1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-sysdeps-util-unix.c Would be in dbus-sysdeps-unix.c, but not used in libdbus
4 * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc.
5 * Copyright (C) 2003 CodeFactory AB
7 * Licensed under the Academic Free License version 2.1
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
26 #include "dbus-sysdeps.h"
27 #include "dbus-sysdeps-unix.h"
28 #include "dbus-internals.h"
29 #include "dbus-list.h"
30 #include "dbus-pipe.h"
31 #include "dbus-protocol.h"
32 #include "dbus-string.h"
33 #define DBUS_USERDB_INCLUDES_PRIVATE 1
34 #include "dbus-userdb.h"
35 #include "dbus-test.h"
37 #include <sys/types.h>
46 #ifdef HAVE_SYS_RESOURCE_H
47 #include <sys/resource.h>
50 #include <sys/socket.h>
54 #ifdef HAVE_SYS_SYSLIMITS_H
55 #include <sys/syslimits.h>
59 #include <systemd/sd-daemon.h>
67 * @addtogroup DBusInternalsUtils
73 * Does the chdir, fork, setsid, etc. to become a daemon process.
75 * @param pidfile #NULL, or pidfile to create
76 * @param print_pid_pipe pipe to print daemon's pid to, or -1 for none
77 * @param error return location for errors
78 * @param keep_umask #TRUE to keep the original umask
79 * @returns #FALSE on failure
82 _dbus_become_daemon (const DBusString *pidfile,
83 DBusPipe *print_pid_pipe,
85 dbus_bool_t keep_umask)
89 DBusEnsureStandardFdsFlags flags;
91 _dbus_verbose ("Becoming a daemon...\n");
93 _dbus_verbose ("chdir to /\n");
96 dbus_set_error (error, DBUS_ERROR_FAILED,
97 "Could not chdir() to root directory");
101 _dbus_verbose ("forking...\n");
102 switch ((child_pid = fork ()))
105 _dbus_verbose ("fork failed\n");
106 dbus_set_error (error, _dbus_error_from_errno (errno),
107 "Failed to fork daemon: %s", _dbus_strerror (errno));
112 _dbus_verbose ("in child, closing std file descriptors\n");
114 flags = DBUS_FORCE_STDIN_NULL | DBUS_FORCE_STDOUT_NULL;
115 s = _dbus_getenv ("DBUS_DEBUG_OUTPUT");
117 if (s == NULL || *s == '\0')
118 flags |= DBUS_FORCE_STDERR_NULL;
120 _dbus_verbose ("keeping stderr open due to DBUS_DEBUG_OUTPUT\n");
122 if (!_dbus_ensure_standard_fds (flags, &s))
124 _dbus_warn ("%s: %s", s, _dbus_strerror (errno));
130 /* Get a predictable umask */
131 _dbus_verbose ("setting umask\n");
135 _dbus_verbose ("calling setsid()\n");
137 _dbus_assert_not_reached ("setsid() failed");
142 if (!_dbus_write_pid_to_file_and_pipe (pidfile, print_pid_pipe,
145 _dbus_verbose ("pid file or pipe write failed: %s\n",
147 kill (child_pid, SIGTERM);
151 _dbus_verbose ("parent exiting\n");
161 * Creates a file containing the process ID.
163 * @param filename the filename to write to
164 * @param pid our process ID
165 * @param error return location for errors
166 * @returns #FALSE on failure
169 _dbus_write_pid_file (const DBusString *filename,
173 const char *cfilename;
177 cfilename = _dbus_string_get_const_data (filename);
179 fd = open (cfilename, O_WRONLY|O_CREAT|O_EXCL|O_BINARY, 0644);
183 dbus_set_error (error, _dbus_error_from_errno (errno),
184 "Failed to open \"%s\": %s", cfilename,
185 _dbus_strerror (errno));
189 if ((f = fdopen (fd, "w")) == NULL)
191 dbus_set_error (error, _dbus_error_from_errno (errno),
192 "Failed to fdopen fd %d: %s", fd, _dbus_strerror (errno));
193 _dbus_close (fd, NULL);
197 if (fprintf (f, "%lu\n", pid) < 0)
199 dbus_set_error (error, _dbus_error_from_errno (errno),
200 "Failed to write to \"%s\": %s", cfilename,
201 _dbus_strerror (errno));
207 if (fclose (f) == EOF)
209 dbus_set_error (error, _dbus_error_from_errno (errno),
210 "Failed to close \"%s\": %s", cfilename,
211 _dbus_strerror (errno));
219 * Writes the given pid_to_write to a pidfile (if non-NULL) and/or to a
220 * pipe (if non-NULL). Does nothing if pidfile and print_pid_pipe are both
223 * @param pidfile the file to write to or #NULL
224 * @param print_pid_pipe the pipe to write to or #NULL
225 * @param pid_to_write the pid to write out
226 * @param error error on failure
227 * @returns FALSE if error is set
230 _dbus_write_pid_to_file_and_pipe (const DBusString *pidfile,
231 DBusPipe *print_pid_pipe,
232 dbus_pid_t pid_to_write,
237 _dbus_verbose ("writing pid file %s\n", _dbus_string_get_const_data (pidfile));
238 if (!_dbus_write_pid_file (pidfile,
242 _dbus_verbose ("pid file write failed\n");
243 _DBUS_ASSERT_ERROR_IS_SET(error);
249 _dbus_verbose ("No pid file requested\n");
252 if (print_pid_pipe != NULL && _dbus_pipe_is_valid (print_pid_pipe))
257 _dbus_verbose ("writing our pid to pipe %d\n",
260 if (!_dbus_string_init (&pid))
262 _DBUS_SET_OOM (error);
266 if (!_dbus_string_append_int (&pid, pid_to_write) ||
267 !_dbus_string_append (&pid, "\n"))
269 _dbus_string_free (&pid);
270 _DBUS_SET_OOM (error);
274 bytes = _dbus_string_get_length (&pid);
275 if (_dbus_pipe_write (print_pid_pipe, &pid, 0, bytes, error) != bytes)
277 /* _dbus_pipe_write sets error only on failure, not short write */
278 if (error != NULL && !dbus_error_is_set(error))
280 dbus_set_error (error, DBUS_ERROR_FAILED,
281 "Printing message bus PID: did not write enough bytes\n");
283 _dbus_string_free (&pid);
287 _dbus_string_free (&pid);
291 _dbus_verbose ("No pid pipe to write to\n");
298 * Verify that after the fork we can successfully change to this user.
300 * @param user the username given in the daemon configuration
301 * @returns #TRUE if username is valid
304 _dbus_verify_daemon_user (const char *user)
308 _dbus_string_init_const (&u, user);
310 return _dbus_get_user_id_and_primary_group (&u, NULL, NULL);
314 /* The HAVE_LIBAUDIT case lives in selinux.c */
315 #ifndef HAVE_LIBAUDIT
317 * Changes the user and group the bus is running as.
319 * @param user the user to become
320 * @param error return location for errors
321 * @returns #FALSE on failure
324 _dbus_change_to_daemon_user (const char *user,
331 _dbus_string_init_const (&u, user);
333 if (!_dbus_get_user_id_and_primary_group (&u, &uid, &gid))
335 dbus_set_error (error, DBUS_ERROR_FAILED,
336 "User '%s' does not appear to exist?",
341 /* setgroups() only works if we are a privileged process,
342 * so we don't return error on failure; the only possible
343 * failure is that we don't have perms to do it.
345 * not sure this is right, maybe if setuid()
346 * is going to work then setgroups() should also work.
348 if (setgroups (0, NULL) < 0)
349 _dbus_warn ("Failed to drop supplementary groups: %s",
350 _dbus_strerror (errno));
352 /* Set GID first, or the setuid may remove our permission
355 if (setgid (gid) < 0)
357 dbus_set_error (error, _dbus_error_from_errno (errno),
358 "Failed to set GID to %lu: %s", gid,
359 _dbus_strerror (errno));
363 if (setuid (uid) < 0)
365 dbus_set_error (error, _dbus_error_from_errno (errno),
366 "Failed to set UID to %lu: %s", uid,
367 _dbus_strerror (errno));
373 #endif /* !HAVE_LIBAUDIT */
375 #ifdef HAVE_SETRLIMIT
377 /* We assume that if we have setrlimit, we also have getrlimit and
386 _dbus_rlimit_save_fd_limit (DBusError *error)
390 self = dbus_new0 (DBusRLimit, 1);
394 _DBUS_SET_OOM (error);
398 if (getrlimit (RLIMIT_NOFILE, &self->lim) < 0)
400 dbus_set_error (error, _dbus_error_from_errno (errno),
401 "Failed to get fd limit: %s", _dbus_strerror (errno));
410 _dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired,
415 /* No point to doing this practically speaking
416 * if we're not uid 0. We expect the system
417 * bus to use this before we change UID, and
418 * the session bus takes the Linux default,
419 * currently 1024 for cur and 4096 for max.
423 /* not an error, we're probably the session bus */
427 if (getrlimit (RLIMIT_NOFILE, &lim) < 0)
429 dbus_set_error (error, _dbus_error_from_errno (errno),
430 "Failed to get fd limit: %s", _dbus_strerror (errno));
434 if (lim.rlim_cur == RLIM_INFINITY || lim.rlim_cur >= desired)
436 /* not an error, everything is fine */
440 /* Ignore "maximum limit", assume we have the "superuser"
441 * privileges. On Linux this is CAP_SYS_RESOURCE.
443 lim.rlim_cur = lim.rlim_max = desired;
445 if (setrlimit (RLIMIT_NOFILE, &lim) < 0)
447 dbus_set_error (error, _dbus_error_from_errno (errno),
448 "Failed to set fd limit to %u: %s",
449 desired, _dbus_strerror (errno));
457 _dbus_rlimit_restore_fd_limit (DBusRLimit *saved,
460 if (setrlimit (RLIMIT_NOFILE, &saved->lim) < 0)
462 dbus_set_error (error, _dbus_error_from_errno (errno),
463 "Failed to restore old fd limit: %s",
464 _dbus_strerror (errno));
471 #else /* !HAVE_SETRLIMIT */
474 fd_limit_not_supported (DBusError *error)
476 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
477 "cannot change fd limit on this platform");
481 _dbus_rlimit_save_fd_limit (DBusError *error)
483 fd_limit_not_supported (error);
488 _dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired,
491 fd_limit_not_supported (error);
496 _dbus_rlimit_restore_fd_limit (DBusRLimit *saved,
499 fd_limit_not_supported (error);
506 _dbus_rlimit_free (DBusRLimit *lim)
511 /** Installs a UNIX signal handler
513 * @param sig the signal to handle
514 * @param handler the handler
517 _dbus_set_signal_handler (int sig,
518 DBusSignalHandler handler)
520 struct sigaction act;
523 sigemptyset (&empty_mask);
524 act.sa_handler = handler;
525 act.sa_mask = empty_mask;
527 sigaction (sig, &act, NULL);
530 /** Checks if a file exists
532 * @param file full path to the file
533 * @returns #TRUE if file exists
536 _dbus_file_exists (const char *file)
538 return (access (file, F_OK) == 0);
541 /** Checks if user is at the console
543 * @param username user to check
544 * @param error return location for errors
545 * @returns #TRUE is the user is at the consolei and there are no errors
548 _dbus_user_at_console (const char *username,
551 #ifdef DBUS_CONSOLE_AUTH_DIR
556 if (!_dbus_string_init (&f))
558 _DBUS_SET_OOM (error);
562 if (!_dbus_string_append (&f, DBUS_CONSOLE_AUTH_DIR))
564 _DBUS_SET_OOM (error);
568 _dbus_string_init_const (&u, username);
570 if (!_dbus_concat_dir_and_file (&f, &u))
572 _DBUS_SET_OOM (error);
576 result = _dbus_file_exists (_dbus_string_get_const_data (&f));
579 _dbus_string_free (&f);
589 * Checks whether the filename is an absolute path
591 * @param filename the filename
592 * @returns #TRUE if an absolute path
595 _dbus_path_is_absolute (const DBusString *filename)
597 if (_dbus_string_get_length (filename) > 0)
598 return _dbus_string_get_byte (filename, 0) == '/';
606 * @param filename the filename to stat
607 * @param statbuf the stat info to fill in
608 * @param error return location for error
609 * @returns #FALSE if error was set
612 _dbus_stat (const DBusString *filename,
616 const char *filename_c;
619 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
621 filename_c = _dbus_string_get_const_data (filename);
623 if (stat (filename_c, &sb) < 0)
625 dbus_set_error (error, _dbus_error_from_errno (errno),
626 "%s", _dbus_strerror (errno));
630 statbuf->mode = sb.st_mode;
631 statbuf->nlink = sb.st_nlink;
632 statbuf->uid = sb.st_uid;
633 statbuf->gid = sb.st_gid;
634 statbuf->size = sb.st_size;
635 statbuf->atime = sb.st_atime;
636 statbuf->mtime = sb.st_mtime;
637 statbuf->ctime = sb.st_ctime;
644 * Internals of directory iterator
648 DIR *d; /**< The DIR* from opendir() */
653 * Open a directory to iterate over.
655 * @param filename the directory name
656 * @param error exception return object or #NULL
657 * @returns new iterator, or #NULL on error
660 _dbus_directory_open (const DBusString *filename,
665 const char *filename_c;
667 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
669 filename_c = _dbus_string_get_const_data (filename);
671 d = opendir (filename_c);
674 dbus_set_error (error, _dbus_error_from_errno (errno),
675 "Failed to read directory \"%s\": %s",
677 _dbus_strerror (errno));
680 iter = dbus_new0 (DBusDirIter, 1);
684 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
685 "Could not allocate memory for directory iterator");
695 * Get next file in the directory. Will not return "." or ".." on
696 * UNIX. If an error occurs, the contents of "filename" are
697 * undefined. The error is never set if the function succeeds.
699 * This function is not re-entrant, and not necessarily thread-safe.
700 * Only use it for test code or single-threaded utilities.
702 * @param iter the iterator
703 * @param filename string to be set to the next file in the dir
704 * @param error return location for error
705 * @returns #TRUE if filename was filled in with a new filename
708 _dbus_directory_get_next_file (DBusDirIter *iter,
709 DBusString *filename,
715 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
719 ent = readdir (iter->d);
726 dbus_set_error (error,
727 _dbus_error_from_errno (err),
728 "%s", _dbus_strerror (err));
732 else if (ent->d_name[0] == '.' &&
733 (ent->d_name[1] == '\0' ||
734 (ent->d_name[1] == '.' && ent->d_name[2] == '\0')))
738 _dbus_string_set_length (filename, 0);
739 if (!_dbus_string_append (filename, ent->d_name))
741 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
742 "No memory to read directory entry");
753 * Closes a directory iteration.
756 _dbus_directory_close (DBusDirIter *iter)
763 fill_user_info_from_group (struct group *g,
767 _dbus_assert (g->gr_name != NULL);
769 info->gid = g->gr_gid;
770 info->groupname = _dbus_strdup (g->gr_name);
772 /* info->members = dbus_strdupv (g->gr_mem) */
774 if (info->groupname == NULL)
776 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
784 fill_group_info (DBusGroupInfo *info,
786 const DBusString *groupname,
789 const char *group_c_str;
791 _dbus_assert (groupname != NULL || gid != DBUS_GID_UNSET);
792 _dbus_assert (groupname == NULL || gid == DBUS_GID_UNSET);
795 group_c_str = _dbus_string_get_const_data (groupname);
799 /* For now assuming that the getgrnam() and getgrgid() flavors
800 * always correspond to the pwnam flavors, if not we have
801 * to add more configure checks.
804 #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
813 /* retrieve maximum needed size for buf */
814 buflen = sysconf (_SC_GETGR_R_SIZE_MAX);
816 /* sysconf actually returns a long, but everything else expects size_t,
817 * so just recast here.
818 * https://bugs.freedesktop.org/show_bug.cgi?id=17061
820 if ((long) buflen <= 0)
826 buf = dbus_malloc (buflen);
829 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
834 #ifdef HAVE_POSIX_GETPWNAM_R
836 result = getgrnam_r (group_c_str, &g_str, buf, buflen,
839 result = getgrgid_r (gid, &g_str, buf, buflen,
842 g = getgrnam_r (group_c_str, &g_str, buf, buflen);
844 #endif /* !HAVE_POSIX_GETPWNAM_R */
845 /* Try a bigger buffer if ERANGE was returned:
846 https://bugs.freedesktop.org/show_bug.cgi?id=16727
848 if (result == ERANGE && buflen < 512 * 1024)
859 if (result == 0 && g == &g_str)
861 b = fill_user_info_from_group (g, info, error);
867 dbus_set_error (error, _dbus_error_from_errno (errno),
868 "Group %s unknown or failed to look it up\n",
869 group_c_str ? group_c_str : "???");
874 #else /* ! HAVE_GETPWNAM_R */
876 /* I guess we're screwed on thread safety here */
879 g = getgrnam (group_c_str);
883 return fill_user_info_from_group (g, info, error);
887 dbus_set_error (error, _dbus_error_from_errno (errno),
888 "Group %s unknown or failed to look it up\n",
889 group_c_str ? group_c_str : "???");
893 #endif /* ! HAVE_GETPWNAM_R */
897 * Initializes the given DBusGroupInfo struct
898 * with information about the given group name.
900 * @param info the group info struct
901 * @param groupname name of group
902 * @param error the error return
903 * @returns #FALSE if error is set
906 _dbus_group_info_fill (DBusGroupInfo *info,
907 const DBusString *groupname,
910 return fill_group_info (info, DBUS_GID_UNSET,
916 * Initializes the given DBusGroupInfo struct
917 * with information about the given group ID.
919 * @param info the group info struct
920 * @param gid group ID
921 * @param error the error return
922 * @returns #FALSE if error is set
925 _dbus_group_info_fill_gid (DBusGroupInfo *info,
929 return fill_group_info (info, gid, NULL, error);
933 * Parse a UNIX user from the bus config file. On Windows, this should
934 * simply always fail (just return #FALSE).
936 * @param username the username text
937 * @param uid_p place to return the uid
938 * @returns #TRUE on success
941 _dbus_parse_unix_user_from_config (const DBusString *username,
944 return _dbus_get_user_id (username, uid_p);
949 * Parse a UNIX group from the bus config file. On Windows, this should
950 * simply always fail (just return #FALSE).
952 * @param groupname the groupname text
953 * @param gid_p place to return the gid
954 * @returns #TRUE on success
957 _dbus_parse_unix_group_from_config (const DBusString *groupname,
960 return _dbus_get_group_id (groupname, gid_p);
964 * Gets all groups corresponding to the given UNIX user ID. On UNIX,
965 * just calls _dbus_groups_from_uid(). On Windows, should always
966 * fail since we don't know any UNIX groups.
969 * @param group_ids return location for array of group IDs
970 * @param n_group_ids return location for length of returned array
971 * @returns #TRUE if the UID existed and we got some credentials
974 _dbus_unix_groups_from_uid (dbus_uid_t uid,
975 dbus_gid_t **group_ids,
978 return _dbus_groups_from_uid (uid, group_ids, n_group_ids);
982 * Checks to see if the UNIX user ID is at the console.
983 * Should always fail on Windows (set the error to
984 * #DBUS_ERROR_NOT_SUPPORTED).
986 * @param uid UID of person to check
987 * @param error return location for errors
988 * @returns #TRUE if the UID is the same as the console user and there are no errors
991 _dbus_unix_user_is_at_console (dbus_uid_t uid,
994 return _dbus_is_console_user (uid, error);
999 * Checks to see if the UNIX user ID matches the UID of
1000 * the process. Should always return #FALSE on Windows.
1002 * @param uid the UNIX user ID
1003 * @returns #TRUE if this uid owns the process.
1006 _dbus_unix_user_is_process_owner (dbus_uid_t uid)
1008 return uid == _dbus_geteuid ();
1012 * Checks to see if the Windows user SID matches the owner of
1013 * the process. Should always return #FALSE on UNIX.
1015 * @param windows_sid the Windows user SID
1016 * @returns #TRUE if this user owns the process.
1019 _dbus_windows_user_is_process_owner (const char *windows_sid)
1024 /** @} */ /* End of DBusInternalsUtils functions */
1027 * @addtogroup DBusString
1032 * Get the directory name from a complete filename
1033 * @param filename the filename
1034 * @param dirname string to append directory name to
1035 * @returns #FALSE if no memory
1038 _dbus_string_get_dirname (const DBusString *filename,
1039 DBusString *dirname)
1043 _dbus_assert (filename != dirname);
1044 _dbus_assert (filename != NULL);
1045 _dbus_assert (dirname != NULL);
1047 /* Ignore any separators on the end */
1048 sep = _dbus_string_get_length (filename);
1050 return _dbus_string_append (dirname, "."); /* empty string passed in */
1052 while (sep > 0 && _dbus_string_get_byte (filename, sep - 1) == '/')
1055 _dbus_assert (sep >= 0);
1058 return _dbus_string_append (dirname, "/");
1060 /* Now find the previous separator */
1061 _dbus_string_find_byte_backward (filename, sep, '/', &sep);
1063 return _dbus_string_append (dirname, ".");
1065 /* skip multiple separators */
1066 while (sep > 0 && _dbus_string_get_byte (filename, sep - 1) == '/')
1069 _dbus_assert (sep >= 0);
1072 _dbus_string_get_byte (filename, 0) == '/')
1073 return _dbus_string_append (dirname, "/");
1075 return _dbus_string_copy_len (filename, 0, sep - 0,
1076 dirname, _dbus_string_get_length (dirname));
1078 /** @} */ /* DBusString stuff */
1081 string_squash_nonprintable (DBusString *str)
1086 buf = _dbus_string_get_udata (str);
1087 len = _dbus_string_get_length (str);
1089 for (i = 0; i < len; i++)
1091 unsigned char c = (unsigned char) buf[i];
1094 else if (c < 0x20 || c > 127)
1100 * Get a printable string describing the command used to execute
1101 * the process with pid. This string should only be used for
1102 * informative purposes such as logging; it may not be trusted.
1104 * The command is guaranteed to be printable ASCII and no longer
1107 * @param pid Process id
1108 * @param str Append command to this string
1109 * @param max_len Maximum length of returned command
1110 * @param error return location for errors
1111 * @returns #FALSE on error
1114 _dbus_command_for_pid (unsigned long pid,
1119 /* This is all Linux-specific for now */
1124 if (!_dbus_string_init (&path))
1126 _DBUS_SET_OOM (error);
1130 if (!_dbus_string_init (&cmdline))
1132 _DBUS_SET_OOM (error);
1133 _dbus_string_free (&path);
1137 if (!_dbus_string_append_printf (&path, "/proc/%ld/cmdline", pid))
1140 fd = open (_dbus_string_get_const_data (&path), O_RDONLY);
1143 dbus_set_error (error,
1144 _dbus_error_from_errno (errno),
1145 "Failed to open \"%s\": %s",
1146 _dbus_string_get_const_data (&path),
1147 _dbus_strerror (errno));
1151 if (!_dbus_read (fd, &cmdline, max_len))
1153 dbus_set_error (error,
1154 _dbus_error_from_errno (errno),
1155 "Failed to read from \"%s\": %s",
1156 _dbus_string_get_const_data (&path),
1157 _dbus_strerror (errno));
1158 _dbus_close (fd, NULL);
1162 if (!_dbus_close (fd, error))
1165 string_squash_nonprintable (&cmdline);
1167 if (!_dbus_string_copy (&cmdline, 0, str, _dbus_string_get_length (str)))
1170 _dbus_string_free (&cmdline);
1171 _dbus_string_free (&path);
1174 _DBUS_SET_OOM (error);
1176 _dbus_string_free (&cmdline);
1177 _dbus_string_free (&path);
1182 * Replace the DBUS_PREFIX in the given path, in-place, by the
1183 * current D-Bus installation directory. On Unix this function
1184 * does nothing, successfully.
1186 * @param path path to edit
1187 * @return #FALSE on OOM
1190 _dbus_replace_install_prefix (DBusString *path)
1196 ensure_owned_directory (const char *label,
1197 const DBusString *string,
1201 const char *dir = _dbus_string_get_const_data (string);
1204 if (create && !_dbus_ensure_directory (string, error))
1208 * The stat()-based checks in this function are to protect against
1209 * mistakes, not malice. We are working in a directory that is meant
1210 * to be trusted; but if a user has used `su` or similar to escalate
1211 * their privileges without correctly clearing the environment, the
1212 * XDG_RUNTIME_DIR in the environment might still be the user's
1213 * and not root's. We don't want to write root-owned files into that
1214 * directory, so just warn and don't provide support for transient
1215 * services in that case.
1217 * In particular, we use stat() and not lstat() so that if we later
1218 * decide to use a different directory name for transient services,
1219 * we can drop in a compatibility symlink without breaking older
1223 if (stat (dir, &buf) != 0)
1225 int saved_errno = errno;
1227 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1228 "%s \"%s\" not available: %s", label, dir,
1229 _dbus_strerror (saved_errno));
1233 if (!S_ISDIR (buf.st_mode))
1235 dbus_set_error (error, DBUS_ERROR_FAILED, "%s \"%s\" is not a directory",
1240 if (buf.st_uid != geteuid ())
1242 dbus_set_error (error, DBUS_ERROR_FAILED,
1243 "%s \"%s\" is owned by uid %ld, not our uid %ld",
1244 label, dir, (long) buf.st_uid, (long) geteuid ());
1248 /* This is just because we have the stat() results already, so we might
1249 * as well check opportunistically. */
1250 if ((S_IWOTH | S_IWGRP) & buf.st_mode)
1252 dbus_set_error (error, DBUS_ERROR_FAILED,
1253 "%s \"%s\" can be written by others (mode 0%o)",
1254 label, dir, buf.st_mode);
1261 #define DBUS_UNIX_STANDARD_SESSION_SERVICEDIR "/dbus-1/services"
1262 #define DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR "/dbus-1/system-services"
1265 * Returns the standard directories for a session bus to look for
1266 * transient service activation files.
1268 * @param dirs the directory list we are returning
1269 * @returns #FALSE on error
1272 _dbus_set_up_transient_session_servicedirs (DBusList **dirs,
1275 const char *xdg_runtime_dir;
1276 DBusString services;
1279 dbus_bool_t ret = FALSE;
1282 if (!_dbus_string_init (&dbus1))
1284 _DBUS_SET_OOM (error);
1288 if (!_dbus_string_init (&services))
1290 _dbus_string_free (&dbus1);
1291 _DBUS_SET_OOM (error);
1295 if (!_dbus_string_init (&xrd))
1297 _dbus_string_free (&dbus1);
1298 _dbus_string_free (&services);
1299 _DBUS_SET_OOM (error);
1303 xdg_runtime_dir = _dbus_getenv ("XDG_RUNTIME_DIR");
1305 /* Not an error, we just can't have transient session services */
1306 if (xdg_runtime_dir == NULL)
1308 _dbus_verbose ("XDG_RUNTIME_DIR is unset: transient session services "
1309 "not available here\n");
1314 if (!_dbus_string_append (&xrd, xdg_runtime_dir) ||
1315 !_dbus_string_append_printf (&dbus1, "%s/dbus-1",
1317 !_dbus_string_append_printf (&services, "%s/dbus-1/services",
1320 _DBUS_SET_OOM (error);
1324 if (!ensure_owned_directory ("XDG_RUNTIME_DIR", &xrd, FALSE, error) ||
1325 !ensure_owned_directory ("XDG_RUNTIME_DIR subdirectory", &dbus1, TRUE,
1327 !ensure_owned_directory ("XDG_RUNTIME_DIR subdirectory", &services,
1331 if (!_dbus_string_steal_data (&services, &data) ||
1332 !_dbus_list_append (dirs, data))
1334 _DBUS_SET_OOM (error);
1338 _dbus_verbose ("Transient service directory is %s\n", data);
1339 /* Ownership was transferred to @dirs */
1344 _dbus_string_free (&dbus1);
1345 _dbus_string_free (&services);
1346 _dbus_string_free (&xrd);
1352 * Returns the standard directories for a session bus to look for service
1355 * On UNIX this should be the standard xdg freedesktop.org data directories:
1357 * XDG_DATA_HOME=${XDG_DATA_HOME-$HOME/.local/share}
1358 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
1364 * @param dirs the directory list we are returning
1365 * @returns #FALSE on OOM
1369 _dbus_get_standard_session_servicedirs (DBusList **dirs)
1371 const char *xdg_data_home;
1372 const char *xdg_data_dirs;
1373 DBusString servicedir_path;
1375 if (!_dbus_string_init (&servicedir_path))
1378 xdg_data_home = _dbus_getenv ("XDG_DATA_HOME");
1379 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
1381 if (xdg_data_home != NULL)
1383 if (!_dbus_string_append (&servicedir_path, xdg_data_home))
1388 const DBusString *homedir;
1389 DBusString local_share;
1391 if (!_dbus_homedir_from_current_process (&homedir))
1394 if (!_dbus_string_append (&servicedir_path, _dbus_string_get_const_data (homedir)))
1397 _dbus_string_init_const (&local_share, "/.local/share");
1398 if (!_dbus_concat_dir_and_file (&servicedir_path, &local_share))
1402 if (!_dbus_string_append (&servicedir_path, ":"))
1405 if (xdg_data_dirs != NULL)
1407 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
1410 if (!_dbus_string_append (&servicedir_path, ":"))
1415 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
1420 * add configured datadir to defaults
1421 * this may be the same as an xdg dir
1422 * however the config parser should take
1423 * care of duplicates
1425 if (!_dbus_string_append (&servicedir_path, DBUS_DATADIR))
1428 if (!_dbus_split_paths_and_append (&servicedir_path,
1429 DBUS_UNIX_STANDARD_SESSION_SERVICEDIR,
1433 _dbus_string_free (&servicedir_path);
1437 _dbus_string_free (&servicedir_path);
1443 * Returns the standard directories for a system bus to look for service
1446 * On UNIX this should be the standard xdg freedesktop.org data directories:
1448 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
1454 * On Windows there is no system bus and this function can return nothing.
1456 * @param dirs the directory list we are returning
1457 * @returns #FALSE on OOM
1461 _dbus_get_standard_system_servicedirs (DBusList **dirs)
1464 * DBUS_DATADIR may be the same as one of the standard directories. However,
1465 * the config parser should take care of the duplicates.
1467 * Also, append /lib as counterpart of /usr/share on the root
1468 * directory (the root directory does not know /share), in order to
1469 * facilitate early boot system bus activation where /usr might not
1472 static const char standard_search_path[] =
1477 DBusString servicedir_path;
1479 _dbus_string_init_const (&servicedir_path, standard_search_path);
1481 return _dbus_split_paths_and_append (&servicedir_path,
1482 DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR,
1487 * Get the absolute path of the system.conf file
1488 * (there is no system bus on Windows so this can just
1489 * return FALSE and print a warning or something)
1491 * @param str the string to append to, which must be empty on entry
1492 * @returns #FALSE if no memory
1495 _dbus_get_system_config_file (DBusString *str)
1497 _dbus_assert (_dbus_string_get_length (str) == 0);
1499 return _dbus_string_append (str, DBUS_SYSTEM_CONFIG_FILE);
1503 * Get the absolute path of the session.conf file.
1505 * @param str the string to append to, which must be empty on entry
1506 * @returns #FALSE if no memory
1509 _dbus_get_session_config_file (DBusString *str)
1511 _dbus_assert (_dbus_string_get_length (str) == 0);
1513 return _dbus_string_append (str, DBUS_SESSION_CONFIG_FILE);