1b 100644
--- a/src/dns-manager/nm-dns-plugin.h
+++ b/src/dns-manager/nm-dns-plugin.h
@@ -31,6 +31,7 @@
 #define NM_DNS_PLUGIN_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_DNS_PLUGIN, 
NMDnsPluginClass))
 
 #define NM_DNS_PLUGIN_FAILED "failed"
+#define NM_DNS_PLUGIN_APPEARED "appeared"
 #define NM_DNS_PLUGIN_CHILD_QUIT "child-quit"
 
 #define IP_CONFIG_IFACE_TAG "dns-manager-iface"
diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf
index dd630e1..d130f7e 100644
--- a/src/org.freedesktop.NetworkManager.conf
+++ b/src/org.freedesktop.NetworkManager.conf
@@ -26,6 +26,13 @@
                 <allow send_destination="org.freedesktop.NetworkManager.fortisslvpn"/>
                 <allow send_destination="org.freedesktop.NetworkManager.strongswan"/>
                 <allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>
+
+                <!-- Allow the custom name for the dnsmasq instance spawned by NM
+                     from the dns dnsmasq plugin to own it's dbus name, and for
+                     messages to be sent to it.
+                 -->
+                <allow own="org.freedesktop.NetworkManager.dnsmasq"/>
+                <allow send_destination="org.freedesktop.NetworkManager.dnsmasq"/>
         </policy>
         <policy context="default">
                 <deny own="org.freedesktop.NetworkManager"/>
@@ -127,6 +134,9 @@
                 <deny send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Settings"
                       send_member="ReloadConnections"/>
+
+                <deny own="org.freedesktop.NetworkManager.dnsmasq"/>
+                <deny send_destination="org.freedesktop.NetworkManager.dnsmasq"/>
         </policy>
 
        <limit name="max_replies_per_connection">1024</limit>
-- 
2.7.0
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]