From 6062b9ef85830de27366b29f8d532512952b062a Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa <sunil@medhas.org>
Date: Wed, 4 Sep 2024 09:44:04 -0700
Subject: [PATCH] names: Restart instead of reload for systemd-resolved changes

- Reloading systemd-resolved does not seem to apply the DNS-over-TLS changes
fully. Although resolvectl shows the new status after a reload, systemd-resolved
seems to be using incorrect DNS-over-TLS setting.

Tests:

- Without the patch, set DNS server that does not support DNS-over-TLS such as
dnsmasq in Network Manager's 'shared' connection. Then enable DNS-over-TLS.
resolvectl shows that DNSOverTLS flag correctly. But name resolutions still
work.

- With the patch, repeat the above and notice that resolution does not work.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
---
 plinth/modules/names/privileged.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/plinth/modules/names/privileged.py b/plinth/modules/names/privileged.py
index 8b1c464fd..84c8186bc 100644
--- a/plinth/modules/names/privileged.py
+++ b/plinth/modules/names/privileged.py
@@ -26,7 +26,9 @@ def set_resolved_configuration(dns_fallback: bool | None = None,
     if dns_over_tls is not None:
         _set_resolved_configuration(dns_over_tls)
 
-    action_utils.service_reload('systemd-resolved')
+    # Workaround buggy reload that does not apply DNS-over-TLS changes
+    # properly.
+    action_utils.service_try_restart('systemd-resolved')
 
 
 def get_resolved_configuration() -> dict[str, bool]: