dns/resolved: branch 'th/systemd-resolved-bgo762540'

https://bugzilla.gnome.org/show_bug.cgi?id=762540

man/NetworkManager.conf.xml

@@ -275,10 +275,12 @@ no-auto-default=*
       <varlistentry>
         <term><varname>dns</varname></term>
         <listitem><para>Set the DNS (<filename>resolv.conf</filename>) processing mode.</para>
-        <para><literal>default</literal>: The default if the key is
-        not specified. NetworkManager will update
+        <para><literal>default</literal>: NetworkManager will update
         <filename>resolv.conf</filename> to reflect the nameservers
-        provided by currently active connections.</para>
+        provided by currently active connections.  This is the default
+        if the key is not specified, unless the system is configured
+        to use systemd-resolved; in this case the default is
+        <literal>systemd-resolved</literal></para>
         <para><literal>dnsmasq</literal>: NetworkManager will run
         dnsmasq as a local caching nameserver, using a "split DNS"
         configuration if you are connected to a VPN, and then update
@@ -288,6 +290,8 @@ no-auto-default=*
         to unbound and dnssec-triggerd, providing a "split DNS"
         configuration with DNSSEC support. The /etc/resolv.conf
         will be managed by dnssec-trigger daemon.</para>
+        <para><literal>systemd-resolved</literal>: NetworkManager will
+        push the DNS configuration to systemd-resolved</para>
         <para><literal>none</literal>: NetworkManager will not
         modify resolv.conf. This implies
         <literal>rc-manager</literal>&nbsp;<literal>unmanaged</literal></para>

src/Makefile.am

@@ -345,6 +345,8 @@ libNetworkManager_la_SOURCES = \
 	\
 	dns-manager/nm-dns-dnsmasq.c \
 	dns-manager/nm-dns-dnsmasq.h \
+	dns-manager/nm-dns-systemd-resolved.c \
+	dns-manager/nm-dns-systemd-resolved.h \
 	dns-manager/nm-dns-unbound.c \
 	dns-manager/nm-dns-unbound.h \
 	dns-manager/nm-dns-manager.c \

src/dns-manager/nm-dns-manager.c

@@ -45,6 +45,7 @@
 
 #include "nm-dns-plugin.h"
 #include "nm-dns-dnsmasq.h"
+#include "nm-dns-systemd-resolved.h"
 #include "nm-dns-unbound.h"
 
 #if WITH_LIBSOUP
@@ -1588,6 +1589,37 @@ _check_resconf_immutable (NMDnsManagerResolvConfManager rc_manager)
 
 NM_DEFINE_SINGLETON_GETTER (NMDnsManager, nm_dns_manager_get, NM_TYPE_DNS_MANAGER);
 
+static gboolean
+_resolvconf_resolved_managed (void)
+{
+	static const char *const resolved_paths[] = {
+		"/run/systemd/resolve/resolv.conf",
+		"/lib/systemd/resolv.conf",
+		"/usr/lib/systemd/resolv.conf",
+	};
+	GFile *f;
+	GFileInfo *info;
+	gboolean ret = FALSE;
+
+	f = g_file_new_for_path (_PATH_RESCONF);
+	info = g_file_query_info (f,
+	                          G_FILE_ATTRIBUTE_STANDARD_IS_SYMLINK","\
+	                          G_FILE_ATTRIBUTE_STANDARD_SYMLINK_TARGET,
+	                          G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS,
+	                          NULL, NULL);
+
+	if (info && g_file_info_get_is_symlink (info)) {
+		ret = _nm_utils_strv_find_first ((gchar **) resolved_paths,
+		                                 G_N_ELEMENTS (resolved_paths),
+		                                 g_file_info_get_symlink_target (info)) >= 0;
+	}
+
+	g_clear_object(&info);
+	g_clear_object(&f);
+
+	return ret;
+}
+
 static void
 init_resolv_conf_mode (NMDnsManager *self, gboolean force_reload_plugin)
 {
@@ -1633,7 +1665,16 @@ again:
 
 	rc_manager = _check_resconf_immutable (rc_manager);
 
-	if (nm_streq0 (mode, "dnsmasq")) {
+	if (   (!mode && _resolvconf_resolved_managed ())
+	    || nm_streq0 (mode, "systemd-resolved")) {
+		if (   force_reload_plugin
+		    || !NM_IS_DNS_SYSTEMD_RESOLVED (priv->plugin)) {
+			_clear_plugin (self);
+			priv->plugin = nm_dns_systemd_resolved_new ();
+			plugin_changed = TRUE;
+		}
+		mode = "systemd-resolved";
+	} else if (nm_streq0 (mode, "dnsmasq")) {
 		if (force_reload_plugin || !NM_IS_DNS_DNSMASQ (priv->plugin)) {
 			_clear_plugin (self);
 			priv->plugin = nm_dns_dnsmasq_new ();

src/dns-manager/nm-dns-systemd-resolved.c

@@ -0,0 +1,411 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/*
+ * Copyright (C) 2010 Dan Williams <dcbw@redhat.com>
+ * Copyright (C) 2016 Sjoerd Simons <sjoerd@luon.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include "nm-default.h"
+
+#include "nm-dns-systemd-resolved.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <arpa/inet.h>
+#include <sys/stat.h>
+#include <linux/if.h>
+
+#include "nm-core-internal.h"
+#include "nm-platform.h"
+#include "nm-utils.h"
+#include "nm-ip4-config.h"
+#include "nm-ip6-config.h"
+#include "nm-bus-manager.h"
+#include "nm-manager.h"
+#include "nm-device.h"
+#include "NetworkManagerUtils.h"
+
+G_DEFINE_TYPE (NMDnsSystemdResolved, nm_dns_systemd_resolved, NM_TYPE_DNS_PLUGIN)
+
+#define NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE(o) \
+  (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_DNS_SYSTEMD_RESOLVED, \
+    NMDnsSystemdResolvedPrivate))
+
+#define SYSTEMD_RESOLVED_DBUS_SERVICE "org.freedesktop.resolve1"
+#define SYSTEMD_RESOLVED_DBUS_PATH "/org/freedesktop/resolve1"
+
+typedef struct {
+	int ifindex;
+	GList *configs;
+} InterfaceConfig;
+
+typedef struct {
+	GDBusProxy *resolve;
+	GCancellable *init_cancellable;
+	GCancellable *update_cancellable;
+	GQueue dns_updates;
+	GQueue domain_updates;
+} NMDnsSystemdResolvedPrivate;
+
+/*****************************************************************************/
+
+#define _NMLOG_DOMAIN         LOGD_DNS
+#define _NMLOG_PREFIX_NAME    "systemd-resolved"
+#define _NMLOG(level, ...) \
+    G_STMT_START { \
+        nm_log ((level), _NMLOG_DOMAIN, \
+                "%s[%p]: " _NM_UTILS_MACRO_FIRST(__VA_ARGS__), \
+                _NMLOG_PREFIX_NAME, \
+                (self) \
+                _NM_UTILS_MACRO_REST(__VA_ARGS__)); \
+    } G_STMT_END
+
+/*****************************************************************************/
+
+static void
+call_done (GObject *source, GAsyncResult *r, gpointer user_data)
+{
+	GVariant *v;
+	GError *error = NULL;
+	NMDnsSystemdResolved *self = (NMDnsSystemdResolved *) user_data;
+
+	v = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), r, &error);
+
+	if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
+		return;
+
+	if (error != NULL) {
+		_LOGW ("Failed: %s\n", error->message);
+		g_error_free (error);
+	}
+}
+
+static void
+add_interface_configuration (NMDnsSystemdResolved *self,
+                             GArray *interfaces,
+                             const NMDnsIPConfigData *data)
+{
+	int i;
+	InterfaceConfig *ic = NULL;
+	int ifindex;
+	NMDevice *device;
+
+	if (NM_IS_IP4_CONFIG (data->config))
+		ifindex = nm_ip4_config_get_ifindex (data->config);
+	else if (NM_IS_IP6_CONFIG  (data->config))
+		ifindex = nm_ip6_config_get_ifindex (data->config);
+	else
+		g_return_if_reached ();
+
+	device = nm_manager_get_device_by_ifindex (nm_manager_get (), ifindex);
+
+	if (!nm_device_get_managed (device, FALSE))
+		return;
+
+	for (i = 0; i < interfaces->len; i++) {
+		InterfaceConfig *tic = &g_array_index (interfaces, InterfaceConfig, i);
+		if (ifindex == tic->ifindex) {
+			ic = tic;
+			break;
+		}
+	}
+
+	if (!ic) {
+		g_array_set_size (interfaces, interfaces->len + 1);
+		ic = &g_array_index (interfaces, InterfaceConfig,
+		                     interfaces->len - 1);
+		ic->ifindex = ifindex;
+	}
+
+	ic->configs = g_list_append (ic->configs, data->config);
+}
+
+static void
+update_add_ip6_config (NMDnsSystemdResolved *self,
+                       GVariantBuilder *dns,
+                       GVariantBuilder *domains,
+                       const NMIP6Config *config)
+{
+	int i;
+
+	for (i = 0 ; i < nm_ip6_config_get_num_nameservers (config); i++) {
+		const struct in6_addr *ip;
+
+		g_variant_builder_open (dns, G_VARIANT_TYPE ("(iay)"));
+		g_variant_builder_add (dns, "i", AF_INET6);
+		ip = nm_ip6_config_get_nameserver (config, i),
+
+		g_variant_builder_add_value (dns, g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, ip, 16, 1));
+		g_variant_builder_close (dns);
+	}
+
+	for (i = 0; i < nm_ip6_config_get_num_searches (config); i++) {
+		g_variant_builder_add (domains, "(sb)",
+		                       nm_ip6_config_get_search (config, i),
+		                       FALSE);
+	}
+
+	for (i = 0; i < nm_ip6_config_get_num_domains (config); i++) {
+		g_variant_builder_add (domains, "(sb)",
+		                       nm_ip6_config_get_domain (config, i),
+		                       TRUE);
+	}
+}
+
+static void
+update_add_ip4_config (NMDnsSystemdResolved *self,
+                       GVariantBuilder *dns,
+                       GVariantBuilder *domains,
+                       const NMIP4Config *config)
+{
+	int i;
+
+	for (i = 0 ; i < nm_ip4_config_get_num_nameservers (config); i++) {
+		guint32 ns;
+
+		g_variant_builder_open (dns, G_VARIANT_TYPE ("(iay)"));
+		g_variant_builder_add (dns, "i", AF_INET);
+		ns = nm_ip4_config_get_nameserver (config, i),
+
+		g_variant_builder_add_value (dns, g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, &ns, 4, 1));
+		g_variant_builder_close (dns);
+	}
+
+	for (i = 0; i < nm_ip4_config_get_num_searches (config); i++) {
+		g_variant_builder_add (domains, "(sb)",
+		                       nm_ip4_config_get_search (config, i),
+		                       FALSE);
+	}
+
+	for (i = 0; i < nm_ip4_config_get_num_domains (config); i++) {
+		g_variant_builder_add (domains, "(sb)",
+		                       nm_ip4_config_get_domain (config, i),
+		                       TRUE);
+	}
+}
+
+static void
+free_pending_updates (NMDnsSystemdResolved *self)
+{
+	NMDnsSystemdResolvedPrivate *priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+	GVariant *v;
+
+	while ((v = g_queue_pop_head (&priv->dns_updates)) != NULL)
+		g_variant_unref (v);
+
+	while ((v = g_queue_pop_head (&priv->domain_updates)) != NULL)
+		g_variant_unref (v);
+}
+
+static void
+prepare_one_interface (NMDnsSystemdResolved *self, InterfaceConfig *ic)
+{
+	NMDnsSystemdResolvedPrivate *priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+	GVariantBuilder dns, domains;
+	GList *l;
+
+	g_variant_builder_init (&dns, G_VARIANT_TYPE ("(ia(iay))"));
+	g_variant_builder_add (&dns, "i", ic->ifindex);
+	g_variant_builder_open (&dns, G_VARIANT_TYPE ("a(iay)"));
+
+	g_variant_builder_init (&domains, G_VARIANT_TYPE ("(ia(sb))"));
+	g_variant_builder_add (&domains, "i", ic->ifindex);
+	g_variant_builder_open (&domains, G_VARIANT_TYPE ("a(sb)"));
+
+	for (l = ic->configs ; l != NULL ; l = g_list_next (l)) {
+		if (NM_IS_IP4_CONFIG (l->data))
+			update_add_ip4_config (self, &dns, &domains, l->data);
+		else if (NM_IS_IP6_CONFIG (l->data))
+			update_add_ip6_config (self, &dns, &domains, l->data);
+		else
+			g_assert_not_reached ();
+	}
+	g_variant_builder_close (&dns);
+	g_variant_builder_close (&domains);
+
+	g_queue_push_tail (&priv->dns_updates,
+	                   g_variant_ref_sink (g_variant_builder_end (&dns)));
+	g_queue_push_tail (&priv->domain_updates,
+	                   g_variant_ref_sink (g_variant_builder_end (&domains)));
+}
+
+static void
+send_updates (NMDnsSystemdResolved *self)
+{
+	NMDnsSystemdResolvedPrivate *priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+	GVariant *v;
+
+	nm_clear_g_cancellable (&priv->update_cancellable);
+
+	if (!priv->resolve)
+		return;
+
+	priv->update_cancellable = g_cancellable_new ();
+
+	while ((v = g_queue_pop_head (&priv->dns_updates)) != NULL) {
+		g_dbus_proxy_call (priv->resolve, "SetLinkDNS", v,
+		                   G_DBUS_CALL_FLAGS_NONE,
+		                   -1, priv->update_cancellable, call_done, self);
+		g_variant_unref (v);
+	}
+
+	while ((v = g_queue_pop_head (&priv->domain_updates)) != NULL) {
+		g_dbus_proxy_call (priv->resolve, "SetLinkDomains", v,
+		                   G_DBUS_CALL_FLAGS_NONE,
+		                   -1, priv->update_cancellable, call_done, self);
+		g_variant_unref (v);
+	}
+}
+
+static gboolean
+update (NMDnsPlugin *plugin,
+        const NMDnsIPConfigData **configs,
+        const NMGlobalDnsConfig *global_config,
+        const char *hostname)
+{
+	NMDnsSystemdResolved *self = NM_DNS_SYSTEMD_RESOLVED (plugin);
+	GArray *interfaces = g_array_new (TRUE, TRUE, sizeof (InterfaceConfig));
+	const NMDnsIPConfigData **c;
+	int i;
+
+	for (c = configs; *c != NULL; c++)
+		add_interface_configuration (self, interfaces, *c);
+
+	free_pending_updates (self);
+
+	for (i = 0; i < interfaces->len; i++) {
+		InterfaceConfig *ic = &g_array_index (interfaces, InterfaceConfig, i);
+
+		prepare_one_interface (self, ic);
+		g_list_free (ic->configs);
+	}
+
+	g_array_free (interfaces, TRUE);
+
+	send_updates (self);
+
+	return TRUE;
+}
+
+/****************************************************************/
+
+static gboolean
+is_caching (NMDnsPlugin *plugin)
+{
+	return TRUE;
+}
+
+static const char *
+get_name (NMDnsPlugin *plugin)
+{
+	return "systemd-resolved";
+}
+
+/****************************************************************/
+
+NMDnsPlugin *
+nm_dns_systemd_resolved_new (void)
+{
+	return g_object_new (NM_TYPE_DNS_SYSTEMD_RESOLVED, NULL);
+}
+
+static void
+resolved_proxy_created (GObject *source, GAsyncResult *r, gpointer user_data)
+{
+	NMDnsSystemdResolved *self = (NMDnsSystemdResolved *) user_data;
+	NMDnsSystemdResolvedPrivate *priv;
+	gs_free_error GError *error = NULL;
+	GDBusProxy *resolve;
+
+	resolve = g_dbus_proxy_new_finish (r, &error);
+	if (   !resolve
+	    && g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
+		return;
+
+	priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+	g_clear_object (&priv->init_cancellable);
+	if (!resolve) {
+		_LOGW ("failed to connect to resolved via DBus: %s", error->message);
+		g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED);
+		return;
+	}
+
+	priv->resolve = resolve;
+	send_updates (self);
+}
+
+
+static void
+nm_dns_systemd_resolved_init (NMDnsSystemdResolved *self)
+{
+	NMDnsSystemdResolvedPrivate *priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+	NMBusManager *dbus_mgr;
+	GDBusConnection *connection;
+
+	g_queue_init (&priv->dns_updates);
+	g_queue_init (&priv->domain_updates);
+
+	dbus_mgr = nm_bus_manager_get ();
+	g_return_if_fail (dbus_mgr);
+
+	connection = nm_bus_manager_get_connection (dbus_mgr);
+	g_return_if_fail (connection);
+
+	priv->init_cancellable = g_cancellable_new ();
+	g_dbus_proxy_new (connection,
+	                  G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |
+	                  G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,
+	                  NULL,
+	                  SYSTEMD_RESOLVED_DBUS_SERVICE,
+	                  SYSTEMD_RESOLVED_DBUS_PATH,
+	                  SYSTEMD_RESOLVED_DBUS_SERVICE ".Manager",
+	                  priv->init_cancellable,
+	                  resolved_proxy_created,
+	                  self);
+}
+
+static void
+dispose (GObject *object)
+{
+	NMDnsSystemdResolved *self = NM_DNS_SYSTEMD_RESOLVED (object);
+	NMDnsSystemdResolvedPrivate *priv = NM_DNS_SYSTEMD_RESOLVED_GET_PRIVATE (self);
+
+	free_pending_updates (self);
+	g_clear_object (&priv->resolve);
+	nm_clear_g_cancellable (&priv->init_cancellable);
+	nm_clear_g_cancellable (&priv->update_cancellable);
+
+	G_OBJECT_CLASS (nm_dns_systemd_resolved_parent_class)->dispose (object);
+}
+
+static void
+nm_dns_systemd_resolved_class_init (NMDnsSystemdResolvedClass *dns_class)
+{
+	NMDnsPluginClass *plugin_class = NM_DNS_PLUGIN_CLASS (dns_class);
+	GObjectClass *object_class = G_OBJECT_CLASS (dns_class);
+
+	g_type_class_add_private (dns_class, sizeof (NMDnsSystemdResolvedPrivate));
+
+	object_class->dispose = dispose;
+
+	plugin_class->is_caching = is_caching;
+	plugin_class->update = update;
+	plugin_class->get_name = get_name;
+}
+

src/dns-manager/nm-dns-systemd-resolved.h

@@ -0,0 +1,45 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2010 Red Hat, Inc.
+ * Copyright (C) 2016 Sjoerd Simons <sjoerd@luon.net>
+ */
+
+#ifndef __NETWORKMANAGER_DNS_SYSTEMD_RESOLVED_H__
+#define __NETWORKMANAGER_DNS_SYSTEMD_RESOLVED_H__
+
+#include "nm-dns-plugin.h"
+
+#define NM_TYPE_DNS_SYSTEMD_RESOLVED            (nm_dns_systemd_resolved_get_type ())
+#define NM_DNS_SYSTEMD_RESOLVED(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_DNS_SYSTEMD_RESOLVED, NMDnsSystemdResolved))
+#define NM_DNS_SYSTEMD_RESOLVED_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_DNS_SYSTEMD_RESOLVED, NMDnsSystemdResolvedClass))
+#define NM_IS_DNS_SYSTEMD_RESOLVED(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_DNS_SYSTEMD_RESOLVED))
+#define NM_IS_DNS_SYSTEMD_RESOLVED_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NM_TYPE_DNS_SYSTEMD_RESOLVED))
+#define NM_DNS_SYSTEMD_RESOLVED_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_DNS_SYSTEMD_RESOLVED, NMDnsSystemdResolvedClass))
+
+typedef struct {
+	NMDnsPlugin parent;
+} NMDnsSystemdResolved;
+
+typedef struct {
+	NMDnsPluginClass parent;
+} NMDnsSystemdResolvedClass;
+
+GType nm_dns_systemd_resolved_get_type (void);
+
+NMDnsPlugin *nm_dns_systemd_resolved_new (void);
+
+#endif /* __NETWORKMANAGER_DNS_SYSTEMD_RESOLVED_H__ */
+