Our previous fix went too far towards lockdown; many things rely
on signals to work, and there's no really good reason to restrict
which signals can be emitted on the bus because we can't tie
them to a particular sender.
The previous rule <allow send_requested_reply="true"/> was actually
applied to all messages, even if they weren't a reply. This meant
that in fact the default DBus policy was effectively allow, rather
than deny as claimed.
This fix ensures that the above rule only applies to actual reply
messages.
Signed-off-by: Colin Walters <walters@verbum.org>
* dbus/dbus-marshal-recursive.c: A stray comma
between two string literals caused incorrect
output and a compiler warning.
Signed-off-by: Colin Walters <walters@verbum.org>
* dbus/dbus-sysdeps-unix.c:
* dbus/dbus-sysdeps-util-unix.c: Cast return
from sysconf temporarily so we actually see
-1.
Signed-off-by: Colin Walters <walters@verbum.org>
Dbus is doing atomic file updates by copying them, changing
the copy, and re-naming them. However, it does not synchronize
the file before re-naming, which results in corruption in
case of unclean reboots. The reason for this is that file-systems
have write-back cache and they postpone writing data to the media.
This patch adds the missed fsync() for the Unix part. I do
not have windows so cannot provide a windows port fix.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: Colin Walters <walters@verbum.org>
Patch originally from Noèl Köthe.
Modified by Colin Walters <walters@verbum.org>
* dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-unix-utils.c:
Use a while() loop to reallocate buffer if we get ERANGE
return. This fixes the case where a user is in a large
number of groups.
* test/name-test/test-privserver.c (filter_session_message, main),
* test/name-test/test-privserver-client.c (open_shutdown_private_connection):
Replace TestServer with PrivServer to match the service definition files.
Commit 91306ef938 introduced
two memory leaks on OOM error paths. In one case the
environment string array wasn't getting freed, and in the
other case it was getting freed with dbus_free instead of
dbus_free_string_array.
There have been a number of patches in the past try to key system
versus session bus policy off of the message bus type, when the
policy should be distinguished from more fine-grained options in the
individulal policy files. Hopefully, this man page update will make
that more clear.
It adjusts the environment of activated bus clients.
This is important for session managers that get started
after the session bus daemon and want to influence the
environment of desktop services that are started by the
bus.
We now keep the environment in a hash table member of the
activation object and provide a method
bus_activation_set_environment_variable to modify the
hash table. This hash table is seeded initially with the
environment of the bus daemon itself.
Previously, we'd always call execv() and unconditionally use
the environment of the parent. Now we call execve() with the
passed in environment. For compatibility, we detect if
the passed in environment is NULL and for that case, use the
environment from the parent instead.
It's a wrapper around the environ external variable.
It will be important in the future when we allow
bus clients to modify the environment of future
activated clients. Presently, we just always use the
bus daemon environment wholesale.
* dbus/dbus-connection.c (_dbus_connection_read_write_dispatch):
The double negation re no_progress_possible was obviously too
confusing: the path for dispatch = FALSE would return an inverted
status. So make it progress_possible and fix the logic.
Signed-off-by: Thiago Macieira <thiago@kde.org>
* bus/driver.c: Add GetAdtAuditSessionData method
which returns audit data for a connection.
* configure.in: Detect ADT auditing support
* dbus/dbus-auth.c: Read ADT auditing creds.
* dbus/dbus-connection.c: Implement
dbus_connection_get_adt_audit_session_data.
* dbus/dbus-connection.h: Export it.
* dbus/dbus-credentials.c: Add support for
gathering adt_audit_data and retrieving it
via _dbus_credentials_get_adt_audit_data.
* dbus/dbus-credentials.h: Add
DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID.
* dbus/dbus-protocol.h: New error
DBUS_ERROR_ADT_AUDIT_DATA_UNKNOWN.
* dbus/dbus-sysdeps.c: Support for reading
audit credentials via ADT API.
* dbus/dbus-transport.c: New function
_dbus_transport_get_adt_audit_session_data
to retrieve credentials.
* dbus/dbus-transport.h: Export it.
* dbus/dbus-connection.c (_dbus_connection_read_write_dispatch):
Reference the D-Bus connection during the function call since we
call other functions that may free the last reference and we
still expect to be able to check the connection after they return
to decide our own return value.
* dbus/dbus-connection.c (connection_forget_shared_unlocked):
Remove shared connections which lack a GUID from the list that
caches those, otherwise references to them will remain after
they have been freed.
* test/name-test/test-privserver-client.c: Update test to
try GUID-less connections too.
* dbus/dbus-bus.c (addresses_shutdown_func): Reset initialized back
to FALSE after cleaning up the address list so that it will be
reinitialized again if D-Bus is used after dbus_shutdown()
* test/name-test/test-privserver-client.c: Uncomment part of
test which should now pass.
* test/data/valid-service-files/org.freedesktop.DBus.TestSuite.PrivServer.service.in:
New service file for PrivServer.
* configure.in: Generate it.
* test/name-test/Makefile.am: Build test-privserver and
test-privserver-client.
* test/name-test/test-privserver.c: Use DBusServer to
serve a private connection.
* test/name-test/test-privserver-client.c: Connect
via session bus and get address of private server,
exercise dbus_shutdown().
* test/name-test/run-test.sh: Run it.
* test/Makefile.am: New convenience library
libdbus_testutils_la. Reorder build so that
test/ gets built before test/name-test so
name-test files can depend on it.
* test/name-test/test-shutdown.c: New file,
exercises dbus_shutdown () a bit.
* test/name-test/run-test.sh Run test-shutdown.
* test/test-utils.h: In some cases we already have
DBUS_COMPILATION defined, avoid double definition
warning.
* dbus/dbus-userdb-util.c, dbus/dbus-userdb.c: Correct name of
macro used in #ifdef block to match that defined by configure,
otherwise the userdb cache will never be enabled.
DVusPendingCall object was freed.
* dbus-connection.c: Remove the timer for the pending call's timeout in
case the reply has timed out in blocking code. This fixes bug 15684.
