summaryrefslogtreecommitdiff
path: root/src/bus-proxyd
AgeCommit message (Collapse)Author
2014-10-09bus-proxy: allow getpeersec() to failDaniel Mack
getpeersec() will fail for non-SELinux enabled machines, so don't make that a hard error.
2014-10-09bus-policy: move name list iteration to policy usersDaniel Mack
We need to figure out which of the possible names satisfied the policy, so we cannot do the iteration in check_policy_item() but have to leave it to the users. Test cases amended accordingly.
2014-10-07bus-proxyd: assorted cleanups and fixesDaniel Mack
Just some cleanups around policy checks that came up during review. The code is still not productive.
2014-10-07bus-proxyd: check return values of getpeercred() and getpeersec()Daniel Mack
If we can't get the remote peer or security creds, bail out. Spotted by coverity.
2014-10-06sd-bus: sync kdbus.h (ABI break)Daniel Mack
The KDBUS_CMD_FREE ioctl now uses a struct rather than a direct pointer to the offset to free. The KDBUS_CMD_MSG_CANCEL ioctl has also changes, but there's no user of it yet in systemd.
2014-10-01Remove repeated includesThomas Hindoe Paaboel Andersen
In pty.c there was both an include of our pty.h and the system installed pty.h. The latter contains only two functions openpty and forkpty. We use neither so I assume it was a typo and removed it. We still compile and pass all tests.
2014-09-28test-bus-policy: silence coverityThomas Hindoe Paaboel Andersen
Check if strjoin worked and also use _cleanup_free_ since we are here. Found with Coverity. Fixes CID#1241962
2014-09-26test-bus-policy: load policy files from TEST_DIRDaniel Mack
'make distcheck' calls test-bus-policy outside of the source tree, so it must consider the TEST_DIR variable to access its files.
2014-09-25bus-proxy: drop one wrong assert()Tom Gundersen
2014-09-25bus-proxyd: add some assertsTom Gundersen
Both as documentation, and to make Coverity happy. Fixes CID #1241495 and #1241496.
2014-09-24bus-policy: split API for bus-proxydDaniel Mack
Instead of operating on an sd_bus_message object, expose an API that has 4 functions: policy_check_own() policy_check_hello() policy_check_recv() policy_check_send() This also allows dropping extra code to parse message contents - the bus proxy already has dedicated code paths for that, and we can hook into those later. Tests amended accordingly.
2014-09-22sd-bus: sync kdbus.h (API+ABI break)Daniel Mack
The kdbus logic name registry logic was changed to transport the actual name to acquire, release or report in a kdbus item. This brings the name API a little more in line with other calls, and allows for later augmentation. Follow that change on the systemd side.
2014-09-20bus-policy: add test utilityDaniel Mack
Add some test files and routines for dbus policy checking.
2014-09-20bus-policy: add policy check functionDaniel Mack
Add policy_check() to actually check whether an incoming message is allowed by the policy. The code is not yet used from the proxy daemon, though.
2014-09-20bus-policy: print numeric [gu]id in dump_items()Daniel Mack
2014-09-20bus-policy: do not exit() from policy_dump()Daniel Mack
This function is quite useful for debugging. Exiting from it seems unnecessary.
2014-09-20bus-policy: implement dump_items() with LIST_FOREACHDaniel Mack
Instead of making the function call itself recursively.
2014-09-20bus-policy: resolve [ug]id of POLICY_ITEM_{USER,GROUP}Daniel Mack
Do the lookup during parsing already, and set i->uid, or i->gid to the numerical values.
2014-09-20bus_policy: set i->[ug]id_validDaniel Mack
2014-09-20bus-policy: append items rather than prepending themDaniel Mack
In the D-Bus policy, the order of items matters, so make sure to store them in the same order as they are parsed by the sax parser.
2014-09-20bus-policy: story mandatory items in right listDaniel Mack
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-08-21notify: send STOPPING=1 from our daemonsLennart Poettering
2014-08-05bus-proxy: service_name_is_valid will never be < 0Thomas Hindoe Paaboel Andersen
2014-08-04bus: always explicitly close bus from main programsLennart Poettering
Since b5eca3a2059f9399d1dc52cbcf9698674c4b1cf0 we don't attempt to GC busses anymore when unsent messages remain that keep their reference, when they otherwise are not referenced anymore. This means that if we explicitly want connections to go away, we need to close them. With this change we will no do so explicitly wherver we connect to the bus from a main program (and thus know when the bus connection should go away), or when we create a private bus connection, that really should go away after our use. This fixes connection leaks in the NSS and PAM modules.
2014-08-03Unify parse_argv styleZbigniew Jędrzejewski-Szmek
getopt is usually good at printing out a nice error message when commandline options are invalid. It distinguishes between an unknown option and a known option with a missing arg. It is better to let it do its job and not use opterr=0 unless we actually want to suppress messages. So remove opterr=0 in the few places where it wasn't really useful. When an error in options is encountered, we should not print a lengthy help() and overwhelm the user, when we know precisely what is wrong with the commandline. In addition, since help() prints to stdout, it should not be used except when requested with -h or --help. Also, simplify things here and there.
2014-07-25bus-proxyd: fix incorrect comparisonLukas Nykryn
We should be interested in k variable.
2014-07-25bus-proxyd: fix incorrect comparisonLukas Nykryn
Err can't be bigger then zero. Rest of the code uses negative Exxxx values.
2014-07-16test-tables: add new entriesZbigniew Jędrzejewski-Szmek
One missing string found. A few things had to be moved around to make it possible to test them.
2014-07-03sd-bus: support connecting to remote hosts, directly into containersLennart Poettering
systemctl -H root@foobar:waldi will now show a list of services running on container "waldi" on host "foobar", using "root" for authenticating at "foobar". Since entereing a container requires priviliges, this will only work correctly for root logins.
2014-07-02bus-proxy: restore operation in non-kdbus modeLennart Poettering
bus-proxyd is not only the bridge between legacy dbus clients and kdbus but is also used to access remote dbus servers via ssh. Let's make sure it actually works for that.
2014-06-16bus-proxy: policy - ignore unsupported tags and attributesKay Sievers
2014-06-10bus-proxy: properly index policy by uid/gid when parsingLennart Poettering
2014-06-10bus-proxy: read the right policy when running in user modeLennart Poettering
2014-06-08bus-policy.c: use draw_special_char(DRAW_ARROW)Daniel Buch
Lets allow LC_ALL=C without corrupted output
2014-06-07bus-proxyd: do not free NULL itemsKay Sievers
2014-06-06bus-proxy: properly read user/group policy itemsLennart Poettering
2014-06-06bus: add basic dbus1 policy parserLennart Poettering
Enforcement is still missing, but at least we can parse it now.
2014-06-04bus-proxy: drop priviliges if we canLennart Poettering
Either become uid/gid of the client we have been forked for, or become the "systemd-bus-proxy" user if the client was root. We retain CAP_IPC_OWNER so that we can tell kdbus we are actually our own client.
2014-05-15sd-bus: introduce sd_bus_slot objects encapsulating callbacks or vtables ↵Lennart Poettering
attached to a bus connection This makes callback behaviour more like sd-event or sd-resolve, and creates proper object for unregistering callbacks. Taking the refernce to the slot is optional. If not taken life time of the slot will be bound to the underlying bus object (or in the case of an async call until the reply has been recieved).
2014-04-22bus-proxyd: handle org.freedesktob.DBus calls nativelyKay Sievers
2014-04-14bus-proxy: remove unused variableThomas Hindoe Paaboel Andersen
2014-04-13bus-proxy: when replying to bus calls set a synthetic serial number and ↵Lennart Poettering
patch the sender address Otherwise old libdbus1 is confused and will not accept our replies.
2014-04-13bus: process AddMatch/RemoveMatch driver call in proxyLennart Poettering
Previously, AddMatch/RemoveMatch calls where processed exclusively in the proxy. That's racy however, since subscribing to a signal might not complete before the signal is sent due to some subsequent method call. Hence, in order to expose the same ordering guarantees as dbus1 process the AddMatch/RemoveMatch calls from the proxy, so that they are dispatched synchronously to all following messages, thus fixing the race. Ultimately, we should probabably dissolve the driver entirely into the proxy, as it is purely a compatibility feature anyway...
2014-02-24Remove dead lines in various placesZbigniew Jędrzejewski-Szmek
As pointed-out by clang -Wunreachable-code. No behaviour changes.
2014-02-20api: in constructor function calls, always put the returned object pointer ↵Lennart Poettering
first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.
2014-01-31use memzero(foo, length); for all memset(foo, 0, length); callsGreg KH
In trying to track down a stupid linker bug, I noticed a bunch of memset() calls that should be using memzero() to make it more "obvious" that the options are correct (i.e. 0 is not the length, but the data to set). So fix up all current calls to memset(foo, 0, length) to memzero(foo, length).
2014-01-29bus: when proxying messages from the bus driver patch the driver's ↵Lennart Poettering
well-known name into the sender
2014-01-29bus: fake security labels againLennart Poettering
(The kernel module got fixed, so let's reenable this again)
2014-01-22bus: temporarily disable faking of seclabels, as this is broken in kdbus ↵Lennart Poettering
right now