Instead of a failed check or assertion failure and a core dump, let's
produce an error message on stderr and a graceful nonzero exit status.
It's still not going to *work*, but at least we can avoid crashing.
$ dbus-send / com.example.Nope..Nope
Interface name was not valid: 'com.example.Nope.'
$ dbus-send / com.example.Nope.0
Invalid signal name: Member name was not valid: '0'
Resolves: dbus#338
Signed-off-by: Simon McVittie <smcv@collabora.com>
With this commit a new variable 'ci_local_packages' has been introduced
to have a choice for using development packages from a local installation
or from the distribution.
This required a reorganization of the steps that had been carried out.
The new order is:
1. install packages with apt-get
2. create user for build if required
3. fetch and unpack tar balls
4. create messagebus user
The SELinux log callback includes a message type. Not all messages are
auditable and those that are have varying audit types. An audit message is
a security-relevant event: security state changes, MAC permission denied,
etc. A message that is auditable is not necessarily sensitive. Messages
that are not auditable are not security-relevant, like messages about
socket polling errors. Update the auditing accordingly.
If the message is not auditable, fall through and write it to syslog.
Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
dbus-daemon fails to autolaunch with X11 on macOS 10.8+ because XQuartz
(the X11 package for macOS) provides a value for `$DISPLAY` that is
not expected by dbus, in that it contains `/` characters. This is
addressed by replacing the invalid path character `/` with `_`.
Resolves: #8Resolves: #311
dbus-daemon fails to launch on macOS 10.5 and above because of a breaking
change in setrlimit, in which RLIM_INFINITY is no longer supported
for RLIMIT_NOFILE. Instead we must use OPEN_MAX.
Resolves: #309
With this parameter, docbook will generate the same id's when generating the
same docs. This is helpful to get bit-by-bit 'reproducible' output, which
makes auditing the package easier.
Tested both the cmake output and the automake output
The older versions we were previously building against are no longer
available on mirrors.
Based on changes proposed in !189 by Arnout Engelen, and the package
list gathered by Ralf Habacker in #318.
Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/318
Signed-off-by: Simon McVittie <smcv@collabora.com>
Calling malloc() after fork is undefined behaviour if the process is
multi-threaded. locks held by a thread on fork() will never be released.
malloc() is usally protected by a lock and can therefore deadlock. glibc
is known not to deadlock in this case.
This commit does not rule out other problems on glibc-systems, but fixes an
issue on musl-libc-systems. Only restricting to async-signal safe functions
between fork() and exec() prevents undefined behaviour for sure. See
signal-safety(7).
Traditional activation is enabled/disabled with the cmake configure
parameter -DENABLE_TRADITIONAL_ACTIVATION, which is enabled by default.
This was added to the Autotools build system as part of dbus/dbus!107
but until now was not possible to disable when building with CMake.
Previously it was built on Unix platforms, but not installed. This
would prevent traditional activation on the system bus (on Linux
without systemd or non-Linux, or for services without SystemdService),
which requires the activation helper.
Because the executable is an internal implementation detail of how
traditional activation is implemented on Unix, it is not exported to
the generated cmake support files.
Resolves: dbus#310
