1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* config-parser.c XML-library-agnostic configuration file parser
4 * Copyright (C) 2003, 2004 Red Hat, Inc.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
25 #include "config-parser-common.h"
26 #include "config-parser.h"
32 #include <dbus/dbus-list.h>
33 #include <dbus/dbus-internals.h>
34 #include <dbus/dbus-misc.h>
35 #include <dbus/dbus-sysdeps.h>
40 /* we ignore policies for unknown groups/users */
55 unsigned int had_content : 1;
61 unsigned int ignore_missing : 1;
62 unsigned int if_selinux_enabled : 1;
63 unsigned int selinux_root_relative : 1;
69 unsigned long gid_uid_or_at_console;
83 * Parser for bus configuration file.
85 struct BusConfigParser
87 int refcount; /**< Reference count */
89 DBusString basedir; /**< Directory we resolve paths relative to */
91 DBusList *stack; /**< stack of Element */
93 char *user; /**< user to run as */
95 char *servicehelper; /**< location of the setuid helper */
97 char *bus_type; /**< Message bus type */
99 DBusList *listen_on; /**< List of addresses to listen to */
101 DBusList *mechanisms; /**< Auth mechanisms */
103 DBusList *service_dirs; /**< BusConfigServiceDirs to look for session services in */
105 DBusList *conf_dirs; /**< Directories to look for policy configuration in */
107 BusPolicy *policy; /**< Security policy */
109 BusLimits limits; /**< Limits */
111 char *pidfile; /**< PID file */
113 DBusList *included_files; /**< Included files stack */
115 DBusHashTable *service_context_table; /**< Map service names to SELinux contexts */
117 unsigned int fork : 1; /**< TRUE to fork into daemon mode */
119 unsigned int syslog : 1; /**< TRUE to enable syslog */
120 unsigned int keep_umask : 1; /**< TRUE to keep original umask when forking */
122 unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */
124 unsigned int allow_anonymous : 1; /**< TRUE to allow anonymous connections */
128 push_element (BusConfigParser *parser,
133 _dbus_assert (type != ELEMENT_NONE);
135 e = dbus_new0 (Element, 1);
139 if (!_dbus_list_append (&parser->stack, e))
151 element_free (Element *e)
153 if (e->type == ELEMENT_LIMIT)
154 dbus_free (e->d.limit.name);
160 pop_element (BusConfigParser *parser)
164 e = _dbus_list_pop_last (&parser->stack);
170 peek_element (BusConfigParser *parser)
174 e = _dbus_list_get_last (&parser->stack);
180 top_element_type (BusConfigParser *parser)
184 e = _dbus_list_get_last (&parser->stack);
193 merge_service_context_hash (DBusHashTable *dest,
203 _dbus_hash_iter_init (from, &iter);
204 while (_dbus_hash_iter_next (&iter))
206 const char *service = _dbus_hash_iter_get_string_key (&iter);
207 const char *context = _dbus_hash_iter_get_value (&iter);
209 service_copy = _dbus_strdup (service);
210 if (service_copy == NULL)
212 context_copy = _dbus_strdup (context);
213 if (context_copy == NULL)
216 if (!_dbus_hash_table_insert_string (dest, service_copy, context_copy))
227 dbus_free (service_copy);
230 dbus_free (context_copy);
236 * Create a new BusConfigServiceDir. Takes ownership of path if #TRUE is returned.
238 * @returns #FALSE on OOM
240 static BusConfigServiceDir *
241 bus_config_service_dir_new_take (char *path,
242 BusServiceDirFlags flags)
244 BusConfigServiceDir *self = dbus_new0 (BusConfigServiceDir, 1);
249 self->path = path; /* take ownership */
255 bus_config_service_dir_free (BusConfigServiceDir *self)
257 dbus_free (self->path);
261 static BusConfigServiceDir *
262 service_dirs_find_dir (DBusList **service_dirs,
267 _dbus_assert (dir != NULL);
269 for (link = *service_dirs; link; link = _dbus_list_get_next_link(service_dirs, link))
271 BusConfigServiceDir *link_dir = link->data;
273 if (strcmp (dir, link_dir->path) == 0)
281 service_dirs_append_link_unique_or_free (DBusList **service_dirs,
284 BusConfigServiceDir *dir = dir_link->data;
285 BusConfigServiceDir *already = service_dirs_find_dir (service_dirs,
290 _dbus_list_append_link (service_dirs, dir_link);
294 /* BusServiceDirFlags are chosen such that the compatible thing to do
295 * is to "and" the flags. For example, if a directory is explicitly
296 * added as a <servicedir> (which is watched with inotify) and is also
297 * the transient service directory (which should not be watched),
298 * the compatible thing to do is to watch it. */
299 already->flags &= dir->flags;
300 bus_config_service_dir_free (dir_link->data);
301 _dbus_list_free_link (dir_link);
306 * Consume links from dirs (a list of paths), converting them into links in
307 * service_dirs (a list of unique BusServiceDir).
309 * On success, return TRUE. dirs will be empty, and every original entry in
310 * dirs will have a corresponding service_dirs entry.
312 * On OOM, return FALSE. Each original entry of dirs has either been
313 * appended to service_dirs or left in dirs.
316 service_dirs_absorb_string_list (DBusList **service_dirs,
318 BusServiceDirFlags flags)
322 _dbus_assert (service_dirs != NULL);
323 _dbus_assert (dirs != NULL);
325 while ((link = _dbus_list_pop_first_link (dirs)))
327 char *path = link->data;
328 BusConfigServiceDir *dir = bus_config_service_dir_new_take (path, flags);
332 /* OOM - roll back (this does not need to allocate memory) */
333 _dbus_list_prepend_link (service_dirs, link);
337 /* Ownership of path has been taken by dir */
339 service_dirs_append_link_unique_or_free (service_dirs, link);
342 _dbus_assert (*dirs == NULL);
347 merge_included (BusConfigParser *parser,
348 BusConfigParser *included,
353 if (!bus_policy_merge (parser->policy,
360 if (!merge_service_context_hash (parser->service_context_table,
361 included->service_context_table))
367 if (included->user != NULL)
369 dbus_free (parser->user);
370 parser->user = included->user;
371 included->user = NULL;
374 if (included->bus_type != NULL)
376 dbus_free (parser->bus_type);
377 parser->bus_type = included->bus_type;
378 included->bus_type = NULL;
384 if (included->keep_umask)
385 parser->keep_umask = TRUE;
387 if (included->allow_anonymous)
388 parser->allow_anonymous = TRUE;
390 if (included->pidfile != NULL)
392 dbus_free (parser->pidfile);
393 parser->pidfile = included->pidfile;
394 included->pidfile = NULL;
397 if (included->servicehelper != NULL)
399 dbus_free (parser->servicehelper);
400 parser->servicehelper = included->servicehelper;
401 included->servicehelper = NULL;
404 while ((link = _dbus_list_pop_first_link (&included->listen_on)))
405 _dbus_list_append_link (&parser->listen_on, link);
407 while ((link = _dbus_list_pop_first_link (&included->mechanisms)))
408 _dbus_list_append_link (&parser->mechanisms, link);
410 while ((link = _dbus_list_pop_first_link (&included->service_dirs)))
411 service_dirs_append_link_unique_or_free (&parser->service_dirs, link);
413 while ((link = _dbus_list_pop_first_link (&included->conf_dirs)))
414 _dbus_list_append_link (&parser->conf_dirs, link);
420 seen_include (BusConfigParser *parser,
421 const DBusString *file)
425 iter = parser->included_files;
428 if (! strcmp (_dbus_string_get_const_data (file), iter->data))
431 iter = _dbus_list_get_next_link (&parser->included_files, iter);
438 bus_config_parser_new (const DBusString *basedir,
439 dbus_bool_t is_toplevel,
440 const BusConfigParser *parent)
442 BusConfigParser *parser;
444 parser = dbus_new0 (BusConfigParser, 1);
448 parser->is_toplevel = !!is_toplevel;
450 if (!_dbus_string_init (&parser->basedir))
456 if (((parser->policy = bus_policy_new ()) == NULL) ||
457 !_dbus_string_copy (basedir, 0, &parser->basedir, 0) ||
458 ((parser->service_context_table = _dbus_hash_table_new (DBUS_HASH_STRING,
460 dbus_free)) == NULL))
463 bus_policy_unref (parser->policy);
465 _dbus_string_free (&parser->basedir);
473 /* Initialize the parser's limits from the parent. */
474 parser->limits = parent->limits;
476 /* Use the parent's list of included_files to avoid
477 circular inclusions. */
478 parser->included_files = parent->included_files;
483 /* Make up some numbers! woot! */
484 parser->limits.max_incoming_bytes = _DBUS_ONE_MEGABYTE * 127;
485 parser->limits.max_outgoing_bytes = _DBUS_ONE_MEGABYTE * 127;
486 parser->limits.max_message_size = _DBUS_ONE_MEGABYTE * 32;
488 /* We set relatively conservative values here since due to the
489 way SCM_RIGHTS works we need to preallocate an array for the
490 maximum number of file descriptors we can receive. Picking a
491 high value here thus translates directly to more memory
493 parser->limits.max_incoming_unix_fds = DBUS_DEFAULT_MESSAGE_UNIX_FDS*4;
494 parser->limits.max_outgoing_unix_fds = DBUS_DEFAULT_MESSAGE_UNIX_FDS*4;
495 parser->limits.max_message_unix_fds = DBUS_DEFAULT_MESSAGE_UNIX_FDS;
497 /* Making this long means the user has to wait longer for an error
498 * message if something screws up, but making it too short means
499 * they might see a false failure.
501 parser->limits.activation_timeout = 25000; /* 25 seconds */
503 /* Making this long risks making a DOS attack easier, but too short
504 * and legitimate auth will fail. If interactive auth (ask user for
505 * password) is allowed, then potentially it has to be quite long.
507 parser->limits.auth_timeout = 30000; /* 30 seconds */
509 /* Do not allow a fd to stay forever in dbus-daemon
510 * https://bugs.freedesktop.org/show_bug.cgi?id=80559
512 parser->limits.pending_fd_timeout = 150000; /* 2.5 minutes */
514 parser->limits.max_incomplete_connections = 64;
515 parser->limits.max_connections_per_user = 512; /* 256 -> 512 */
517 /* Note that max_completed_connections / max_connections_per_user
518 * is the number of users that would have to work together to
519 * DOS all the other users.
521 parser->limits.max_completed_connections = 2048;
523 parser->limits.max_pending_activations = 512;
524 parser->limits.max_services_per_connection = 512;
526 /* For this one, keep in mind that it isn't only the memory used
527 * by the match rules, but slowdown from linearly walking a big
528 * list of them. A client adding more than this is almost
529 * certainly a bad idea for that reason, and should change to a
530 * smaller number of wider-net match rules - getting every last
531 * message to the bus is probably better than having a thousand
534 parser->limits.max_match_rules_per_connection = 512;
536 parser->limits.reply_timeout = -1; /* never */
538 /* this is effectively a limit on message queue size for messages
539 * that require a reply
541 parser->limits.max_replies_per_connection = 1024; /* 128 -> 1024 */
544 parser->refcount = 1;
550 bus_config_parser_ref (BusConfigParser *parser)
552 _dbus_assert (parser->refcount > 0);
554 parser->refcount += 1;
560 bus_config_parser_unref (BusConfigParser *parser)
562 _dbus_assert (parser->refcount > 0);
564 parser->refcount -= 1;
566 if (parser->refcount == 0)
568 while (parser->stack != NULL)
569 pop_element (parser);
571 dbus_free (parser->user);
572 dbus_free (parser->servicehelper);
573 dbus_free (parser->bus_type);
574 dbus_free (parser->pidfile);
576 _dbus_list_foreach (&parser->listen_on,
577 (DBusForeachFunction) dbus_free,
580 _dbus_list_clear (&parser->listen_on);
582 _dbus_list_foreach (&parser->service_dirs,
583 (DBusForeachFunction) bus_config_service_dir_free,
586 _dbus_list_clear (&parser->service_dirs);
588 _dbus_list_foreach (&parser->conf_dirs,
589 (DBusForeachFunction) dbus_free,
592 _dbus_list_clear (&parser->conf_dirs);
594 _dbus_list_foreach (&parser->mechanisms,
595 (DBusForeachFunction) dbus_free,
598 _dbus_list_clear (&parser->mechanisms);
600 _dbus_string_free (&parser->basedir);
603 bus_policy_unref (parser->policy);
605 if (parser->service_context_table)
606 _dbus_hash_table_unref (parser->service_context_table);
613 bus_config_parser_check_doctype (BusConfigParser *parser,
617 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
619 if (strcmp (doctype, "busconfig") != 0)
621 dbus_set_error (error,
623 "Configuration file has the wrong document type %s",
638 locate_attributes (BusConfigParser *parser,
639 const char *element_name,
640 const char **attribute_names,
641 const char **attribute_values,
643 const char *first_attribute_name,
644 const char **first_attribute_retloc,
652 LocateAttr attrs[MAX_ATTRS];
656 _dbus_assert (first_attribute_name != NULL);
657 _dbus_assert (first_attribute_retloc != NULL);
662 attrs[0].name = first_attribute_name;
663 attrs[0].retloc = first_attribute_retloc;
664 *first_attribute_retloc = NULL;
666 va_start (args, first_attribute_retloc);
668 name = va_arg (args, const char*);
669 retloc = va_arg (args, const char**);
673 _dbus_assert (retloc != NULL);
674 _dbus_assert (n_attrs < MAX_ATTRS);
676 attrs[n_attrs].name = name;
677 attrs[n_attrs].retloc = retloc;
681 name = va_arg (args, const char*);
682 retloc = va_arg (args, const char**);
688 while (attribute_names[i])
697 if (strcmp (attrs[j].name, attribute_names[i]) == 0)
699 retloc = attrs[j].retloc;
703 dbus_set_error (error, DBUS_ERROR_FAILED,
704 "Attribute \"%s\" repeated twice on the same <%s> element",
705 attrs[j].name, element_name);
710 *retloc = attribute_values[i];
719 dbus_set_error (error, DBUS_ERROR_FAILED,
720 "Attribute \"%s\" is invalid on <%s> element in this context",
721 attribute_names[i], element_name);
734 check_no_attributes (BusConfigParser *parser,
735 const char *element_name,
736 const char **attribute_names,
737 const char **attribute_values,
740 if (attribute_names[0] != NULL)
742 dbus_set_error (error, DBUS_ERROR_FAILED,
743 "Attribute \"%s\" is invalid on <%s> element in this context",
744 attribute_names[0], element_name);
752 start_busconfig_child (BusConfigParser *parser,
753 const char *element_name,
754 const char **attribute_names,
755 const char **attribute_values,
758 ElementType element_type;
760 element_type = bus_config_parser_element_name_to_type (element_name);
762 if (element_type == ELEMENT_USER)
764 if (!check_no_attributes (parser, "user", attribute_names, attribute_values, error))
767 if (push_element (parser, ELEMENT_USER) == NULL)
775 else if (element_type == ELEMENT_CONFIGTYPE)
777 if (!check_no_attributes (parser, "type", attribute_names, attribute_values, error))
780 if (push_element (parser, ELEMENT_CONFIGTYPE) == NULL)
788 else if (element_type == ELEMENT_FORK)
790 if (!check_no_attributes (parser, "fork", attribute_names, attribute_values, error))
793 if (push_element (parser, ELEMENT_FORK) == NULL)
803 else if (element_type == ELEMENT_SYSLOG)
805 if (!check_no_attributes (parser, "syslog", attribute_names, attribute_values, error))
808 if (push_element (parser, ELEMENT_SYSLOG) == NULL)
814 parser->syslog = TRUE;
818 else if (element_type == ELEMENT_KEEP_UMASK)
820 if (!check_no_attributes (parser, "keep_umask", attribute_names, attribute_values, error))
823 if (push_element (parser, ELEMENT_KEEP_UMASK) == NULL)
829 parser->keep_umask = TRUE;
833 else if (element_type == ELEMENT_PIDFILE)
835 if (!check_no_attributes (parser, "pidfile", attribute_names, attribute_values, error))
838 if (push_element (parser, ELEMENT_PIDFILE) == NULL)
846 else if (element_type == ELEMENT_LISTEN)
848 if (!check_no_attributes (parser, "listen", attribute_names, attribute_values, error))
851 if (push_element (parser, ELEMENT_LISTEN) == NULL)
859 else if (element_type == ELEMENT_AUTH)
861 if (!check_no_attributes (parser, "auth", attribute_names, attribute_values, error))
864 if (push_element (parser, ELEMENT_AUTH) == NULL)
872 else if (element_type == ELEMENT_SERVICEHELPER)
874 if (!check_no_attributes (parser, "servicehelper", attribute_names, attribute_values, error))
877 if (push_element (parser, ELEMENT_SERVICEHELPER) == NULL)
885 else if (element_type == ELEMENT_INCLUDEDIR)
887 if (!check_no_attributes (parser, "includedir", attribute_names, attribute_values, error))
890 if (push_element (parser, ELEMENT_INCLUDEDIR) == NULL)
898 else if (element_type == ELEMENT_STANDARD_SESSION_SERVICEDIRS)
900 DBusError local_error = DBUS_ERROR_INIT;
901 DBusList *dirs = NULL;
903 if (!check_no_attributes (parser, "standard_session_servicedirs", attribute_names, attribute_values, error))
906 if (push_element (parser, ELEMENT_STANDARD_SESSION_SERVICEDIRS) == NULL)
912 if (_dbus_set_up_transient_session_servicedirs (&dirs, &local_error))
914 if (!service_dirs_absorb_string_list (&parser->service_dirs, &dirs,
915 BUS_SERVICE_DIR_FLAGS_NO_WATCH |
916 BUS_SERVICE_DIR_FLAGS_STRICT_NAMING))
919 _dbus_list_foreach (&dirs, (DBusForeachFunction) dbus_free,
921 _dbus_list_clear (&dirs);
927 /* Failing to set these up isn't fatal */
928 _dbus_warn ("Unable to set up transient service directory: %s",
929 local_error.message);
930 dbus_error_free (&local_error);
933 _dbus_assert (dirs == NULL);
935 if (!_dbus_get_standard_session_servicedirs (&dirs))
941 /* We have traditionally watched the standard session service
942 * directories with inotify, and allowed service files whose names do not
943 * match the bus name */
944 if (!service_dirs_absorb_string_list (&parser->service_dirs, &dirs,
945 BUS_SERVICE_DIR_FLAGS_NONE))
948 _dbus_list_foreach (&dirs, (DBusForeachFunction) dbus_free,
950 _dbus_list_clear (&dirs);
954 _dbus_assert (dirs == NULL);
958 else if (element_type == ELEMENT_STANDARD_SYSTEM_SERVICEDIRS)
963 if (!check_no_attributes (parser, "standard_system_servicedirs", attribute_names, attribute_values, error))
966 if (push_element (parser, ELEMENT_STANDARD_SYSTEM_SERVICEDIRS) == NULL)
972 if (!_dbus_get_standard_system_servicedirs (&dirs))
978 /* We have traditionally watched the standard system service
979 * directories with inotify, and allowed service files whose names do not
980 * match the bus name (the servicehelper won't successfully activate
981 * them, but we do still parse them) */
982 if (!service_dirs_absorb_string_list (&parser->service_dirs, &dirs,
983 BUS_SERVICE_DIR_FLAGS_NONE))
986 _dbus_list_foreach (&dirs, (DBusForeachFunction) dbus_free,
988 _dbus_list_clear (&dirs);
994 else if (element_type == ELEMENT_ALLOW_ANONYMOUS)
996 if (!check_no_attributes (parser, "allow_anonymous", attribute_names, attribute_values, error))
999 if (push_element (parser, ELEMENT_ALLOW_ANONYMOUS) == NULL)
1001 BUS_SET_OOM (error);
1005 parser->allow_anonymous = TRUE;
1008 else if (element_type == ELEMENT_SERVICEDIR)
1010 if (!check_no_attributes (parser, "servicedir", attribute_names, attribute_values, error))
1013 if (push_element (parser, ELEMENT_SERVICEDIR) == NULL)
1015 BUS_SET_OOM (error);
1021 else if (element_type == ELEMENT_INCLUDE)
1024 const char *if_selinux_enabled;
1025 const char *ignore_missing;
1026 const char *selinux_root_relative;
1028 if ((e = push_element (parser, ELEMENT_INCLUDE)) == NULL)
1030 BUS_SET_OOM (error);
1034 e->d.include.ignore_missing = FALSE;
1035 e->d.include.if_selinux_enabled = FALSE;
1036 e->d.include.selinux_root_relative = FALSE;
1038 if (!locate_attributes (parser, "include",
1042 "ignore_missing", &ignore_missing,
1043 "if_selinux_enabled", &if_selinux_enabled,
1044 "selinux_root_relative", &selinux_root_relative,
1048 if (ignore_missing != NULL)
1050 if (strcmp (ignore_missing, "yes") == 0)
1051 e->d.include.ignore_missing = TRUE;
1052 else if (strcmp (ignore_missing, "no") == 0)
1053 e->d.include.ignore_missing = FALSE;
1056 dbus_set_error (error, DBUS_ERROR_FAILED,
1057 "ignore_missing attribute must have value \"yes\" or \"no\"");
1062 if (if_selinux_enabled != NULL)
1064 if (strcmp (if_selinux_enabled, "yes") == 0)
1065 e->d.include.if_selinux_enabled = TRUE;
1066 else if (strcmp (if_selinux_enabled, "no") == 0)
1067 e->d.include.if_selinux_enabled = FALSE;
1070 dbus_set_error (error, DBUS_ERROR_FAILED,
1071 "if_selinux_enabled attribute must have value"
1072 " \"yes\" or \"no\"");
1077 if (selinux_root_relative != NULL)
1079 if (strcmp (selinux_root_relative, "yes") == 0)
1080 e->d.include.selinux_root_relative = TRUE;
1081 else if (strcmp (selinux_root_relative, "no") == 0)
1082 e->d.include.selinux_root_relative = FALSE;
1085 dbus_set_error (error, DBUS_ERROR_FAILED,
1086 "selinux_root_relative attribute must have value"
1087 " \"yes\" or \"no\"");
1094 else if (element_type == ELEMENT_POLICY)
1097 const char *context;
1100 const char *at_console;
1102 if ((e = push_element (parser, ELEMENT_POLICY)) == NULL)
1104 BUS_SET_OOM (error);
1108 e->d.policy.type = POLICY_IGNORED;
1110 if (!locate_attributes (parser, "policy",
1114 "context", &context,
1117 "at_console", &at_console,
1121 if (((context && user) ||
1122 (context && group) ||
1123 (context && at_console)) ||
1125 (user && at_console)) ||
1126 (group && at_console) ||
1127 !(context || user || group || at_console))
1129 dbus_set_error (error, DBUS_ERROR_FAILED,
1130 "<policy> element must have exactly one of (context|user|group|at_console) attributes");
1134 if (context != NULL)
1136 if (strcmp (context, "default") == 0)
1138 e->d.policy.type = POLICY_DEFAULT;
1140 else if (strcmp (context, "mandatory") == 0)
1142 e->d.policy.type = POLICY_MANDATORY;
1146 dbus_set_error (error, DBUS_ERROR_FAILED,
1147 "context attribute on <policy> must have the value \"default\" or \"mandatory\", not \"%s\"",
1152 else if (user != NULL)
1154 DBusString username;
1155 _dbus_string_init_const (&username, user);
1157 if (_dbus_parse_unix_user_from_config (&username,
1158 &e->d.policy.gid_uid_or_at_console))
1159 e->d.policy.type = POLICY_USER;
1161 _dbus_warn ("Unknown username \"%s\" in message bus configuration file",
1164 else if (group != NULL)
1166 DBusString group_name;
1167 _dbus_string_init_const (&group_name, group);
1169 if (_dbus_parse_unix_group_from_config (&group_name,
1170 &e->d.policy.gid_uid_or_at_console))
1171 e->d.policy.type = POLICY_GROUP;
1173 _dbus_warn ("Unknown group \"%s\" in message bus configuration file",
1176 else if (at_console != NULL)
1179 t = (strcmp (at_console, "true") == 0);
1180 if (t || strcmp (at_console, "false") == 0)
1182 e->d.policy.gid_uid_or_at_console = t;
1183 e->d.policy.type = POLICY_CONSOLE;
1187 dbus_set_error (error, DBUS_ERROR_FAILED,
1188 "Unknown value \"%s\" for at_console in message bus configuration file",
1196 _dbus_assert_not_reached ("all <policy> attributes null and we didn't set error");
1201 else if (element_type == ELEMENT_LIMIT)
1206 if ((e = push_element (parser, ELEMENT_LIMIT)) == NULL)
1208 BUS_SET_OOM (error);
1212 if (!locate_attributes (parser, "limit",
1222 dbus_set_error (error, DBUS_ERROR_FAILED,
1223 "<limit> element must have a \"name\" attribute");
1227 e->d.limit.name = _dbus_strdup (name);
1228 if (e->d.limit.name == NULL)
1230 BUS_SET_OOM (error);
1236 else if (element_type == ELEMENT_SELINUX)
1238 if (!check_no_attributes (parser, "selinux", attribute_names, attribute_values, error))
1241 if (push_element (parser, ELEMENT_SELINUX) == NULL)
1243 BUS_SET_OOM (error);
1249 else if (element_type == ELEMENT_APPARMOR)
1254 if ((e = push_element (parser, ELEMENT_APPARMOR)) == NULL)
1256 BUS_SET_OOM (error);
1260 if (!locate_attributes (parser, "apparmor",
1268 return bus_apparmor_set_mode_from_config (mode, error);
1272 dbus_set_error (error, DBUS_ERROR_FAILED,
1273 "Element <%s> not allowed inside <%s> in configuration file",
1274 element_name, "busconfig");
1280 * Parse an attribute named name, whose content is content, or NULL if
1281 * missing. It is meant to be a (long) integer between min and max inclusive.
1282 * If it is missing, use def as the default value (which does not
1283 * necessarily need to be between min and max).
1286 parse_int_attribute (const char *name,
1287 const char *content,
1294 DBusString parse_string;
1298 if (content == NULL)
1301 _dbus_string_init_const (&parse_string, content);
1303 if (!_dbus_string_parse_int (&parse_string, 0, value, NULL) ||
1304 *value < min || *value > max)
1306 dbus_set_error (error, DBUS_ERROR_FAILED,
1307 "Bad value \"%s\" for %s attribute, must be an "
1308 "integer in range %ld to %ld inclusive",
1309 content, name, min, max);
1317 append_rule_from_element (BusConfigParser *parser,
1318 const char *element_name,
1319 const char **attribute_names,
1320 const char **attribute_values,
1321 BusPolicyRuleAccess access,
1326 /* Group: send_ attributes */
1327 const char *send_interface;
1328 const char *send_member;
1329 const char *send_error;
1330 const char *send_destination;
1331 const char *send_destination_prefix;
1332 const char *send_path;
1333 const char *send_type;
1334 const char *send_requested_reply;
1335 const char *send_broadcast;
1336 /* TRUE if any send_ attribute is present */
1337 dbus_bool_t any_send_attribute;
1339 /* Group: receive_ attributes */
1340 const char *receive_interface;
1341 const char *receive_member;
1342 const char *receive_error;
1343 const char *receive_sender;
1344 const char *receive_path;
1345 const char *receive_type;
1346 const char *receive_requested_reply;
1347 /* TRUE if any receive_ attribute is present */
1348 dbus_bool_t any_receive_attribute;
1350 /* Group: message-matching modifiers that can go on send_ or receive_ */
1351 const char *eavesdrop;
1352 const char *max_fds_attr;
1353 long max_fds = DBUS_MAXIMUM_MESSAGE_UNIX_FDS;
1354 const char *min_fds_attr;
1356 /* TRUE if any message-matching modifier is present */
1357 dbus_bool_t any_message_attribute;
1359 /* Non-message-related attributes */
1361 const char *own_prefix;
1364 const char *privilege;
1366 BusPolicyRule *rule;
1368 if (!locate_attributes (parser, element_name,
1372 "send_interface", &send_interface,
1373 "send_member", &send_member,
1374 "send_error", &send_error,
1375 "send_destination", &send_destination,
1376 "send_destination_prefix", &send_destination_prefix,
1377 "send_path", &send_path,
1378 "send_type", &send_type,
1379 "send_broadcast", &send_broadcast,
1380 "receive_interface", &receive_interface,
1381 "receive_member", &receive_member,
1382 "receive_error", &receive_error,
1383 "receive_sender", &receive_sender,
1384 "receive_path", &receive_path,
1385 "receive_type", &receive_type,
1386 "eavesdrop", &eavesdrop,
1387 "max_fds", &max_fds_attr,
1388 "min_fds", &min_fds_attr,
1389 "send_requested_reply", &send_requested_reply,
1390 "receive_requested_reply", &receive_requested_reply,
1392 "own_prefix", &own_prefix,
1396 "privilege", &privilege,
1400 any_send_attribute = (send_destination != NULL ||
1401 send_destination_prefix != NULL ||
1402 send_broadcast != NULL ||
1403 send_path != NULL ||
1404 send_type != NULL ||
1405 send_interface != NULL ||
1406 send_member != NULL ||
1407 send_error != NULL ||
1408 send_requested_reply != NULL);
1409 any_receive_attribute = (receive_sender != NULL ||
1410 receive_path != NULL ||
1411 receive_type != NULL ||
1412 receive_interface != NULL ||
1413 receive_member != NULL ||
1414 receive_error != NULL ||
1415 receive_requested_reply != NULL ||
1416 /* <allow eavesdrop="true"/> means the same as
1417 * <allow receive_sender="*" eavesdrop="true"/>,
1418 * but <allow send_anything="anything"/> can also
1419 * take the eavesdrop attribute and still counts
1420 * as a send rule. */
1421 (!any_send_attribute && eavesdrop != NULL));
1422 any_message_attribute = (any_send_attribute ||
1423 any_receive_attribute ||
1424 eavesdrop != NULL ||
1425 max_fds_attr != NULL ||
1426 min_fds_attr != NULL);
1428 if (!(any_send_attribute ||
1429 any_receive_attribute ||
1431 own || own_prefix || user || group))
1433 dbus_set_error (error, DBUS_ERROR_FAILED,
1434 "Element <%s> must have one or more attributes",
1439 if ((send_member && (send_interface == NULL && send_path == NULL)) ||
1440 (receive_member && (receive_interface == NULL && receive_path == NULL)))
1442 dbus_set_error (error, DBUS_ERROR_FAILED,
1443 "On element <%s>, if you specify a member you must specify an interface or a path. Keep in mind that not all messages have an interface field.",
1448 if (access == BUS_POLICY_RULE_ACCESS_CHECK)
1450 if (privilege == NULL || !*privilege)
1452 dbus_set_error (error, DBUS_ERROR_FAILED,
1453 "On element <%s>, you must specify the privilege to be checked.",
1460 if (privilege != NULL && *privilege)
1462 dbus_set_error (error, DBUS_ERROR_FAILED,
1463 "On element <%s>, privilege %s is used outside of a check rule.",
1464 element_name, privilege);
1468 privilege = NULL; /* replace (potentially) empty string with NULL pointer, it wouldn't be used anyway */
1471 /* Allowed combinations of elements are:
1473 * base, must be all send or all receive:
1476 * interface + member
1479 * base send_ can combine with send_destination, send_destination_prefix, send_path, send_type, send_requested_reply, send_broadcast, eavesdrop
1480 * send_destination must not occur with send_destination_prefix
1481 * base receive_ with receive_sender, receive_path, receive_type, receive_requested_reply, eavesdrop
1483 * user, group, own, own_prefix must occur alone
1486 if (any_message_attribute +
1488 (own_prefix != NULL) +
1490 (group != NULL)) > 1)
1492 dbus_set_error (error, DBUS_ERROR_FAILED,
1493 "Invalid combination of attributes on element <%s>: "
1494 "own, own_prefix, user, group and the message-related "
1495 "attributes cannot be combined",
1500 if (any_send_attribute && any_receive_attribute)
1502 dbus_set_error (error, DBUS_ERROR_FAILED,
1503 "Invalid combination of attributes on element <%s>: "
1504 "send and receive attributes cannot be combined",
1509 if ((send_member != NULL || send_interface != NULL) && send_error != NULL)
1511 dbus_set_error (error, DBUS_ERROR_FAILED,
1512 "Invalid combination of attributes on element <%s>: "
1513 "send_error cannot be combined with send_member or "
1519 if ((receive_member != NULL || receive_interface != NULL) &&
1520 receive_error != NULL)
1522 dbus_set_error (error, DBUS_ERROR_FAILED,
1523 "Invalid combination of attributes on element <%s>: "
1524 "receive_error cannot be combined with receive_member "
1525 "or receive_interface",
1532 /* In BusPolicyRule, NULL represents wildcard.
1533 * In the config file, '*' represents it.
1535 #define IS_WILDCARD(str) ((str) && ((str)[0]) == '*' && ((str)[1]) == '\0')
1537 if (any_send_attribute)
1541 if (IS_WILDCARD (send_interface))
1542 send_interface = NULL;
1543 if (IS_WILDCARD (send_member))
1545 if (IS_WILDCARD (send_error))
1547 if (IS_WILDCARD (send_destination))
1548 send_destination = NULL;
1549 if (IS_WILDCARD (send_path))
1551 if (IS_WILDCARD (send_type))
1554 message_type = DBUS_MESSAGE_TYPE_INVALID;
1555 if (send_type != NULL)
1557 message_type = dbus_message_type_from_string (send_type);
1558 if (message_type == DBUS_MESSAGE_TYPE_INVALID)
1560 dbus_set_error (error, DBUS_ERROR_FAILED,
1561 "Bad message type \"%s\"",
1568 !(strcmp (eavesdrop, "true") == 0 ||
1569 strcmp (eavesdrop, "false") == 0))
1571 dbus_set_error (error, DBUS_ERROR_FAILED,
1572 "Bad value \"%s\" for %s attribute, must be true or false",
1573 "eavesdrop", eavesdrop);
1577 if (send_broadcast &&
1578 !(strcmp (send_broadcast, "true") == 0 ||
1579 strcmp (send_broadcast, "false") == 0))
1581 dbus_set_error (error, DBUS_ERROR_FAILED,
1582 "Bad value \"%s\" for %s attribute, must be true or false",
1583 send_broadcast, "send_broadcast");
1587 if (send_destination != NULL &&
1588 send_broadcast != NULL &&
1589 strcmp (send_broadcast, "true") == 0)
1591 /* Broadcast messages have no destination, so this cannot
1593 dbus_set_error (error, DBUS_ERROR_FAILED,
1594 "Rule with send_broadcast=\"true\" and "
1595 "send_destination=\"%s\" cannot match anything",
1600 if (send_requested_reply &&
1601 !(strcmp (send_requested_reply, "true") == 0 ||
1602 strcmp (send_requested_reply, "false") == 0))
1604 dbus_set_error (error, DBUS_ERROR_FAILED,
1605 "Bad value \"%s\" for %s attribute, must be true or false",
1606 "send_requested_reply", send_requested_reply);
1610 /* Matching only messages with DBUS_MAXIMUM_MESSAGE_UNIX_FDS or fewer
1611 * fds is the same as matching all messages, so we always set a maximum,
1612 * but perhaps an unrealistically high one. */
1613 if (!parse_int_attribute ("max_fds", max_fds_attr,
1614 0, DBUS_MAXIMUM_MESSAGE_UNIX_FDS,
1615 DBUS_MAXIMUM_MESSAGE_UNIX_FDS, &max_fds,
1617 !parse_int_attribute ("min_fds", min_fds_attr,
1618 0, DBUS_MAXIMUM_MESSAGE_UNIX_FDS, 0, &min_fds,
1622 rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, access);
1627 rule->d.send.eavesdrop = (strcmp (eavesdrop, "true") == 0);
1630 rule->d.send.log = (strcmp (log, "true") == 0);
1632 if (send_requested_reply)
1633 rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0);
1637 if (strcmp (send_broadcast, "true") == 0)
1638 rule->d.send.broadcast = BUS_POLICY_TRISTATE_TRUE;
1640 rule->d.send.broadcast = BUS_POLICY_TRISTATE_FALSE;
1644 rule->d.send.broadcast = BUS_POLICY_TRISTATE_ANY;
1647 rule->d.send.message_type = message_type;
1648 rule->d.send.path = _dbus_strdup (send_path);
1649 rule->d.send.interface = _dbus_strdup (send_interface);
1650 rule->d.send.member = _dbus_strdup (send_member);
1651 rule->d.send.error = _dbus_strdup (send_error);
1652 if (send_destination)
1654 rule->d.send.destination = _dbus_strdup (send_destination);
1655 rule->d.send.destination_prefix = 0;
1657 else if (send_destination_prefix)
1659 rule->d.send.destination = _dbus_strdup (send_destination_prefix);
1660 rule->d.send.destination_prefix = 1;
1662 rule->d.send.max_fds = max_fds;
1663 rule->d.send.min_fds = min_fds;
1665 if (send_path && rule->d.send.path == NULL)
1667 if (send_interface && rule->d.send.interface == NULL)
1669 if (send_member && rule->d.send.member == NULL)
1671 if (send_error && rule->d.send.error == NULL)
1673 if ((send_destination || send_destination_prefix) && rule->d.send.destination == NULL)
1676 else if (any_receive_attribute)
1680 if (IS_WILDCARD (receive_interface))
1681 receive_interface = NULL;
1682 if (IS_WILDCARD (receive_member))
1683 receive_member = NULL;
1684 if (IS_WILDCARD (receive_error))
1685 receive_error = NULL;
1686 if (IS_WILDCARD (receive_sender))
1687 receive_sender = NULL;
1688 if (IS_WILDCARD (receive_path))
1689 receive_path = NULL;
1690 if (IS_WILDCARD (receive_type))
1691 receive_type = NULL;
1693 message_type = DBUS_MESSAGE_TYPE_INVALID;
1694 if (receive_type != NULL)
1696 message_type = dbus_message_type_from_string (receive_type);
1697 if (message_type == DBUS_MESSAGE_TYPE_INVALID)
1699 dbus_set_error (error, DBUS_ERROR_FAILED,
1700 "Bad message type \"%s\"",
1708 !(strcmp (eavesdrop, "true") == 0 ||
1709 strcmp (eavesdrop, "false") == 0))
1711 dbus_set_error (error, DBUS_ERROR_FAILED,
1712 "Bad value \"%s\" for %s attribute, must be true or false",
1713 "eavesdrop", eavesdrop);
1717 if (receive_requested_reply &&
1718 !(strcmp (receive_requested_reply, "true") == 0 ||
1719 strcmp (receive_requested_reply, "false") == 0))
1721 dbus_set_error (error, DBUS_ERROR_FAILED,
1722 "Bad value \"%s\" for %s attribute, must be true or false",
1723 "receive_requested_reply", receive_requested_reply);
1727 if (!parse_int_attribute ("max_fds", max_fds_attr,
1728 0, DBUS_MAXIMUM_MESSAGE_UNIX_FDS,
1729 DBUS_MAXIMUM_MESSAGE_UNIX_FDS, &max_fds,
1731 !parse_int_attribute ("min_fds", min_fds_attr,
1732 0, DBUS_MAXIMUM_MESSAGE_UNIX_FDS, 0, &min_fds,
1736 rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, access);
1741 rule->d.receive.eavesdrop = (strcmp (eavesdrop, "true") == 0);
1743 if (receive_requested_reply)
1744 rule->d.receive.requested_reply = (strcmp (receive_requested_reply, "true") == 0);
1746 rule->d.receive.message_type = message_type;
1747 rule->d.receive.path = _dbus_strdup (receive_path);
1748 rule->d.receive.interface = _dbus_strdup (receive_interface);
1749 rule->d.receive.member = _dbus_strdup (receive_member);
1750 rule->d.receive.error = _dbus_strdup (receive_error);
1751 rule->d.receive.origin = _dbus_strdup (receive_sender);
1752 rule->d.receive.max_fds = max_fds;
1753 rule->d.receive.min_fds = min_fds;
1755 if (receive_path && rule->d.receive.path == NULL)
1757 if (receive_interface && rule->d.receive.interface == NULL)
1759 if (receive_member && rule->d.receive.member == NULL)
1761 if (receive_error && rule->d.receive.error == NULL)
1763 if (receive_sender && rule->d.receive.origin == NULL)
1766 else if (own || own_prefix)
1768 rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, access);
1774 if (IS_WILDCARD (own))
1777 rule->d.own.prefix = 0;
1778 rule->d.own.service_name = _dbus_strdup (own);
1779 if (own && rule->d.own.service_name == NULL)
1784 rule->d.own.prefix = 1;
1785 rule->d.own.service_name = _dbus_strdup (own_prefix);
1786 if (rule->d.own.service_name == NULL)
1792 if (IS_WILDCARD (user))
1794 rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access);
1798 rule->d.user.uid = DBUS_UID_UNSET;
1802 DBusString username;
1805 _dbus_string_init_const (&username, user);
1807 if (_dbus_parse_unix_user_from_config (&username, &uid))
1809 rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access);
1813 rule->d.user.uid = uid;
1817 _dbus_warn ("Unknown username \"%s\" on element <%s>",
1818 user, element_name);
1824 if (IS_WILDCARD (group))
1826 rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access);
1830 rule->d.group.gid = DBUS_GID_UNSET;
1834 DBusString groupname;
1837 _dbus_string_init_const (&groupname, group);
1839 if (_dbus_parse_unix_group_from_config (&groupname, &gid))
1841 rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access);
1845 rule->d.group.gid = gid;
1849 _dbus_warn ("Unknown group \"%s\" on element <%s>",
1850 group, element_name);
1855 _dbus_assert_not_reached ("Did not handle some combination of attributes on <allow> or <deny>");
1861 pe = peek_element (parser);
1862 _dbus_assert (pe != NULL);
1863 _dbus_assert (pe->type == ELEMENT_POLICY);
1865 rule->privilege = _dbus_strdup (privilege);
1866 if (privilege && !rule->privilege)
1869 switch (pe->d.policy.type)
1871 case POLICY_IGNORED:
1873 /* drop the rule on the floor */
1876 case POLICY_DEFAULT:
1877 if (!bus_policy_append_default_rule (parser->policy, rule))
1880 case POLICY_MANDATORY:
1881 if (!bus_policy_append_mandatory_rule (parser->policy, rule))
1885 if (!BUS_POLICY_RULE_IS_PER_CLIENT (rule))
1887 dbus_set_error (error, DBUS_ERROR_FAILED,
1888 "<%s> rule cannot be per-user because it has bus-global semantics",
1893 if (!bus_policy_append_user_rule (parser->policy, pe->d.policy.gid_uid_or_at_console,
1898 if (!BUS_POLICY_RULE_IS_PER_CLIENT (rule))
1900 dbus_set_error (error, DBUS_ERROR_FAILED,
1901 "<%s> rule cannot be per-group because it has bus-global semantics",
1906 if (!bus_policy_append_group_rule (parser->policy, pe->d.policy.gid_uid_or_at_console,
1910 case POLICY_CONSOLE:
1911 if (!bus_policy_append_console_rule (parser->policy, pe->d.policy.gid_uid_or_at_console,
1917 bus_policy_rule_unref (rule);
1924 BUS_SET_OOM (error);
1927 bus_policy_rule_unref (rule);
1932 start_policy_child (BusConfigParser *parser,
1933 const char *element_name,
1934 const char **attribute_names,
1935 const char **attribute_values,
1938 if (strcmp (element_name, "allow") == 0)
1940 if (!append_rule_from_element (parser, element_name,
1941 attribute_names, attribute_values,
1942 BUS_POLICY_RULE_ACCESS_ALLOW, error))
1945 if (push_element (parser, ELEMENT_ALLOW) == NULL)
1947 BUS_SET_OOM (error);
1953 else if (strcmp (element_name, "deny") == 0)
1955 if (!append_rule_from_element (parser, element_name,
1956 attribute_names, attribute_values,
1957 BUS_POLICY_RULE_ACCESS_DENY, error))
1960 if (push_element (parser, ELEMENT_DENY) == NULL)
1962 BUS_SET_OOM (error);
1968 else if (strcmp (element_name, "check") == 0)
1970 if (!append_rule_from_element (parser, element_name,
1971 attribute_names, attribute_values,
1972 BUS_POLICY_RULE_ACCESS_CHECK, error))
1975 if (push_element (parser, ELEMENT_CHECK) == NULL)
1977 BUS_SET_OOM (error);
1985 dbus_set_error (error, DBUS_ERROR_FAILED,
1986 "Element <%s> not allowed inside <%s> in configuration file",
1987 element_name, "policy");
1993 start_selinux_child (BusConfigParser *parser,
1994 const char *element_name,
1995 const char **attribute_names,
1996 const char **attribute_values,
2003 context_copy = NULL;
2005 if (strcmp (element_name, "associate") == 0)
2008 const char *context;
2010 if (!locate_attributes (parser, "associate",
2015 "context", &context,
2019 if (push_element (parser, ELEMENT_ASSOCIATE) == NULL)
2021 BUS_SET_OOM (error);
2025 if (own == NULL || context == NULL)
2027 dbus_set_error (error, DBUS_ERROR_FAILED,
2028 "Element <associate> must have attributes own=\"<servicename>\" and context=\"<selinux context>\"");
2032 own_copy = _dbus_strdup (own);
2033 if (own_copy == NULL)
2035 context_copy = _dbus_strdup (context);
2036 if (context_copy == NULL)
2039 if (!_dbus_hash_table_insert_string (parser->service_context_table,
2040 own_copy, context_copy))
2047 dbus_set_error (error, DBUS_ERROR_FAILED,
2048 "Element <%s> not allowed inside <%s> in configuration file",
2049 element_name, "selinux");
2055 dbus_free (own_copy);
2058 dbus_free (context_copy);
2060 BUS_SET_OOM (error);
2065 bus_config_parser_start_element (BusConfigParser *parser,
2066 const char *element_name,
2067 const char **attribute_names,
2068 const char **attribute_values,
2073 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2075 /* printf ("START: %s\n", element_name); */
2077 t = top_element_type (parser);
2079 if (t == ELEMENT_NONE)
2081 if (strcmp (element_name, "busconfig") == 0)
2083 if (!check_no_attributes (parser, "busconfig", attribute_names, attribute_values, error))
2086 if (push_element (parser, ELEMENT_BUSCONFIG) == NULL)
2088 BUS_SET_OOM (error);
2096 dbus_set_error (error, DBUS_ERROR_FAILED,
2097 "Unknown element <%s> at root of configuration file",
2102 else if (t == ELEMENT_BUSCONFIG)
2104 return start_busconfig_child (parser, element_name,
2105 attribute_names, attribute_values,
2108 else if (t == ELEMENT_POLICY)
2110 return start_policy_child (parser, element_name,
2111 attribute_names, attribute_values,
2114 else if (t == ELEMENT_SELINUX)
2116 return start_selinux_child (parser, element_name,
2117 attribute_names, attribute_values,
2122 dbus_set_error (error, DBUS_ERROR_FAILED,
2123 "Element <%s> is not allowed in this context",
2130 set_limit (BusConfigParser *parser,
2135 dbus_bool_t must_be_positive;
2136 dbus_bool_t must_be_int;
2138 must_be_int = FALSE;
2139 must_be_positive = FALSE;
2141 if (strcmp (name, "max_incoming_bytes") == 0)
2143 must_be_positive = TRUE;
2144 parser->limits.max_incoming_bytes = value;
2146 else if (strcmp (name, "max_incoming_unix_fds") == 0)
2148 must_be_positive = TRUE;
2149 parser->limits.max_incoming_unix_fds = value;
2151 else if (strcmp (name, "max_outgoing_bytes") == 0)
2153 must_be_positive = TRUE;
2154 parser->limits.max_outgoing_bytes = value;
2156 else if (strcmp (name, "max_outgoing_unix_fds") == 0)
2158 must_be_positive = TRUE;
2159 parser->limits.max_outgoing_unix_fds = value;
2161 else if (strcmp (name, "max_message_size") == 0)
2163 must_be_positive = TRUE;
2164 parser->limits.max_message_size = value;
2166 else if (strcmp (name, "max_message_unix_fds") == 0)
2168 must_be_positive = TRUE;
2169 parser->limits.max_message_unix_fds = value;
2171 else if (strcmp (name, "service_start_timeout") == 0)
2173 must_be_positive = TRUE;
2175 parser->limits.activation_timeout = value;
2177 else if (strcmp (name, "auth_timeout") == 0)
2179 must_be_positive = TRUE;
2181 parser->limits.auth_timeout = value;
2183 else if (strcmp (name, "pending_fd_timeout") == 0)
2185 must_be_positive = TRUE;
2187 parser->limits.pending_fd_timeout = value;
2189 else if (strcmp (name, "reply_timeout") == 0)
2191 must_be_positive = TRUE;
2193 parser->limits.reply_timeout = value;
2195 else if (strcmp (name, "max_completed_connections") == 0)
2197 must_be_positive = TRUE;
2199 parser->limits.max_completed_connections = value;
2201 else if (strcmp (name, "max_incomplete_connections") == 0)
2203 must_be_positive = TRUE;
2205 parser->limits.max_incomplete_connections = value;
2207 else if (strcmp (name, "max_connections_per_user") == 0)
2209 must_be_positive = TRUE;
2211 parser->limits.max_connections_per_user = value;
2213 else if (strcmp (name, "max_pending_service_starts") == 0)
2215 must_be_positive = TRUE;
2217 parser->limits.max_pending_activations = value;
2219 else if (strcmp (name, "max_names_per_connection") == 0)
2221 must_be_positive = TRUE;
2223 parser->limits.max_services_per_connection = value;
2225 else if (strcmp (name, "max_match_rules_per_connection") == 0)
2227 must_be_positive = TRUE;
2229 parser->limits.max_match_rules_per_connection = value;
2231 else if (strcmp (name, "max_replies_per_connection") == 0)
2233 must_be_positive = TRUE;
2235 parser->limits.max_replies_per_connection = value;
2239 dbus_set_error (error, DBUS_ERROR_FAILED,
2240 "There is no limit called \"%s\"\n",
2245 if (must_be_positive && value < 0)
2247 dbus_set_error (error, DBUS_ERROR_FAILED,
2248 "<limit name=\"%s\"> must be a positive number\n",
2254 (value < _DBUS_INT_MIN || value > _DBUS_INT_MAX))
2256 dbus_set_error (error, DBUS_ERROR_FAILED,
2257 "<limit name=\"%s\"> value is too large\n",
2266 bus_config_parser_end_element (BusConfigParser *parser,
2267 const char *element_name,
2274 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2276 /* printf ("END: %s\n", element_name); */
2278 t = top_element_type (parser);
2280 if (t == ELEMENT_NONE)
2282 /* should probably be an assertion failure but
2283 * being paranoid about XML parsers
2285 dbus_set_error (error, DBUS_ERROR_FAILED,
2286 "XML parser ended element with no element on the stack");
2290 n = bus_config_parser_element_type_to_name (t);
2291 _dbus_assert (n != NULL);
2292 if (strcmp (n, element_name) != 0)
2294 /* should probably be an assertion failure but
2295 * being paranoid about XML parsers
2297 dbus_set_error (error, DBUS_ERROR_FAILED,
2298 "XML element <%s> ended but topmost element on the stack was <%s>",
2303 e = peek_element (parser);
2304 _dbus_assert (e != NULL);
2310 _dbus_assert_not_reached ("element in stack has no type");
2313 case ELEMENT_INCLUDE:
2315 case ELEMENT_CONFIGTYPE:
2316 case ELEMENT_LISTEN:
2317 case ELEMENT_PIDFILE:
2319 case ELEMENT_SERVICEDIR:
2320 case ELEMENT_SERVICEHELPER:
2321 case ELEMENT_INCLUDEDIR:
2323 if (!e->had_content)
2325 dbus_set_error (error, DBUS_ERROR_FAILED,
2326 "XML element <%s> was expected to have content inside it",
2327 bus_config_parser_element_type_to_name (e->type));
2331 if (e->type == ELEMENT_LIMIT)
2333 if (!set_limit (parser, e->d.limit.name, e->d.limit.value,
2339 case ELEMENT_BUSCONFIG:
2340 case ELEMENT_POLICY:
2345 case ELEMENT_SYSLOG:
2346 case ELEMENT_KEEP_UMASK:
2347 case ELEMENT_SELINUX:
2348 case ELEMENT_ASSOCIATE:
2349 case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
2350 case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS:
2351 case ELEMENT_ALLOW_ANONYMOUS:
2352 case ELEMENT_APPARMOR:
2356 pop_element (parser);
2362 all_whitespace (const DBusString *str)
2366 _dbus_string_skip_white (str, 0, &i);
2368 return i == _dbus_string_get_length (str);
2372 make_full_path (const DBusString *basedir,
2373 const DBusString *filename,
2374 DBusString *full_path)
2376 if (_dbus_path_is_absolute (filename))
2378 if (!_dbus_string_copy (filename, 0, full_path, 0))
2383 if (!_dbus_string_copy (basedir, 0, full_path, 0))
2386 if (!_dbus_concat_dir_and_file (full_path, filename))
2390 if (!_dbus_replace_install_prefix (full_path))
2397 include_file (BusConfigParser *parser,
2398 const DBusString *filename,
2399 dbus_bool_t ignore_missing,
2402 /* FIXME good test case for this would load each config file in the
2403 * test suite both alone, and as an include, and check
2404 * that the result is the same
2406 BusConfigParser *included;
2407 const char *filename_str;
2408 DBusError tmp_error;
2410 dbus_error_init (&tmp_error);
2412 filename_str = _dbus_string_get_const_data (filename);
2414 /* Check to make sure this file hasn't already been included. */
2415 if (seen_include (parser, filename))
2417 dbus_set_error (error, DBUS_ERROR_FAILED,
2418 "Circular inclusion of file '%s'",
2423 if (! _dbus_list_append (&parser->included_files, (void *) filename_str))
2425 BUS_SET_OOM (error);
2429 /* Since parser is passed in as the parent, included
2430 inherits parser's limits. */
2431 included = bus_config_load (filename, FALSE, parser, &tmp_error);
2433 _dbus_list_pop_last (&parser->included_files);
2435 if (included == NULL)
2437 _DBUS_ASSERT_ERROR_IS_SET (&tmp_error);
2439 if (dbus_error_has_name (&tmp_error, DBUS_ERROR_FILE_NOT_FOUND) &&
2442 dbus_error_free (&tmp_error);
2447 dbus_move_error (&tmp_error, error);
2453 _DBUS_ASSERT_ERROR_IS_CLEAR (&tmp_error);
2455 if (!merge_included (parser, included, error))
2457 bus_config_parser_unref (included);
2461 /* Copy included's limits back to parser. */
2462 parser->limits = included->limits;
2464 bus_config_parser_unref (included);
2470 servicehelper_path (BusConfigParser *parser,
2471 const DBusString *filename,
2474 const char *filename_str;
2475 char *servicehelper;
2477 filename_str = _dbus_string_get_const_data (filename);
2479 /* copy to avoid overwriting with NULL on OOM */
2480 servicehelper = _dbus_strdup (filename_str);
2483 if (servicehelper == NULL)
2485 BUS_SET_OOM (error);
2489 /* save the latest servicehelper only if not OOM */
2490 dbus_free (parser->servicehelper);
2491 parser->servicehelper = servicehelper;
2493 /* We don't check whether the helper exists; instead we
2494 * would just fail to ever activate anything if it doesn't.
2495 * This allows an admin to fix the problem if it doesn't exist.
2496 * It also allows the parser test suite to successfully parse
2497 * test cases without installing the helper. ;-)
2504 include_dir (BusConfigParser *parser,
2505 const DBusString *dirname,
2508 DBusString filename;
2510 DBusError tmp_error;
2514 if (!_dbus_string_init (&filename))
2516 BUS_SET_OOM (error);
2522 dir = _dbus_directory_open (dirname, error);
2526 if (dbus_error_has_name (error, DBUS_ERROR_FILE_NOT_FOUND))
2528 dbus_error_free (error);
2535 dbus_error_init (&tmp_error);
2536 while (_dbus_directory_get_next_file (dir, &filename, &tmp_error))
2538 DBusString full_path;
2540 if (!_dbus_string_init (&full_path))
2542 BUS_SET_OOM (error);
2546 if (!_dbus_string_copy (dirname, 0, &full_path, 0))
2548 BUS_SET_OOM (error);
2549 _dbus_string_free (&full_path);
2553 if (!_dbus_concat_dir_and_file (&full_path, &filename))
2555 BUS_SET_OOM (error);
2556 _dbus_string_free (&full_path);
2560 if (_dbus_string_ends_with_c_str (&full_path, ".conf"))
2562 if (!include_file (parser, &full_path, TRUE, error))
2564 if (dbus_error_is_set (error))
2566 /* We use both syslog and stderr here, because this is
2567 * the configuration parser, so we don't yet know whether
2568 * this bus is going to want to write to syslog! Err on
2569 * the side of making sure the message gets to the sysadmin
2571 _dbus_init_system_log ("dbus-daemon",
2572 DBUS_LOG_FLAGS_STDERR | DBUS_LOG_FLAGS_SYSTEM_LOG);
2573 _dbus_log (DBUS_SYSTEM_LOG_INFO,
2574 "Encountered error '%s' while parsing '%s'",
2576 _dbus_string_get_const_data (&full_path));
2577 dbus_error_free (error);
2582 _dbus_string_free (&full_path);
2585 if (dbus_error_is_set (&tmp_error))
2587 dbus_move_error (&tmp_error, error);
2592 if (!_dbus_string_copy_data (dirname, &s))
2594 BUS_SET_OOM (error);
2598 if (!_dbus_list_append (&parser->conf_dirs, s))
2601 BUS_SET_OOM (error);
2609 _dbus_string_free (&filename);
2612 _dbus_directory_close (dir);
2618 bus_config_parser_content (BusConfigParser *parser,
2619 const DBusString *content,
2624 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2630 _dbus_string_get_const_data (content, &c_str);
2632 printf ("CONTENT %d bytes: %s\n", _dbus_string_get_length (content), c_str);
2636 e = peek_element (parser);
2639 dbus_set_error (error, DBUS_ERROR_FAILED,
2640 "Text content outside of any XML element in configuration file");
2643 else if (e->had_content)
2645 _dbus_assert_not_reached ("Element had multiple content blocks");
2649 switch (top_element_type (parser))
2653 _dbus_assert_not_reached ("element at top of stack has no type");
2656 case ELEMENT_BUSCONFIG:
2657 case ELEMENT_POLICY:
2662 case ELEMENT_SYSLOG:
2663 case ELEMENT_KEEP_UMASK:
2664 case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
2665 case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS:
2666 case ELEMENT_ALLOW_ANONYMOUS:
2667 case ELEMENT_SELINUX:
2668 case ELEMENT_ASSOCIATE:
2669 case ELEMENT_APPARMOR:
2670 if (all_whitespace (content))
2674 dbus_set_error (error, DBUS_ERROR_FAILED,
2675 "No text content expected inside XML element %s in configuration file",
2676 bus_config_parser_element_type_to_name (top_element_type (parser)));
2680 case ELEMENT_PIDFILE:
2684 e->had_content = TRUE;
2686 if (!_dbus_string_copy_data (content, &s))
2689 dbus_free (parser->pidfile);
2690 parser->pidfile = s;
2694 case ELEMENT_INCLUDE:
2696 DBusString full_path, selinux_policy_root;
2698 e->had_content = TRUE;
2700 if (e->d.include.if_selinux_enabled
2701 && !bus_selinux_enabled ())
2704 if (!_dbus_string_init (&full_path))
2707 if (e->d.include.selinux_root_relative)
2709 if (!bus_selinux_get_policy_root ())
2711 dbus_set_error (error, DBUS_ERROR_FAILED,
2712 "Could not determine SELinux policy root for relative inclusion");
2713 _dbus_string_free (&full_path);
2716 _dbus_string_init_const (&selinux_policy_root,
2717 bus_selinux_get_policy_root ());
2718 if (!make_full_path (&selinux_policy_root, content, &full_path))
2720 _dbus_string_free (&full_path);
2724 else if (!make_full_path (&parser->basedir, content, &full_path))
2726 _dbus_string_free (&full_path);
2730 if (!include_file (parser, &full_path,
2731 e->d.include.ignore_missing, error))
2733 _dbus_string_free (&full_path);
2737 _dbus_string_free (&full_path);
2741 case ELEMENT_SERVICEHELPER:
2743 DBusString full_path;
2745 e->had_content = TRUE;
2747 if (!_dbus_string_init (&full_path))
2750 if (!make_full_path (&parser->basedir, content, &full_path))
2752 _dbus_string_free (&full_path);
2756 if (!servicehelper_path (parser, &full_path, error))
2758 _dbus_string_free (&full_path);
2762 _dbus_string_free (&full_path);
2766 case ELEMENT_INCLUDEDIR:
2768 DBusString full_path;
2770 e->had_content = TRUE;
2772 if (!_dbus_string_init (&full_path))
2775 if (!make_full_path (&parser->basedir, content, &full_path))
2777 _dbus_string_free (&full_path);
2781 if (!include_dir (parser, &full_path, error))
2783 _dbus_string_free (&full_path);
2787 _dbus_string_free (&full_path);
2795 e->had_content = TRUE;
2797 if (!_dbus_string_copy_data (content, &s))
2800 dbus_free (parser->user);
2805 case ELEMENT_CONFIGTYPE:
2809 e->had_content = TRUE;
2811 if (!_dbus_string_copy_data (content, &s))
2814 dbus_free (parser->bus_type);
2815 parser->bus_type = s;
2819 case ELEMENT_LISTEN:
2823 e->had_content = TRUE;
2825 if (!_dbus_string_copy_data (content, &s))
2828 if (!_dbus_list_append (&parser->listen_on,
2841 e->had_content = TRUE;
2843 if (!_dbus_string_copy_data (content, &s))
2846 if (!_dbus_list_append (&parser->mechanisms,
2855 case ELEMENT_SERVICEDIR:
2858 BusConfigServiceDir *dir;
2859 DBusString full_path;
2862 e->had_content = TRUE;
2864 if (!_dbus_string_init (&full_path))
2867 if (!make_full_path (&parser->basedir, content, &full_path))
2869 _dbus_string_free (&full_path);
2873 if (!_dbus_string_copy_data (&full_path, &s))
2875 _dbus_string_free (&full_path);
2879 /* <servicedir/> has traditionally implied that we watch the
2880 * directory with inotify, and allow service files whose names do not
2881 * match the bus name */
2882 dir = bus_config_service_dir_new_take (s, BUS_SERVICE_DIR_FLAGS_NONE);
2886 _dbus_string_free (&full_path);
2891 link = _dbus_list_alloc_link (dir);
2895 _dbus_string_free (&full_path);
2896 bus_config_service_dir_free (dir);
2901 service_dirs_append_link_unique_or_free (&parser->service_dirs, link);
2902 _dbus_string_free (&full_path);
2910 e->had_content = TRUE;
2913 if (!_dbus_string_parse_int (content, 0, &val, NULL))
2915 dbus_set_error (error, DBUS_ERROR_FAILED,
2916 "<limit name=\"%s\"> element has invalid value (could not parse as integer)",
2921 e->d.limit.value = val;
2923 _dbus_verbose ("Loaded value %ld for limit %s\n",
2930 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2934 BUS_SET_OOM (error);
2939 bus_config_parser_finished (BusConfigParser *parser,
2942 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2944 if (parser->stack != NULL)
2946 dbus_set_error (error, DBUS_ERROR_FAILED,
2947 "Element <%s> was not closed in configuration file",
2948 bus_config_parser_element_type_to_name (top_element_type (parser)));
2953 if (parser->is_toplevel && parser->listen_on == NULL)
2955 dbus_set_error (error, DBUS_ERROR_FAILED,
2956 "Configuration file needs one or more <listen> elements giving addresses");
2964 bus_config_parser_get_user (BusConfigParser *parser)
2966 return parser->user;
2970 bus_config_parser_get_type (BusConfigParser *parser)
2972 return parser->bus_type;
2976 bus_config_parser_get_addresses (BusConfigParser *parser)
2978 return &parser->listen_on;
2982 bus_config_parser_get_mechanisms (BusConfigParser *parser)
2984 return &parser->mechanisms;
2988 bus_config_parser_get_service_dirs (BusConfigParser *parser)
2990 return &parser->service_dirs;
2994 bus_config_parser_get_conf_dirs (BusConfigParser *parser)
2996 return &parser->conf_dirs;
3000 bus_config_parser_get_fork (BusConfigParser *parser)
3002 return parser->fork;
3006 bus_config_parser_get_syslog (BusConfigParser *parser)
3008 return parser->syslog;
3012 bus_config_parser_get_keep_umask (BusConfigParser *parser)
3014 return parser->keep_umask;
3018 bus_config_parser_get_allow_anonymous (BusConfigParser *parser)
3020 return parser->allow_anonymous;
3024 bus_config_parser_get_pidfile (BusConfigParser *parser)
3026 return parser->pidfile;
3030 bus_config_parser_get_servicehelper (BusConfigParser *parser)
3032 return parser->servicehelper;
3036 bus_config_parser_steal_policy (BusConfigParser *parser)
3040 _dbus_assert (parser->policy != NULL); /* can only steal the policy 1 time */
3042 policy = parser->policy;
3044 parser->policy = NULL;
3049 /* Overwrite any limits that were set in the configuration file */
3051 bus_config_parser_get_limits (BusConfigParser *parser,
3054 *limits = parser->limits;
3058 bus_config_parser_steal_service_context_table (BusConfigParser *parser)
3060 DBusHashTable *table;
3062 _dbus_assert (parser->service_context_table != NULL); /* can only steal once */
3064 table = parser->service_context_table;
3066 parser->service_context_table = NULL;
3072 * Return a list of the directories that should be watched with inotify,
3073 * as strings. The list might be empty and is in arbitrary order.
3075 * The list must be empty on entry. On success, the links are owned by the
3076 * caller and must be freed, but the data in each link remains owned by
3077 * the BusConfigParser and must not be freed: in GObject-Introspection
3078 * notation, it is (transfer container).
3081 bus_config_parser_get_watched_dirs (BusConfigParser *parser,
3082 DBusList **watched_dirs)
3086 _dbus_assert (*watched_dirs == NULL);
3088 for (link = _dbus_list_get_first_link (&parser->conf_dirs);
3090 link = _dbus_list_get_next_link (&parser->conf_dirs, link))
3092 if (!_dbus_list_append (watched_dirs, link->data))
3096 for (link = _dbus_list_get_first_link (&parser->service_dirs);
3098 link = _dbus_list_get_next_link (&parser->service_dirs, link))
3100 BusConfigServiceDir *dir = link->data;
3102 if (dir->flags & BUS_SERVICE_DIR_FLAGS_NO_WATCH)
3105 if (!_dbus_list_append (watched_dirs, dir->path))
3112 _dbus_list_clear (watched_dirs);
3116 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
3127 do_check_own_rules (BusPolicy *policy)
3131 dbus_bool_t allowed;
3133 {"org.freedesktop", FALSE},
3134 {"org.freedesktop.ManySystem", FALSE},
3135 {"org.freedesktop.ManySystems", TRUE},
3136 {"org.freedesktop.ManySystems.foo", TRUE},
3137 {"org.freedesktop.ManySystems.foo.bar", TRUE},
3138 {"org.freedesktop.ManySystems2", FALSE},
3139 {"org.freedesktop.ManySystems2.foo", FALSE},
3140 {"org.freedesktop.ManySystems2.foo.bar", FALSE},
3145 while (checks[i].name)
3147 DBusString service_name;
3150 if (!_dbus_string_init (&service_name))
3151 _dbus_assert_not_reached ("couldn't init string");
3152 if (!_dbus_string_append (&service_name, checks[i].name))
3153 _dbus_assert_not_reached ("couldn't append string");
3155 ret = bus_policy_check_can_own (policy, &service_name);
3156 printf (" Check name %s: %s\n", checks[i].name,
3157 ret ? "allowed" : "not allowed");
3158 if (checks[i].allowed && !ret)
3160 _dbus_warn ("Cannot own %s", checks[i].name);
3163 if (!checks[i].allowed && ret)
3165 _dbus_warn ("Can own %s", checks[i].name);
3168 _dbus_string_free (&service_name);
3177 do_load (const DBusString *full_path,
3179 dbus_bool_t oom_possible,
3180 dbus_bool_t check_own_rules)
3182 BusConfigParser *parser;
3185 dbus_error_init (&error);
3187 parser = bus_config_load (full_path, TRUE, NULL, &error);
3188 if (dbus_error_is_set (&error))
3189 _dbus_verbose ("Failed to load file: %s\n", error.message);
3192 _DBUS_ASSERT_ERROR_IS_SET (&error);
3195 dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY))
3197 _dbus_verbose ("Failed to load valid file due to OOM\n");
3198 dbus_error_free (&error);
3201 else if (validity == VALID)
3203 _dbus_warn ("Failed to load valid file but still had memory: %s",
3206 dbus_error_free (&error);
3211 dbus_error_free (&error);
3217 _DBUS_ASSERT_ERROR_IS_CLEAR (&error);
3219 if (check_own_rules && do_check_own_rules (parser->policy) == FALSE)
3224 bus_config_parser_unref (parser);
3226 if (validity == INVALID)
3228 _dbus_warn ("Accepted invalid file");
3238 const DBusString *full_path;
3240 dbus_bool_t check_own_rules;
3244 check_loader_oom_func (void *data)
3246 LoaderOomData *d = data;
3248 return do_load (d->full_path, d->validity, TRUE, d->check_own_rules);
3252 process_test_valid_subdir (const DBusString *test_base_dir,
3256 DBusString test_directory;
3257 DBusString filename;
3265 if (!_dbus_string_init (&test_directory))
3266 _dbus_assert_not_reached ("didn't allocate test_directory");
3268 _dbus_string_init_const (&filename, subdir);
3270 if (!_dbus_string_copy (test_base_dir, 0,
3271 &test_directory, 0))
3272 _dbus_assert_not_reached ("couldn't copy test_base_dir to test_directory");
3274 if (!_dbus_concat_dir_and_file (&test_directory, &filename))
3275 _dbus_assert_not_reached ("couldn't allocate full path");
3277 _dbus_string_free (&filename);
3278 if (!_dbus_string_init (&filename))
3279 _dbus_assert_not_reached ("didn't allocate filename string");
3281 dbus_error_init (&error);
3282 dir = _dbus_directory_open (&test_directory, &error);
3285 _dbus_warn ("Could not open %s: %s",
3286 _dbus_string_get_const_data (&test_directory),
3288 dbus_error_free (&error);
3292 if (validity == VALID)
3293 printf ("Testing valid files:\n");
3294 else if (validity == INVALID)
3295 printf ("Testing invalid files:\n");
3297 printf ("Testing unknown files:\n");
3300 while (_dbus_directory_get_next_file (dir, &filename, &error))
3302 DBusString full_path;
3305 if (!_dbus_string_init (&full_path))
3306 _dbus_assert_not_reached ("couldn't init string");
3308 if (!_dbus_string_copy (&test_directory, 0, &full_path, 0))
3309 _dbus_assert_not_reached ("couldn't copy dir to full_path");
3311 if (!_dbus_concat_dir_and_file (&full_path, &filename))
3312 _dbus_assert_not_reached ("couldn't concat file to dir");
3314 if (!_dbus_string_ends_with_c_str (&full_path, ".conf"))
3316 _dbus_verbose ("Skipping non-.conf file %s\n",
3317 _dbus_string_get_const_data (&filename));
3318 _dbus_string_free (&full_path);
3322 printf (" %s\n", _dbus_string_get_const_data (&filename));
3324 _dbus_verbose (" expecting %s\n",
3325 validity == VALID ? "valid" :
3326 (validity == INVALID ? "invalid" :
3327 (validity == UNKNOWN ? "unknown" : "???")));
3329 d.full_path = &full_path;
3330 d.validity = validity;
3331 d.check_own_rules = _dbus_string_ends_with_c_str (&full_path,
3332 "check-own-rules.conf");
3334 /* FIXME hackaround for an expat problem, see
3335 * https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124747
3336 * http://freedesktop.org/pipermail/dbus/2004-May/001153.html
3338 /* if (!_dbus_test_oom_handling ("config-loader", check_loader_oom_func, &d)) */
3339 if (!check_loader_oom_func (&d))
3340 _dbus_assert_not_reached ("test failed");
3342 _dbus_string_free (&full_path);
3345 if (dbus_error_is_set (&error))
3347 _dbus_warn ("Could not get next file in %s: %s",
3348 _dbus_string_get_const_data (&test_directory),
3350 dbus_error_free (&error);
3359 _dbus_directory_close (dir);
3360 _dbus_string_free (&test_directory);
3361 _dbus_string_free (&filename);
3367 bools_equal (dbus_bool_t a,
3374 strings_equal_or_both_null (const char *a,
3377 if (a == NULL || b == NULL)
3380 return !strcmp (a, b);
3384 elements_equal (const Element *a,
3387 if (a->type != b->type)
3390 if (!bools_equal (a->had_content, b->had_content))
3396 case ELEMENT_INCLUDE:
3397 if (!bools_equal (a->d.include.ignore_missing,
3398 b->d.include.ignore_missing))
3402 case ELEMENT_POLICY:
3403 if (a->d.policy.type != b->d.policy.type)
3405 if (a->d.policy.gid_uid_or_at_console != b->d.policy.gid_uid_or_at_console)
3410 if (strcmp (a->d.limit.name, b->d.limit.name))
3412 if (a->d.limit.value != b->d.limit.value)
3417 case ELEMENT_BUSCONFIG:
3419 case ELEMENT_LISTEN:
3424 case ELEMENT_PIDFILE:
3425 case ELEMENT_SERVICEDIR:
3426 case ELEMENT_SERVICEHELPER:
3427 case ELEMENT_INCLUDEDIR:
3428 case ELEMENT_CONFIGTYPE:
3429 case ELEMENT_SELINUX:
3430 case ELEMENT_ASSOCIATE:
3431 case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
3432 case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS:
3433 case ELEMENT_KEEP_UMASK:
3434 case ELEMENT_SYSLOG:
3435 case ELEMENT_ALLOW_ANONYMOUS:
3436 case ELEMENT_APPARMOR:
3438 /* do nothing: nothing in the Element struct for these types */
3447 lists_of_elements_equal (DBusList *a,
3456 while (ia != NULL && ib != NULL)
3458 if (elements_equal (ia->data, ib->data))
3460 ia = _dbus_list_get_next_link (&a, ia);
3461 ib = _dbus_list_get_next_link (&b, ib);
3464 return ia == NULL && ib == NULL;
3468 lists_of_c_strings_equal (DBusList *a,
3477 while (ia != NULL && ib != NULL)
3479 if (strcmp (ia->data, ib->data))
3481 ia = _dbus_list_get_next_link (&a, ia);
3482 ib = _dbus_list_get_next_link (&b, ib);
3485 return ia == NULL && ib == NULL;
3489 lists_of_service_dirs_equal (DBusList *a,
3498 while (ia != NULL && ib != NULL)
3500 BusConfigServiceDir *da = ia->data;
3501 BusConfigServiceDir *db = ib->data;
3503 if (strcmp (da->path, db->path))
3506 if (da->flags != db->flags)
3509 ia = _dbus_list_get_next_link (&a, ia);
3510 ib = _dbus_list_get_next_link (&b, ib);
3513 return ia == NULL && ib == NULL;
3517 limits_equal (const BusLimits *a,
3521 (a->max_incoming_bytes == b->max_incoming_bytes
3522 || a->max_incoming_unix_fds == b->max_incoming_unix_fds
3523 || a->max_outgoing_bytes == b->max_outgoing_bytes
3524 || a->max_outgoing_unix_fds == b->max_outgoing_unix_fds
3525 || a->max_message_size == b->max_message_size
3526 || a->max_message_unix_fds == b->max_message_unix_fds
3527 || a->activation_timeout == b->activation_timeout
3528 || a->auth_timeout == b->auth_timeout
3529 || a->pending_fd_timeout == b->pending_fd_timeout
3530 || a->max_completed_connections == b->max_completed_connections
3531 || a->max_incomplete_connections == b->max_incomplete_connections
3532 || a->max_connections_per_user == b->max_connections_per_user
3533 || a->max_pending_activations == b->max_pending_activations
3534 || a->max_services_per_connection == b->max_services_per_connection
3535 || a->max_match_rules_per_connection == b->max_match_rules_per_connection
3536 || a->max_replies_per_connection == b->max_replies_per_connection
3537 || a->reply_timeout == b->reply_timeout);
3541 config_parsers_equal (const BusConfigParser *a,
3542 const BusConfigParser *b)
3544 if (!_dbus_string_equal (&a->basedir, &b->basedir))
3547 if (!lists_of_elements_equal (a->stack, b->stack))
3550 if (!strings_equal_or_both_null (a->user, b->user))
3553 if (!lists_of_c_strings_equal (a->listen_on, b->listen_on))
3556 if (!lists_of_c_strings_equal (a->mechanisms, b->mechanisms))
3559 if (!lists_of_service_dirs_equal (a->service_dirs, b->service_dirs))
3562 /* FIXME: compare policy */
3564 /* FIXME: compare service selinux ID table */
3566 if (! limits_equal (&a->limits, &b->limits))
3569 if (!strings_equal_or_both_null (a->pidfile, b->pidfile))
3572 if (! bools_equal (a->fork, b->fork))
3575 if (! bools_equal (a->keep_umask, b->keep_umask))
3578 if (! bools_equal (a->is_toplevel, b->is_toplevel))
3585 all_are_equiv (const DBusString *target_directory)
3587 DBusString filename;
3589 BusConfigParser *first_parser;
3590 BusConfigParser *parser;
3596 first_parser = NULL;
3600 if (!_dbus_string_init (&filename))
3601 _dbus_assert_not_reached ("didn't allocate filename string");
3603 dbus_error_init (&error);
3604 dir = _dbus_directory_open (target_directory, &error);
3607 _dbus_warn ("Could not open %s: %s",
3608 _dbus_string_get_const_data (target_directory),
3610 dbus_error_free (&error);
3614 printf ("Comparing equivalent files:\n");
3617 while (_dbus_directory_get_next_file (dir, &filename, &error))
3619 DBusString full_path;
3621 if (!_dbus_string_init (&full_path))
3622 _dbus_assert_not_reached ("couldn't init string");
3624 if (!_dbus_string_copy (target_directory, 0, &full_path, 0))
3625 _dbus_assert_not_reached ("couldn't copy dir to full_path");
3627 if (!_dbus_concat_dir_and_file (&full_path, &filename))
3628 _dbus_assert_not_reached ("couldn't concat file to dir");
3630 if (!_dbus_string_ends_with_c_str (&full_path, ".conf"))
3632 _dbus_verbose ("Skipping non-.conf file %s\n",
3633 _dbus_string_get_const_data (&filename));
3634 _dbus_string_free (&full_path);
3638 printf (" %s\n", _dbus_string_get_const_data (&filename));
3640 parser = bus_config_load (&full_path, TRUE, NULL, &error);
3644 _dbus_warn ("Could not load file %s: %s",
3645 _dbus_string_get_const_data (&full_path),
3647 _dbus_string_free (&full_path);
3648 dbus_error_free (&error);
3651 else if (first_parser == NULL)
3653 _dbus_string_free (&full_path);
3654 first_parser = parser;
3658 _dbus_string_free (&full_path);
3659 equal = config_parsers_equal (first_parser, parser);
3660 bus_config_parser_unref (parser);
3669 _dbus_string_free (&filename);
3671 bus_config_parser_unref (first_parser);
3673 _dbus_directory_close (dir);
3680 process_test_equiv_subdir (const DBusString *test_base_dir,
3683 DBusString test_directory;
3684 DBusString filename;
3693 if (!_dbus_string_init (&test_directory))
3694 _dbus_assert_not_reached ("didn't allocate test_directory");
3696 _dbus_string_init_const (&filename, subdir);
3698 if (!_dbus_string_copy (test_base_dir, 0,
3699 &test_directory, 0))
3700 _dbus_assert_not_reached ("couldn't copy test_base_dir to test_directory");
3702 if (!_dbus_concat_dir_and_file (&test_directory, &filename))
3703 _dbus_assert_not_reached ("couldn't allocate full path");
3705 _dbus_string_free (&filename);
3706 if (!_dbus_string_init (&filename))
3707 _dbus_assert_not_reached ("didn't allocate filename string");
3709 dbus_error_init (&error);
3710 dir = _dbus_directory_open (&test_directory, &error);
3713 _dbus_warn ("Could not open %s: %s",
3714 _dbus_string_get_const_data (&test_directory),
3716 dbus_error_free (&error);
3720 while (_dbus_directory_get_next_file (dir, &filename, &error))
3722 DBusString full_path;
3724 /* Skip CVS's magic directories! */
3725 if (_dbus_string_equal_c_str (&filename, "CVS"))
3728 if (!_dbus_string_init (&full_path))
3729 _dbus_assert_not_reached ("couldn't init string");
3731 if (!_dbus_string_copy (&test_directory, 0, &full_path, 0))
3732 _dbus_assert_not_reached ("couldn't copy dir to full_path");
3734 if (!_dbus_concat_dir_and_file (&full_path, &filename))
3735 _dbus_assert_not_reached ("couldn't concat file to dir");
3737 equal = all_are_equiv (&full_path);
3738 _dbus_string_free (&full_path);
3747 _dbus_string_free (&test_directory);
3748 _dbus_string_free (&filename);
3750 _dbus_directory_close (dir);
3756 static const char *test_session_service_dir_matches[] =
3758 /* will be filled in test_default_session_servicedirs() */
3760 NULL, /* install root-based */
3761 NULL, /* CommonProgramFiles-based */
3763 NULL, /* XDG_RUNTIME_DIR-based */
3764 NULL, /* XDG_DATA_HOME-based */
3765 NULL, /* XDG_DATA_DIRS-based */
3766 NULL, /* XDG_DATA_DIRS-based */
3767 DBUS_DATADIR "/dbus-1/services",
3773 test_default_session_servicedirs (const DBusString *test_base_dir)
3775 BusConfigParser *parser = NULL;
3776 DBusError error = DBUS_ERROR_INIT;
3778 DBusList *watched_dirs = NULL;
3781 DBusString full_path;
3783 DBusString install_root_based;
3784 DBusString runtime_dir_based;
3785 DBusString data_home_based;
3786 DBusString data_dirs_based;
3787 DBusString data_dirs_based2;
3789 dbus_bool_t ret = FALSE;
3791 const char *common_progs;
3793 const char *dbus_test_builddir;
3794 const char *xdg_data_home;
3795 const char *xdg_runtime_dir;
3798 /* On each platform we don't actually use all of these, but it's easier to
3799 * handle the deallocation if we always allocate them, whether needed or
3801 if (!_dbus_string_init (&full_path) ||
3802 !_dbus_string_init (&progs) ||
3803 !_dbus_string_init (&install_root_based) ||
3804 !_dbus_string_init (&runtime_dir_based) ||
3805 !_dbus_string_init (&data_home_based) ||
3806 !_dbus_string_init (&data_dirs_based) ||
3807 !_dbus_string_init (&data_dirs_based2))
3808 _dbus_assert_not_reached ("OOM allocating strings");
3810 if (!_dbus_string_copy (test_base_dir, 0,
3812 _dbus_assert_not_reached ("couldn't copy test_base_dir to full_path");
3814 _dbus_string_init_const (&tmp, "valid-config-files");
3816 if (!_dbus_concat_dir_and_file (&full_path, &tmp))
3817 _dbus_assert_not_reached ("couldn't allocate full path");
3819 _dbus_string_init_const (&tmp, "standard-session-dirs.conf");
3821 if (!_dbus_concat_dir_and_file (&full_path, &tmp))
3822 _dbus_assert_not_reached ("couldn't allocate full path");
3825 if (!_dbus_string_append (&install_root_based, DBUS_DATADIR) ||
3826 !_dbus_string_append (&install_root_based, "/dbus-1/services") ||
3827 !_dbus_replace_install_prefix (&install_root_based))
3830 _dbus_assert (_dbus_path_is_absolute (&install_root_based));
3832 test_session_service_dir_matches[0] = _dbus_string_get_const_data (
3833 &install_root_based);
3835 common_progs = _dbus_getenv ("CommonProgramFiles");
3839 if (!_dbus_string_append (&progs, common_progs))
3842 if (!_dbus_string_append (&progs, "/dbus-1/services"))
3845 test_session_service_dir_matches[1] = _dbus_string_get_const_data(&progs);
3848 dbus_test_builddir = _dbus_getenv ("DBUS_TEST_BUILDDIR");
3849 xdg_data_home = _dbus_getenv ("XDG_DATA_HOME");
3850 xdg_runtime_dir = _dbus_getenv ("XDG_RUNTIME_DIR");
3852 if (dbus_test_builddir == NULL || xdg_data_home == NULL ||
3853 xdg_runtime_dir == NULL)
3855 printf ("Not testing default session service directories because a "
3856 "build-time testing environment variable is not set: "
3857 "see AM_TESTS_ENVIRONMENT in tests/Makefile.am\n");
3862 if (!_dbus_string_append (&data_dirs_based, dbus_test_builddir) ||
3863 !_dbus_string_append (&data_dirs_based, "/XDG_DATA_DIRS/dbus-1/services") ||
3864 !_dbus_string_append (&data_dirs_based2, dbus_test_builddir) ||
3865 !_dbus_string_append (&data_dirs_based2, "/XDG_DATA_DIRS2/dbus-1/services") ||
3866 !_dbus_string_append (&runtime_dir_based, xdg_runtime_dir) ||
3867 !_dbus_string_append (&data_home_based, xdg_data_home) ||
3868 !_dbus_string_append (&data_home_based, "/dbus-1/services"))
3869 _dbus_assert_not_reached ("out of memory");
3871 if (!_dbus_ensure_directory (&runtime_dir_based, NULL))
3872 _dbus_assert_not_reached ("Unable to create fake XDG_RUNTIME_DIR");
3874 if (!_dbus_string_append (&runtime_dir_based, "/dbus-1/services"))
3875 _dbus_assert_not_reached ("out of memory");
3877 /* Sanity check: the Makefile sets this up. We assume that if this is
3878 * right, the XDG_DATA_DIRS will be too. */
3879 if (!_dbus_string_starts_with_c_str (&data_home_based, dbus_test_builddir))
3880 _dbus_assert_not_reached ("$XDG_DATA_HOME should start with $DBUS_TEST_BUILDDIR");
3882 if (!_dbus_string_starts_with_c_str (&runtime_dir_based, dbus_test_builddir))
3883 _dbus_assert_not_reached ("$XDG_RUNTIME_DIR should start with $DBUS_TEST_BUILDDIR");
3885 test_session_service_dir_matches[0] = _dbus_string_get_const_data (
3886 &runtime_dir_based);
3887 test_session_service_dir_matches[1] = _dbus_string_get_const_data (
3889 test_session_service_dir_matches[2] = _dbus_string_get_const_data (
3891 test_session_service_dir_matches[3] = _dbus_string_get_const_data (
3895 parser = bus_config_load (&full_path, TRUE, NULL, &error);
3898 _dbus_assert_not_reached (error.message);
3900 dirs = bus_config_parser_get_service_dirs (parser);
3902 for (link = _dbus_list_get_first_link (dirs), i = 0;
3904 link = _dbus_list_get_next_link (dirs, link), i++)
3906 BusConfigServiceDir *dir = link->data;
3907 BusServiceDirFlags expected = BUS_SERVICE_DIR_FLAGS_NONE;
3909 printf (" test service dir: '%s'\n", dir->path);
3910 printf (" current standard service dir: '%s'\n", test_session_service_dir_matches[i]);
3911 if (test_session_service_dir_matches[i] == NULL)
3913 printf ("more directories parsed than in match set\n");
3917 if (strcmp (test_session_service_dir_matches[i], dir->path) != 0)
3919 printf ("'%s' directory does not match '%s' in the match set\n",
3920 dir->path, test_session_service_dir_matches[i]);
3925 /* On Unix we expect the first directory in the search path to be
3926 * in the XDG_RUNTIME_DIR, and we expect it to have special flags */
3928 expected = (BUS_SERVICE_DIR_FLAGS_NO_WATCH |
3929 BUS_SERVICE_DIR_FLAGS_STRICT_NAMING);
3932 if (dir->flags != expected)
3934 printf ("'%s' directory has flags 0x%x, should be 0x%x\n",
3935 dir->path, dir->flags, expected);
3940 if (test_session_service_dir_matches[i] != NULL)
3942 printf ("extra data %s in the match set was not matched\n",
3943 test_session_service_dir_matches[i]);
3947 if (!bus_config_parser_get_watched_dirs (parser, &watched_dirs))
3948 _dbus_assert_not_reached ("out of memory");
3951 /* We expect all directories to be watched (not that it matters on Windows,
3952 * because we don't know how) */
3955 /* We expect all directories except the first to be watched, because
3956 * the first one is transient */
3960 for (link = _dbus_list_get_first_link (&watched_dirs);
3962 link = _dbus_list_get_next_link (&watched_dirs, link), i++)
3964 printf (" watched service dir: '%s'\n", (const char *) link->data);
3965 printf (" current standard service dir: '%s'\n",
3966 test_session_service_dir_matches[i]);
3968 if (test_session_service_dir_matches[i] == NULL)
3970 printf ("more directories parsed than in match set\n");
3974 if (strcmp (test_session_service_dir_matches[i],
3975 (const char *) link->data) != 0)
3977 printf ("'%s' directory does not match '%s' in the match set\n",
3978 (const char *) link->data,
3979 test_session_service_dir_matches[i]);
3984 if (test_session_service_dir_matches[i] != NULL)
3986 printf ("extra data %s in the match set was not matched\n",
3987 test_session_service_dir_matches[i]);
3995 bus_config_parser_unref (parser);
3997 _dbus_list_clear (&watched_dirs);
3998 _dbus_string_free (&full_path);
3999 _dbus_string_free (&install_root_based);
4000 _dbus_string_free (&progs);
4001 _dbus_string_free (&runtime_dir_based);
4002 _dbus_string_free (&data_home_based);
4003 _dbus_string_free (&data_dirs_based);
4004 _dbus_string_free (&data_dirs_based2);
4009 static const char *test_system_service_dir_matches[] =
4011 "/usr/local/share/dbus-1/system-services",
4012 "/usr/share/dbus-1/system-services",
4013 DBUS_DATADIR"/dbus-1/system-services",
4014 "/lib/dbus-1/system-services",
4019 test_default_system_servicedirs (void)
4027 if (!_dbus_get_standard_system_servicedirs (&dirs))
4028 _dbus_assert_not_reached ("couldn't get stardard dirs");
4030 /* make sure we read and parse the env variable correctly */
4032 while ((link = _dbus_list_pop_first_link (&dirs)))
4034 printf (" test service dir: %s\n", (char *)link->data);
4035 if (test_system_service_dir_matches[i] == NULL)
4037 printf ("more directories parsed than in match set\n");
4038 dbus_free (link->data);
4039 _dbus_list_free_link (link);
4043 if (strcmp (test_system_service_dir_matches[i],
4044 (char *)link->data) != 0)
4046 printf ("%s directory does not match %s in the match set\n",
4048 test_system_service_dir_matches[i]);
4049 dbus_free (link->data);
4050 _dbus_list_free_link (link);
4056 dbus_free (link->data);
4057 _dbus_list_free_link (link);
4060 if (test_system_service_dir_matches[i] != NULL)
4062 printf ("extra data %s in the match set was not matched\n",
4063 test_system_service_dir_matches[i]);
4073 bus_config_parser_test (const DBusString *test_data_dir)
4075 if (test_data_dir == NULL ||
4076 _dbus_string_get_length (test_data_dir) == 0)
4078 printf ("No test data\n");
4082 if (!test_default_session_servicedirs (test_data_dir))
4086 printf("default system service dir skipped\n");
4088 if (!test_default_system_servicedirs())
4092 if (!process_test_valid_subdir (test_data_dir, "valid-config-files", VALID))
4096 if (!process_test_valid_subdir (test_data_dir, "valid-config-files-system", VALID))
4100 if (!process_test_valid_subdir (test_data_dir, "invalid-config-files", INVALID))
4103 if (!process_test_equiv_subdir (test_data_dir, "equiv-config-files"))
4109 #endif /* DBUS_ENABLE_EMBEDDED_TESTS */