summaryrefslogtreecommitdiff
path: root/src/libsystemd-bus
AgeCommit message (Collapse)Author
2013-12-10bus: introduce "trusted" bus concept and encode access control in object vtablesLennart Poettering
Introduces a new concept of "trusted" vs. "untrusted" busses. For the latter libsystemd-bus will automatically do per-method access control, for the former all access is automatically granted. Per-method access control is encoded in the vtables: by default all methods are only accessible to privileged clients. If the SD_BUS_VTABLE_UNPRIVILEGED flag is set for a method it is accessible to unprivileged clients too. By default whether a client is privileged is determined via checking for its CAP_SYS_ADMIN capability, but this can be altered via the SD_BUS_VTABLE_CAPABILITY() macro that can be ORed into the flags field of the method. Writable properties are also subject to SD_BUS_VTABLE_UNPRIVILEGED and SD_BUS_VTABLE_CAPABILITY() for controlling write access to them. Note however that read access is unrestricted, as PropertiesChanged messages might send out the values anyway as an unrestricted broadcast. By default the system bus is set to "untrusted" and the user bus is "trusted" since per-method access control on the latter is unnecessary. On dbus1 busses we check the UID of the caller rather than the configured capability since the capability cannot be determined without race. On kdbus the capability is checked if possible from the attached meta-data of a message and otherwise queried from the sending peer. This also decorates the vtables of the various daemons we ship with these flags.
2013-12-09libsystemd-bus: use assert_returnLukasz Skalski
2013-12-10test: add gvariant test for empty messagesLennart Poettering
2013-12-10bus: properly handle empty messagesLennart Poettering
2013-12-10bus: empty gvariant arrays should at least get size 1Lennart Poettering
2013-12-10bus: it's OK to send messages with an empty payload but non-empty signatureLennart Poettering
THis might happen when sending arrays with 0 enttries, hence this is not an indication for a problem.
2013-12-10bus: update kdbus.hLennart Poettering
2013-12-10bus: make gcc shut upLennart Poettering
2013-12-10bus: beef up zero copy test caseLennart Poettering
2013-12-10bus: only accept gvariant native endian messages via kdbusLennart Poettering
2013-12-10bus: fix rewinding in gvariant messagesLennart Poettering
2013-12-10bus: fix signature handling when exiting containerLennart Poettering
2013-12-10bus: properly deserialize gvariant fixed size arraysLennart Poettering
2013-12-10bus: handler empty messages correctly when using gvariant marshallingLennart Poettering
2013-12-10bus: suppress creating empty parts in messagesLennart Poettering
2013-12-09bus: rely on explicit eof check instead of checking when mapping payloadLennart Poettering
This allows us to drop quite a bit of code.
2013-12-09bus: rearrange bus-message.c function order to keep read and write calls ↵Lennart Poettering
together
2013-12-09bus: demarshal gvariantLennart Poettering
2013-12-06bus: catch up with latest kdbus changesKay Sievers
2013-12-06bus: catch up with latest kdbus changesKay Sievers
2013-12-06bus: catch up with latest kdbus changesKay Sievers
2013-12-06busctl: remove ','; it's all one stringKay Sievers
2013-12-05shell-completion: busctlZbigniew Jędrzejewski-Szmek
2013-12-06bus: update kdbus.hKay Sievers
2013-12-05test-bus-gvariant: remove unused variableThomas Hindoe Paaboel Andersen
2013-12-05bus: start maintaining a list of difference between kdbus/dbus1Lennart Poettering
2013-12-05bus: add missing LE meta data enforcement for gvariant serializerLennart Poettering
2013-12-05bus: add support for serializing to gvariantLennart Poettering
(deserialization is still missing, hence this is not hooked up to kdbus)
2013-12-05bus: switch to multiple KDBUS_ITEM_NAME including the flagsKay Sievers
2013-12-04libsystemd-bus: catch up with latest kdbus changesKay Sievers
2013-12-04libsystemd-bus: catch up with latest kdbus list query changesKay Sievers
2013-12-03trivial coding style clean upsThomas Hindoe Paaboel Andersen
- Add space between if/for and the opening parentheses - Place the opening brace on same line as the function (not for udev) From the CODING_STYLE Try to use this: void foo() { } instead of this: void foo() { }
2013-12-03sd-memfd: use assert_returnThomas Hindoe Paaboel Andersen
2013-12-03bus: fix parsing of AcquireName() responseLennart Poettering
2013-12-03bus: don't make use of the private bus socket if kdbus is availableLennart Poettering
2013-12-03bus: rework sd_bus_list_names() to return two lists for acquired and ↵Lennart Poettering
activatable names
2013-12-03bus: internalize a lot of protocol definitionsLennart Poettering
We shouldn export what isn't necessary or useful to clients, so let's add the protocol definitions we only need internally into a private header.
2013-12-03bus: make sd_bus_request_name() and sd_bus_release_name() behave more like ↵Lennart Poettering
other calls Instead of returning an enum of return codes, make them return error codes like kdbus does internally. Also, document this behaviour so that clients can stick to it. (Also rework bus-control.c to always have to functions for dbus1 vs. kernel implementation of the various calls.)
2013-12-03libsystemd-bus: catch up with latest kdbus changesDaniel Mack
2013-12-03libsystemd-bus: catch up with latest kdbus changesDaniel Mack
2013-12-02bus: add .busname unit type to implement kdbus-style bus activationLennart Poettering
2013-12-02bus: make sure we check for "incompatible" flags negotiated with kernel kdbusLennart Poettering
2013-12-02libsystemd-bus: catch up with latest kdbus changesDaniel Mack
2013-12-02nspawn: make sure /dev/kdbus in the container is world accessibleLennart Poettering
2013-12-02nspawn: make kdbus namespaces actually workLennart Poettering
2013-12-02busctl: add command to dump creds of a peer or pidLennart Poettering
(also, rename _SD_BUS_CREDS_MAX to _SD_BUX_CRED_ALL, since "MAX" so far was used to indicate one higher than the highest valid value, and this is not correct here.)
2013-12-02Display synthetic message serial number in a more readable format than ↵Lukasz Skalski
(uint32_t) -1 Serial=4294967295 field in message dump generated by bus_message_dump() function for synthetic messages isn't good readable.
2013-12-02bus: be nice to LLVM and don't embedd a VLA in a unionLennart Poettering
2013-12-02bus: when replying to an incoming message and the vtable contains the ↵Lennart Poettering
expected return signature generate an error if the response message doesn't match it
2013-12-01bus: bus_open_user_systemd() fall back to bus if runtime dir is not setKay Sievers