1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* bus.c message bus context object
4 * Copyright (C) 2003, 2004 Red Hat, Inc.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
29 #include "activation.h"
30 #include "connection.h"
34 #include "config-parser.h"
37 #include "dir-watch.h"
38 #include <dbus/dbus-list.h>
39 #include <dbus/dbus-hash.h>
40 #include <dbus/dbus-credentials.h>
41 #include <dbus/dbus-internals.h>
62 BusConnections *connections;
63 BusActivation *activation;
64 BusRegistry *registry;
66 BusMatchmaker *matchmaker;
68 unsigned int fork : 1;
69 unsigned int syslog : 1;
70 unsigned int keep_umask : 1;
71 unsigned int allow_anonymous : 1;
72 unsigned int systemd_activation : 1;
73 DBusConnection *myKdbusConnection; //todo maybe can be rafctored and removed
76 static dbus_int32_t server_data_slot = -1;
83 #define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))
86 server_get_context (DBusServer *server)
91 if (!dbus_server_allocate_data_slot (&server_data_slot))
94 bd = BUS_SERVER_DATA (server);
97 dbus_server_free_data_slot (&server_data_slot);
101 context = bd->context;
103 dbus_server_free_data_slot (&server_data_slot);
109 add_server_watch (DBusWatch *watch,
112 DBusServer *server = data;
115 context = server_get_context (server);
117 return _dbus_loop_add_watch (context->loop, watch);
121 remove_server_watch (DBusWatch *watch,
124 DBusServer *server = data;
127 context = server_get_context (server);
129 _dbus_loop_remove_watch (context->loop, watch);
133 toggle_server_watch (DBusWatch *watch,
136 DBusServer *server = data;
139 context = server_get_context (server);
141 _dbus_loop_toggle_watch (context->loop, watch);
145 add_server_timeout (DBusTimeout *timeout,
148 DBusServer *server = data;
151 context = server_get_context (server);
153 return _dbus_loop_add_timeout (context->loop, timeout);
157 remove_server_timeout (DBusTimeout *timeout,
160 DBusServer *server = data;
163 context = server_get_context (server);
165 _dbus_loop_remove_timeout (context->loop, timeout);
169 new_connection_callback (DBusServer *server,
170 DBusConnection *new_connection,
173 BusContext *context = data;
175 if (!bus_connections_setup_connection (context->connections, new_connection))
177 _dbus_verbose ("No memory to setup new connection\n");
179 /* if we don't do this, it will get unref'd without
180 * being disconnected... kind of strange really
181 * that we have to do this, people won't get it right
184 dbus_connection_close (new_connection);
187 dbus_connection_set_max_received_size (new_connection,
188 context->limits.max_incoming_bytes);
190 dbus_connection_set_max_message_size (new_connection,
191 context->limits.max_message_size);
193 dbus_connection_set_max_received_unix_fds (new_connection,
194 context->limits.max_incoming_unix_fds);
196 dbus_connection_set_max_message_unix_fds (new_connection,
197 context->limits.max_message_unix_fds);
199 dbus_connection_set_allow_anonymous (new_connection,
200 context->allow_anonymous);
202 /* on OOM, we won't have ref'd the connection so it will die. */
206 free_server_data (void *data)
208 BusServerData *bd = data;
214 setup_server (BusContext *context,
216 char **auth_mechanisms,
221 bd = dbus_new0 (BusServerData, 1);
222 if (bd == NULL || !dbus_server_set_data (server,
224 bd, free_server_data))
231 bd->context = context;
233 if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
239 dbus_server_set_new_connection_function (server,
240 new_connection_callback,
243 if (!dbus_server_set_watch_functions (server,
254 if (!dbus_server_set_timeout_functions (server,
256 remove_server_timeout,
267 /* This code only gets executed the first time the
268 * config files are parsed. It is not executed
269 * when config files are reloaded.
272 process_config_first_time_only (BusContext *context,
273 BusConfigParser *parser,
274 const DBusString *address,
275 BusContextFlags flags,
278 DBusString log_prefix;
280 DBusList **addresses;
281 const char *user, *pidfile;
282 char **auth_mechanisms;
283 DBusList **auth_mechanisms_list;
287 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
290 auth_mechanisms = NULL;
293 _dbus_init_system_log (TRUE);
295 if (flags & BUS_CONTEXT_FLAG_SYSTEMD_ACTIVATION)
296 context->systemd_activation = TRUE;
298 context->systemd_activation = FALSE;
300 /* Check for an existing pid file. Of course this is a race;
301 * we'd have to use fcntl() locks on the pid file to
302 * avoid that. But we want to check for the pid file
303 * before overwriting any existing sockets, etc.
306 if (flags & BUS_CONTEXT_FLAG_WRITE_PID_FILE)
307 pidfile = bus_config_parser_get_pidfile (parser);
314 _dbus_string_init_const (&u, pidfile);
316 if (_dbus_stat (&u, &stbuf, NULL))
322 _dbus_string_init (&p);
323 _dbus_file_get_contents(&p, &u, NULL);
324 _dbus_string_parse_int(&p, 0, &pid, NULL);
325 _dbus_string_free(&p);
327 if ((kill((int)pid, 0))) {
328 dbus_set_error(NULL, DBUS_ERROR_FILE_EXISTS,
329 "pid %ld not running, removing stale pid file\n",
331 _dbus_delete_file(&u, NULL);
334 dbus_set_error (error, DBUS_ERROR_FAILED,
335 "The pid file \"%s\" exists, if the message bus is not running, remove this file",
344 /* keep around the pid filename so we can delete it later */
345 context->pidfile = _dbus_strdup (pidfile);
347 /* note that type may be NULL */
348 context->type = _dbus_strdup (bus_config_parser_get_type (parser));
349 if (bus_config_parser_get_type (parser) != NULL && context->type == NULL)
352 user = bus_config_parser_get_user (parser);
355 context->user = _dbus_strdup (user);
356 if (context->user == NULL)
360 /* Set up the prefix for syslog messages */
361 if (!_dbus_string_init (&log_prefix))
363 if (context->type && !strcmp (context->type, "system"))
365 if (!_dbus_string_append (&log_prefix, "[system] "))
368 else if (context->type && !strcmp (context->type, "session"))
370 DBusCredentials *credentials;
372 credentials = _dbus_credentials_new_from_current_process ();
375 if (!_dbus_string_append (&log_prefix, "[session "))
377 _dbus_credentials_unref (credentials);
380 if (!_dbus_credentials_to_string_append (credentials, &log_prefix))
382 _dbus_credentials_unref (credentials);
385 if (!_dbus_string_append (&log_prefix, "] "))
387 _dbus_credentials_unref (credentials);
390 _dbus_credentials_unref (credentials);
392 if (!_dbus_string_steal_data (&log_prefix, &context->log_prefix))
394 _dbus_string_free (&log_prefix);
396 /* Build an array of auth mechanisms */
398 auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
399 len = _dbus_list_get_length (auth_mechanisms_list);
405 auth_mechanisms = dbus_new0 (char*, len + 1);
406 if (auth_mechanisms == NULL)
410 link = _dbus_list_get_first_link (auth_mechanisms_list);
413 auth_mechanisms[i] = _dbus_strdup (link->data);
414 if (auth_mechanisms[i] == NULL)
416 link = _dbus_list_get_next_link (auth_mechanisms_list, link);
422 auth_mechanisms = NULL;
425 /* Listen on our addresses */
429 if(!strcmp(_dbus_string_get_const_data(address), "kdbus"))
435 if(!strcmp (context->type, "system"))
436 type = DBUS_BUS_SYSTEM;
437 else if(!strcmp (context->type, "session"))
438 type = DBUS_BUS_SESSION;
440 type = DBUS_BUS_STARTER;
442 bus_address = make_kdbus_bus(type, error);
443 if(bus_address == NULL)
446 server = empty_server_init(bus_address);
453 if (!_dbus_list_append (&context->servers, server))
459 context->myKdbusConnection = daemon_as_client(type, bus_address, error);
460 if(context->myKdbusConnection == NULL)
467 server = dbus_server_listen (_dbus_string_get_const_data(address), error);
470 _DBUS_ASSERT_ERROR_IS_SET (error);
473 else if (!setup_server (context, server, auth_mechanisms, error))
475 _DBUS_ASSERT_ERROR_IS_SET (error);
479 if (!_dbus_list_append (&context->servers, server))
485 addresses = bus_config_parser_get_addresses (parser);
487 link = _dbus_list_get_first_link (addresses);
492 server = dbus_server_listen (link->data, error);
495 _DBUS_ASSERT_ERROR_IS_SET (error);
498 else if (!setup_server (context, server, auth_mechanisms, error))
500 _DBUS_ASSERT_ERROR_IS_SET (error);
504 if (!_dbus_list_append (&context->servers, server))
507 link = _dbus_list_get_next_link (addresses, link);
511 context->fork = bus_config_parser_get_fork (parser);
512 context->syslog = bus_config_parser_get_syslog (parser);
513 context->keep_umask = bus_config_parser_get_keep_umask (parser);
514 context->allow_anonymous = bus_config_parser_get_allow_anonymous (parser);
516 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
520 dbus_free_string_array (auth_mechanisms);
525 dbus_free_string_array (auth_mechanisms);
529 /* This code gets executed every time the config files
530 * are parsed: both during BusContext construction
531 * and on reloads. This function is slightly screwy
532 * since it can do a "half reload" in out-of-memory
533 * situations. Realistically, unlikely to ever matter.
536 process_config_every_time (BusContext *context,
537 BusConfigParser *parser,
538 dbus_bool_t is_reload,
541 DBusString full_address;
545 const char *servicehelper;
550 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
555 if (!_dbus_string_init (&full_address))
561 /* get our limits and timeout lengths */
562 bus_config_parser_get_limits (parser, &context->limits);
565 bus_policy_unref (context->policy);
566 context->policy = bus_config_parser_steal_policy (parser);
567 _dbus_assert (context->policy != NULL);
569 /* We have to build the address backward, so that
570 * <listen> later in the config file have priority
572 link = _dbus_list_get_last_link (&context->servers);
575 addr = dbus_server_get_address (link->data);
582 if (_dbus_string_get_length (&full_address) > 0)
584 if (!_dbus_string_append (&full_address, ";"))
591 if (!_dbus_string_append (&full_address, addr))
600 link = _dbus_list_get_prev_link (&context->servers, link);
604 dbus_free (context->address);
606 if (!_dbus_string_copy_data (&full_address, &context->address))
612 /* get the service directories */
613 dirs = bus_config_parser_get_service_dirs (parser);
615 /* and the service helper */
616 servicehelper = bus_config_parser_get_servicehelper (parser);
618 s = _dbus_strdup(servicehelper);
619 if (s == NULL && servicehelper != NULL)
626 dbus_free(context->servicehelper);
627 context->servicehelper = s;
630 /* Create activation subsystem */
631 if (context->activation)
633 if (!bus_activation_reload (context->activation, &full_address, dirs, error))
638 context->activation = bus_activation_new (context, &full_address, dirs, error);
641 if (context->activation == NULL)
643 _DBUS_ASSERT_ERROR_IS_SET (error);
647 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
651 _dbus_string_free (&full_address);
660 list_concat_new (DBusList **a,
668 for (link = _dbus_list_get_first_link (a); link; link = _dbus_list_get_next_link (a, link))
670 if (!_dbus_list_append (result, link->data))
673 for (link = _dbus_list_get_first_link (b); link; link = _dbus_list_get_next_link (b, link))
675 if (!_dbus_list_append (result, link->data))
681 _dbus_list_clear (result);
686 raise_file_descriptor_limit (BusContext *context)
689 /* I just picked this out of thin air; we need some extra
690 * descriptors for things like any internal pipes we create,
691 * inotify, connections to SELinux, etc.
693 unsigned int arbitrary_extra_fds = 32;
696 limit = context->limits.max_completed_connections +
697 context->limits.max_incomplete_connections
698 + arbitrary_extra_fds;
700 _dbus_request_file_descriptor_limit (limit);
704 process_config_postinit (BusContext *context,
705 BusConfigParser *parser,
708 DBusHashTable *service_context_table;
709 DBusList *watched_dirs = NULL;
711 raise_file_descriptor_limit (context);
713 service_context_table = bus_config_parser_steal_service_context_table (parser);
714 if (!bus_registry_set_service_context_table (context->registry,
715 service_context_table))
721 _dbus_hash_table_unref (service_context_table);
723 /* We need to monitor both the configuration directories and directories
724 * containing .service files.
726 if (!list_concat_new (bus_config_parser_get_conf_dirs (parser),
727 bus_config_parser_get_service_dirs (parser),
734 bus_set_watched_dirs (context, &watched_dirs);
736 _dbus_list_clear (&watched_dirs);
742 bus_context_new (const DBusString *config_file,
743 BusContextFlags flags,
744 DBusPipe *print_addr_pipe,
745 DBusPipe *print_pid_pipe,
746 const DBusString *address,
750 BusConfigParser *parser;
752 _dbus_assert ((flags & BUS_CONTEXT_FLAG_FORK_NEVER) == 0 ||
753 (flags & BUS_CONTEXT_FLAG_FORK_ALWAYS) == 0);
755 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
760 if (!dbus_server_allocate_data_slot (&server_data_slot))
766 context = dbus_new0 (BusContext, 1);
772 context->refcount = 1;
773 context->myKdbusConnection = NULL;
775 _dbus_generate_uuid (&context->uuid);
777 if (!_dbus_string_copy_data (config_file, &context->config_file))
783 context->loop = _dbus_loop_new ();
784 if (context->loop == NULL)
790 context->registry = bus_registry_new (context);
791 if (context->registry == NULL)
797 parser = bus_config_load (config_file, TRUE, NULL, error);
800 _DBUS_ASSERT_ERROR_IS_SET (error);
804 if (!process_config_first_time_only (context, parser, address, flags, error))
806 _DBUS_ASSERT_ERROR_IS_SET (error);
809 if (!process_config_every_time (context, parser, FALSE, error))
811 _DBUS_ASSERT_ERROR_IS_SET (error);
815 /* we need another ref of the server data slot for the context
818 if (!dbus_server_allocate_data_slot (&server_data_slot))
819 _dbus_assert_not_reached ("second ref of server data slot failed");
821 /* Note that we don't know whether the print_addr_pipe is
822 * one of the sockets we're using to listen on, or some
823 * other random thing. But I think the answer is "don't do
826 if (print_addr_pipe != NULL && _dbus_pipe_is_valid (print_addr_pipe))
829 const char *a = bus_context_get_address (context);
832 _dbus_assert (a != NULL);
833 if (!_dbus_string_init (&addr))
839 if (!_dbus_string_append (&addr, a) ||
840 !_dbus_string_append (&addr, "\n"))
842 _dbus_string_free (&addr);
847 bytes = _dbus_string_get_length (&addr);
848 if (_dbus_pipe_write (print_addr_pipe, &addr, 0, bytes, error) != bytes)
850 /* pipe write returns an error on failure but not short write */
851 if (error != NULL && !dbus_error_is_set (error))
853 dbus_set_error (error, DBUS_ERROR_FAILED,
854 "Printing message bus address: did not write all bytes\n");
856 _dbus_string_free (&addr);
860 if (!_dbus_pipe_is_stdout_or_stderr (print_addr_pipe))
861 _dbus_pipe_close (print_addr_pipe, NULL);
863 _dbus_string_free (&addr);
866 context->connections = bus_connections_new (context);
867 if (context->connections == NULL)
873 context->matchmaker = bus_matchmaker_new ();
874 if (context->matchmaker == NULL)
880 /* check user before we fork */
881 if (context->user != NULL)
883 if (!_dbus_verify_daemon_user (context->user))
885 dbus_set_error (error, DBUS_ERROR_FAILED,
886 "Could not get UID and GID for username \"%s\"",
892 /* Now become a daemon if appropriate and write out pid file in any case */
896 if (context->pidfile)
897 _dbus_string_init_const (&u, context->pidfile);
899 if (((flags & BUS_CONTEXT_FLAG_FORK_NEVER) == 0 && context->fork) ||
900 (flags & BUS_CONTEXT_FLAG_FORK_ALWAYS))
902 _dbus_verbose ("Forking and becoming daemon\n");
904 if (!_dbus_become_daemon (context->pidfile ? &u : NULL,
907 context->keep_umask))
909 _DBUS_ASSERT_ERROR_IS_SET (error);
915 _dbus_verbose ("Fork not requested\n");
917 /* Need to write PID file and to PID pipe for ourselves,
918 * not for the child process. This is a no-op if the pidfile
919 * is NULL and print_pid_pipe is NULL.
921 if (!_dbus_write_pid_to_file_and_pipe (context->pidfile ? &u : NULL,
926 _DBUS_ASSERT_ERROR_IS_SET (error);
932 if (print_pid_pipe && _dbus_pipe_is_valid (print_pid_pipe) &&
933 !_dbus_pipe_is_stdout_or_stderr (print_pid_pipe))
934 _dbus_pipe_close (print_pid_pipe, NULL);
936 if (!bus_selinux_full_init ())
938 bus_context_log (context, DBUS_SYSTEM_LOG_FATAL, "SELinux enabled but AVC initialization failed; check system log\n");
941 if (!process_config_postinit (context, parser, error))
943 _DBUS_ASSERT_ERROR_IS_SET (error);
949 bus_config_parser_unref (parser);
953 /* Here we change our credentials if required,
954 * as soon as we've set up our sockets and pidfile
956 if (context->user != NULL)
958 if (!_dbus_change_to_daemon_user (context->user, error))
960 _DBUS_ASSERT_ERROR_IS_SET (error);
965 /* FIXME - why not just put this in full_init() below? */
966 bus_selinux_audit_init ();
970 dbus_server_free_data_slot (&server_data_slot);
972 if(context->myKdbusConnection)
974 DBusString unique_name;
976 if(!bus_connections_setup_connection(context->connections, context->myKdbusConnection))
978 _dbus_verbose ("Bus connections setup connection failed for myKdbusConnection!\n");
979 dbus_connection_close (context->myKdbusConnection);
980 dbus_connection_unref (context->myKdbusConnection);
983 dbus_connection_set_route_peer_messages (context->myKdbusConnection, FALSE);
984 _dbus_string_init_const (&unique_name, ":1.1"); //dbus_bus_get_unique_name(context->myConnection)); this is without :1.
985 if(!bus_connection_complete (context->myKdbusConnection, &unique_name, error))
987 _dbus_verbose ("Bus connection complete failed for myKdbusConnection!\n");
991 if(!register_daemon_name(context->myKdbusConnection))
993 _dbus_verbose ("Registering org.freedesktop.DBus name for daemon failed!\n");
996 if(!register_kdbus_starters(context->myKdbusConnection))
998 _dbus_verbose ("Registering kdbus starters for dbus activatable names failed!\n");
1007 bus_config_parser_unref (parser);
1008 if (context != NULL)
1009 bus_context_unref (context);
1011 if (server_data_slot >= 0)
1012 dbus_server_free_data_slot (&server_data_slot);
1018 bus_context_get_id (BusContext *context,
1021 return _dbus_uuid_encode (&context->uuid, uuid);
1025 bus_context_reload_config (BusContext *context,
1028 BusConfigParser *parser;
1029 DBusString config_file;
1032 /* Flush the user database cache */
1033 _dbus_flush_caches ();
1036 _dbus_string_init_const (&config_file, context->config_file);
1037 parser = bus_config_load (&config_file, TRUE, NULL, error);
1040 _DBUS_ASSERT_ERROR_IS_SET (error);
1044 if (!process_config_every_time (context, parser, TRUE, error))
1046 _DBUS_ASSERT_ERROR_IS_SET (error);
1049 if (!process_config_postinit (context, parser, error))
1051 _DBUS_ASSERT_ERROR_IS_SET (error);
1055 if(context->myKdbusConnection)
1057 if(!update_kdbus_starters(context->myKdbusConnection))
1059 _dbus_verbose ("Update kdbus starters for dbus activatable names failed.\n");
1060 _DBUS_ASSERT_ERROR_IS_SET (error);
1066 bus_context_log (context, DBUS_SYSTEM_LOG_INFO, "Reloaded configuration");
1069 bus_context_log (context, DBUS_SYSTEM_LOG_INFO, "Unable to reload configuration: %s", error->message);
1071 bus_config_parser_unref (parser);
1076 shutdown_server (BusContext *context,
1079 if (server == NULL ||
1080 !dbus_server_get_is_connected (server))
1083 if (!dbus_server_set_watch_functions (server,
1087 _dbus_assert_not_reached ("setting watch functions to NULL failed");
1089 if (!dbus_server_set_timeout_functions (server,
1093 _dbus_assert_not_reached ("setting timeout functions to NULL failed");
1095 dbus_server_disconnect (server);
1099 bus_context_shutdown (BusContext *context)
1103 link = _dbus_list_get_first_link (&context->servers);
1104 while (link != NULL)
1106 shutdown_server (context, link->data);
1108 link = _dbus_list_get_next_link (&context->servers, link);
1113 bus_context_ref (BusContext *context)
1115 _dbus_assert (context->refcount > 0);
1116 context->refcount += 1;
1122 bus_context_unref (BusContext *context)
1124 _dbus_assert (context->refcount > 0);
1125 context->refcount -= 1;
1127 if (context->refcount == 0)
1131 _dbus_verbose ("Finalizing bus context %p\n", context);
1133 bus_context_shutdown (context);
1135 if (context->connections)
1137 bus_connections_unref (context->connections);
1138 context->connections = NULL;
1141 if (context->registry)
1143 bus_registry_unref (context->registry);
1144 context->registry = NULL;
1147 if (context->activation)
1149 bus_activation_unref (context->activation);
1150 context->activation = NULL;
1153 link = _dbus_list_get_first_link (&context->servers);
1154 while (link != NULL)
1156 dbus_server_unref (link->data);
1158 link = _dbus_list_get_next_link (&context->servers, link);
1160 _dbus_list_clear (&context->servers);
1162 if (context->policy)
1164 bus_policy_unref (context->policy);
1165 context->policy = NULL;
1170 _dbus_loop_unref (context->loop);
1171 context->loop = NULL;
1174 if (context->matchmaker)
1176 bus_matchmaker_unref (context->matchmaker);
1177 context->matchmaker = NULL;
1180 dbus_free (context->config_file);
1181 dbus_free (context->log_prefix);
1182 dbus_free (context->type);
1183 dbus_free (context->address);
1184 dbus_free (context->user);
1185 dbus_free (context->servicehelper);
1187 if (context->pidfile)
1190 _dbus_string_init_const (&u, context->pidfile);
1192 /* Deliberately ignore errors here, since there's not much
1193 * we can do about it, and we're exiting anyways.
1195 _dbus_delete_file (&u, NULL);
1197 dbus_free (context->pidfile);
1199 dbus_free (context);
1201 dbus_server_free_data_slot (&server_data_slot);
1205 /* type may be NULL */
1207 bus_context_get_type (BusContext *context)
1209 return context->type;
1213 bus_context_get_address (BusContext *context)
1215 return context->address;
1219 bus_context_get_servicehelper (BusContext *context)
1221 return context->servicehelper;
1225 bus_context_get_systemd_activation (BusContext *context)
1227 return context->systemd_activation;
1231 bus_context_get_registry (BusContext *context)
1233 return context->registry;
1237 bus_context_get_connections (BusContext *context)
1239 return context->connections;
1243 bus_context_get_activation (BusContext *context)
1245 return context->activation;
1249 bus_context_get_matchmaker (BusContext *context)
1251 return context->matchmaker;
1255 bus_context_get_loop (BusContext *context)
1257 return context->loop;
1260 DBusConnection* bus_context_get_myConnection(BusContext *context)
1262 return context->myKdbusConnection;
1266 bus_context_allow_unix_user (BusContext *context,
1269 return bus_policy_allow_unix_user (context->policy,
1273 /* For now this is never actually called because the default
1274 * DBusConnection behavior of 'same user that owns the bus can connect'
1275 * is all it would do.
1278 bus_context_allow_windows_user (BusContext *context,
1279 const char *windows_sid)
1281 return bus_policy_allow_windows_user (context->policy,
1286 bus_context_get_policy (BusContext *context)
1288 return context->policy;
1292 bus_context_create_client_policy (BusContext *context,
1293 DBusConnection *connection,
1296 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1297 return bus_policy_create_client_policy (context->policy, connection,
1302 bus_context_get_activation_timeout (BusContext *context)
1305 return context->limits.activation_timeout;
1309 bus_context_get_auth_timeout (BusContext *context)
1311 return context->limits.auth_timeout;
1315 bus_context_get_max_completed_connections (BusContext *context)
1317 return context->limits.max_completed_connections;
1321 bus_context_get_max_incomplete_connections (BusContext *context)
1323 return context->limits.max_incomplete_connections;
1327 bus_context_get_max_connections_per_user (BusContext *context)
1329 return context->limits.max_connections_per_user;
1333 bus_context_get_max_pending_activations (BusContext *context)
1335 return context->limits.max_pending_activations;
1339 bus_context_get_max_services_per_connection (BusContext *context)
1341 return context->limits.max_services_per_connection;
1345 bus_context_get_max_match_rules_per_connection (BusContext *context)
1347 return context->limits.max_match_rules_per_connection;
1351 bus_context_get_max_replies_per_connection (BusContext *context)
1353 return context->limits.max_replies_per_connection;
1357 bus_context_get_reply_timeout (BusContext *context)
1359 return context->limits.reply_timeout;
1362 dbus_bool_t bus_context_is_kdbus(BusContext* context)
1364 return context->myKdbusConnection != NULL;
1368 bus_context_log (BusContext *context, DBusSystemLogSeverity severity, const char *msg, ...) _DBUS_GNUC_PRINTF (3, 4);
1371 bus_context_log (BusContext *context, DBusSystemLogSeverity severity, const char *msg, ...)
1375 if (!context->syslog)
1377 /* we're not syslogging; just output to stderr */
1378 va_start (args, msg);
1379 vfprintf (stderr, msg, args);
1380 fprintf (stderr, "\n");
1385 va_start (args, msg);
1387 if (context->log_prefix)
1389 DBusString full_msg;
1391 if (!_dbus_string_init (&full_msg))
1393 if (!_dbus_string_append (&full_msg, context->log_prefix))
1395 if (!_dbus_string_append_printf_valist (&full_msg, msg, args))
1398 _dbus_system_log (severity, "%s", _dbus_string_get_const_data (&full_msg));
1400 _dbus_string_free (&full_msg);
1403 _dbus_system_logv (severity, msg, args);
1409 static inline const char *
1410 nonnull (const char *maybe_null,
1411 const char *if_null)
1413 return (maybe_null ? maybe_null : if_null);
1417 * Log something about a message, usually that it was rejected.
1420 complain_about_message (BusContext *context,
1421 const char *error_name,
1422 const char *complaint,
1424 DBusMessage *message,
1425 DBusConnection *sender,
1426 DBusConnection *proposed_recipient,
1427 dbus_bool_t requested_reply,
1431 DBusError stack_error = DBUS_ERROR_INIT;
1432 const char *sender_name;
1433 const char *sender_loginfo;
1434 const char *proposed_recipient_loginfo;
1436 if (error == NULL && !log)
1441 sender_name = bus_connection_get_name (sender);
1442 sender_loginfo = bus_connection_get_loginfo (sender);
1446 sender_name = "(unset)";
1447 sender_loginfo = "(bus)";
1450 if (proposed_recipient != NULL)
1451 proposed_recipient_loginfo = bus_connection_get_loginfo (proposed_recipient);
1453 proposed_recipient_loginfo = "bus";
1455 dbus_set_error (&stack_error, error_name,
1456 "%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) "
1457 "interface=\"%s\" member=\"%s\" error name=\"%s\" "
1458 "requested_reply=\"%d\" destination=\"%s\" (%s)",
1461 dbus_message_type_to_string (dbus_message_get_type (message)),
1464 nonnull (dbus_message_get_interface (message), "(unset)"),
1465 nonnull (dbus_message_get_member (message), "(unset)"),
1466 nonnull (dbus_message_get_error_name (message), "(unset)"),
1468 nonnull (dbus_message_get_destination (message), DBUS_SERVICE_DBUS),
1469 proposed_recipient_loginfo);
1471 /* If we hit OOM while setting the error, this will syslog "out of memory"
1472 * which is itself an indication that something is seriously wrong */
1474 bus_context_log (context, DBUS_SYSTEM_LOG_SECURITY, "%s",
1475 stack_error.message);
1477 dbus_move_error (&stack_error, error);
1481 * addressed_recipient is the recipient specified in the message.
1483 * proposed_recipient is the recipient we're considering sending
1484 * to right this second, and may be an eavesdropper.
1486 * sender is the sender of the message.
1488 * NULL for proposed_recipient or sender definitely means the bus driver.
1490 * NULL for addressed_recipient may mean the bus driver, or may mean
1491 * no destination was specified in the message (e.g. a signal).
1494 bus_context_check_security_policy (BusContext *context,
1495 BusTransaction *transaction,
1496 DBusConnection *sender,
1497 DBusConnection *addressed_recipient,
1498 DBusConnection *proposed_recipient,
1499 DBusMessage *message,
1503 BusClientPolicy *sender_policy;
1504 BusClientPolicy *recipient_policy;
1505 dbus_int32_t toggles;
1508 dbus_bool_t requested_reply;
1510 type = dbus_message_get_type (message);
1511 dest = dbus_message_get_destination (message);
1513 /* dispatch.c was supposed to ensure these invariants */
1514 _dbus_assert (dest != NULL ||
1515 type == DBUS_MESSAGE_TYPE_SIGNAL ||
1516 (sender == NULL && !bus_connection_is_active (proposed_recipient)));
1517 _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
1518 addressed_recipient != NULL ||
1519 strcmp (dest, DBUS_SERVICE_DBUS) == 0);
1523 case DBUS_MESSAGE_TYPE_METHOD_CALL:
1524 case DBUS_MESSAGE_TYPE_SIGNAL:
1525 case DBUS_MESSAGE_TYPE_METHOD_RETURN:
1526 case DBUS_MESSAGE_TYPE_ERROR:
1530 _dbus_verbose ("security check disallowing message of unknown type %d\n",
1533 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1534 "Message bus will not accept messages of unknown type\n");
1539 requested_reply = FALSE;
1543 /* First verify the SELinux access controls. If allowed then
1544 * go on with the standard checks.
1546 if (!bus_selinux_allows_send (sender, proposed_recipient,
1547 dbus_message_type_to_string (dbus_message_get_type (message)),
1548 dbus_message_get_interface (message),
1549 dbus_message_get_member (message),
1550 dbus_message_get_error_name (message),
1551 dest ? dest : DBUS_SERVICE_DBUS, error))
1553 if (error != NULL && !dbus_error_is_set (error))
1555 /* don't syslog this, just set the error: avc_has_perm should
1556 * have already written to either the audit log or syslog */
1557 complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
1558 "An SELinux policy prevents this sender from sending this "
1559 "message to this recipient",
1560 0, message, sender, proposed_recipient, FALSE, FALSE, error);
1561 _dbus_verbose ("SELinux security check denying send to service\n");
1567 if (bus_connection_is_active (sender))
1569 sender_policy = bus_connection_get_policy (sender);
1570 _dbus_assert (sender_policy != NULL);
1572 /* Fill in requested_reply variable with TRUE if this is a
1573 * reply and the reply was pending.
1575 if (dbus_message_get_reply_serial (message) != 0)
1577 if (proposed_recipient != NULL /* not to the bus driver */ &&
1578 addressed_recipient == proposed_recipient /* not eavesdropping */)
1582 dbus_error_init (&error2);
1583 requested_reply = bus_connections_check_reply (bus_connection_get_connections (sender),
1585 sender, addressed_recipient, message,
1587 if (dbus_error_is_set (&error2))
1589 dbus_move_error (&error2, error);
1597 /* Policy for inactive connections is that they can only send
1598 * the hello message to the bus driver
1600 if (proposed_recipient == NULL &&
1601 dbus_message_is_method_call (message,
1602 DBUS_INTERFACE_DBUS,
1605 _dbus_verbose ("security check allowing %s message\n",
1611 _dbus_verbose ("security check disallowing non-%s message\n",
1614 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1615 "Client tried to send a message other than %s without being registered",
1624 sender_policy = NULL;
1626 /* If the sender is the bus driver, we assume any reply was a
1627 * requested reply as bus driver won't send bogus ones
1629 if (addressed_recipient == proposed_recipient /* not eavesdropping */ &&
1630 dbus_message_get_reply_serial (message) != 0)
1631 requested_reply = TRUE;
1634 _dbus_assert ((sender != NULL && sender_policy != NULL) ||
1635 (sender == NULL && sender_policy == NULL));
1637 if (proposed_recipient != NULL)
1639 /* only the bus driver can send to an inactive recipient (as it
1640 * owns no services, so other apps can't address it). Inactive
1641 * recipients can receive any message.
1643 if (bus_connection_is_active (proposed_recipient))
1645 recipient_policy = bus_connection_get_policy (proposed_recipient);
1646 _dbus_assert (recipient_policy != NULL);
1648 else if (sender == NULL)
1650 _dbus_verbose ("security check using NULL recipient policy for message from bus\n");
1651 recipient_policy = NULL;
1655 _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n");
1656 recipient_policy = NULL;
1660 recipient_policy = NULL;
1662 _dbus_assert ((proposed_recipient != NULL && recipient_policy != NULL) ||
1663 (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) ||
1664 (proposed_recipient == NULL && recipient_policy == NULL));
1667 if (sender_policy &&
1668 !bus_client_policy_check_can_send (sender_policy,
1672 message, &toggles, &log))
1674 complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
1675 "Rejected send message", toggles,
1676 message, sender, proposed_recipient, requested_reply,
1677 (addressed_recipient == proposed_recipient), error);
1678 _dbus_verbose ("security policy disallowing message due to sender policy\n");
1684 /* We want to drop this message, and are only not doing so for backwards
1686 complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
1687 "Would reject message", toggles,
1688 message, sender, proposed_recipient, requested_reply,
1692 if (recipient_policy &&
1693 !bus_client_policy_check_can_receive (recipient_policy,
1697 addressed_recipient, proposed_recipient,
1700 complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
1701 "Rejected receive message", toggles,
1702 message, sender, proposed_recipient, requested_reply,
1703 (addressed_recipient == proposed_recipient), NULL);
1704 _dbus_verbose ("security policy disallowing message due to recipient policy\n");
1708 /* See if limits on size have been exceeded */
1709 if (proposed_recipient &&
1710 ((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) ||
1711 (dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds)))
1713 complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED,
1714 "Rejected: destination has a full message queue",
1715 0, message, sender, proposed_recipient, requested_reply, TRUE,
1717 _dbus_verbose ("security policy disallowing message due to full message queue\n");
1721 /* Record that we will allow a reply here in the future (don't
1722 * bother if the recipient is the bus or this is an eavesdropping
1723 * connection). Only the addressed recipient may reply.
1725 if (type == DBUS_MESSAGE_TYPE_METHOD_CALL &&
1727 addressed_recipient &&
1728 addressed_recipient == proposed_recipient && /* not eavesdropping */
1729 !bus_connections_expect_reply (bus_connection_get_connections (sender),
1731 sender, addressed_recipient,
1734 _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
1738 _dbus_verbose ("security policy allowing message\n");