dasharo/systemd
0
0
Fork 0
mirror of https://github.com/Dasharo/systemd.git synced 2026-03-06 15:02:31 -08:00
Code Issues Packages Projects Releases Wiki Activity

remove bus-proxyd

Browse Source 
As kdbus won't land in the anticipated way, the bus-proxy is not needed in
its current form. It can be resurrected at any time thanks to the history,
but for now, let's remove it from the sources. If we'll have a similar tool
in the future, it will look quite differently anyway.

Note that stdio-bridge is still available. It was restored from a version
prior to f252ff17, and refactored to make use of the current APIs.
This commit is contained in:
Daniel Mack
2016-02-12 15:25:27 +01:00
parent 736ffecc9c
commit 798c486fbc
30 changed files with 303 additions and 4731 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -59,7 +59,6 @@
/systemd-binfmt
/systemd-bootchart
/systemd-bootx64.efi
/systemd-bus-proxyd
/systemd-cat
/systemd-cgls
/systemd-cgroups-agent
@@ -157,7 +156,6 @@
/test-bus-match
/test-bus-objects
/test-bus-policy
/test-bus-proxy
/test-bus-server
/test-bus-signature
/test-bus-zero-copy

9
Makefile-man.am
View File

@@ -98,8 +98,6 @@ MANPAGES += \
man/systemd-analyze.1 \
man/systemd-ask-password-console.service.8 \
man/systemd-ask-password.1 \
man/systemd-bus-proxyd.8 \
man/systemd-bus-proxyd.service.8 \
man/systemd-cat.1 \
man/systemd-cgls.1 \
man/systemd-cgtop.1 \
@@ -421,7 +419,6 @@ MANPAGES_ALIAS += \
man/systemd-ask-password-console.path.8 \
man/systemd-ask-password-wall.path.8 \
man/systemd-ask-password-wall.service.8 \
man/systemd-bus-proxyd.socket.8 \
man/systemd-fsck-root.service.8 \
man/systemd-fsck.8 \
man/systemd-hibernate-resume.8 \
@@ -751,7 +748,6 @@ man/system.conf.d.5: man/systemd-system.conf.5
man/systemd-ask-password-console.path.8: man/systemd-ask-password-console.service.8
man/systemd-ask-password-wall.path.8: man/systemd-ask-password-console.service.8
man/systemd-ask-password-wall.service.8: man/systemd-ask-password-console.service.8
man/systemd-bus-proxyd.socket.8: man/systemd-bus-proxyd.service.8
man/systemd-fsck-root.service.8: man/systemd-fsck@.service.8
man/systemd-fsck.8: man/systemd-fsck@.service.8
man/systemd-hibernate-resume.8: man/systemd-hibernate-resume@.service.8
@@ -1571,9 +1567,6 @@ man/systemd-ask-password-wall.path.html: man/systemd-ask-password-console.servic
man/systemd-ask-password-wall.service.html: man/systemd-ask-password-console.service.html
$(html-alias)
man/systemd-bus-proxyd.socket.html: man/systemd-bus-proxyd.service.html
$(html-alias)
man/systemd-fsck-root.service.html: man/systemd-fsck@.service.html
$(html-alias)
@@ -2581,8 +2574,6 @@ EXTRA_DIST += \
man/systemd-backlight@.service.xml \
man/systemd-binfmt.service.xml \
man/systemd-bootchart.xml \
man/systemd-bus-proxyd.service.xml \
man/systemd-bus-proxyd.xml \
man/systemd-cat.xml \
man/systemd-cgls.xml \
man/systemd-cgtop.xml \

70
Makefile.am
View File

@@ -411,7 +411,6 @@ rootlibexec_PROGRAMS = \
systemd-ac-power \
systemd-sysctl \
systemd-sleep \
systemd-bus-proxyd \
systemd-socket-proxyd \
systemd-update-done
@@ -1488,7 +1487,6 @@ tests += \
test-ratelimit \
test-condition \
test-uid-range \
test-bus-policy \
test-locale-util \
test-execute \
test-copy \
@@ -1961,14 +1959,11 @@ test_unaligned_SOURCES = \
test_tables_SOURCES = \
src/test/test-tables.c \
src/shared/test-tables.h \
src/bus-proxyd/bus-xml-policy.c \
src/bus-proxyd/bus-xml-policy.h \
src/journal/journald-server.c \
src/journal/journald-server.h
test_tables_CPPFLAGS = \
$(AM_CPPFLAGS) \
-I$(top_srcdir)/src/bus-proxyd
$(AM_CPPFLAGS)
test_tables_CFLAGS = \
$(AM_CFLAGS) \
@@ -2209,13 +2204,6 @@ test_conf_parser_SOURCES = \
test_conf_parser_LDADD = \
libshared.la
test_bus_policy_SOURCES = \
src/bus-proxyd/test-bus-xml-policy.c
test_bus_policy_LDADD = \
libbus-proxy-core.la \
libshared.la
test_af_list_SOURCES = \
src/test/test-af-list.c
@@ -2980,59 +2968,12 @@ systemd_run_LDADD = \
libshared.la
# ------------------------------------------------------------------------------
noinst_LTLIBRARIES += \
libbus-proxy-core.la
libbus_proxy_core_la_SOURCES = \
src/bus-proxyd/bus-xml-policy.c \
src/bus-proxyd/bus-xml-policy.h \
src/bus-proxyd/driver.c \
src/bus-proxyd/driver.h \
src/bus-proxyd/proxy.c \
src/bus-proxyd/proxy.h \
src/bus-proxyd/synthesize.c \
src/bus-proxyd/synthesize.h
libbus_proxy_core_la_LIBADD = \
libshared.la
systemd_bus_proxyd_SOURCES = \
src/bus-proxyd/bus-proxyd.c
systemd_bus_proxyd_LDADD = \
libbus-proxy-core.la \
libshared.la
systemd_stdio_bridge_SOURCES = \
src/bus-proxyd/stdio-bridge.c
src/stdio-bridge/stdio-bridge.c
systemd_stdio_bridge_LDADD = \
libbus-proxy-core.la \
libshared.la
nodist_systemunit_DATA += \
units/systemd-bus-proxyd.service
dist_systemunit_DATA += \
units/systemd-bus-proxyd.socket
nodist_userunit_DATA += \
units/user/systemd-bus-proxyd.service
dist_userunit_DATA += \
units/user/systemd-bus-proxyd.socket
EXTRA_DIST += \
units/systemd-bus-proxyd.service.m4.in \
units/user/systemd-bus-proxyd.service.in
if HAVE_SMACK
bus-proxyd-set-cap-hook:
-$(SETCAP) cap_mac_admin+ei $(DESTDIR)$(rootlibexecdir)/systemd-bus-proxyd
INSTALL_EXEC_HOOKS += bus-proxyd-set-cap-hook
endif
# ------------------------------------------------------------------------------
systemd_tty_ask_password_agent_SOURCES = \
src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -3195,7 +3136,6 @@ tests += \
test-bus-cleanup \
test-bus-server \
test-bus-match \
test-bus-proxy \
test-bus-kernel \
test-bus-kernel-bloom \
test-bus-zero-copy \
@@ -3288,12 +3228,6 @@ test_bus_match_SOURCES = \
test_bus_match_LDADD = \
libshared.la
test_bus_proxy_SOURCES = \
src/libsystemd/sd-bus/test-bus-proxy.c
test_bus_proxy_LDADD = \
libshared.la
test_bus_kernel_SOURCES = \
src/libsystemd/sd-bus/test-bus-kernel.c

3
README
View File

@@ -200,9 +200,6 @@ USERS AND GROUPS:
Similarly, the name resolution daemon requires the
"systemd-resolve" system user and group to exist.
Similarly, the kdbus dbus1 proxy daemon requires the
"systemd-bus-proxy" system user and group to exist.
Similarly, the coredump support requires the
"systemd-coredump" system user and group to exist.

4
TODO
View File

@@ -321,10 +321,6 @@ Features:
- path escaping
- update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
- test bloom filter generation indexes
- bus-proxy: when passing messages from kdbus, make sure we properly
handle the case where a large number of fds is appended that we
cannot pass into sendmsg() of the AF_UNIX sokcet (which only accepts
253 messages)
- kdbus: introduce a concept of "send-only" connections
- kdbus: add counter for refused unicast messages that is passed out via the RECV ioctl. SImilar to the counter for dropped multicast messages we already have.

1
man/busctl.xml
View File

@@ -473,7 +473,6 @@ o "/org/freedesktop/systemd1/job/42684"</programlisting>
<ulink url="http://freedesktop.org/wiki/Software/dbus">D-Bus</ulink>,
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-bus-proxyd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry project='die-net'><refentrytitle>wireshark</refentrytitle><manvolnum>1</manvolnum></citerefentry>
</para>

80
man/systemd-bus-proxyd.service.xml
View File

@@ -1,80 +0,0 @@
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2013 Zbigniew Jędrzejewski-Szmek
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="systemd-bus-proxyd.service">
<refentryinfo>
<title>systemd-bus-proxyd.service</title>
<productname>systemd</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Lennart</firstname>
<surname>Poettering</surname>
<email>lennart@poettering.net</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>systemd-bus-proxyd.service</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv>
<refname>systemd-bus-proxyd.service</refname>
<refname>systemd-bus-proxyd.socket</refname>
<refpurpose>Proxy classic D-Bus clients to kdbus</refpurpose>
</refnamediv>
<refsynopsisdiv>
<para><filename>systemd-bus-proxyd.service</filename></para>
<para><filename>systemd-bus-proxyd.socket</filename></para>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><filename>systemd-bus-proxyd.socket</filename> will launch
<filename>systemd-bus-proxyd.service</filename> for connections
to the classic D-Bus socket in
<filename>/var/run/dbus/system_bus_socket</filename>.</para>
<para><filename>systemd-bus-proxyd.service</filename> is launched
for an existing D-Bus connection and will use
<command>systemd-bus-proxyd</command> to proxy messages from this
connection to the system bus (either kdbus or classic D-Bus).
</para>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd-bus-proxyd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='dbus'><refentrytitle>dbus-daemon</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<ulink url="http://freedesktop.org/wiki/Software/dbus">D-Bus</ulink>
</para>
</refsect1>
</refentry>

108
man/systemd-bus-proxyd.xml
View File

@@ -1,108 +0,0 @@
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2013 Zbigniew Jędrzejewski-Szmek
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="systemd-bus-proxyd"
xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>systemd-bus-proxyd</title>
<productname>systemd</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Lennart</firstname>
<surname>Poettering</surname>
<email>lennart@poettering.net</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>systemd-bus-proxyd</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv>
<refname>systemd-bus-proxyd</refname>
<refpurpose>Connect STDIO or a socket to a given bus address</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>/usr/lib/systemd/systemd-bus-proxyd</command>
<arg choice="opt" rep="repeat">OPTIONS</arg>
<arg choice="opt"><replaceable>PLACEHOLDER</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><command>systemd-bus-proxyd</command> will proxy D-Bus
messages to and from a bus. The will be either the system bus or
the bus specified with <option>--address</option> when that option
is given. Messages will be proxied to/from standard input and
output, or the socket received through socket activation.</para>
<para>This program can be used to connect a program using classic
D-Bus to kdbus.</para>
</refsect1>
<refsect1>
<title>Options and Arguments</title>
<para>The following options are understood:</para>
<variablelist>
<varlistentry>
<term><option>--address=<replaceable>ADDRESS</replaceable><optional>:<replaceable>ADDRESS...</replaceable></optional></option></term>
<listitem>
<para>Connect to the bus specified by
<replaceable>ADDRESS</replaceable>. Multiple colon-separated
addresses can be specified, in which case
<command>systemd-bus-proxyd</command> will attempt to
connect to them in turn.</para>
</listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="help" />
<xi:include href="standard-options.xml" xpointer="version" />
</variablelist>
<para><replaceable>PLACEHOLDER</replaceable>, if given, must be a string
of <literal>x</literal> and will be used to display information about
the process that <command>systemd-bus-proxyd</command> is forwarding
messages for.</para>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry project='dbus'><refentrytitle>dbus-daemon</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<ulink url="http://freedesktop.org/wiki/Software/dbus">D-Bus</ulink>
</para>
</refsect1>
</refentry>

1
src/bus-proxyd/Makefile
View File

@@ -1 +0,0 @@
../Makefile

328
src/bus-proxyd/bus-proxyd.c
View File

@@ -1,328 +0,0 @@
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
Copyright 2013 Daniel Mack
Copyright 2014 Kay Sievers
Copyright 2015 David Herrmann
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <getopt.h>
#include <pthread.h>
#include <stddef.h>
#include <string.h>
#include <sys/prctl.h>
#include <sys/socket.h>
#include <unistd.h>
#include "sd-daemon.h"
#include "alloc-util.h"
#include "bus-internal.h"
#include "bus-xml-policy.h"
#include "capability-util.h"
#include "def.h"
#include "fd-util.h"
#include "formats-util.h"
#include "log.h"
#include "proxy.h"
#include "string-util.h"
#include "strv.h"
#include "user-util.h"
#include "util.h"
static char *arg_address = NULL;
static char **arg_configuration = NULL;
typedef struct {
int fd;
SharedPolicy *policy;
uid_t bus_uid;
} ClientContext;
static ClientContext *client_context_free(ClientContext *c) {
if (!c)
return NULL;
safe_close(c->fd);
free(c);
return NULL;
}
DEFINE_TRIVIAL_CLEANUP_FUNC(ClientContext*, client_context_free);
static int client_context_new(ClientContext **out) {
_cleanup_(client_context_freep) ClientContext *c = NULL;
c = new0(ClientContext, 1);
if (!c)
return -ENOMEM;
c->fd = -1;
*out = c;
c = NULL;
return 0;
}
static void *run_client(void *userdata) {
_cleanup_(client_context_freep) ClientContext *c = userdata;
_cleanup_(proxy_freep) Proxy *p = NULL;
char comm[16];
int r;
r = proxy_new(&p, c->fd, c->fd, arg_address);
c->fd = -1;
if (r < 0)
goto exit;
/* set comm to "p$PIDu$UID" and suffix with '*' if truncated */
r = snprintf(comm, sizeof(comm), "p" PID_FMT "u" UID_FMT, p->local_creds.pid, p->local_creds.uid);
if (r >= (ssize_t)sizeof(comm))
comm[sizeof(comm) - 2] = '*';
(void) prctl(PR_SET_NAME, comm);
r = proxy_set_policy(p, c->policy, arg_configuration);
if (r < 0)
goto exit;
r = proxy_hello_policy(p, c->bus_uid);
if (r < 0)
goto exit;
r = proxy_run(p);
exit:
return NULL;
}
static int loop_clients(int accept_fd, uid_t bus_uid) {
_cleanup_(shared_policy_freep) SharedPolicy *sp = NULL;
pthread_attr_t attr;
int r;
r = pthread_attr_init(&attr);
if (r != 0)
return log_error_errno(r, "Cannot initialize pthread attributes: %m");
r = pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
if (r != 0) {
r = log_error_errno(r, "Cannot mark pthread attributes as detached: %m");
goto finish;
}
r = shared_policy_new(&sp);
if (r < 0)
goto finish;
for (;;) {
ClientContext *c;
pthread_t tid;
int fd;
fd = accept4(accept_fd, NULL, NULL, SOCK_NONBLOCK | SOCK_CLOEXEC);
if (fd < 0) {
if (errno == EAGAIN || errno == EINTR)
continue;
r = log_error_errno(errno, "accept4() failed: %m");
goto finish;
}
r = client_context_new(&c);
if (r < 0) {
log_oom();
close(fd);
continue;
}
c->fd = fd;
c->policy = sp;
c->bus_uid = bus_uid;
r = pthread_create(&tid, &attr, run_client, c);
if (r != 0) {
log_warning_errno(r, "Cannot spawn thread, ignoring: %m");
client_context_free(c);
continue;
}
}
finish:
pthread_attr_destroy(&attr);
return r;
}
static int help(void) {
printf("%s [OPTIONS...]\n\n"
"DBus proxy server.\n\n"
" -h --help Show this help\n"
" --version Show package version\n"
" --configuration=PATH Configuration file or directory\n"
" --machine=MACHINE Connect to specified machine\n"
" --address=ADDRESS Connect to the bus specified by ADDRESS\n"
" (default: " DEFAULT_SYSTEM_BUS_ADDRESS ")\n",
program_invocation_short_name);
return 0;
}
static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_ADDRESS,
ARG_CONFIGURATION,
ARG_MACHINE,
};
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "address", required_argument, NULL, ARG_ADDRESS },
{ "configuration", required_argument, NULL, ARG_CONFIGURATION },
{ "machine", required_argument, NULL, ARG_MACHINE },
{},
};
int c, r;
assert(argc >= 0);
assert(argv);
while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
switch (c) {
case 'h':
help();
return 0;
case ARG_VERSION:
return version();
case ARG_ADDRESS:
r = free_and_strdup(&arg_address, optarg);
if (r < 0)
return log_oom();
break;
case ARG_CONFIGURATION:
r = strv_extend(&arg_configuration, optarg);
if (r < 0)
return log_oom();
break;
case ARG_MACHINE: {
_cleanup_free_ char *e = NULL;
char *a;
e = bus_address_escape(optarg);
if (!e)
return log_oom();
a = strjoin("x-machine-kernel:machine=", e, ";x-machine-unix:machine=", e, NULL);
if (!a)
return log_oom();
free(arg_address);
arg_address = a;
break;
}
case '?':
return -EINVAL;
default:
assert_not_reached("Unhandled option");
}
if (argc > optind) {
log_error("Too many arguments");
return -EINVAL;
}
if (!arg_address) {
arg_address = strdup(DEFAULT_SYSTEM_BUS_ADDRESS);
if (!arg_address)
return log_oom();
}
return 1;
}
int main(int argc, char *argv[]) {
int r, accept_fd;
uid_t uid, bus_uid;
gid_t gid;
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
log_open();
bus_uid = getuid();
if (geteuid() == 0) {
const char *user = "systemd-bus-proxy";
r = get_user_creds(&user, &uid, &gid, NULL, NULL);
if (r < 0) {
log_error_errno(r, "Cannot resolve user name %s: %m", user);
goto finish;
}
r = drop_privileges(uid, gid, 1ULL << CAP_IPC_OWNER);
if (r < 0) {
log_error_errno(r, "Cannot drop privileges: %m");
goto finish;
}
}
r = parse_argv(argc, argv);
if (r <= 0)
goto finish;
r = sd_listen_fds(0);
if (r != 1) {
log_error("Illegal number of file descriptors passed");
goto finish;
}
accept_fd = SD_LISTEN_FDS_START;
r = fd_nonblock(accept_fd, false);
if (r < 0) {
log_error_errno(r, "Cannot mark accept-fd non-blocking: %m");
goto finish;
}
r = loop_clients(accept_fd, bus_uid);
finish:
sd_notify(false,
"STOPPING=1\n"
"STATUS=Shutting down.");
strv_free(arg_configuration);
free(arg_address);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

1327
src/bus-proxyd/bus-xml-policy.c
View File

File diff suppressed because it is too large Load Diff

147
src/bus-proxyd/bus-xml-policy.h
View File

@@ -1,147 +0,0 @@
#pragma once
/***
This file is part of systemd.
Copyright 2013 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <pthread.h>
#include "hashmap.h"
#include "list.h"
typedef enum PolicyItemType {
_POLICY_ITEM_TYPE_UNSET = 0,
POLICY_ITEM_ALLOW,
POLICY_ITEM_DENY,
_POLICY_ITEM_TYPE_MAX,
_POLICY_ITEM_TYPE_INVALID = -1,
} PolicyItemType;
typedef enum PolicyItemClass {
_POLICY_ITEM_CLASS_UNSET = 0,
POLICY_ITEM_SEND,
POLICY_ITEM_RECV,
POLICY_ITEM_OWN,
POLICY_ITEM_OWN_PREFIX,
POLICY_ITEM_USER,
POLICY_ITEM_GROUP,
POLICY_ITEM_IGNORE,
_POLICY_ITEM_CLASS_MAX,
_POLICY_ITEM_CLASS_INVALID = -1,
} PolicyItemClass;
typedef struct PolicyItem PolicyItem;
struct PolicyItem {
PolicyItemType type;
PolicyItemClass class;
char *interface;
char *member;
char *error;
char *path;
char *name;
uint8_t message_type;
uid_t uid;
gid_t gid;
bool uid_valid, gid_valid;
LIST_FIELDS(PolicyItem, items);
};
typedef struct Policy {
LIST_HEAD(PolicyItem, default_items);
LIST_HEAD(PolicyItem, mandatory_items);
LIST_HEAD(PolicyItem, on_console_items);
LIST_HEAD(PolicyItem, no_console_items);
Hashmap *user_items;
Hashmap *group_items;
} Policy;
typedef struct SharedPolicy {
char **configuration;
pthread_mutex_t lock;
pthread_rwlock_t rwlock;
Policy buffer;
Policy *policy;
} SharedPolicy;
/* policy */
int policy_load(Policy *p, char **files);
void policy_free(Policy *p);
bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name);
bool policy_check_hello(Policy *p, uid_t uid, gid_t gid);
bool policy_check_one_recv(Policy *p,
uid_t uid,
gid_t gid,
int message_type,
const char *name,
const char *path,
const char *interface,
const char *member);
bool policy_check_recv(Policy *p,
uid_t uid,
gid_t gid,
int message_type,
Set *names,
char **namesv,
const char *path,
const char *interface,
const char *member,
bool dbus_to_kernel);
bool policy_check_one_send(Policy *p,
uid_t uid,
gid_t gid,
int message_type,
const char *name,
const char *path,
const char *interface,
const char *member);
bool policy_check_send(Policy *p,
uid_t uid,
gid_t gid,
int message_type,
Set *names,
char **namesv,
const char *path,
const char *interface,
const char *member,
bool dbus_to_kernel,
char **out_used_name);
void policy_dump(Policy *p);
const char* policy_item_type_to_string(PolicyItemType t) _const_;
PolicyItemType policy_item_type_from_string(const char *s) _pure_;
const char* policy_item_class_to_string(PolicyItemClass t) _const_;
PolicyItemClass policy_item_class_from_string(const char *s) _pure_;
/* shared policy */
int shared_policy_new(SharedPolicy **out);
SharedPolicy *shared_policy_free(SharedPolicy *sp);
int shared_policy_reload(SharedPolicy *sp);
int shared_policy_preload(SharedPolicy *sp, char **configuration);
Policy *shared_policy_acquire(SharedPolicy *sp);
void shared_policy_release(SharedPolicy *sp, Policy *p);
DEFINE_TRIVIAL_CLEANUP_FUNC(SharedPolicy*, shared_policy_free);

745
src/bus-proxyd/driver.c
View File

File diff suppressed because it is too large Load Diff

27
src/bus-proxyd/driver.h
View File

@@ -1,27 +0,0 @@
#pragma once
/***
This file is part of systemd.
Copyright 2014 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "sd-bus.h"
#include "bus-xml-policy.h"
#include "proxy.h"
int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPolicy *sp, const struct ucred *ucred, Set *owned_names);

953
src/bus-proxyd/proxy.c
View File

File diff suppressed because it is too large Load Diff

66
src/bus-proxyd/proxy.h
View File

@@ -1,66 +0,0 @@
#pragma once
/***
This file is part of systemd.
Copyright 2014 David Herrmann
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "sd-bus.h"
#include "bus-xml-policy.h"
typedef struct Proxy Proxy;
typedef struct ProxyActivation ProxyActivation;
#define PROXY_ACTIVATIONS_MAX (16) /* max parallel activation requests */
struct Proxy {
sd_bus *local_bus;
struct ucred local_creds;
int local_in;
int local_out;
sd_bus *destination_bus;
Set *owned_names;
SharedPolicy *policy;
LIST_HEAD(ProxyActivation, activations);
size_t n_activations;
bool got_hello : 1;
bool queue_overflow : 1;
bool message_matched : 1;
bool synthetic_matched : 1;
};
struct ProxyActivation {
LIST_FIELDS(ProxyActivation, activations_by_proxy);
Proxy *proxy;
sd_bus_message *request;
sd_bus_slot *slot;
};
int proxy_new(Proxy **out, int in_fd, int out_fd, const char *dest);
Proxy *proxy_free(Proxy *p);
int proxy_set_policy(Proxy *p, SharedPolicy *policy, char **configuration);
int proxy_hello_policy(Proxy *p, uid_t original_uid);
int proxy_match(sd_bus_message *m, void *userdata, sd_bus_error *error);
int proxy_run(Proxy *p);
DEFINE_TRIVIAL_CLEANUP_FUNC(Proxy*, proxy_free);

244
src/bus-proxyd/stdio-bridge.c
View File

@@ -1,244 +0,0 @@
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
Copyright 2013 Daniel Mack
Copyright 2014 Kay Sievers
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <getopt.h>
#include <stddef.h>
#include <string.h>
#include <unistd.h>
#include "sd-bus.h"
#include "sd-daemon.h"
#include "alloc-util.h"
#include "bus-internal.h"
#include "bus-util.h"
#include "def.h"
#include "formats-util.h"
#include "log.h"
#include "proxy.h"
#include "strv.h"
#include "user-util.h"
#include "util.h"
static char *arg_address = NULL;
static char *arg_command_line_buffer = NULL;
static int help(void) {
printf("%s [OPTIONS...]\n\n"
"Connect STDIO to a given bus address.\n\n"
" -h --help Show this help\n"
" --version Show package version\n"
" --machine=MACHINE Connect to specified machine\n"
" --address=ADDRESS Connect to the bus specified by ADDRESS\n"
" (default: " DEFAULT_SYSTEM_BUS_ADDRESS ")\n",
program_invocation_short_name);
return 0;
}
static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_ADDRESS,
ARG_MACHINE,
};
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "address", required_argument, NULL, ARG_ADDRESS },
{ "machine", required_argument, NULL, ARG_MACHINE },
{},
};
int c;
assert(argc >= 0);
assert(argv);
while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
switch (c) {
case 'h':
help();
return 0;
case ARG_VERSION:
return version();
case ARG_ADDRESS: {
char *a;
a = strdup(optarg);
if (!a)
return log_oom();
free(arg_address);
arg_address = a;
break;
}
case ARG_MACHINE: {
_cleanup_free_ char *e = NULL;
char *a;
e = bus_address_escape(optarg);
if (!e)
return log_oom();
a = strjoin("x-machine-kernel:machine=", e, ";x-machine-unix:machine=", e, NULL);
if (!a)
return log_oom();
free(arg_address);
arg_address = a;
break;
}
case '?':
return -EINVAL;
default:
assert_not_reached("Unhandled option");
}
/* If the first command line argument is only "x" characters
* we'll write who we are talking to into it, so that "ps" is
* explanatory */
arg_command_line_buffer = argv[optind];
if (argc > optind + 1 || (arg_command_line_buffer && !in_charset(arg_command_line_buffer, "x"))) {
log_error("Too many arguments");
return -EINVAL;
}
if (!arg_address) {
arg_address = strdup(DEFAULT_SYSTEM_BUS_ADDRESS);
if (!arg_address)
return log_oom();
}
return 1;
}
static int rename_service(sd_bus *a, sd_bus *b) {
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
_cleanup_free_ char *p = NULL, *name = NULL;
const char *comm;
char **cmdline;
uid_t uid;
pid_t pid;
int r;
assert(a);
assert(b);
r = sd_bus_get_owner_creds(b, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID|SD_BUS_CREDS_CMDLINE|SD_BUS_CREDS_COMM|SD_BUS_CREDS_AUGMENT, &creds);
if (r < 0)
return r;
r = sd_bus_creds_get_euid(creds, &uid);
if (r < 0)
return r;
r = sd_bus_creds_get_pid(creds, &pid);
if (r < 0)
return r;
r = sd_bus_creds_get_cmdline(creds, &cmdline);
if (r < 0)
return r;
r = sd_bus_creds_get_comm(creds, &comm);
if (r < 0)
return r;
name = uid_to_name(uid);
if (!name)
return -ENOMEM;
p = strv_join(cmdline, " ");
if (!p)
return -ENOMEM;
/* The status string gets the full command line ... */
sd_notifyf(false,
"STATUS=Processing requests from client PID "PID_FMT" (%s); UID "UID_FMT" (%s)",
pid, p,
uid, name);
/* ... and the argv line only the short comm */
if (arg_command_line_buffer) {
size_t m, w;
m = strlen(arg_command_line_buffer);
w = snprintf(arg_command_line_buffer, m,
"[PID "PID_FMT"/%s; UID "UID_FMT"/%s]",
pid, comm,
uid, name);
if (m > w)
memzero(arg_command_line_buffer + w, m - w);
}
log_debug("Running on behalf of PID "PID_FMT" (%s), UID "UID_FMT" (%s), %s",
pid, p,
uid, name,
a->unique_name);
return 0;
}
int main(int argc, char *argv[]) {
_cleanup_(proxy_freep) Proxy *p = NULL;
int r;
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
log_open();
r = parse_argv(argc, argv);
if (r <= 0)
goto finish;
r = proxy_new(&p, STDIN_FILENO, STDOUT_FILENO, arg_address);
if (r < 0)
goto finish;
r = rename_service(p->destination_bus, p->local_bus);
if (r < 0)
log_debug_errno(r, "Failed to rename process: %m");
r = proxy_run(p);
finish:
sd_notify(false,
"STOPPING=1\n"
"STATUS=Shutting down.");
free(arg_address);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

225
src/bus-proxyd/synthesize.c
View File

@@ -1,225 +0,0 @@
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
Copyright 2013 Daniel Mack
Copyright 2014 Kay Sievers
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <stddef.h>
#include "sd-bus.h"
#include "bus-internal.h"
#include "bus-match.h"
#include "bus-message.h"
#include "bus-util.h"
#include "synthesize.h"
#include "util.h"
int synthetic_driver_send(sd_bus *b, sd_bus_message *m) {
int r;
assert(b);
assert(m);
r = bus_message_append_sender(m, "org.freedesktop.DBus");
if (r < 0)
return r;
r = bus_seal_synthetic_message(b, m);
if (r < 0)
return r;
return sd_bus_send(b, m, NULL);
}
int synthetic_reply_method_error(sd_bus_message *call, const sd_bus_error *e) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
assert(call);
if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
return 0;
r = sd_bus_message_new_method_error(call, &m, e);
if (r < 0)
return r;
return synthetic_driver_send(call->bus, m);
}
int synthetic_reply_method_errorf(sd_bus_message *call, const char *name, const char *format, ...) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
va_list ap;
va_start(ap, format);
bus_error_setfv(&error, name, format, ap);
va_end(ap);
return synthetic_reply_method_error(call, &error);
}
int synthetic_reply_method_errno(sd_bus_message *call, int error, const sd_bus_error *p) {
_cleanup_(sd_bus_error_free) sd_bus_error berror = SD_BUS_ERROR_NULL;
assert(call);
if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
return 0;
if (sd_bus_error_is_set(p))
return synthetic_reply_method_error(call, p);
sd_bus_error_set_errno(&berror, error);
return synthetic_reply_method_error(call, &berror);
}
int synthetic_reply_method_errnof(sd_bus_message *call, int error, const char *format, ...) {
_cleanup_(sd_bus_error_free) sd_bus_error berror = SD_BUS_ERROR_NULL;
va_list ap;
assert(call);
if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
return 0;
va_start(ap, format);
sd_bus_error_set_errnofv(&berror, error, format, ap);
va_end(ap);
return synthetic_reply_method_error(call, &berror);
}
int synthetic_reply_method_return(sd_bus_message *call, const char *types, ...) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
assert(call);
if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
return 0;
r = sd_bus_message_new_method_return(call, &m);
if (r < 0)
return r;
if (!isempty(types)) {
va_list ap;
va_start(ap, types);
r = bus_message_append_ap(m, types, ap);
va_end(ap);
if (r < 0)
return r;
}
return synthetic_driver_send(call->bus, m);
}
int synthetic_reply_method_return_strv(sd_bus_message *call, char **l) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
assert(call);
if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
return 0;
r = sd_bus_message_new_method_return(call, &m);
if (r < 0)
return synthetic_reply_method_errno(call, r, NULL);
r = sd_bus_message_append_strv(m, l);
if (r < 0)
return synthetic_reply_method_errno(call, r, NULL);
return synthetic_driver_send(call->bus, m);
}
int synthesize_name_acquired(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *n = NULL;
const char *name, *old_owner, *new_owner;
int r;
assert(p);
assert(a);
assert(b);
assert(m);
/* If we get NameOwnerChanged for our own name, we need to
* synthesize NameLost/NameAcquired, since socket clients need
* that, even though it is obsoleted on kdbus */
if (!a->is_kernel)
return 0;
if (!sd_bus_message_is_signal(m, "org.freedesktop.DBus", "NameOwnerChanged") ||
!streq_ptr(m->path, "/org/freedesktop/DBus") ||
!streq_ptr(m->sender, "org.freedesktop.DBus"))
return 0;
r = sd_bus_message_read(m, "sss", &name, &old_owner, &new_owner);
if (r < 0)
return r;
r = sd_bus_message_rewind(m, true);
if (r < 0)
return r;
if (streq(old_owner, a->unique_name)) {
r = sd_bus_message_new_signal(
b,
&n,
"/org/freedesktop/DBus",
"org.freedesktop.DBus",
"NameLost");
} else if (streq(new_owner, a->unique_name)) {
r = sd_bus_message_new_signal(
b,
&n,
"/org/freedesktop/DBus",
"org.freedesktop.DBus",
"NameAcquired");
} else
return 0;
if (r < 0)
return r;
r = sd_bus_message_append(n, "s", name);
if (r < 0)
return r;
r = bus_message_append_sender(n, "org.freedesktop.DBus");
if (r < 0)
return r;
r = sd_bus_message_set_destination(n, a->unique_name);
if (r < 0)
return r;
r = bus_seal_synthetic_message(b, n);
if (r < 0)
return r;
return sd_bus_send(b, n, NULL);
}

36
src/bus-proxyd/synthesize.h
View File

@@ -1,36 +0,0 @@
#pragma once
/***
This file is part of systemd.
Copyright 2014 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "sd-bus.h"
#include "proxy.h"
int synthetic_driver_send(sd_bus *b, sd_bus_message *m);
int synthetic_reply_method_return(sd_bus_message *call, const char *types, ...);
int synthetic_reply_method_return_strv(sd_bus_message *call, char **l);
int synthetic_reply_method_error(sd_bus_message *call, const sd_bus_error *e);
int synthetic_reply_method_errorf(sd_bus_message *call, const char *name, const char *format, ...) _sd_printf_(3, 4);
int synthetic_reply_method_errno(sd_bus_message *call, int error, const sd_bus_error *p);
int synthetic_reply_method_errnof(sd_bus_message *call, int error, const char *format, ...) _sd_printf_(3, 4);
int synthesize_name_acquired(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m);

170
src/bus-proxyd/test-bus-xml-policy.c
View File

@@ -1,170 +0,0 @@
/***
This file is part of systemd.
Copyright 2014 Daniel Mack
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <stddef.h>
#include <unistd.h>
#include "sd-bus.h"
#include "alloc-util.h"
#include "bus-xml-policy.h"
#include "log.h"
#include "string-util.h"
#include "strv.h"
#include "util.h"
static int test_policy_load(Policy *p, const char *name) {
_cleanup_free_ char *path = NULL;
int r = 0;
path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);
assert_se(path);
if (access(path, R_OK) == 0)
r = policy_load(p, STRV_MAKE(path));
else
r = -ENOENT;
return r;
}
static int show_policy(const char *fn) {
Policy p = {};
int r;
r = policy_load(&p, STRV_MAKE(fn));
if (r < 0) {
log_error_errno(r, "Failed to load policy %s: %m", fn);
return r;
}
policy_dump(&p);
policy_free(&p);
return 0;
}
int main(int argc, char *argv[]) {
Policy p = {};
printf("Showing session policy BEGIN\n");
show_policy("/etc/dbus-1/session.conf");
printf("Showing session policy END\n");
printf("Showing system policy BEGIN\n");
show_policy("/etc/dbus-1/system.conf");
printf("Showing system policy END\n");
/* Ownership tests */
assert_se(test_policy_load(&p, "ownerships.conf") == 0);
assert_se(policy_check_own(&p, 0, 0, "org.test.test1") == true);
assert_se(policy_check_own(&p, 1, 0, "org.test.test1") == true);
assert_se(policy_check_own(&p, 0, 0, "org.test.test2") == true);
assert_se(policy_check_own(&p, 1, 0, "org.test.test2") == false);
assert_se(policy_check_own(&p, 0, 0, "org.test.test3") == false);
assert_se(policy_check_own(&p, 1, 0, "org.test.test3") == false);
assert_se(policy_check_own(&p, 0, 0, "org.test.test4") == false);
assert_se(policy_check_own(&p, 1, 0, "org.test.test4") == true);
policy_free(&p);
/* Signaltest */
assert_se(test_policy_load(&p, "signals.conf") == 0);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == true);
assert_se(policy_check_one_send(&p, 1, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == false);
policy_free(&p);
/* Method calls */
assert_se(test_policy_load(&p, "methods.conf") == 0);
policy_dump(&p);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int1", "Member") == true);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == true);
assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test3", "/an/object/path", "org.test.int3", "Member111") == true);
policy_free(&p);
/* User and groups */
assert_se(test_policy_load(&p, "hello.conf") == 0);
policy_dump(&p);
assert_se(policy_check_hello(&p, 0, 0) == true);
assert_se(policy_check_hello(&p, 1, 0) == false);
assert_se(policy_check_hello(&p, 0, 1) == false);
policy_free(&p);
/* dbus1 test file: ownership */
assert_se(test_policy_load(&p, "check-own-rules.conf") >= 0);
policy_dump(&p);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop") == false);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystem") == false);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems") == true);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo") == true);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo.bar") == true);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2") == false);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo") == false);
assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo.bar") == false);
policy_free(&p);
/* dbus1 test file: many rules */
assert_se(test_policy_load(&p, "many-rules.conf") >= 0);
policy_dump(&p);
policy_free(&p);
/* dbus1 test file: generic test */
assert_se(test_policy_load(&p, "test.conf") >= 0);
policy_dump(&p);
assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService") == true);
assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService2") == false);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService") == false);
assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService2") == false);
assert_se(policy_check_one_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
assert_se(policy_check_one_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
policy_free(&p);
return EXIT_SUCCESS;
}

Some files were not shown because too many files have changed in this diff Show More