1 <!doctype article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
5 <title>D-BUS Specification</title>
6 <releaseinfo>Version 0.7</releaseinfo>
7 <date>26 March 2003</date>
10 <firstname>Havoc</firstname>
11 <surname>Pennington</surname>
13 <orgname>Red Hat, Inc</orgname>
15 <email>hp@pobox.com</email>
20 <firstname>Anders</firstname>
21 <surname>Carlsson</surname>
23 <orgname>CodeFactory AB</orgname>
25 <email>andersca@codefactory.se</email>
30 <firstname>Alexander</firstname>
31 <surname>Larsson</surname>
33 <orgname>Red Hat, Inc</orgname>
35 <email>alexl@redhat.com</email>
42 <sect1 id="introduction">
43 <title>Introduction</title>
45 D-BUS is a system for low-latency, low-overhead, easy to use
46 interprocess communication (IPC). In more detail:
50 D-BUS is <emphasis>low-latency</emphasis> because it is designed
51 to avoid round trips and allow asynchronous operation, much like
57 D-BUS is <emphasis>low-overhead</emphasis> because it uses a
58 binary protocol, and does not have to convert to and from a text
59 format such as XML. Because D-BUS is intended for potentially
60 high-resolution same-machine IPC, not primarily for Internet IPC,
61 this is an interesting optimization.
66 D-BUS is <emphasis>easy to use</emphasis> because it works in terms
67 of <firstterm>messages</firstterm> rather than byte streams, and
68 does not require users to understand any complex concepts such as a
69 new type system or elaborate APIs. Libraries implementing D-BUS
70 may choose to abstract messages as "method calls" (see
71 <xref linkend="message-conventions-method">).
77 The base D-BUS protocol is a peer-to-peer protocol, specified in <xref
78 linkend="message-protocol">. That is, it is a system for one application
79 to talk to a single other application. However, the primary intended
80 application of D-BUS is the D-BUS <firstterm>message bus</firstterm>,
81 specified in <xref linkend="message-bus">. The message bus is a special
82 application that accepts connections from multiple other applications, and
83 forwards messages among them.
86 Things that D-BUS can be used for is for example notification of
87 system changes (notification of when a camera is plugged in to a
88 computer, or a new version of some software has been installed),
89 or desktop interoperablity, for example a file monitoring
90 service or a configuration service.
94 <sect1 id="message-protocol">
95 <title>Message Protocol</title>
97 A <firstterm>message</firstterm> consists of a
98 <firstterm>header</firstterm> and a <firstterm>body</firstterm>. If you
99 think of a message as a package, the header is the address, and the body
100 contains the package contents. The message delivery system uses the header
101 information to figure out where to send the message and how to interpret
102 it; the recipient inteprets the body of the message.
106 The body of the message is made up of zero or more
107 <firstterm>arguments</firstterm>, which are typed
108 values, such as an integer or a byte array.
111 <sect2 id="message-protocol-header-encoding">
112 <title>Header Encoding</title>
114 Following the mandatory fields, there are zero or more named fields (see
115 <xref linkend="message-protocol-header-fields">), and then nul bytes
116 padding the header such that its total length in bytes is a multiple of
120 The header MUST begin with the following mandatory fields in the following
127 <entry>Description</entry>
132 <entry>1 byte</entry>
133 <entry>Endianness flag; ASCII 'l' for little-endian
134 or ASCII 'B' for big-endian.</entry>
137 <entry>1 byte</entry>
138 <entry>Bitwise OR of flags. Unknown flags
139 MUST be ignored. Currently-defined flags are described below.
143 <entry>1 byte</entry>
144 <entry>Major protocol version of the sending application. If
145 the major protocol version of the receiving application does not
146 match, the applications will not be able to communicate and the
147 D-BUS connection MUST be disconnected. The major protocol
148 version for this version of the specification is 0.
152 <entry>1 byte</entry>
153 <entry>A nul byte, reserved for future use.
154 Any value for this byte MUST be accepted.
158 <entry>4 bytes</entry>
159 <entry>An unsigned 32-bit integer in the
160 message's byte order, indicating the total length in bytes of
161 the header including named fields and any alignment padding.
162 MUST be a multiple of 8.
166 <entry>4 bytes</entry>
167 <entry>An unsigned 32-bit integer in the
168 message's byte order, indicating the total length in bytes of
173 <entry>4 bytes</entry>
174 <entry>The message's serial number, an unsigned 32-bit integer in
175 the message's byte order. Applications MUST NOT reuse the same
176 serial number for different messages more often than 32-bit
177 unsigned integer wraparound. Zero is not a valid serial number.
185 Flags that can appear in the second byte of the header:
190 <entry>Hex value</entry>
191 <entry>Description</entry>
197 <entry>This message is an error reply. If the first argument exists and is a string, it is an error message.</entry>
205 <sect2 id="message-protocol-header-fields">
206 <title>Header Fields</title>
208 In addition to the required header information mentioned
209 in <xref linkend="message-protocol-header-encoding">,
210 the header may contain zero or more named
211 header fields. These fields are named to allow
212 future versions of this protocol specification to
213 add new fields; implementations must ignore fields
214 they do not understand. Implementations must not
215 invent their own header fields; only changes to
216 this specification may introduce new header fields.
220 Header field names MUST consist of 4 non-nul bytes. The field name is
221 NOT nul terminated; it occupies exactly 4 bytes. Following the name,
222 the field MUST have a type code, and then a properly-aligned value
224 See <xref linkend="message-protocol-arguments"> for a description
225 of how each type is encoded. If an implementation sees a header
226 field name that it does not understand, it MUST ignore
231 Here are the currently-defined named header fields:
238 <entry>Description</entry>
244 <entry>STRING</entry>
245 <entry>The name of the message, such as org.freedesktop.Peer.Ping</entry>
249 <entry>UINT32</entry>
250 <entry>The serial number of the message this message is a reply
251 to. (The serial number is one of the mandatory header fields,
252 see <xref linkend="message-protocol-header-encoding">.)</entry>
256 <entry>STRING</entry>
257 <entry>The name of the service this message should be routed to.
258 Only used in combination with the message bus, see
259 <xref linkend="message-bus">.</entry>
263 <entry>STRING</entry>
264 <entry>The name of the base service that sent this message.
265 The message bus fills in this field; the field is
266 only meaningful in combination with the message bus.</entry>
274 <sect2 id="message-protocol-header-padding">
275 <title>Header Alignment Padding</title>
277 To allow implementations to keep the header and the body in a single
278 buffer while keeping data types aligned, the total length of the header
279 must be a multiple of 8 bytes. To achieve this, the header MUST be padded
280 with nul bytes to align its total length on an 8-byte boundary.
281 The minimum number of padding bytes MUST be used. Because all possible
282 named fields use at least 8 bytes, implementations can distinguish
283 padding (which must be less than 8 bytes) from additional named fields
284 (which must be at least 8 bytes).
288 <sect2 id="message-protocol-arguments">
289 <title>Message Arguments</title>
291 The message body is made up of arguments. Each argument
292 is a type code, followed by the value of the argument
293 in a type-dependent format.
300 <entry>Type name</entry>
302 <entry>Description</entry>
307 <entry>INVALID</entry>
309 <entry>Not a valid type code (error if it appears in a message)</entry>
313 <entry>Marks an "unset" or "nonexistent" argument</entry>
317 <entry>8-bit unsigned integer</entry>
319 <entry>BOOLEAN</entry>
321 <entry>Boolean value, 0 is FALSE and 1 is TRUE. Everything else is invalid.</entry>
325 <entry>32-bit signed integer</entry>
327 <entry>UINT32</entry>
329 <entry>32-bit unsigned integer</entry>
331 <entry>DOUBLE</entry>
333 <entry>IEEE 754 double</entry>
335 <entry>STRING</entry>
337 <entry>UTF-8 string (<emphasis>must</emphasis> be valid UTF-8). Must be zero terminated. </entry>
341 <entry>A named byte array, used for custom types</entry>
349 <entry>A dictionary of key/value pairs</entry>
356 The types are encoded as follows:
361 <entry>Type name</entry>
362 <entry>Encoding</entry>
367 <entry>INVALID</entry>
368 <entry>Not applicable; cannot be encoded.</entry>
371 <entry>No data is encoded; the type code is followed immediately
372 by the type code of the next argument.</entry>
375 <entry>A byte.</entry>
377 <entry>BOOLEAN</entry>
378 <entry>A byte, with valid values 0 and 1.</entry>
381 <entry>32-bit signed integer in the message's byte order, aligned to 4-byte boundary.</entry>
383 <entry>UINT32</entry>
384 <entry>32-bit unsigned integer in the message's byte order, aligned to 4-byte boundary.</entry>
386 <entry>DOUBLE</entry>
387 <entry>64-bit IEEE 754 double in the message's byte order, aligned to 8-byte boundary.</entry>
389 <entry>STRING</entry>
390 <entry>UINT32 aligned to 4-byte boundary indicating the string's
391 length in bytes excluding its terminating nul, followed by
392 string data of the given length, followed by a terminating nul
397 <entry>A string (encoded as the STRING type above) giving the
398 name of the type followed by an UINT32 aligned to 4-byte boundary
399 indicating the data length in bytes, followed by the data.
403 <entry>A sequence of bytes giving the element type of the array, terminated
404 by a type different from ARRAY (just one byte for one-dimensional arrays, but
405 larger for multi-dimensional arrays), followed by an UINT32 (aligned to 4 bytes)
406 giving the length of the array data in bytes. This is followed by each array entry
407 encoded the way it would normally be encoded, except arrays, which are encoded
408 without the type information, since that is already declared above. Arrays containing
413 <entry>UINT32 giving the length of the dictionary data in bytes.
414 This is followed by a number of keyname/value pairs, where the
415 keyname is encoded as a STRING above, and the value is encoded
416 as a byte with typecode and how that type normally would be encoded
427 <sect1 id="auth-protocol">
428 <title>Authentication Protocol</title>
430 Before the flow of messages begins, two applications must
431 authenticate. A simple plain-text protocol is used for
432 authentication; this protocol is a SASL profile, and maps fairly
433 directly from the SASL specification. The message encoding is
434 NOT used here, only plain text messages.
437 In examples, "C:" and "S:" indicate lines sent by the client and
440 <sect2 id="auth-protocol-overview">
441 <title>Protocol Overview</title>
443 The protocol is a line-based protocol, where each line ends with
444 \r\n. Each line begins with an all-caps ASCII command name containing
445 only the character range [A-Z], a space, then any arguments for the
446 command, then the \r\n ending the line. The protocol is
447 case-sensitive. All bytes must be in the ASCII character set.
449 Commands from the client to the server are as follows:
452 <listitem><para>AUTH [mechanism] [initial-response]</para></listitem>
453 <listitem><para>CANCEL</para></listitem
454 <listitem><para>BEGIN</para></listitem>
455 <listitem><para>DATA <data in base 64 encoding></para></listitem>
456 <listitem><para>ERROR [human-readable error explanation]</para></listitem>
459 From server to client are as follows:
462 <listitem><para>REJECTED <space-separated list of mechanism names></para></listitem>
463 <listitem><para>OK</para></listitem>
464 <listitem><para>DATA <data in base 64 encoding></para></listitem>
465 <listitem><para>ERROR</para></listitem>
469 <sect2 id="auth-nul-byte">
470 <title>Special credentials-passing nul byte</title>
472 Immediately after connecting to the server, the client must send a
473 single nul byte. This byte may be accompanied by credentials
474 information on some operating systems that use sendmsg() with
475 SCM_CREDS or SCM_CREDENTIALS to pass credentials over UNIX domain
476 sockets. However, the nul byte MUST be sent even on other kinds of
477 socket, and even on operating systems that do not require a byte to be
478 sent in order to transmit credentials. The text protocol described in
479 this document begins after the single nul byte. If the first byte
480 received from the client is not a nul byte, the server may disconnect
484 A nul byte in any context other than the initial byte is an error;
485 the protocol is ASCII-only.
488 The credentials sent along with the nul byte may be used with the
489 SASL mechanism EXTERNAL.
492 <sect2 id="auth-command-auth">
493 <title>AUTH command</title>
495 If an AUTH command has no arguments, it is a request to list
496 available mechanisms. The server SHOULD respond with a REJECTED
497 command listing the mechanisms it understands.
500 If an AUTH command specifies a mechanism, and the server supports
501 said mechanism, the server SHOULD begin exchanging SASL
502 challenge-response data with the client using DATA commands.
505 If the server does not support the mechanism given in the AUTH
506 command, it SHOULD send a REJECTED command listing the mechanisms
510 If the [initial-response] argument is provided, it is intended for
511 use with mechanisms that have no initial challenge (or an empty
512 initial challenge), as if it were the argument to an initial DATA
513 command. If the selected mechanism has an initial challenge, the
514 server should reject authentication by sending REJECTED.
517 If authentication succeeds after exchanging DATA commands,
518 an OK command should be sent to the client.
521 The first octet received by the client after the \r\n of the OK
522 command MUST be the first octet of the authenticated/encrypted
523 stream of D-BUS messages.
526 The first octet received by the server after the \r\n of the BEGIN
527 command from the client MUST be the first octet of the
528 authenticated/encrypted stream of D-BUS messages.
531 <sect2 id="auth-command-cancel">
532 <title>CANCEL Command</title>
534 At any time up to sending the BEGIN command, the client may send a
535 CANCEL command. On receiving the CANCEL command, the server MUST
536 send a REJECTED command and abort the current authentication
540 <sect2 id="auth-command-data">
541 <title>DATA Command</title>
543 The DATA command may come from either client or server, and simply
544 contains a base64-encoded block of data to be interpreted
545 according to the SASL mechanism in use.
548 Some SASL mechanisms support sending an "empty string";
549 FIXME we need some way to do this.
552 <sect2 id="auth-command-begin">
553 <title>BEGIN Command</title>
555 The BEGIN command acknowledges that the client has received an
556 OK command from the server, and that the stream of messages
560 The first octet received by the server after the \r\n of the BEGIN
561 command from the client MUST be the first octet of the
562 authenticated/encrypted stream of D-BUS messages.
565 <sect2 id="auth-command-rejected">
566 <title>REJECTED Command</title>
568 The REJECTED command indicates that the current authentication
569 exchange has failed, and further exchange of DATA is inappropriate.
570 The client would normally try another mechanism, or try providing
571 different responses to challenges.
573 Optionally, the REJECTED command has a space-separated list of
574 available auth mechanisms as arguments. If a server ever provides
575 a list of supported mechanisms, it MUST provide the same list
576 each time it sends a REJECTED message. Clients are free to
577 ignore all lists received after the first.
580 <sect2 id="auth-command-ok">
581 <title>OK Command</title>
583 The OK command indicates that the client has been authenticated,
584 and that further communication will be a stream of D-BUS messages
585 (optionally encrypted, as negotiated) rather than this protocol.
588 The first octet received by the client after the \r\n of the OK
589 command MUST be the first octet of the authenticated/encrypted
590 stream of D-BUS messages.
593 The client MUST respond to the OK command by sending a BEGIN
594 command, followed by its stream of messages, or by disconnecting.
595 The server MUST NOT accept additional commands using this protocol
596 after the OK command has been sent.
599 <sect2 id="auth-command-error">
600 <title>ERROR Command</title>
602 The ERROR command indicates that either server or client did not
603 know a command, does not accept the given command in the current
604 context, or did not understand the arguments to the command. This
605 allows the protocol to be extended; a client or server can send a
606 command present or permitted only in new protocol versions, and if
607 an ERROR is received instead of an appropriate response, fall back
608 to using some other technique.
610 If an ERROR is sent, the server or client MUST continue as if the
611 command causing the ERROR had never been received.
614 <sect2 id="auth-examples">
615 <title>Authentication examples</title>
619 <title>Example of successful magic cookie authentication</title>
621 (MAGIC_COOKIE is a made up mechanism)
623 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
629 <title>Example of finding out mechanisms then picking one</title>
632 S: REJECTED KERBEROS_V4 SKEY
633 C: AUTH SKEY bW9yZ2Fu
634 S: DATA OTUgUWE1ODMwOA==
635 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
641 <title>Example of client sends unknown command then falls back to regular auth</title>
645 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
651 <title>Example of server doesn't support initial auth mechanism</title>
653 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
654 S: REJECTED KERBEROS_V4 SKEY
655 C: AUTH SKEY bW9yZ2Fu
656 S: DATA OTUgUWE1ODMwOA==
657 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
663 <title>Example of wrong password or the like followed by successful retry</title>
665 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
666 S: REJECTED KERBEROS_V4 SKEY
667 C: AUTH SKEY bW9yZ2Fu
668 S: DATA OTUgUWE1ODMwOA==
669 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
671 C: AUTH SKEY bW9yZ2Fu
672 S: DATA OTUgUWE1ODMwOA==
673 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
679 <title>Example of skey cancelled and restarted</title>
681 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
682 S: REJECTED KERBEROS_V4 SKEY
683 C: AUTH SKEY bW9yZ2Fu
684 S: DATA OTUgUWE1ODMwOA==
687 C: AUTH SKEY bW9yZ2Fu
688 S: DATA OTUgUWE1ODMwOA==
689 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
696 <sect2 id="auth-mechanisms">
697 <title>Authentication mechanisms</title>
699 This section describes some new authentication mechanisms.
700 D-BUS also allows any standard SASL mechanism of course.
702 <sect3 id="auth-mechanisms-sha">
703 <title>DBUS_COOKIE_SHA1</title>
705 The DBUS_COOKIE_SHA1 mechanism is designed to establish that a client
706 has the ability to read a private file owned by the user being
707 authenticated. If the client can prove that it has access to a secret
708 cookie stored in this file, then the client is authenticated.
709 Thus the security of DBUS_COOKIE_SHA1 depends on a secure home
713 Authentication proceeds as follows:
717 The client sends the username it would like to authenticate
723 The server sends the name of its "cookie context" (see below); a
724 space character; the integer ID of the secret cookie the client
725 must demonstrate knowledge of; a space character; then a
726 hex-encoded randomly-generated challenge string.
731 The client locates the cookie, and generates its own hex-encoded
732 randomly-generated challenge string. The client then
733 concatentates the server's hex-encoded challenge, a ":"
734 character, its own hex-encoded challenge, another ":" character,
735 and the hex-encoded cookie. It computes the SHA-1 hash of this
736 composite string. It sends back to the server the client's
737 hex-encoded challenge string, a space character, and the SHA-1
743 The server generates the same concatenated string used by the
744 client and computes its SHA-1 hash. It compares the hash with
745 the hash received from the client; if the two hashes match, the
746 client is authenticated.
752 Each server has a "cookie context," which is a name that identifies a
753 set of cookies that apply to that server. A sample context might be
754 "org_freedesktop_session_bus". Context names must be valid ASCII,
755 nonzero length, and may not contain the characters slash ("/"),
756 backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"),
757 tab ("\t"), or period ("."). There is a default context,
758 "org_freedesktop_global" that's used by servers that do not specify
762 Cookies are stored in a user's home directory, in the directory
763 <filename>~/.dbus-keyrings/</filename>. This directory must
764 not be readable or writable by other users. If it is,
765 clients and servers must ignore it. The directory
766 contains cookie files named after the cookie context.
769 A cookie file contains one cookie per line. Each line
770 has three space-separated fields:
774 The cookie ID number, which must be a non-negative integer and
775 may not be used twice in the same file.
780 The cookie's creation time, in UNIX seconds-since-the-epoch
786 The cookie itself, a hex-encoded random block of bytes.
792 Only server processes modify the cookie file.
793 They must do so with this procedure:
797 Create a lockfile name by appending ".lock" to the name of the
798 cookie file. The server should attempt to create this file
799 using <literal>O_CREAT | O_EXCL</literal>. If file creation
800 fails, the lock fails. Servers should retry for a reasonable
801 period of time, then they may choose to delete an existing lock
802 to keep users from having to manually delete a stale
803 lock. <footnote><para>Lockfiles are used instead of real file
804 locking <literal>fcntl()</literal> because real locking
805 implementations are still flaky on network
806 filesystems.</para></footnote>
811 Once the lockfile has been created, the server loads the cookie
812 file. It should then delete any cookies that are old (the
813 timeout can be fairly short), or more than a reasonable
814 time in the future (so that cookies never accidentally
815 become permanent, if the clock was set far into the future
816 at some point). If no recent keys remain, the
817 server may generate a new key.
822 The pruned and possibly added-to cookie file
823 must be resaved atomically (using a temporary
824 file which is rename()'d).
829 The lock must be dropped by deleting the lockfile.
835 Clients need not lock the file in order to load it,
836 because servers are required to save the file atomically.
841 <sect1 id="addresses">
842 <title>Server Addresses</title>
844 Server addresses consist of a transport name followed by a colon, and
845 then an optional, comma-separated list of keys and values in the form key=value.
846 [FIXME how do you escape colon, comma, and semicolon in the values of the key=value pairs?]
850 <programlisting>unix:path=/tmp/dbus-test</programlisting>
851 Which is the address to a unix socket with the path /tmp/dbus-test.
854 [FIXME clarify if attempting to connect to each is a requirement
855 or just a suggestion]
856 When connecting to a server, multiple server addresses can be
857 separated by a semi-colon. The library will then try to connect
858 to the first address and if that fails, it'll try to connect to
859 the next one specified, and so forth. For example
860 <programlisting>unix:path=/tmp/dbus-test;unix:path=/tmp/dbus-test2</programlisting>
863 [FIXME we need to specify in detail each transport and its possible arguments]
864 Currently, a transport over local UNIX sockets exists, a debug
865 transport that only works in-process and therefore can be used
866 for for unit testing also exists. It is possible that other
867 transports are added, such as a TCP/IP transport, and a
868 transport that works over X11.
872 <sect1 id="message-conventions">
873 <title>Message Conventions</title>
875 This section documents conventions that are not essential to D-BUS
876 functionality, but should generally be followed in order to simplify
879 <sect2 id="message-conventions-naming">
880 <title>Message Naming</title>
882 Messages are normally named in the form
883 "org.freedesktop.Peer.Ping", which has three
887 <term>Namespace e.g. <literal>org.freedesktop</literal></term>
890 Message names have a Java-style namespace: a reversed domain
891 name. The components of the domain are normally lowercase.
896 <term>Package or object e.g. <literal>Peer</literal></term>
899 The next part of the message name can be thought of as the name
900 of a singleton object, or as the name of a package of related
901 messages. More than one dot-separated component might be used
902 here. (Note that D-BUS does not define any idea of object
903 instances or object references.) The package or object name is
904 capitalized LikeThis.
909 <term>Method or operation e.g. <literal>Ping</literal></term>
912 The final part of the message name is the most specific, and
913 should be a verb indicating an operation to be performed on the
914 object. The method or operation name is capitalized LikeThis.
921 A reply to a message conventionally has the same name as the message
922 being replied to. When following method call conventions (see <xref
923 linkend="message-conventions-method">), this convention is mandatory,
924 because a message with multiple possible replies can't be mapped
925 to method call semantics without special-case code.
928 <sect2 id="message-conventions-method">
929 <title>Method Call Mapping</title>
931 Some implementations of D-BUS may present an API that translates object
932 method calls into D-BUS messages. This document does not specify in
933 detail how such an API should look or work. However, it does specify how
934 message-based protocols should be designed to be friendly to such an
938 Remember that D-BUS does not have object references or object instances.
939 So when one application sends the message
940 <literal>org.freedesktop.Peer.Ping</literal>, it sends it to another
941 application, not to any kind of sub-portion of that application.
942 However, a convenience API used within the recipient application may
943 route all messages that start with
944 <literal>org.freedesktop.Peer</literal> to a particular object instance,
945 and may invoke the <literal>Ping()</literal> method on said instance in
946 order to handle the message. This is a convenience API based on
950 A "method call" consists of a message and, optionally, a reply to that
951 message. The name of the "method" is the last component of the message,
952 for example, <literal>org.freedesktop.Peer.Ping</literal> would map to
953 the method <literal>Ping()</literal> on some object.
956 Arguments to a method may be considered "in" (processed by the
957 recipient of the message), or "out" (returned to the sender of the
958 message in the reply). "inout" arguments are both sent and received,
959 i.e. the caller passes in a value which is modified. An "inout" argument
960 is equivalent to an "in" argument, followed by an "out" argument.
963 Given a method with zero or one return values, followed by zero or more
964 arguments, where each argument may be "in", "out", or "inout", the
965 caller constructs a message by appending each "in" or "inout" argument,
966 in order. "out" arguments are not represented in the caller's message.
969 The recipient constructs a reply by appending first the return value
970 if any, then each "out" or "inout" argument, in order.
971 "in" arguments are not represented in the reply message.
974 The standard reply message MUST have the same name as the message being
975 replied to, and MUST set the "rply" header field to the serial
976 number of the message being replied to.
979 If an error occurs, an error reply may be sent in place of the standard
980 reply. Error replies can be identified by a special header flag, see
981 <xref linkend="message-protocol-header-encoding">. Error replies have a
982 name which reflects the type of error that occurred. Error replies would
983 generally be mapped to exceptions in a programming language. If an
984 error reply has a first argument, and that argument has type STRING,
985 then the argument must be an error message.
988 [FIXME discuss mapping of broadcast messages + matching rules
989 to signals and slots]
994 <sect1 id="standard-messages">
995 <title>Standard Peer-to-Peer Messages</title>
997 In the following message definitions, "method call notation" is presented
998 in addition to simply listing the message names and arguments. The special
999 type name ANY means any type other than NIL, and the special type name
1000 ANY_OR_NIL means any valid type.
1001 [FIXME the messages here are just made up to illustrate the
1002 format for defining them]
1004 <sect2 id="standard-messages-ping">
1005 <title><literal>org.freedesktop.Peer.Ping</literal></title>
1013 On receipt of the message <literal>org.freedesktop.Peer.Ping</literal>,
1014 an application should reply with
1015 <literal>org.freedesktop.Peer.Ping</literal>. Neither the
1016 message nor its reply have any arguments.
1017 [FIXME the messages here are just made up to illustrate the
1018 format for defining them]
1021 <sect2 id="standard-messages-get-props">
1022 <title><literal>org.freedesktop.Props.Get</literal></title>
1026 ANY_OR_NIL Get (in STRING property_name)
1033 <entry>Argument</entry>
1035 <entry>Description</entry>
1041 <entry>STRING</entry>
1042 <entry>Name of the property to get</entry>
1052 <entry>Argument</entry>
1054 <entry>Description</entry>
1060 <entry>ANY_OR_NIL</entry>
1061 <entry>The value of the property. The type depends on the property.</entry>
1069 [FIXME the messages here are just made up to illustrate the
1070 format for defining them]
1075 <sect1 id="message-bus">
1076 <title>Message Bus Specification</title>
1077 <sect2 id="message-bus-overview">
1078 <title>Message Bus Overview</title>
1080 The message bus accepts connections from one or more applications.
1081 Once connected, applications can send and receive messages from
1082 the message bus, as in the peer-to-peer case.
1085 The message bus keeps track of a set of
1086 <firstterm>services</firstterm>. A service is simply a name, such as
1087 <literal>com.yoyodyne.Screensaver</literal>, which can be
1088 <firstterm>owned</firstterm> by one or more of the connected
1089 applications. The message bus itself always owns the special service
1090 <literal>org.freedesktop.DBus</literal>.
1093 Services may have <firstterm>secondary owners</firstterm>. Secondary owners
1094 of a service are kept in a queue; if the primary owner of a service
1095 disconnects, or releases the service, the next secondary owner becomes
1096 the new owner of the service.
1099 Messages may have a <literal>srvc</literal> field (see <xref
1100 linkend="message-protocol-header-fields">). When the message bus
1101 receives a message, if the <literal>srvc</literal> field is absent, the
1102 message is taken to be a standard peer-to-peer message and interpreted
1103 by the message bus itself. For example, sending
1104 an <literal>org.freedesktop.Peer.Ping</literal> message with no
1105 <literal>srvc</literal> will cause the message bus itself to reply
1106 to the ping immediately; the message bus would never make
1107 this message visible to other applications.
1110 If the <literal>srvc</literal> field is present, then it indicates a
1111 request for the message bus to route the message. In the usual case,
1112 messages are routed to the owner of the named service.
1113 Messages may also be <firstterm>broadcast</firstterm>
1114 by sending them to the special service
1115 <literal>org.freedesktop.DBus.Broadcast</literal>. Broadcast messages are
1116 sent to all applications with <firstterm>message matching
1117 rules</firstterm> that match the message.
1120 Continuing the <literal>org.freedesktop.Peer.Ping</literal> example, if
1121 the ping message were sent with a <literal>srvc</literal> name of
1122 <literal>com.yoyodyne.Screensaver</literal>, then the ping would be
1123 forwarded, and the Yoyodyne Corporation screensaver application would be
1124 expected to reply to the ping. If
1125 <literal>org.freedesktop.Peer.Ping</literal> were sent to
1126 <literal>org.freedesktop.DBus.Broadcast</literal>, then multiple applications
1127 might receive the ping, and all would normally reply to it.
1131 <sect2 id="message-bus-services">
1132 <title>Message Bus Services</title>
1134 A service is a name that identifies a certain application. Each
1135 application connected to the message bus has at least one service name
1136 assigned at connection time and returned in response to the
1137 <literal>org.freedesktop.DBus.Hello</literal> message.
1138 This automatically-assigned service name is called
1139 the application's <firstterm>base service</firstterm>.
1140 Base service names are unique and MUST never be reused for two different
1144 Ownership of the base service is a prerequisite for interaction with
1145 the message bus. It logically follows that the base service is always
1146 the first service that an application comes to own, and the last
1147 service that it loses ownership of.
1150 Base service names must begin with the character ':' (ASCII colon
1151 character); service names that are not base service names must not begin
1152 with this character. (The bus must reject any attempt by an application
1153 to manually create a service name beginning with ':'.) This restriction
1154 categorically prevents "spoofing"; messages sent to a base service name
1155 will always go to a single application instance and that instance only.
1158 An application can request additional service names to be associated
1160 <literal>org.freedesktop.DBus.AcquireService</literal>
1161 message. [FIXME what service names are allowed; ASCII or unicode;
1165 [FIXME this needs more detail, and should move the service-related message
1166 descriptions up into this section perhaps]
1167 Service ownership handling can be specified in the flags part
1168 of the <literal>org.freedesktop.DBus.AcquireService</literal>
1169 message. If an application specifies the
1170 DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT flag, then all applications
1171 trying to acquire the service will be put in a queue. When the
1172 primary owner disconnects from the bus or removes ownership
1173 from the service, the next application in the queue will be the
1174 primary owner. If the DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT
1175 flag is not specified, then the primary owner will lose
1176 ownership whenever another application requests ownership of the
1180 When a client disconnects from the bus, all the services that
1181 the clients own are deleted, or in the case of a service that
1182 prohibits replacement, ownership is transferred to the next
1183 client in the queue, if any.
1186 <sect2 id="message-bus-routing">
1187 <title>Message Bus Message Routing</title>
1189 When a message is received by the message bus, the message's
1190 <literal>sndr</literal> header field MUST be set to the base service of
1191 the application which sent the message. If the service already has
1192 a <literal>sndr</literal> field, the pre-existing field is replaced.
1193 This rule means that a replies are always sent to the base service name,
1194 i.e. to the same application that sent the message being replied to.
1197 [FIXME go into detail about broadcast, multicast, unicast, etc.]
1200 <sect2 id="message-bus-activation">
1201 <title>Message Bus Service Activation</title>
1203 <firstterm>Activation</firstterm> means to locate a service
1204 owner for a service that is currently unowned. For now, it
1205 means to launch an executable that will take ownership of
1206 a particular service.
1209 To find an executable corresponding to a particular service, the bus
1210 daemon looks for <firstterm>service description files</firstterm>.
1211 Service description files define a mapping from service names to
1212 executables. Different kinds of message bus will look for these files
1213 in different places, see <xref linkend="message-bus-types">.
1216 [FIXME the file format should be much better specified than
1217 "similar to .desktop entries" esp. since desktop entries are
1218 already badly-specified. ;-)] Service description files have
1219 the ".service" file extension. The message bus will only load
1220 service description files ending with .service; all other
1221 files will be ignored. The file format is similar to that of
1223 url="http://www.freedesktop.org/standards/desktop-entry-spec/desktop-entry-spec.html">desktop
1224 entries</ulink>. All service description files must be in
1225 UTF-8 encoding. To ensure that there will be no name
1226 collisions, service files must be namespaced using the same
1227 mechanism as messages and service names.
1230 <title>Example service description file</title>
1232 # Sample service description file
1234 Name=org.gnome.ConfigurationDatabase
1235 Exec=/usr/libexec/gconfd-2
1240 When an application requests a service to be activated, the
1241 bus daemon tries to find it in the list of activation
1242 entries. It then tries to spawn the executable associated with
1243 it. If this fails, it will report an error. [FIXME what
1244 happens if two .service files offer the same service; what
1245 kind of error is reported, should we have a way for the client
1249 The executable launched will have the environment variable
1250 <literal>DBUS_ACTIVATION_ADDRESS</literal> set to the address of the
1251 message bus so it can connect and register the appropriate services.
1254 The executable being launched may want to know whether the message bus
1255 activating it is one of the well-known message buses (see <xref
1256 linkend="message-bus-types">). To facilitate this, the bus MUST also set
1257 the <literal>DBUS_ACTIVATION_BUS_TYPE</literal> environment variable if it is one
1258 of the well-known buses. The currently-defined values for this variable
1259 are <literal>system</literal> for the systemwide message bus,
1260 and <literal>session</literal> for the per-login-session message
1261 bus. The activated executable must still connect to the address given
1262 in <literal>DBUS_ACTIVATION_ADDRESS</literal>, but may assume that the
1263 resulting connection is to the well-known bus.
1266 [FIXME there should be a timeout somewhere, either specified
1267 in the .service file, by the client, or just a global value
1268 and if the client being activated fails to connect within that
1269 timeout, an error should be sent back.]
1273 <sect2 id="message-bus-types">
1274 <title>Well-known Message Bus Instances</title>
1276 Two standard message bus instances are defined here, along with how
1277 to locate them and where their service files live.
1279 <sect3 id="message-bus-types-login">
1280 <title>Login session message bus</title>
1282 Each time a user logs in, a <firstterm>login session message
1283 bus</firstterm> may be started. All applications in the user's login
1284 session may interact with one another using this message bus.
1287 The address of the login session message bus is given
1288 in the <literal>DBUS_SESSION_BUS_ADDRESS</literal> environment
1289 variable. If that variable is not set, applications may
1290 also try to read the address from the X Window System root
1291 window property <literal>_DBUS_SESSION_BUS_ADDRESS</literal>.
1292 The root window property must have type <literal>STRING</literal>.
1293 The environment variable should have precedence over the
1294 root window property.
1297 [FIXME specify location of .service files, probably using
1298 DESKTOP_DIRS etc. from basedir specification, though login session
1299 bus is not really desktop-specific]
1302 <sect3 id="message-bus-types-system">
1303 <title>System message bus</title>
1305 A computer may have a <firstterm>system message bus</firstterm>,
1306 accessible to all applications on the system. This message bus may be
1307 used to broadcast system events, such as adding new hardware devices,
1308 changes in the printer queue, and so forth.
1311 The address of the login session message bus is given
1312 in the <literal>DBUS_SYSTEM_BUS_ADDRESS</literal> environment
1313 variable. If that variable is not set, applications should try
1314 to connect to the well-known address
1315 <literal>unix:path=/var/run/dbus/system_bus_socket</literal>.
1318 The D-BUS reference implementation actually honors the
1319 <literal>$(localstatedir)</literal> configure option
1320 for this address, on both client and server side.
1325 [FIXME specify location of system bus .service files]
1330 <sect2 id="message-bus-messages">
1331 <title>Message Bus Messages</title>
1333 The special message bus service <literal>org.freedesktop.DBus</literal>
1334 responds to a number of messages, allowing applications to
1335 interact with the message bus.
1338 <sect3 id="bus-messages-hello">
1339 <title><literal>org.freedesktop.DBus.Hello</literal></title>
1350 <entry>Argument</entry>
1352 <entry>Description</entry>
1358 <entry>STRING</entry>
1359 <entry>Name of the service assigned to the application</entry>
1366 Before an application is able to send messages to other
1367 applications it must send the
1368 <literal>org.freedesktop.DBus.Hello</literal> message to the
1369 message bus service. If an application tries to send a
1370 message to another application, or a message to the message
1371 bus service that isn't the
1372 <literal>org.freedesktop.DBus.Hello</literal> message, it
1373 will be disconnected from the bus. If a client wishes to
1374 disconnect from the bus, it just has to disconnect from the
1375 transport used. No de-registration message is necessary.
1378 The reply message contains the name of the application's base service.
1381 <sect3 id="bus-messages-list-services">
1382 <title><literal>org.freedesktop.DBus.ListServices</literal></title>
1386 STRING_ARRAY ListServices ()
1393 <entry>Argument</entry>
1395 <entry>Description</entry>
1401 <entry>STRING_ARRAY</entry>
1402 <entry>Array of strings where each string is the name of a service</entry>
1409 Returns a list of all existing services registered with the message bus.
1412 <sect3 id="bus-messages-service-exists">
1413 <title><literal>org.freedesktop.DBus.ServiceExists</literal></title>
1417 BOOLEAN ServiceExists (in STRING service_name)
1424 <entry>Argument</entry>
1426 <entry>Description</entry>
1432 <entry>STRING</entry>
1433 <entry>Name of the service</entry>
1443 <entry>Argument</entry>
1445 <entry>Description</entry>
1451 <entry>BOOLEAN</entry>
1452 <entry>Return value, true if the service exists</entry>
1459 Checks if a service with a specified name exists.
1463 <sect3 id="bus-messages-acquire-service">
1464 <title><literal>org.freedesktop.DBus.AcquireService</literal></title>
1468 UINT32 AcquireService (in STRING service_name)
1475 <entry>Argument</entry>
1477 <entry>Description</entry>
1483 <entry>STRING</entry>
1484 <entry>Name of the service</entry>
1488 <entry>UINT32</entry>
1489 <entry>Flags</entry>
1499 <entry>Argument</entry>
1501 <entry>Description</entry>
1507 <entry>UINT32</entry>
1508 <entry>Return value</entry>
1515 Tries to become owner of a specific service. The flags
1516 specified can be the following values logically ORed together:
1522 <entry>Identifier</entry>
1523 <entry>Value</entry>
1524 <entry>Description</entry>
1529 <entry>DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT</entry>
1532 If the application succeeds in being the owner of the specified service,
1533 then ownership of the service can't be transferred until the service
1534 disconnects. If this flag is not set, then any application trying to become
1535 the owner of the service will succeed and the previous owner will be
1536 sent a <literal>org.freedesktop.DBus.ServiceLost</literal> message.
1540 <entry>DBUS_SERVICE_FLAGS_REPLACE_EXISTING</entry>
1542 <entry>Try to replace the current owner if there is one. If this flag
1543 is not set the application will only become the owner of the service if
1544 there is no current owner.</entry>
1550 [FIXME if it's one of the following values, why are the values
1551 done as flags instead of just 0, 1, 2, 3, 4]
1552 The return value can be one of the following values:
1558 <entry>Identifier</entry>
1559 <entry>Value</entry>
1560 <entry>Description</entry>
1565 <entry>DBUS_SERVICE_REPLY_PRIMARY_OWNER</entry>
1567 <entry>The application is now the primary owner of the service.</entry>
1570 <entry>DBUS_SERVICE_REPLY_IN_QUEUE</entry>
1572 <entry>The service already has an owner which do not want to give up ownership and therefore the application has been put in a queue.</entry>
1575 <entry>DBUS_SERVICE_REPLY_SERVICE_EXISTS</entry>
1577 <entry>The service does already have a primary owner, and DBUS_SERVICE_FLAG_REPLACE_EXISTING was not specified when trying to acquire the service.</entry>
1580 <entry>DBUS_SERVICE_REPLY_ALREADY_OWNER</entry>
1582 <entry>The application trying to request ownership of the service is already the owner of it.</entry>
1589 <sect3 id="bus-messages-service-acquired">
1590 <title><literal>org.freedesktop.DBus.ServiceAcquired</literal></title>
1594 ServiceAcquired (in STRING service_name)
1601 <entry>Argument</entry>
1603 <entry>Description</entry>
1609 <entry>STRING</entry>
1610 <entry>Name of the service</entry>
1614 <entry>UINT32</entry>
1615 <entry>Flags</entry>
1622 This message is sent to a specific application when it becomes the
1623 primary owner of a service.
1626 <sect3 id="bus-messages-service-lost">
1627 <title><literal>org.freedesktop.DBus.ServiceLost</literal></title>
1631 ServiceLost (in STRING service_name)
1638 <entry>Argument</entry>
1640 <entry>Description</entry>
1646 <entry>STRING</entry>
1647 <entry>Name of the service</entry>
1651 <entry>UINT32</entry>
1652 <entry>Flags</entry>
1659 This message is sent to a specific application when it loses primary
1660 ownership of a service.
1662 [FIXME instead of ServiceLost/ServiceCreated going only to
1663 a specific app, why not just OwnerChanged that covers both
1664 lost and created and changed owner and deleted]
1668 <sect3 id="bus-messages-service-created">
1669 <title><literal>org.freedesktop.DBus.ServiceCreated</literal></title>
1673 ServiceCreated (in STRING service_name)
1680 <entry>Argument</entry>
1682 <entry>Description</entry>
1688 <entry>STRING</entry>
1689 <entry>Name of the service</entry>
1693 <entry>UINT32</entry>
1694 <entry>Flags</entry>
1701 This message is broadcast to all applications when a service has been
1702 successfully registered on the message bus.
1706 <sect3 id="bus-messages-service-deleted">
1707 <title><literal>org.freedesktop.DBus.ServiceDeleted</literal></title>
1711 ServiceDeleted (in STRING service_name)
1718 <entry>Argument</entry>
1720 <entry>Description</entry>
1726 <entry>STRING</entry>
1727 <entry>Name of the service</entry>
1731 <entry>UINT32</entry>
1732 <entry>Flags</entry>
1739 This message is broadcast to all applications when a service has been
1740 deleted from the message bus.
1744 <sect3 id="bus-messages-activate-service">
1745 <title><literal>org.freedesktop.DBus.ActivateService</literal></title>
1749 UINT32 ActivateService (in STRING service_name, in UINT32 flags)
1756 <entry>Argument</entry>
1758 <entry>Description</entry>
1764 <entry>STRING</entry>
1765 <entry>Name of the service to activate</entry>
1769 <entry>UINT32</entry>
1770 <entry>Flags (currently not used)</entry>
1780 <entry>Argument</entry>
1782 <entry>Description</entry>
1788 <entry>UINT32</entry>
1789 <entry>Result code; DBUS_ACTIVATION_REPLY_ACTIVATED if
1790 the service was activated successfully or
1791 DBUS_ACTIVATION_REPLY_ALREADY_ACTIVE if the service is
1792 already active.</entry>
1799 Tries to launch the executable associated with a service. For more information, see <xref linkend="message-bus-activation">.
1801 [FIXME need semantics in much more detail here; for example,
1802 if I activate a service then send it a message, is the message
1803 queued for the new service or is there a race]
1807 <sect3 id="bus-messages-out-of-memory">
1808 <title><literal>org.freedesktop.DBus.Error.NoMemory</literal></title>
1816 Sent by the message bus when it can't process a message due to an out of memory failure.
1820 <sect3 id="bus-messages-service-does-not-exist">
1821 <title><literal>org.freedesktop.DBus.Error.ServiceDoesNotExist</literal></title>
1825 void ServiceDoesNotExist (in STRING error)
1829 Sent by the message bus as a reply to a client that tried to send a message to a service that doesn't exist.
1836 <appendix id="implementation-notes">
1837 <title>Implementation notes</title>
1838 <sect1 id="implementation-notes-subsection">
1846 <glossary><title>Glossary</title>
1848 This glossary defines some of the terms used in this specification.
1851 <glossentry id="term-activation"><glossterm>Activation</glossterm>
1854 The process of creating an owner for a particular service,
1855 typically by launching an executable.
1860 <glossentry id="term-base-service"><glossterm>Base Service</glossterm>
1863 The special service automatically assigned to an application by the
1864 message bus. This service may never change owner, and the service
1865 name will be unique (never reused during the lifetime of the
1871 <glossentry id="term-broadcast"><glossterm>Broadcast</glossterm>
1874 A message sent to the special <literal>org.freedesktop.DBus.Broadcast</literal>
1875 service; the message bus will forward the broadcast message
1876 to all applications that have expressed interest in it.
1881 <glossentry id="term-message"><glossterm>Message</glossterm>
1884 A message is the atomic unit of communication via the D-BUS
1885 protocol. It consists of a <firstterm>header</firstterm> and a
1886 <firstterm>body</firstterm>; the body is made up of
1887 <firstterm>arguments</firstterm>.
1892 <glossentry id="term-message-bus"><glossterm>Message Bus</glossterm>
1895 The message bus is a special application that forwards
1896 or broadcasts messages between a group of applications
1897 connected to the message bus. It also manages
1898 <firstterm>services</firstterm>.
1903 <glossentry id="namespace"><glossterm>Namespace</glossterm>
1906 Used to prevent collisions when defining message and service
1907 names. The convention used is the same as Java uses for
1908 defining classes: a reversed domain name.
1912 <glossentry id="peer-to-peer"><glossterm>Peer-to-peer</glossterm>
1915 An application talking directly to another application, without going through a message bus.
1919 <glossentry id="term-secondary-owner"><glossterm>Secondary service owner</glossterm>
1922 Each service has a primary owner; messages sent to the service name
1923 go to the primary owner. However, certain services also maintain
1924 a queue of secondary owners "waiting in the wings." If
1925 the primary owner releases the service, then the first secondary
1926 owner in the queue automatically becomes the primary owner.
1930 <glossentry id="term-service"><glossterm>Service</glossterm>
1933 A service is simply a named list of applications. For example, the
1934 hypothetical <literal>com.yoyodyne.Screensaver</literal> service might
1935 accept messages that affect a screensaver from Yoyodyne Corporation.
1936 An application is said to <firstterm>own</firstterm> a service if the
1937 message bus has associated the application with the service name.
1938 Services may also have <firstterm>secondary owners</firstterm> (see
1939 <xref linkend="term-secondary-owner">).
1943 <glossentry id="term-service-name"><glossterm>Service name</glossterm>
1946 The name used when referring to a service. If the service is
1947 a base service it has a unique service name, for example
1948 ":1-20", and otherwise it should be namespaced.
1952 <glossentry id="term-service-description-files"><glossterm>Service Description Files</glossterm>
1955 ".service files" tell the bus how to activate a particular service.
1956 See <xref linkend="term-activation">
projects / platform / upstream / dbus.git / blob