| Age | Commit message (Collapse) | Author |
|---|
|
basic/ can be used by everything
cannot use anything outside of basic/
libsystemd/ can use basic/
cannot use shared/
shared/ can use libsystemd/
|
|
Our bloom-filters support root-path matching. Make sure we properly add
the path_namespace= tag.
|
|
DBus-spec defines two different pattern matchings:
1) Path and namespace prefix matching. In this case, A matches B either
if both are equal, or if B is fully included in the namespace of A.
In other words, A has to be a prefix of B, but end with a separator
character (or the following character in B must be one).
This is used for path_namespace= and arg0namespace=
2) The other pattern matching is used for arg0path= which does a two-way
matching. That is, A must be a prefix of B, or B a prefix of A.
Furthermore, the prefix must end with a separator.
Fix the sd-bus helpers to reflect that. The 'simple_' and 'complex_'
prefixes don't make any sense now, but.. eh..
|
|
Make sure we actually verify our match-rules are executed properly. Right
now all we test is the bloom-matches, which are non-reliable as they leave
through false-positives.
|
|
DBus spec clearly defines arg0path= to be a two-way matching. That is,
either the matcher or the matchee can be a prefix of the other to match.
This is not possible to implement with bloom-filters. Instead, we'd have
to add a separate filter for each prefix. This is non-trivial, though.
Hence, just skip the match for now and match locally.
|
|
Lets look at an example where we add arg0="/foo/bar/waldo" to a
bloom-filter. The following strings are added:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo"
Two problems arise:
1) If we match on "arg0path=/foo/bar/waldo", the dbus-spec explicitly
states that equal strings are also considered prefixes. However, in the
bloom-match, we can only provide a single match-filter. Therefore, we have
to add "arg0-slash-prefix:/foo/bar/waldo" there, but this never occured in
the bloom-mask of the message.
Hence, this patch makes sure bloom_add_prefixes() adds the full path as
prefix, too.
2) If we match on "arg0path=/foo/", the dbus-spec states that arg0path
does prefix-matching with the trailing slash _included_, unlike
path_namespace= matches, which does *not* include them. This is
inconsistent, but we have to support the specs. Therefore, we must add
prefixes with _and_ without trailing separators.
Hence, this patch makes sure bloom_add_prefixes() adds all prefixes with
the trailing slash included.
The final set of strings added therefore is:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo/"
"arg0-slash-prefix:/foo"
"arg0-slash-prefix:/"
|
|
It's only marginally shorter then the usual for() loop, but certainly
more readable.
|
|
|
|
use it anymore
|
|
|
|
|
|
This appears to be the right time to do it for SOCK_STREAM
unix sockets.
Also: condition bus_get_owner_creds_dbus1 was reversed. Split
it out to a separate variable for clarity and fix.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
|
|
SELinux information cannot be retrieved this way, since we are
using stream unix sockets and SCM_SECURITY does not work for
them.
SCM_CREDENTIALS use dropped to be consistent. We also should
get this information at connection time.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
"SCM_SECURITY was only added for datagram sockets."
|
|
|
|
utezduyar/feat/dump-sync-dbus-message-with-logging-on
sd-bus: dump sync messages in debug mode
|
|
|
|
mask/handlers
Also, when the child is potentially long-running make sure to set a
death signal.
Also, ignore the result of the reset operations explicitly by casting
them to (void).
|
|
Also reorder the code a bit to be easier to parse.
|
|
|
|
Right now we always pass KDBUS_ITEM_ATTACH_FLAGS_RECV to
KDBUS_CMD_BUS_MAKE, effectively forcing every bus connection to do the
same during KDBUS_CMD_HELLO. This used to be a workaround to make sure all
metadata is always present. However, we refrained from that approach and
intend to make all metadata collection solely rely on /proc access
restrictions. Therefore, there is no need to force the send-flags mask on
newly created buses.
|
|
Sync with upstream.
|
|
|
|
No functional changes.
|
|
|
|
With the v221 release these APIs should be public, stable APIs, hence
let's install their headers by default now, and add their symbols to the
.sym file.
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=42940
|
|
|
|
Building with address sanitizer enabled on GCC 5.1.x a memory leak
is reported because we never close the bus, fix it by using
cleanup variable attribute.
|
|
GNU memmem() requires a nonnull first parameter. Let's introduce
memmem_safe() that removes this restriction for zero-length parameters,
and make use of it where appropriate.
http://lists.freedesktop.org/archives/systemd-devel/2015-May/031705.html
|
|
|
|
Whenever systemd is re-executed, it tries to create a system bus via
kdbus. If the system did not have kdbus loaded during bootup, but the
module is loaded later on manually, this will cause two system buses
running (kdbus and dbus-daemon in parallel).
This patch makes sure we never try to create kdbus buses if it wasn't
explicitly requested on the command-line.
|
|
instance of a process
units are organized in slice trees, not only for the system instance,
but also for user systemd instances, expose this properly.
|
|
As perparation for future incompatible kdbus kernel API changes.
|
|
A number of fields do not apply to all processes, including: there a
processes without a controlling tty, without parent process, without
service, user services or session. To distuingish these cases from the
case where we simply don't have the data, always return ENXIO for them,
while returning ENODATA for the case where we really lack the
information.
Also update the credentials dumping code to show this properly. Fields
that are known but do not apply are now shown as "n/a".
Note that this also changes some of the calls in process-util.c and
cgroup-util.c to return ENXIO for these cases.
|
|
If NULL is specified for the bus it is now automatically derived from
the passed in message.
This commit also changes a number of invocations of sd_bus_send() to
make use of this.
|
|
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
|
|
This can now benchmark more than just kdbus.
|
|
We introduce two news types of benchmarks in chart-mode:
- 'legacy' connects using the session bus
- 'direct' connects using a peer-to-peer socket
We should probably also introduce a mode for testing the dbus1-kdbus proxy.
|
|
and related calls
|
|
Otherwise it might happen that by the time PID 1 adds our process to the
scope unit the process might already have died, if the process is
short-running (such as an invocation to /bin/true).
https://bugs.freedesktop.org/show_bug.cgi?id=86520
|
|
NULL result only
|
|
|
|
This is useful to print wall messages from logind with the right client
tty. (to be added in a later patch)
|
|
Also, don't consider this an loggable event, so that code that tries to
read creds from a direct connection, doesn't generate logs.
|
|
direct connection
It's never a good idea, let's just not do it, not even on dierct
connections.
|
|
So far we authenticate direct connections primarily at connection time,
but let's also do this for each method individually, by attaching the
creds we need for that right away.
|
|
|
|
kdbus has been passing us the ppid file for a while, actually make use
of it.
|
|
Also, when we do permissions checks using creds, verify that we don't do
so based on augmented creds, as extra safety check.
|
