1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-sysdeps-util-unix.c Would be in dbus-sysdeps-unix.c, but not used in libdbus
4 * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc.
5 * Copyright (C) 2003 CodeFactory AB
7 * Licensed under the Academic Free License version 2.1
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
26 #include "dbus-sysdeps.h"
27 #include "dbus-sysdeps-unix.h"
28 #include "dbus-internals.h"
29 #include "dbus-list.h"
30 #include "dbus-pipe.h"
31 #include "dbus-protocol.h"
32 #include "dbus-string.h"
33 #define DBUS_USERDB_INCLUDES_PRIVATE 1
34 #include "dbus-userdb.h"
35 #include "dbus-test.h"
37 #include <sys/types.h>
46 #ifdef HAVE_SYS_RESOURCE_H
47 #include <sys/resource.h>
50 #include <sys/socket.h>
54 #ifdef HAVE_SYS_SYSLIMITS_H
55 #include <sys/syslimits.h>
59 #include <systemd/sd-daemon.h>
67 * @addtogroup DBusInternalsUtils
73 * Does the chdir, fork, setsid, etc. to become a daemon process.
75 * @param pidfile #NULL, or pidfile to create
76 * @param print_pid_pipe pipe to print daemon's pid to, or -1 for none
77 * @param error return location for errors
78 * @param keep_umask #TRUE to keep the original umask
79 * @returns #FALSE on failure
82 _dbus_become_daemon (const DBusString *pidfile,
83 DBusPipe *print_pid_pipe,
85 dbus_bool_t keep_umask)
89 DBusEnsureStandardFdsFlags flags;
91 _dbus_verbose ("Becoming a daemon...\n");
93 _dbus_verbose ("chdir to /\n");
96 dbus_set_error (error, DBUS_ERROR_FAILED,
97 "Could not chdir() to root directory");
101 _dbus_verbose ("forking...\n");
102 switch ((child_pid = fork ()))
105 _dbus_verbose ("fork failed\n");
106 dbus_set_error (error, _dbus_error_from_errno (errno),
107 "Failed to fork daemon: %s", _dbus_strerror (errno));
112 _dbus_verbose ("in child, closing std file descriptors\n");
114 flags = DBUS_FORCE_STDIN_NULL | DBUS_FORCE_STDOUT_NULL;
115 s = _dbus_getenv ("DBUS_DEBUG_OUTPUT");
117 if (s == NULL || *s == '\0')
118 flags |= DBUS_FORCE_STDERR_NULL;
120 _dbus_verbose ("keeping stderr open due to DBUS_DEBUG_OUTPUT\n");
122 if (!_dbus_ensure_standard_fds (flags, &s))
124 _dbus_warn ("%s: %s", s, _dbus_strerror (errno));
130 /* Get a predictable umask */
131 _dbus_verbose ("setting umask\n");
135 _dbus_verbose ("calling setsid()\n");
137 _dbus_assert_not_reached ("setsid() failed");
142 if (!_dbus_write_pid_to_file_and_pipe (pidfile, print_pid_pipe,
145 _dbus_verbose ("pid file or pipe write failed: %s\n",
147 kill (child_pid, SIGTERM);
151 _dbus_verbose ("parent exiting\n");
161 * Creates a file containing the process ID.
163 * @param filename the filename to write to
164 * @param pid our process ID
165 * @param error return location for errors
166 * @returns #FALSE on failure
169 _dbus_write_pid_file (const DBusString *filename,
173 const char *cfilename;
177 cfilename = _dbus_string_get_const_data (filename);
179 fd = open (cfilename, O_WRONLY|O_CREAT|O_EXCL|O_BINARY, 0644);
183 dbus_set_error (error, _dbus_error_from_errno (errno),
184 "Failed to open \"%s\": %s", cfilename,
185 _dbus_strerror (errno));
189 if ((f = fdopen (fd, "w")) == NULL)
191 dbus_set_error (error, _dbus_error_from_errno (errno),
192 "Failed to fdopen fd %d: %s", fd, _dbus_strerror (errno));
193 _dbus_close (fd, NULL);
197 if (fprintf (f, "%lu\n", pid) < 0)
199 dbus_set_error (error, _dbus_error_from_errno (errno),
200 "Failed to write to \"%s\": %s", cfilename,
201 _dbus_strerror (errno));
207 if (fclose (f) == EOF)
209 dbus_set_error (error, _dbus_error_from_errno (errno),
210 "Failed to close \"%s\": %s", cfilename,
211 _dbus_strerror (errno));
219 * Writes the given pid_to_write to a pidfile (if non-NULL) and/or to a
220 * pipe (if non-NULL). Does nothing if pidfile and print_pid_pipe are both
223 * @param pidfile the file to write to or #NULL
224 * @param print_pid_pipe the pipe to write to or #NULL
225 * @param pid_to_write the pid to write out
226 * @param error error on failure
227 * @returns FALSE if error is set
230 _dbus_write_pid_to_file_and_pipe (const DBusString *pidfile,
231 DBusPipe *print_pid_pipe,
232 dbus_pid_t pid_to_write,
237 _dbus_verbose ("writing pid file %s\n", _dbus_string_get_const_data (pidfile));
238 if (!_dbus_write_pid_file (pidfile,
242 _dbus_verbose ("pid file write failed\n");
243 _DBUS_ASSERT_ERROR_IS_SET(error);
249 _dbus_verbose ("No pid file requested\n");
252 if (print_pid_pipe != NULL && _dbus_pipe_is_valid (print_pid_pipe))
257 _dbus_verbose ("writing our pid to pipe %d\n",
260 if (!_dbus_string_init (&pid))
262 _DBUS_SET_OOM (error);
266 if (!_dbus_string_append_int (&pid, pid_to_write) ||
267 !_dbus_string_append (&pid, "\n"))
269 _dbus_string_free (&pid);
270 _DBUS_SET_OOM (error);
274 bytes = _dbus_string_get_length (&pid);
275 if (_dbus_pipe_write (print_pid_pipe, &pid, 0, bytes, error) != bytes)
277 /* _dbus_pipe_write sets error only on failure, not short write */
278 if (error != NULL && !dbus_error_is_set(error))
280 dbus_set_error (error, DBUS_ERROR_FAILED,
281 "Printing message bus PID: did not write enough bytes\n");
283 _dbus_string_free (&pid);
287 _dbus_string_free (&pid);
291 _dbus_verbose ("No pid pipe to write to\n");
298 * Verify that after the fork we can successfully change to this user.
300 * @param user the username given in the daemon configuration
301 * @returns #TRUE if username is valid
304 _dbus_verify_daemon_user (const char *user)
308 _dbus_string_init_const (&u, user);
310 return _dbus_get_user_id_and_primary_group (&u, NULL, NULL);
314 /* The HAVE_LIBAUDIT case lives in selinux.c */
315 #ifndef HAVE_LIBAUDIT
317 * Changes the user and group the bus is running as.
319 * @param user the user to become
320 * @param error return location for errors
321 * @returns #FALSE on failure
324 _dbus_change_to_daemon_user (const char *user,
331 _dbus_string_init_const (&u, user);
333 if (!_dbus_get_user_id_and_primary_group (&u, &uid, &gid))
335 dbus_set_error (error, DBUS_ERROR_FAILED,
336 "User '%s' does not appear to exist?",
341 /* setgroups() only works if we are a privileged process,
342 * so we don't return error on failure; the only possible
343 * failure is that we don't have perms to do it.
345 * not sure this is right, maybe if setuid()
346 * is going to work then setgroups() should also work.
348 if (setgroups (0, NULL) < 0)
349 _dbus_warn ("Failed to drop supplementary groups: %s",
350 _dbus_strerror (errno));
352 /* Set GID first, or the setuid may remove our permission
355 if (setgid (gid) < 0)
357 dbus_set_error (error, _dbus_error_from_errno (errno),
358 "Failed to set GID to %lu: %s", gid,
359 _dbus_strerror (errno));
363 if (setuid (uid) < 0)
365 dbus_set_error (error, _dbus_error_from_errno (errno),
366 "Failed to set UID to %lu: %s", uid,
367 _dbus_strerror (errno));
373 #endif /* !HAVE_LIBAUDIT */
375 #ifdef HAVE_SETRLIMIT
377 /* We assume that if we have setrlimit, we also have getrlimit and
386 _dbus_rlimit_save_fd_limit (DBusError *error)
390 self = dbus_new0 (DBusRLimit, 1);
394 _DBUS_SET_OOM (error);
398 if (getrlimit (RLIMIT_NOFILE, &self->lim) < 0)
400 dbus_set_error (error, _dbus_error_from_errno (errno),
401 "Failed to get fd limit: %s", _dbus_strerror (errno));
409 /* Enough fds that we shouldn't run out, even if several uids work
410 * together to carry out a denial-of-service attack. This happens to be
411 * the same number that systemd < 234 would normally use. */
412 #define ENOUGH_FDS 65536
415 _dbus_rlimit_raise_fd_limit (DBusError *error)
417 struct rlimit old, lim;
419 if (getrlimit (RLIMIT_NOFILE, &lim) < 0)
421 dbus_set_error (error, _dbus_error_from_errno (errno),
422 "Failed to get fd limit: %s", _dbus_strerror (errno));
430 /* We are privileged, so raise the soft limit to at least
431 * ENOUGH_FDS, and the hard limit to at least the desired soft
432 * limit. This assumes we can exercise CAP_SYS_RESOURCE on Linux,
433 * or other OSs' equivalents. */
434 if (lim.rlim_cur != RLIM_INFINITY &&
435 lim.rlim_cur < ENOUGH_FDS)
436 lim.rlim_cur = ENOUGH_FDS;
438 if (lim.rlim_max != RLIM_INFINITY &&
439 lim.rlim_max < lim.rlim_cur)
440 lim.rlim_max = lim.rlim_cur;
443 /* Raise the soft limit to match the hard limit, which we can do even
444 * if we are unprivileged. In particular, systemd >= 240 will normally
445 * set rlim_cur to 1024 and rlim_max to 512*1024, recent Debian
446 * versions end up setting rlim_cur to 1024 and rlim_max to 1024*1024,
447 * and older and non-systemd Linux systems would typically set rlim_cur
448 * to 1024 and rlim_max to 4096. */
449 if (lim.rlim_max == RLIM_INFINITY || lim.rlim_cur < lim.rlim_max)
450 lim.rlim_cur = lim.rlim_max;
452 /* Early-return if there is nothing to do. */
453 if (lim.rlim_max == old.rlim_max &&
454 lim.rlim_cur == old.rlim_cur)
457 if (setrlimit (RLIMIT_NOFILE, &lim) < 0)
459 dbus_set_error (error, _dbus_error_from_errno (errno),
460 "Failed to set fd limit to %lu: %s",
461 (unsigned long) lim.rlim_cur,
462 _dbus_strerror (errno));
470 _dbus_rlimit_restore_fd_limit (DBusRLimit *saved,
473 if (setrlimit (RLIMIT_NOFILE, &saved->lim) < 0)
475 dbus_set_error (error, _dbus_error_from_errno (errno),
476 "Failed to restore old fd limit: %s",
477 _dbus_strerror (errno));
484 #else /* !HAVE_SETRLIMIT */
487 fd_limit_not_supported (DBusError *error)
489 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
490 "cannot change fd limit on this platform");
494 _dbus_rlimit_save_fd_limit (DBusError *error)
496 fd_limit_not_supported (error);
501 _dbus_rlimit_raise_fd_limit (DBusError *error)
503 fd_limit_not_supported (error);
508 _dbus_rlimit_restore_fd_limit (DBusRLimit *saved,
511 fd_limit_not_supported (error);
518 _dbus_rlimit_free (DBusRLimit *lim)
523 /** Installs a UNIX signal handler
525 * @param sig the signal to handle
526 * @param handler the handler
529 _dbus_set_signal_handler (int sig,
530 DBusSignalHandler handler)
532 struct sigaction act;
535 sigemptyset (&empty_mask);
536 act.sa_handler = handler;
537 act.sa_mask = empty_mask;
539 sigaction (sig, &act, NULL);
542 /** Checks if a file exists
544 * @param file full path to the file
545 * @returns #TRUE if file exists
548 _dbus_file_exists (const char *file)
550 return (access (file, F_OK) == 0);
553 /** Checks if user is at the console
555 * @param username user to check
556 * @param error return location for errors
557 * @returns #TRUE is the user is at the consolei and there are no errors
560 _dbus_user_at_console (const char *username,
563 #ifdef DBUS_CONSOLE_AUTH_DIR
568 if (!_dbus_string_init (&f))
570 _DBUS_SET_OOM (error);
574 if (!_dbus_string_append (&f, DBUS_CONSOLE_AUTH_DIR))
576 _DBUS_SET_OOM (error);
580 _dbus_string_init_const (&u, username);
582 if (!_dbus_concat_dir_and_file (&f, &u))
584 _DBUS_SET_OOM (error);
588 result = _dbus_file_exists (_dbus_string_get_const_data (&f));
591 _dbus_string_free (&f);
601 * Checks whether the filename is an absolute path
603 * @param filename the filename
604 * @returns #TRUE if an absolute path
607 _dbus_path_is_absolute (const DBusString *filename)
609 if (_dbus_string_get_length (filename) > 0)
610 return _dbus_string_get_byte (filename, 0) == '/';
618 * @param filename the filename to stat
619 * @param statbuf the stat info to fill in
620 * @param error return location for error
621 * @returns #FALSE if error was set
624 _dbus_stat (const DBusString *filename,
628 const char *filename_c;
631 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
633 filename_c = _dbus_string_get_const_data (filename);
635 if (stat (filename_c, &sb) < 0)
637 dbus_set_error (error, _dbus_error_from_errno (errno),
638 "%s", _dbus_strerror (errno));
642 statbuf->mode = sb.st_mode;
643 statbuf->nlink = sb.st_nlink;
644 statbuf->uid = sb.st_uid;
645 statbuf->gid = sb.st_gid;
646 statbuf->size = sb.st_size;
647 statbuf->atime = sb.st_atime;
648 statbuf->mtime = sb.st_mtime;
649 statbuf->ctime = sb.st_ctime;
656 * Internals of directory iterator
660 DIR *d; /**< The DIR* from opendir() */
665 * Open a directory to iterate over.
667 * @param filename the directory name
668 * @param error exception return object or #NULL
669 * @returns new iterator, or #NULL on error
672 _dbus_directory_open (const DBusString *filename,
677 const char *filename_c;
679 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
681 filename_c = _dbus_string_get_const_data (filename);
683 d = opendir (filename_c);
686 dbus_set_error (error, _dbus_error_from_errno (errno),
687 "Failed to read directory \"%s\": %s",
689 _dbus_strerror (errno));
692 iter = dbus_new0 (DBusDirIter, 1);
696 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
697 "Could not allocate memory for directory iterator");
707 * Get next file in the directory. Will not return "." or ".." on
708 * UNIX. If an error occurs, the contents of "filename" are
709 * undefined. The error is never set if the function succeeds.
711 * This function is not re-entrant, and not necessarily thread-safe.
712 * Only use it for test code or single-threaded utilities.
714 * @param iter the iterator
715 * @param filename string to be set to the next file in the dir
716 * @param error return location for error
717 * @returns #TRUE if filename was filled in with a new filename
720 _dbus_directory_get_next_file (DBusDirIter *iter,
721 DBusString *filename,
727 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
731 ent = readdir (iter->d);
738 dbus_set_error (error,
739 _dbus_error_from_errno (err),
740 "%s", _dbus_strerror (err));
744 else if (ent->d_name[0] == '.' &&
745 (ent->d_name[1] == '\0' ||
746 (ent->d_name[1] == '.' && ent->d_name[2] == '\0')))
750 _dbus_string_set_length (filename, 0);
751 if (!_dbus_string_append (filename, ent->d_name))
753 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
754 "No memory to read directory entry");
765 * Closes a directory iteration.
768 _dbus_directory_close (DBusDirIter *iter)
775 fill_user_info_from_group (struct group *g,
779 _dbus_assert (g->gr_name != NULL);
781 info->gid = g->gr_gid;
782 info->groupname = _dbus_strdup (g->gr_name);
784 /* info->members = dbus_strdupv (g->gr_mem) */
786 if (info->groupname == NULL)
788 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
796 fill_group_info (DBusGroupInfo *info,
798 const DBusString *groupname,
801 const char *group_c_str;
803 _dbus_assert (groupname != NULL || gid != DBUS_GID_UNSET);
804 _dbus_assert (groupname == NULL || gid == DBUS_GID_UNSET);
807 group_c_str = _dbus_string_get_const_data (groupname);
811 /* For now assuming that the getgrnam() and getgrgid() flavors
812 * always correspond to the pwnam flavors, if not we have
813 * to add more configure checks.
816 #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
825 /* retrieve maximum needed size for buf */
826 buflen = sysconf (_SC_GETGR_R_SIZE_MAX);
828 /* sysconf actually returns a long, but everything else expects size_t,
829 * so just recast here.
830 * https://bugs.freedesktop.org/show_bug.cgi?id=17061
832 if ((long) buflen <= 0)
838 buf = dbus_malloc (buflen);
841 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
846 #ifdef HAVE_POSIX_GETPWNAM_R
848 result = getgrnam_r (group_c_str, &g_str, buf, buflen,
851 result = getgrgid_r (gid, &g_str, buf, buflen,
854 g = getgrnam_r (group_c_str, &g_str, buf, buflen);
856 #endif /* !HAVE_POSIX_GETPWNAM_R */
857 /* Try a bigger buffer if ERANGE was returned:
858 https://bugs.freedesktop.org/show_bug.cgi?id=16727
860 if (result == ERANGE && buflen < 512 * 1024)
871 if (result == 0 && g == &g_str)
873 b = fill_user_info_from_group (g, info, error);
879 dbus_set_error (error, _dbus_error_from_errno (errno),
880 "Group %s unknown or failed to look it up\n",
881 group_c_str ? group_c_str : "???");
886 #else /* ! HAVE_GETPWNAM_R */
888 /* I guess we're screwed on thread safety here */
891 g = getgrnam (group_c_str);
895 return fill_user_info_from_group (g, info, error);
899 dbus_set_error (error, _dbus_error_from_errno (errno),
900 "Group %s unknown or failed to look it up\n",
901 group_c_str ? group_c_str : "???");
905 #endif /* ! HAVE_GETPWNAM_R */
909 * Initializes the given DBusGroupInfo struct
910 * with information about the given group name.
912 * @param info the group info struct
913 * @param groupname name of group
914 * @param error the error return
915 * @returns #FALSE if error is set
918 _dbus_group_info_fill (DBusGroupInfo *info,
919 const DBusString *groupname,
922 return fill_group_info (info, DBUS_GID_UNSET,
928 * Initializes the given DBusGroupInfo struct
929 * with information about the given group ID.
931 * @param info the group info struct
932 * @param gid group ID
933 * @param error the error return
934 * @returns #FALSE if error is set
937 _dbus_group_info_fill_gid (DBusGroupInfo *info,
941 return fill_group_info (info, gid, NULL, error);
945 * Parse a UNIX user from the bus config file. On Windows, this should
946 * simply always fail (just return #FALSE).
948 * @param username the username text
949 * @param uid_p place to return the uid
950 * @returns #TRUE on success
953 _dbus_parse_unix_user_from_config (const DBusString *username,
956 return _dbus_get_user_id (username, uid_p);
961 * Parse a UNIX group from the bus config file. On Windows, this should
962 * simply always fail (just return #FALSE).
964 * @param groupname the groupname text
965 * @param gid_p place to return the gid
966 * @returns #TRUE on success
969 _dbus_parse_unix_group_from_config (const DBusString *groupname,
972 return _dbus_get_group_id (groupname, gid_p);
976 * Gets all groups corresponding to the given UNIX user ID. On UNIX,
977 * just calls _dbus_groups_from_uid(). On Windows, should always
978 * fail since we don't know any UNIX groups.
981 * @param group_ids return location for array of group IDs
982 * @param n_group_ids return location for length of returned array
983 * @returns #TRUE if the UID existed and we got some credentials
986 _dbus_unix_groups_from_uid (dbus_uid_t uid,
987 dbus_gid_t **group_ids,
990 return _dbus_groups_from_uid (uid, group_ids, n_group_ids);
994 * Checks to see if the UNIX user ID is at the console.
995 * Should always fail on Windows (set the error to
996 * #DBUS_ERROR_NOT_SUPPORTED).
998 * @param uid UID of person to check
999 * @param error return location for errors
1000 * @returns #TRUE if the UID is the same as the console user and there are no errors
1003 _dbus_unix_user_is_at_console (dbus_uid_t uid,
1006 return _dbus_is_console_user (uid, error);
1011 * Checks to see if the UNIX user ID matches the UID of
1012 * the process. Should always return #FALSE on Windows.
1014 * @param uid the UNIX user ID
1015 * @returns #TRUE if this uid owns the process.
1018 _dbus_unix_user_is_process_owner (dbus_uid_t uid)
1020 return uid == _dbus_geteuid ();
1024 * Checks to see if the Windows user SID matches the owner of
1025 * the process. Should always return #FALSE on UNIX.
1027 * @param windows_sid the Windows user SID
1028 * @returns #TRUE if this user owns the process.
1031 _dbus_windows_user_is_process_owner (const char *windows_sid)
1036 /** @} */ /* End of DBusInternalsUtils functions */
1039 * @addtogroup DBusString
1044 * Get the directory name from a complete filename
1045 * @param filename the filename
1046 * @param dirname string to append directory name to
1047 * @returns #FALSE if no memory
1050 _dbus_string_get_dirname (const DBusString *filename,
1051 DBusString *dirname)
1055 _dbus_assert (filename != dirname);
1056 _dbus_assert (filename != NULL);
1057 _dbus_assert (dirname != NULL);
1059 /* Ignore any separators on the end */
1060 sep = _dbus_string_get_length (filename);
1062 return _dbus_string_append (dirname, "."); /* empty string passed in */
1064 while (sep > 0 && _dbus_string_get_byte (filename, sep - 1) == '/')
1067 _dbus_assert (sep >= 0);
1070 return _dbus_string_append (dirname, "/");
1072 /* Now find the previous separator */
1073 _dbus_string_find_byte_backward (filename, sep, '/', &sep);
1075 return _dbus_string_append (dirname, ".");
1077 /* skip multiple separators */
1078 while (sep > 0 && _dbus_string_get_byte (filename, sep - 1) == '/')
1081 _dbus_assert (sep >= 0);
1084 _dbus_string_get_byte (filename, 0) == '/')
1085 return _dbus_string_append (dirname, "/");
1087 return _dbus_string_copy_len (filename, 0, sep - 0,
1088 dirname, _dbus_string_get_length (dirname));
1090 /** @} */ /* DBusString stuff */
1093 string_squash_nonprintable (DBusString *str)
1098 buf = _dbus_string_get_udata (str);
1099 len = _dbus_string_get_length (str);
1101 for (i = 0; i < len; i++)
1103 unsigned char c = (unsigned char) buf[i];
1106 else if (c < 0x20 || c > 127)
1112 * Get a printable string describing the command used to execute
1113 * the process with pid. This string should only be used for
1114 * informative purposes such as logging; it may not be trusted.
1116 * The command is guaranteed to be printable ASCII and no longer
1119 * @param pid Process id
1120 * @param str Append command to this string
1121 * @param max_len Maximum length of returned command
1122 * @param error return location for errors
1123 * @returns #FALSE on error
1126 _dbus_command_for_pid (unsigned long pid,
1131 /* This is all Linux-specific for now */
1136 if (!_dbus_string_init (&path))
1138 _DBUS_SET_OOM (error);
1142 if (!_dbus_string_init (&cmdline))
1144 _DBUS_SET_OOM (error);
1145 _dbus_string_free (&path);
1149 if (!_dbus_string_append_printf (&path, "/proc/%ld/cmdline", pid))
1152 fd = open (_dbus_string_get_const_data (&path), O_RDONLY);
1155 dbus_set_error (error,
1156 _dbus_error_from_errno (errno),
1157 "Failed to open \"%s\": %s",
1158 _dbus_string_get_const_data (&path),
1159 _dbus_strerror (errno));
1163 if (!_dbus_read (fd, &cmdline, max_len))
1165 dbus_set_error (error,
1166 _dbus_error_from_errno (errno),
1167 "Failed to read from \"%s\": %s",
1168 _dbus_string_get_const_data (&path),
1169 _dbus_strerror (errno));
1170 _dbus_close (fd, NULL);
1174 if (!_dbus_close (fd, error))
1177 string_squash_nonprintable (&cmdline);
1179 if (!_dbus_string_copy (&cmdline, 0, str, _dbus_string_get_length (str)))
1182 _dbus_string_free (&cmdline);
1183 _dbus_string_free (&path);
1186 _DBUS_SET_OOM (error);
1188 _dbus_string_free (&cmdline);
1189 _dbus_string_free (&path);
1194 * Replace the DBUS_PREFIX in the given path, in-place, by the
1195 * current D-Bus installation directory. On Unix this function
1196 * does nothing, successfully.
1198 * @param path path to edit
1199 * @return #FALSE on OOM
1202 _dbus_replace_install_prefix (DBusString *path)
1208 ensure_owned_directory (const char *label,
1209 const DBusString *string,
1213 const char *dir = _dbus_string_get_const_data (string);
1216 if (create && !_dbus_ensure_directory (string, error))
1220 * The stat()-based checks in this function are to protect against
1221 * mistakes, not malice. We are working in a directory that is meant
1222 * to be trusted; but if a user has used `su` or similar to escalate
1223 * their privileges without correctly clearing the environment, the
1224 * XDG_RUNTIME_DIR in the environment might still be the user's
1225 * and not root's. We don't want to write root-owned files into that
1226 * directory, so just warn and don't provide support for transient
1227 * services in that case.
1229 * In particular, we use stat() and not lstat() so that if we later
1230 * decide to use a different directory name for transient services,
1231 * we can drop in a compatibility symlink without breaking older
1235 if (stat (dir, &buf) != 0)
1237 int saved_errno = errno;
1239 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1240 "%s \"%s\" not available: %s", label, dir,
1241 _dbus_strerror (saved_errno));
1245 if (!S_ISDIR (buf.st_mode))
1247 dbus_set_error (error, DBUS_ERROR_FAILED, "%s \"%s\" is not a directory",
1252 if (buf.st_uid != geteuid ())
1254 dbus_set_error (error, DBUS_ERROR_FAILED,
1255 "%s \"%s\" is owned by uid %ld, not our uid %ld",
1256 label, dir, (long) buf.st_uid, (long) geteuid ());
1260 /* This is just because we have the stat() results already, so we might
1261 * as well check opportunistically. */
1262 if ((S_IWOTH | S_IWGRP) & buf.st_mode)
1264 dbus_set_error (error, DBUS_ERROR_FAILED,
1265 "%s \"%s\" can be written by others (mode 0%o)",
1266 label, dir, buf.st_mode);
1273 #define DBUS_UNIX_STANDARD_SESSION_SERVICEDIR "/dbus-1/services"
1274 #define DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR "/dbus-1/system-services"
1277 * Returns the standard directories for a session bus to look for
1278 * transient service activation files.
1280 * @param dirs the directory list we are returning
1281 * @returns #FALSE on error
1284 _dbus_set_up_transient_session_servicedirs (DBusList **dirs,
1287 const char *xdg_runtime_dir;
1288 DBusString services;
1291 dbus_bool_t ret = FALSE;
1294 if (!_dbus_string_init (&dbus1))
1296 _DBUS_SET_OOM (error);
1300 if (!_dbus_string_init (&services))
1302 _dbus_string_free (&dbus1);
1303 _DBUS_SET_OOM (error);
1307 if (!_dbus_string_init (&xrd))
1309 _dbus_string_free (&dbus1);
1310 _dbus_string_free (&services);
1311 _DBUS_SET_OOM (error);
1315 xdg_runtime_dir = _dbus_getenv ("XDG_RUNTIME_DIR");
1317 /* Not an error, we just can't have transient session services */
1318 if (xdg_runtime_dir == NULL)
1320 _dbus_verbose ("XDG_RUNTIME_DIR is unset: transient session services "
1321 "not available here\n");
1326 if (!_dbus_string_append (&xrd, xdg_runtime_dir) ||
1327 !_dbus_string_append_printf (&dbus1, "%s/dbus-1",
1329 !_dbus_string_append_printf (&services, "%s/dbus-1/services",
1332 _DBUS_SET_OOM (error);
1336 if (!ensure_owned_directory ("XDG_RUNTIME_DIR", &xrd, FALSE, error) ||
1337 !ensure_owned_directory ("XDG_RUNTIME_DIR subdirectory", &dbus1, TRUE,
1339 !ensure_owned_directory ("XDG_RUNTIME_DIR subdirectory", &services,
1343 if (!_dbus_string_steal_data (&services, &data) ||
1344 !_dbus_list_append (dirs, data))
1346 _DBUS_SET_OOM (error);
1350 _dbus_verbose ("Transient service directory is %s\n", data);
1351 /* Ownership was transferred to @dirs */
1356 _dbus_string_free (&dbus1);
1357 _dbus_string_free (&services);
1358 _dbus_string_free (&xrd);
1364 * Returns the standard directories for a session bus to look for service
1367 * On UNIX this should be the standard xdg freedesktop.org data directories:
1369 * XDG_DATA_HOME=${XDG_DATA_HOME-$HOME/.local/share}
1370 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
1376 * @param dirs the directory list we are returning
1377 * @returns #FALSE on OOM
1381 _dbus_get_standard_session_servicedirs (DBusList **dirs)
1383 const char *xdg_data_home;
1384 const char *xdg_data_dirs;
1385 DBusString servicedir_path;
1387 if (!_dbus_string_init (&servicedir_path))
1390 xdg_data_home = _dbus_getenv ("XDG_DATA_HOME");
1391 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
1393 if (xdg_data_home != NULL)
1395 if (!_dbus_string_append (&servicedir_path, xdg_data_home))
1400 const DBusString *homedir;
1401 DBusString local_share;
1403 if (!_dbus_homedir_from_current_process (&homedir))
1406 if (!_dbus_string_append (&servicedir_path, _dbus_string_get_const_data (homedir)))
1409 _dbus_string_init_const (&local_share, "/.local/share");
1410 if (!_dbus_concat_dir_and_file (&servicedir_path, &local_share))
1414 if (!_dbus_string_append (&servicedir_path, ":"))
1417 if (xdg_data_dirs != NULL)
1419 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
1422 if (!_dbus_string_append (&servicedir_path, ":"))
1427 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
1432 * add configured datadir to defaults
1433 * this may be the same as an xdg dir
1434 * however the config parser should take
1435 * care of duplicates
1437 if (!_dbus_string_append (&servicedir_path, DBUS_DATADIR))
1440 if (!_dbus_split_paths_and_append (&servicedir_path,
1441 DBUS_UNIX_STANDARD_SESSION_SERVICEDIR,
1445 _dbus_string_free (&servicedir_path);
1449 _dbus_string_free (&servicedir_path);
1455 * Returns the standard directories for a system bus to look for service
1458 * On UNIX this should be the standard xdg freedesktop.org data directories:
1460 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
1466 * On Windows there is no system bus and this function can return nothing.
1468 * @param dirs the directory list we are returning
1469 * @returns #FALSE on OOM
1473 _dbus_get_standard_system_servicedirs (DBusList **dirs)
1476 * DBUS_DATADIR may be the same as one of the standard directories. However,
1477 * the config parser should take care of the duplicates.
1479 * Also, append /lib as counterpart of /usr/share on the root
1480 * directory (the root directory does not know /share), in order to
1481 * facilitate early boot system bus activation where /usr might not
1484 static const char standard_search_path[] =
1489 DBusString servicedir_path;
1491 _dbus_string_init_const (&servicedir_path, standard_search_path);
1493 return _dbus_split_paths_and_append (&servicedir_path,
1494 DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR,
1499 * Get the absolute path of the system.conf file
1500 * (there is no system bus on Windows so this can just
1501 * return FALSE and print a warning or something)
1503 * @param str the string to append to, which must be empty on entry
1504 * @returns #FALSE if no memory
1507 _dbus_get_system_config_file (DBusString *str)
1509 _dbus_assert (_dbus_string_get_length (str) == 0);
1511 return _dbus_string_append (str, DBUS_SYSTEM_CONFIG_FILE);
1515 * Get the absolute path of the session.conf file.
1517 * @param str the string to append to, which must be empty on entry
1518 * @returns #FALSE if no memory
1521 _dbus_get_session_config_file (DBusString *str)
1523 _dbus_assert (_dbus_string_get_length (str) == 0);
1525 return _dbus_string_append (str, DBUS_SESSION_CONFIG_FILE);
1528 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
1531 * Set uid to a machine-readable authentication identity (numeric Unix
1532 * uid or ConvertSidToStringSid-style Windows SID) that is likely to exist,
1533 * and differs from the identity of the current process.
1535 * @param uid Populated with a machine-readable authentication identity
1537 * @returns #FALSE if no memory
1540 _dbus_test_append_different_uid (DBusString *uid)
1542 if (geteuid () == 0)
1543 return _dbus_string_append (uid, "65534");
1545 return _dbus_string_append (uid, "0");
1549 * Set uid to a human-readable authentication identity (login name)
1550 * that is likely to exist, and differs from the identity of the current
1551 * process. This function currently only exists on Unix platforms.
1553 * @param uid Populated with a machine-readable authentication identity
1555 * @returns #FALSE if no memory
1558 _dbus_test_append_different_username (DBusString *username)
1560 if (geteuid () == 0)
1561 return _dbus_string_append (username, "nobody");
1563 return _dbus_string_append (username, "root");