1 <!doctype article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
5 <title>D-BUS Specification</title>
6 <releaseinfo>Version 0.7</releaseinfo>
7 <date>26 March 2003</date>
10 <firstname>Havoc</firstname>
11 <surname>Pennington</surname>
14 <email>hp@pobox.com</email>
19 <firstname>Anders</firstname>
20 <surname>Carlsson</surname>
22 <orgname>CodeFactory AB</orgname>
24 <email>andersca@codefactory.se</email>
31 <sect1 id="introduction">
32 <title>Introduction</title>
34 D-BUS is a system for low-latency, low-overhead, easy to use
35 interprocess communication (IPC). In more detail:
39 D-BUS is <emphasis>low-latency</emphasis> because it is designed
40 to avoid round trips and allow asynchronous operation, much like
46 D-BUS is <emphasis>low-overhead</emphasis> because it uses a
47 binary protocol, and does not have to convert to and from a text
48 format such as XML. Because D-BUS is intended for potentially
49 high-resolution same-machine IPC, not primarily for Internet IPC,
50 this is an interesting optimization.
55 D-BUS is <emphasis>easy to use</emphasis> because it works in terms
56 of <firstterm>messages</firstterm> rather than byte streams, and
57 does not require users to understand any complex concepts such as a
58 new type system or elaborate APIs. Libraries implementing D-BUS
59 may choose to abstract messages as "method calls" (see
60 <xref linkend="message-conventions-method">).
66 The base D-BUS protocol is a peer-to-peer protocol, specified in <xref
67 linkend="message-protocol">. That is, it is a system for one application
68 to talk to a single other application. However, the primary intended
69 application of D-BUS is the D-BUS <firstterm>message bus</firstterm>,
70 specified in <xref linkend="message-bus">. The message bus is a special
71 application that accepts connections from multiple other applications, and
72 forwards messages among them.
76 <sect1 id="message-protocol">
77 <title>Message Protocol</title>
79 A <firstterm>message</firstterm> consists of a
80 <firstterm>header</firstterm> and a <firstterm>body</firstterm>. If you
81 think of a message as a package, the header is the address, and the body
82 contains the package contents. The message delivery system uses the header
83 information to figure out where to send the message and how to interpret
84 it; the recipient inteprets the body of the message.
88 The body of the message is made up of zero or more
89 <firstterm>arguments</firstterm>, which are typed
90 values, such as an integer or a byte array.
93 <sect2 id="message-protocol-header-encoding">
94 <title>Header Encoding</title>
96 Following the mandatory fields, there are zero or more named fields (see
97 <xref linkend="message-protocol-header-fields">), and then nul bytes
98 padding the header such that its total length in bytes is a multiple of
102 The header MUST begin with the following mandatory fields in the following
109 <entry>Description</entry>
114 <entry>1 byte</entry>
115 <entry>Endianness flag; ASCII 'l' for little-endian
116 or ASCII 'B' for big-endian.</entry>
119 <entry>1 byte</entry>
120 <entry>Bitwise OR of flags. Unknown flags
121 MUST be ignored. Currently-defined flags are described below.
125 <entry>1 byte</entry>
126 <entry>Major protocol version of the sending application. If
127 the major protocol version of the receiving application does not
128 match, the applications will not be able to communicate and the
129 D-BUS connection MUST be disconnected. The major protocol
130 version for this version of the specification is 0.
134 <entry>1 byte</entry>
135 <entry>A nul byte, reserved for future use.
136 Any value for this byte MUST be accepted.
140 <entry>4 bytes</entry>
141 <entry>An unsigned 32-bit integer in the
142 message's byte order, indicating the total length in bytes of
143 the header including named fields and any alignment padding.
144 MUST be a multiple of 8.
148 <entry>4 bytes</entry>
149 <entry>An unsigned 32-bit integer in the
150 message's byte order, indicating the total length in bytes of
155 <entry>4 bytes</entry>
156 <entry>The message's serial number, a signed 32-bit integer in
157 the message's byte order. Applications MUST NOT reuse the same
158 serial number for different messages more often than 32-bit
159 integer wraparound. Serial numbers must be greater than
168 Flags that can appear in the second byte of the header:
173 <entry>Hex value</entry>
174 <entry>Description</entry>
180 <entry>This message is an error reply.</entry>
188 <sect2 id="message-protocol-header-fields">
189 <title>Header Fields</title>
191 In addition to the required header information mentioned
192 in <xref linkend="message-protocol-header-encoding">,
193 the header may contain zero or more named
194 header fields. These fields are named to allow
195 future versions of this protocol specification to
196 add new fields; implementations must ignore fields
197 they do not understand. Implementations must not
198 invent their own header fields; only changes to
199 this specification may introduce new header fields.
203 Header field names MUST consist of 4 non-nul bytes. The field name is
204 NOT nul terminated; it occupies exactly 4 bytes. Following the name,
205 the field MUST have a type code, and then a properly-aligned value
207 See <xref linkend="message-protocol-arguments"> for a description
208 of how each type is encoded. If an implementation sees a header
209 field name that it does not understand, it MUST ignore
214 Here are the currently-defined named header fields:
221 <entry>Description</entry>
227 <entry>STRING</entry>
228 <entry>The name of the message, such as org.freedesktop.Peer.Ping</entry>
233 <entry>The serial number of the message this message is a reply
234 to. (The serial number is one of the mandatory header fields,
235 see <xref linkend="message-protocol-header-encoding">.)</entry>
239 <entry>STRING</entry>
240 <entry>The name of the service this message should be routed to.
241 Only used in combination with the message bus, see
242 <xref linkend="message-bus">.</entry>
246 <entry>STRING</entry>
247 <entry>The name of the base service that sent this message.
248 The message bus fills in this field; the field is
249 only meaningful in combination with the message bus.</entry>
257 <sect2 id="message-protocol-header-padding">
258 <title>Header Alignment Padding</title>
260 To allow implementations to keep the header and the body in a single
261 buffer while keeping data types aligned, the total length of the header
262 must be a multiple of 8 bytes. To achieve this, the header MUST be padded
263 with nul bytes to align its total length on an 8-byte boundary.
264 The minimum number of padding bytes MUST be used. Because all possible
265 named fields use at least 8 bytes, implementations can distinguish
266 padding (which must be less than 8 bytes) from additional named fields
267 (which must be at least 8 bytes).
271 <sect2 id="message-protocol-arguments">
272 <title>Message Arguments</title>
274 The message body is made up of arguments. Each argument
275 is a type code, followed by the value of the argument
276 in a type-dependent format.
279 [FIXME perhaps we should add type BYTE with the primary
280 advantage being that it occupies 1 byte vs. 7 for UINT32,
281 or perhaps space savings aren't worth the complexity]
286 <entry>Type name</entry>
288 <entry>Description</entry>
293 <entry>INVALID</entry>
295 <entry>Not a valid type code (error if it appears in a message)</entry>
299 <entry>Marks an "unset" or "nonexistent" argument</entry>
301 <entry>BOOLEAN</entry>
303 <entry>Boolean value, 0 is FALSE and 1 is TRUE. Everything else is invalid.</entry>
307 <entry>32-bit signed integer</entry>
309 <entry>UINT32</entry>
311 <entry>32-bit unsigned integer</entry>
313 <entry>DOUBLE</entry>
315 <entry>IEEE 754 double</entry>
317 <entry>STRING</entry>
319 <entry>UTF-8 string (<emphasis>must</emphasis> be valid UTF-8)</entry>
321 <entry>BOOLEAN_ARRAY</entry>
323 <entry>Array of BOOLEAN</entry>
325 <entry>INT32_ARRAY</entry>
327 <entry>Array of INT32</entry>
329 <entry>UINT32_ARRAY</entry>
331 <entry>Array of UINT32</entry>
333 <entry>DOUBLE_ARRAY</entry>
335 <entry>Array of DOUBLE</entry>
337 <entry>BYTE_ARRAY</entry>
339 <entry>Array of bytes</entry>
341 <entry>STRING_ARRAY</entry>
343 <entry>Array of STRING</entry>
350 The types are encoded as follows:
355 <entry>Type name</entry>
356 <entry>Encoding</entry>
361 <entry>INVALID</entry>
362 <entry>Not applicable; cannot be encoded.</entry>
365 <entry>No data is encoded; the type code is followed immediately
366 by the type code of the next argument.</entry>
369 <entry>32-bit signed integer in the message's byte order, aligned to 4-byte boundary.</entry>
371 <entry>UINT32</entry>
372 <entry>32-bit unsigned integer in the message's byte order, aligned to 4-byte boundary.</entry>
374 <entry>DOUBLE</entry>
375 <entry>64-bit IEEE 754 double in the message's byte order, aligned to 8-byte boundary.</entry>
377 <entry>STRING</entry>
378 <entry>UINT32 aligned to 4-byte boundary indicating the string's
379 length in bytes excluding its terminating nul, followed by
380 string data of the given length, followed by a terminating nul
384 <entry>INT32_ARRAY</entry>
385 <entry>UINT32 giving the number of values in the array,
386 followed by the given number of INT32 values.
389 <entry>UINT32_ARRAY</entry>
390 <entry>UINT32 giving the number of values in the array,
391 followed by the given number of UINT32 values.
394 <entry>DOUBLE_ARRAY</entry>
395 <entry>UINT32 giving the number of values in the array,
396 followed by the given number of DOUBLE values aligned
400 <entry>BYTE_ARRAY</entry>
401 <entry>UINT32 giving the number of values in the array,
402 followed by the given number of one-byte values.
405 <entry>STRING_ARRAY</entry>
406 <entry>UINT32 giving the number of values in the array,
407 followed by the given number of STRING values.
411 <entry>STRING_ARRAY with the keys, followed by the given
412 number of values encoded as type code as a byte followed by the encoded value.
422 <sect1 id="auth-protocol">
423 <title>Authentication Protocol</title>
425 Before the flow of messages begins, two applications must
426 authenticate. A simple plain-text protocol is used for
427 authentication; this protocol is a SASL profile, and maps fairly
428 directly from the SASL specification. The message encoding is
429 NOT used here, only plain text messages.
432 In examples, "C:" and "S:" indicate lines sent by the client and
435 <sect2 id="auth-protocol-overview">
436 <title>Protocol Overview</title>
438 The protocol is a line-based protocol, where each line ends with
439 \r\n. Each line begins with an all-caps ASCII command name containing
440 only the character range [A-Z], a space, then any arguments for the
441 command, then the \r\n ending the line. The protocol is
442 case-sensitive. All bytes must be in the ASCII character set.
444 Commands from the client to the server are as follows:
447 <listitem><para>AUTH [mechanism] [initial-response]</para></listitem>
448 <listitem><para>CANCEL</para></listitem
449 <listitem><para>BEGIN</para></listitem>
450 <listitem><para>DATA <data in base 64 encoding></para></listitem>
451 <listitem><para>ERROR [human-readable error explanation]</para></listitem>
454 From server to client are as follows:
457 <listitem><para>REJECTED <space-separated list of mechanism names></para></listitem>
458 <listitem><para>OK</para></listitem>
459 <listitem><para>DATA <data in base 64 encoding></para></listitem>
460 <listitem><para>ERROR</para></listitem>
464 <sect2 id="auth-nul-byte">
465 <title>Special credentials-passing nul byte</title>
467 Immediately after connecting to the server, the client must send a
468 single nul byte. This byte may be accompanied by credentials
469 information on some operating systems that use sendmsg() with
470 SCM_CREDS or SCM_CREDENTIALS to pass credentials over UNIX domain
471 sockets. However, the nul byte MUST be sent even on other kinds of
472 socket, and even on operating systems that do not require a byte to be
473 sent in order to transmit credentials. The text protocol described in
474 this document begins after the single nul byte. If the first byte
475 received from the client is not a nul byte, the server may disconnect
479 A nul byte in any context other than the initial byte is an error;
480 the protocol is ASCII-only.
483 The credentials sent along with the nul byte may be used with the
484 SASL mechanism EXTERNAL.
487 <sect2 id="auth-command-auth">
488 <title>AUTH command</title>
490 If an AUTH command has no arguments, it is a request to list
491 available mechanisms. The server SHOULD respond with a REJECTED
492 command listing the mechanisms it understands.
495 If an AUTH command specifies a mechanism, and the server supports
496 said mechanism, the server SHOULD begin exchanging SASL
497 challenge-response data with the client using DATA commands.
500 If the server does not support the mechanism given in the AUTH
501 command, it SHOULD send a REJECTED command listing the mechanisms
505 If the [initial-response] argument is provided, it is intended for
506 use with mechanisms that have no initial challenge (or an empty
507 initial challenge), as if it were the argument to an initial DATA
508 command. If the selected mechanism has an initial challenge, the
509 server should reject authentication by sending REJECTED.
512 If authentication succeeds after exchanging DATA commands,
513 an OK command should be sent to the client.
516 The first octet received by the client after the \r\n of the OK
517 command MUST be the first octet of the authenticated/encrypted
518 stream of D-BUS messages.
521 The first octet received by the server after the \r\n of the BEGIN
522 command from the client MUST be the first octet of the
523 authenticated/encrypted stream of D-BUS messages.
526 <sect2 id="auth-command-cancel">
527 <title>CANCEL Command</title>
529 At any time up to sending the BEGIN command, the client may send a
530 CANCEL command. On receiving the CANCEL command, the server MUST
531 send a REJECTED command and abort the current authentication
535 <sect2 id="auth-command-data">
536 <title>DATA Command</title>
538 The DATA command may come from either client or server, and simply
539 contains a base64-encoded block of data to be interpreted
540 according to the SASL mechanism in use.
543 Some SASL mechanisms support sending an "empty string";
544 FIXME we need some way to do this.
547 <sect2 id="auth-command-begin">
548 <title>BEGIN Command</title>
550 The BEGIN command acknowledges that the client has received an
551 OK command from the server, and that the stream of messages
555 The first octet received by the server after the \r\n of the BEGIN
556 command from the client MUST be the first octet of the
557 authenticated/encrypted stream of D-BUS messages.
560 <sect2 id="auth-command-rejected">
561 <title>REJECTED Command</title>
563 The REJECTED command indicates that the current authentication
564 exchange has failed, and further exchange of DATA is inappropriate.
565 The client would normally try another mechanism, or try providing
566 different responses to challenges.
568 Optionally, the REJECTED command has a space-separated list of
569 available auth mechanisms as arguments. If a server ever provides
570 a list of supported mechanisms, it MUST provide the same list
571 each time it sends a REJECTED message. Clients are free to
572 ignore all lists received after the first.
575 <sect2 id="auth-command-ok">
576 <title>OK Command</title>
578 The OK command indicates that the client has been authenticated,
579 and that further communication will be a stream of D-BUS messages
580 (optionally encrypted, as negotiated) rather than this protocol.
583 The first octet received by the client after the \r\n of the OK
584 command MUST be the first octet of the authenticated/encrypted
585 stream of D-BUS messages.
588 The client MUST respond to the OK command by sending a BEGIN
589 command, followed by its stream of messages, or by disconnecting.
590 The server MUST NOT accept additional commands using this protocol
591 after the OK command has been sent.
594 <sect2 id="auth-command-error">
595 <title>ERROR Command</title>
597 The ERROR command indicates that either server or client did not
598 know a command, does not accept the given command in the current
599 context, or did not understand the arguments to the command. This
600 allows the protocol to be extended; a client or server can send a
601 command present or permitted only in new protocol versions, and if
602 an ERROR is received instead of an appropriate response, fall back
603 to using some other technique.
605 If an ERROR is sent, the server or client MUST continue as if the
606 command causing the ERROR had never been received.
609 <sect2 id="auth-examples">
610 <title>Authentication examples</title>
614 <title>Example of successful magic cookie authentication</title>
616 (MAGIC_COOKIE is a made up mechanism)
618 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
624 <title>Example of finding out mechanisms then picking one</title>
627 S: REJECTED KERBEROS_V4 SKEY
628 C: AUTH SKEY bW9yZ2Fu
629 S: DATA OTUgUWE1ODMwOA==
630 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
636 <title>Example of client sends unknown command then falls back to regular auth</title>
640 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
646 <title>Example of server doesn't support initial auth mechanism</title>
648 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
649 S: REJECTED KERBEROS_V4 SKEY
650 C: AUTH SKEY bW9yZ2Fu
651 S: DATA OTUgUWE1ODMwOA==
652 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
658 <title>Example of wrong password or the like followed by successful retry</title>
660 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
661 S: REJECTED KERBEROS_V4 SKEY
662 C: AUTH SKEY bW9yZ2Fu
663 S: DATA OTUgUWE1ODMwOA==
664 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
666 C: AUTH SKEY bW9yZ2Fu
667 S: DATA OTUgUWE1ODMwOA==
668 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
674 <title>Example of skey cancelled and restarted</title>
676 C: AUTH MAGIC_COOKIE BsAY3g4gBNo=
677 S: REJECTED KERBEROS_V4 SKEY
678 C: AUTH SKEY bW9yZ2Fu
679 S: DATA OTUgUWE1ODMwOA==
682 C: AUTH SKEY bW9yZ2Fu
683 S: DATA OTUgUWE1ODMwOA==
684 C: DATA Rk9VUiBNQU5OIFNPT04gRklSIFZBUlkgTUFTSA==
691 <sect2 id="auth-mechanisms">
692 <title>Authentication mechanisms</title>
694 This section describes some new authentication mechanisms.
695 D-BUS also allows any standard SASL mechanism of course.
697 <sect3 id="auth-mechanisms-sha">
698 <title>DBUS_COOKIE_SHA1</title>
700 The DBUS_COOKIE_SHA1 mechanism is designed to establish that a client
701 has the ability to read a private file owned by the user being
702 authenticated. If the client can prove that it has access to a secret
703 cookie stored in this file, then the client is authenticated.
704 Thus the security of DBUS_COOKIE_SHA1 depends on a secure home
708 Authentication proceeds as follows:
712 The client sends the username it would like to authenticate
718 The server sends the name of its "cookie context" (see below); a
719 space character; the integer ID of the secret cookie the client
720 must demonstrate knowledge of; a space character; then a
721 hex-encoded randomly-generated challenge string.
726 The client locates the cookie, and generates its own hex-encoded
727 randomly-generated challenge string. The client then
728 concatentates the server's hex-encoded challenge, a ":"
729 character, its own hex-encoded challenge, another ":" character,
730 and the hex-encoded cookie. It computes the SHA-1 hash of this
731 composite string. It sends back to the server the client's
732 hex-encoded challenge string, a space character, and the SHA-1
738 The server generates the same concatenated string used by the
739 client and computes its SHA-1 hash. It compares the hash with
740 the hash received from the client; if the two hashes match, the
741 client is authenticated.
747 Each server has a "cookie context," which is a name that identifies a
748 set of cookies that apply to that server. A sample context might be
749 "org_freedesktop_session_bus". Context names must be valid ASCII,
750 nonzero length, and may not contain the characters slash ("/"),
751 backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"),
752 tab ("\t"), or period ("."). There is a default context,
753 "org_freedesktop_global" that's used by servers that do not specify
757 Cookies are stored in a user's home directory, in the directory
758 <filename>~/.dbus-keyrings/</filename>. This directory must
759 not be readable or writable by other users. If it is,
760 clients and servers must ignore it. The directory
761 contains cookie files named after the cookie context.
764 A cookie file contains one cookie per line. Each line
765 has three space-separated fields:
769 The cookie ID number, which must be a non-negative integer and
770 may not be used twice in the same file.
775 The cookie's creation time, in UNIX seconds-since-the-epoch
781 The cookie itself, a hex-encoded random block of bytes.
787 Only server processes modify the cookie file.
788 They must do so with this procedure:
792 Create a lockfile name by appending ".lock" to the name of the
793 cookie file. The server should attempt to create this file
794 using <literal>O_CREAT | O_EXCL</literal>. If file creation
795 fails, the lock fails. Servers should retry for a reasonable
796 period of time, then they may choose to delete an existing lock
797 to keep users from having to manually delete a stale
798 lock. <footnote><para>Lockfiles are used instead of real file
799 locking <literal>fcntl()</literal> because real locking
800 implementations are still flaky on network
801 filesystems.</para></footnote>
806 Once the lockfile has been created, the server loads the cookie
807 file. It should then delete any cookies that are old (the
808 timeout can be fairly short), or more than a reasonable
809 time in the future (so that cookies never accidentally
810 become permanent, if the clock was set far into the future
811 at some point). If no recent keys remain, the
812 server may generate a new key.
817 The pruned and possibly added-to cookie file
818 must be resaved atomically (using a temporary
819 file which is rename()'d).
824 The lock must be dropped by deleting the lockfile.
830 Clients need not lock the file in order to load it,
831 because servers are required to save the file atomically.
836 <sect1 id="addresses">
837 <title>Server Addresses</title>
839 Server addresses consist of a transport name followed by a colon, and
840 then an optional, comma-separated list of keys and values in the form key=value.
841 [FIXME how do you escape colon, comma, and semicolon in the values of the key=value pairs?]
845 <programlisting>unix:path=/tmp/dbus-test</programlisting>
846 Which is the address to a unix socket with the path /tmp/dbus-test.
849 [FIXME clarify if attempting to connect to each is a requirement
850 or just a suggestion]
851 When connecting to a server, multiple server addresses can be
852 separated by a semi-colon. The library will then try to connect
853 to the first address and if that fails, it'll try to connect to
854 the next one specified, and so forth. For example
855 <programlisting>unix:path=/tmp/dbus-test;unix:path=/tmp/dbus-test2</programlisting>
858 [FIXME we need to specify in detail each transport and its possible arguments]
859 Currently, a transport over local UNIX sockets exists, a debug
860 transport that only works in-process and therefore can be used
861 for for unit testing also exists. It is possible that other
862 transports are added, such as a TCP/IP transport, and a
863 transport that works over X11.
867 <sect1 id="message-conventions">
868 <title>Message Conventions</title>
870 This section documents conventions that are not essential to D-BUS
871 functionality, but should generally be followed in order to simplify
874 <sect2 id="message-conventions-naming">
875 <title>Message Naming</title>
877 Messages are normally named in the form
878 "org.freedesktop.Peer.Ping", which has three
882 <term>Namespace e.g. <literal>org.freedesktop</literal></term>
885 Message names have a Java-style namespace: a reversed domain
886 name. The components of the domain are normally lowercase.
891 <term>Package or object e.g. <literal>Peer</literal></term>
894 The next part of the message name can be thought of as the name
895 of a singleton object, or as the name of a package of related
896 messages. More than one dot-separated component might be used
897 here. (Note that D-BUS does not define any idea of object
898 instances or object references.) The package or object name is
899 capitalized LikeThis.
904 <term>Method or operation e.g. <literal>Ping</literal></term>
907 The final part of the message name is the most specific, and
908 should be a verb indicating an operation to be performed on the
909 object. The method or operation name is capitalized LikeThis.
916 A reply to a message conventionally has the same name as the message
917 being replied to. When following method call conventions (see <xref
918 linkend="message-conventions-method">), this convention is mandatory,
919 because a message with multiple possible replies can't be mapped
920 to method call semantics without special-case code.
923 <sect2 id="message-conventions-method">
924 <title>Method Call Mapping</title>
926 Some implementations of D-BUS may present an API that translates object
927 method calls into D-BUS messages. This document does not specify in
928 detail how such an API should look or work. However, it does specify how
929 message-based protocols should be designed to be friendly to such an
933 Remember that D-BUS does not have object references or object instances.
934 So when one application sends the message
935 <literal>org.freedesktop.Peer.Ping</literal>, it sends it to another
936 application, not to any kind of sub-portion of that application.
937 However, a convenience API used within the recipient application may
938 route all messages that start with
939 <literal>org.freedesktop.Peer</literal> to a particular object instance,
940 and may invoke the <literal>Ping()</literal> method on said instance in
941 order to handle the message. This is a convenience API based on
945 A "method call" consists of a message and, optionally, a reply to that
946 message. The name of the "method" is the last component of the message,
947 for example, <literal>org.freedesktop.Peer.Ping</literal> would map to
948 the method <literal>Ping()</literal> on some object.
951 Arguments to a method may be considered "in" (processed by the
952 recipient of the message), or "out" (returned to the sender of the
953 message in the reply). "inout" arguments are both sent and received,
954 i.e. the caller passes in a value which is modified. An "inout" argument
955 is equivalent to an "in" argument, followed by an "out" argument.
958 Given a method with zero or one return values, followed by zero or more
959 arguments, where each argument may be "in", "out", or "inout", the
960 caller constructs a message by appending each "in" or "inout" argument,
961 in order. "out" arguments are not represented in the caller's message.
964 The recipient constructs a reply by appending first the return value
965 if any, then each "out" or "inout" argument, in order.
966 "in" arguments are not represented in the reply message.
969 The standard reply message MUST have the same name as the message being
970 replied to, and MUST set the "rply" header field to the serial
971 number of the message being replied to.
974 If an error occurs, an error reply may be sent in place of the
975 standard reply. Error replies can be identified by a special
976 header flag, see <xref linkend="message-protocol-header-encoding">.
977 Error replies have a name which reflects the type of
978 error that occurred. Error replies would generally
979 be mapped to exceptions in a programming language.
982 [FIXME discuss mapping of broadcast messages + matching rules
983 to signals and slots]
988 <sect1 id="standard-messages">
989 <title>Standard Peer-to-Peer Messages</title>
991 In the following message definitions, "method call notation" is presented
992 in addition to simply listing the message names and arguments. The special
993 type name ANY means any type other than NIL, and the special type name
994 ANY_OR_NIL means any valid type.
995 [FIXME the messages here are just made up to illustrate the
996 format for defining them]
998 <sect2 id="standard-messages-ping">
999 <title><literal>org.freedesktop.Peer.Ping</literal></title>
1007 On receipt of the message <literal>org.freedesktop.Peer.Ping</literal>,
1008 an application should reply with
1009 <literal>org.freedesktop.Peer.Ping</literal>. Neither the
1010 message nor its reply have any arguments.
1011 [FIXME the messages here are just made up to illustrate the
1012 format for defining them]
1015 <sect2 id="standard-messages-get-props">
1016 <title><literal>org.freedesktop.Props.Get</literal></title>
1020 ANY_OR_NIL Get (in STRING property_name)
1027 <entry>Argument</entry>
1029 <entry>Description</entry>
1035 <entry>STRING</entry>
1036 <entry>Name of the property to get</entry>
1046 <entry>Argument</entry>
1048 <entry>Description</entry>
1054 <entry>ANY_OR_NIL</entry>
1055 <entry>The value of the property. The type depends on the property.</entry>
1063 [FIXME the messages here are just made up to illustrate the
1064 format for defining them]
1069 <sect1 id="message-bus">
1070 <title>Message Bus Specification</title>
1071 <sect2 id="message-bus-overview">
1072 <title>Message Bus Overview</title>
1074 The message bus accepts connections from one or more applications.
1075 Once connected, applications can send and receive messages from
1076 the message bus, as in the peer-to-peer case.
1079 The message bus keeps track of a set of
1080 <firstterm>services</firstterm>. A service is simply a name, such
1081 as <literal>com.yoyodyne.Screensaver</literal>, which can be
1082 <firstterm>owned</firstterm> by one of the connected applications.
1083 The message bus itself always owns the special service
1084 <literal>org.freedesktop.DBus</literal>.
1087 Messages may have a <literal>srvc</literal> field (see <xref
1088 linkend="message-protocol-header-fields">). When the message bus
1089 receives a message, if the <literal>srvc</literal> field is absent, the
1090 message is taken to be a standard peer-to-peer message and interpreted
1091 by the message bus itself. For example, sending
1092 an <literal>org.freedesktop.Peer.Ping</literal> message with no
1093 <literal>srvc</literal> will cause the message bus itself to reply
1094 to the ping immediately; the message bus would never make
1095 this message visible to other applications.
1098 If the <literal>srvc</literal> field is present, then it indicates a
1099 request for the message bus to route the message. In the usual case,
1100 messages are routed to the owner of the named service.
1101 Messages may also be <firstterm>broadcast</firstterm>
1102 by sending them to the special service
1103 <literal>org.freedesktop.Broadcast</literal>. Broadcast messages are
1104 sent to all applications with <firstterm>message matching
1105 rules</firstterm> that match the message.
1108 Continuing the <literal>org.freedesktop.Peer.Ping</literal> example, if
1109 the ping message were sent with a <literal>srvc</literal> name of
1110 <literal>com.yoyodyne.Screensaver</literal>, then the ping would be
1111 forwarded, and the Yoyodyne Corporation screensaver application would be
1112 expected to reply to the ping. If
1113 <literal>org.freedesktop.Peer.Ping</literal> were sent to
1114 <literal>org.freedesktop.Broadcast</literal>, then multiple applications
1115 might receive the ping, and all would normally reply to it.
1119 <sect2 id="message-bus-services">
1120 <title>Message Bus Services</title>
1122 A service is a name that identifies a certain application. Each
1123 application connected to the message bus has at least one service name
1124 assigned at connection time and returned in response to the
1125 <literal>org.freedesktop.DBus.Hello</literal> message.
1126 This automatically-assigned service name is called
1127 the application's <firstterm>base service</firstterm>.
1128 Base service names are unique and MUST never be reused for two different
1132 [FIXME I think we should define the format of the base service name,
1133 and specify that a regular service name can never be in that
1134 format; this allows us to categorically prevent "spoofing" - for
1135 example perhaps the base service name starts with a certain
1136 character that no real service name can start with]
1139 An application can request additional service names to be associated
1141 <literal>org.freedesktop.DBus.AcquireService</literal>
1142 message. [FIXME what service names are allowed; ASCII or unicode;
1146 [FIXME this needs more detail, and should move the service-related message
1147 descriptions up into this section perhaps]
1148 Service ownership handling can be specified in the flags part
1149 of the <literal>org.freedesktop.DBus.AcquireService</literal>
1150 message. If an application specifies the
1151 DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT flag, then all applications
1152 trying to acquire the service will be put in a queue. When the
1153 primary owner disconnects from the bus or removes ownership
1154 from the service, the next application in the queue will be the
1155 primary owner. If the DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT
1156 flag is not specified, then the primary owner will lose
1157 ownership whenever another application requests ownership of the
1161 When a client disconnects from the bus, all the services that
1162 the clients own are deleted, or in the case of a service that
1163 prohibits replacement, ownership is transferred to the next
1164 client in the queue, if any.
1167 <sect2 id="message-bus-routing">
1168 <title>Message Bus Message Routing</title>
1170 When a message is received by the message bus, the message's
1171 <literal>sndr</literal> header field MUST be set to the base service of
1172 the application which sent the message. If the service already has
1173 a <literal>sndr</literal> field, the pre-existing field is replaced.
1174 This rule means that a replies are always sent to the base service name,
1175 i.e. to the same application that sent the message being replied to.
1178 [FIXME go into detail about broadcast, multicast, unicast, etc.]
1181 <sect2 id="message-bus-activation">
1182 <title>Message Bus Service Activation</title>
1184 <firstterm>Activation</firstterm> means to locate a service
1185 owner for a service that is currently unowned. For now, it
1186 means to launch an executable that will take ownership of
1187 a particular service.
1190 To find an executable corresponding to a particular service, the bus
1191 daemon looks for <firstterm>service description files</firstterm>.
1192 Service description files define a mapping from service names to
1193 executables. Different kinds of message bus will look for these files
1194 in different places, see <xref linkend="message-bus-types">.
1197 [FIXME the file format should be much better specified than
1198 "similar to .desktop entries" esp. since desktop entries are
1199 already badly-specified. ;-)] Service description files have
1200 the ".service" file extension. The message bus will only load
1201 service description files ending with .service; all other
1202 files will be ignored. The file format is similar to that of
1204 url="http://www.freedesktop.org/standards/desktop-entry-spec/desktop-entry-spec.html">desktop
1205 entries</ulink>. All service description files must be in
1206 UTF-8 encoding. To ensure that there will be no name
1207 collisions, service files must be namespaced using the same
1208 mechanism as messages and service names.
1211 <title>Example service description file</title>
1213 # Sample service description file
1215 Name=org.gnome.ConfigurationDatabase
1221 When an application requests a service to be activated, the
1222 bus daemon tries to find it in the list of activation
1223 entries. It then tries to spawn the executable associated with
1224 it. If this fails, it will report an error. [FIXME what
1225 happens if two .service files offer the same service; what
1226 kind of error is reported, should we have a way for the client
1230 The executable launched will have the environment variable
1231 <literal>DBUS_BUS_ADDRESS</literal> set to the address of the
1232 message bus so it can connect and register the appropriate services.
1235 [FIXME there should be a timeout somewhere, either specified
1236 in the .service file, by the client, or just a global value
1237 and if the client being activated fails to connect within that
1238 timeout, an error should be sent back.]
1242 <sect2 id="message-bus-types">
1243 <title>Standard Message Bus Instances</title>
1245 Two standard message bus instances are defined here, along with how
1246 to locate them and where their service files live.
1248 <sect3 id="message-bus-types-login">
1249 <title>Login session message bus</title>
1251 Each time a user logs in, a <firstterm>login session message
1252 bus</firstterm> may be started. All applications in the user's login
1253 session may interact with one another using this message bus. [specify
1254 how to find the address of the login session message bus via
1255 environment variable and/or X property]
1258 [FIXME specify location of .service files, probably using
1259 DESKTOP_DIRS etc. from basedir specification, though login session
1260 bus is not really desktop-specific]
1263 <sect3 id="message-bus-types-system">
1264 <title>System message bus</title>
1266 A computer may have a <firstterm>system message bus</firstterm>,
1267 accessible to all applications on the system. This message bus may be
1268 used to broadcast system events, such as adding new hardware devices.
1269 [specify how to find the address of the system message bus]
1272 [FIXME specify location of system bus .service files]
1277 <sect2 id="message-bus-messages">
1278 <title>Message Bus Messages</title>
1280 The special message bus service <literal>org.freedesktop.DBus</literal>
1281 responds to a number of messages, allowing applications to
1282 interact with the message bus.
1285 <sect3 id="bus-messages-hello">
1286 <title><literal>org.freedesktop.DBus.Hello</literal></title>
1297 <entry>Argument</entry>
1299 <entry>Description</entry>
1305 <entry>STRING</entry>
1306 <entry>Name of the service assigned to the application</entry>
1313 Before an application is able to send messages to other
1314 applications it must send the
1315 <literal>org.freedesktop.DBus.Hello</literal> message to the
1316 message bus service. If an application tries to send a
1317 message to another application, or a message to the message
1318 bus service that isn't the
1319 <literal>org.freedesktop.DBus.Hello</literal> message, it
1320 will be disconnected from the bus. If a client wishes to
1321 disconnect from the bus, it just has to disconnect from the
1322 transport used. No de-registration message is necessary.
1325 The reply message contains the name of the application's base service.
1328 <sect3 id="bus-messages-list-services">
1329 <title><literal>org.freedesktop.DBus.ListServices</literal></title>
1333 STRING_ARRAY ListServices ()
1340 <entry>Argument</entry>
1342 <entry>Description</entry>
1348 <entry>STRING_ARRAY</entry>
1349 <entry>Array of strings where each string is the name of a service</entry>
1356 Returns a list of all existing services registered with the message bus.
1359 <sect3 id="bus-messages-service-exists">
1360 <title><literal>org.freedesktop.DBus.ServiceExists</literal></title>
1364 UINT32 ServiceExists (in STRING service_name)
1371 <entry>Argument</entry>
1373 <entry>Description</entry>
1379 <entry>STRING</entry>
1380 <entry>Name of the service</entry>
1390 <entry>Argument</entry>
1392 <entry>Description</entry>
1398 <entry>UINT32</entry>
1399 <entry>Return value, 1 if the service exists and 0 otherwise</entry>
1406 Checks if a service with a specified name exists.
1410 <sect3 id="bus-messages-acquire-service">
1411 <title><literal>org.freedesktop.DBus.AcquireService</literal></title>
1415 UINT32 AcquireService (in STRING service_name)
1422 <entry>Argument</entry>
1424 <entry>Description</entry>
1430 <entry>STRING</entry>
1431 <entry>Name of the service</entry>
1435 <entry>UINT32</entry>
1436 <entry>Flags</entry>
1446 <entry>Argument</entry>
1448 <entry>Description</entry>
1454 <entry>UINT32</entry>
1455 <entry>Return value</entry>
1462 Tries to become owner of a specific service. The flags
1463 specified can be the following values logically ORed together:
1469 <entry>Identifier</entry>
1470 <entry>Value</entry>
1471 <entry>Description</entry>
1476 <entry>DBUS_SERVICE_FLAGS_PROHIBIT_REPLACEMENT</entry>
1479 If the application succeeds in being the owner of the specified service,
1480 then ownership of the service can't be transferred until the service
1481 disconnects. If this flag is not set, then any application trying to become
1482 the owner of the service will succeed and the previous owner will be
1483 sent a <literal>org.freedesktop.DBus.ServiceLost</literal> message.
1487 <entry>DBUS_SERVICE_FLAGS_REPLACE_EXISTING</entry>
1489 <entry>Only become the owner of the service if there is no current owner.</entry>
1495 [FIXME if it's one of the following values, why are the values
1496 done as flags instead of just 0, 1, 2, 3, 4]
1497 The return value can be one of the following values:
1503 <entry>Identifier</entry>
1504 <entry>Value</entry>
1505 <entry>Description</entry>
1510 <entry>DBUS_SERVICE_REPLY_PRIMARY_OWNER</entry>
1512 <entry>The application is now the primary owner of the service.</entry>
1515 <entry>DBUS_SERVICE_REPLY_IN_QUEUE</entry>
1517 <entry>The service already has an owner which do not want to give up ownership and therefore the application has been put in a queue.</entry>
1520 <entry>DBUS_SERVICE_REPLY_SERVICE_EXISTS</entry>
1522 <entry>The service does already have a primary owner, and DBUS_SERVICE_FLAG_REPLACE_EXISTING was not specified when trying to acquire the service.</entry>
1525 <entry>DBUS_SERVICE_REPLY_ALREADY_OWNER</entry>
1527 <entry>The application trying to request ownership of the service is already the owner of it.</entry>
1534 <sect3 id="bus-messages-service-acquired">
1535 <title><literal>org.freedesktop.DBus.ServiceAcquired</literal></title>
1539 ServiceAcquired (in STRING service_name)
1546 <entry>Argument</entry>
1548 <entry>Description</entry>
1554 <entry>STRING</entry>
1555 <entry>Name of the service</entry>
1559 <entry>UINT32</entry>
1560 <entry>Flags</entry>
1567 This message is sent to a specific application when it becomes the
1568 primary owner of a service.
1571 <sect3 id="bus-messages-service-lost">
1572 <title><literal>org.freedesktop.DBus.ServiceLost</literal></title>
1576 ServiceLost (in STRING service_name)
1583 <entry>Argument</entry>
1585 <entry>Description</entry>
1591 <entry>STRING</entry>
1592 <entry>Name of the service</entry>
1596 <entry>UINT32</entry>
1597 <entry>Flags</entry>
1604 This message is sent to a specific application when it loses primary
1605 ownership of a service.
1607 [FIXME instead of ServiceLost/ServiceCreated going only to
1608 a specific app, why not just OwnerChanged that covers both
1609 lost and created and changed owner and deleted]
1613 <sect3 id="bus-messages-service-created">
1614 <title><literal>org.freedesktop.DBus.ServiceCreated</literal></title>
1618 ServiceCreated (in STRING service_name)
1625 <entry>Argument</entry>
1627 <entry>Description</entry>
1633 <entry>STRING</entry>
1634 <entry>Name of the service</entry>
1638 <entry>UINT32</entry>
1639 <entry>Flags</entry>
1646 This message is broadcast to all applications when a service has been
1647 successfully registered on the message bus.
1651 <sect3 id="bus-messages-service-deleted">
1652 <title><literal>org.freedesktop.DBus.ServiceDeleted</literal></title>
1656 ServiceDeleted (in STRING service_name)
1663 <entry>Argument</entry>
1665 <entry>Description</entry>
1671 <entry>STRING</entry>
1672 <entry>Name of the service</entry>
1676 <entry>UINT32</entry>
1677 <entry>Flags</entry>
1684 This message is broadcast to all applications when a service has been
1685 deleted from the message bus.
1689 <sect3 id="bus-messages-activate-service">
1690 <title><literal>org.freedesktop.DBus.ActivateService</literal></title>
1694 UINT32 ActivateService (in STRING service_name, in UINT32 flags)
1701 <entry>Argument</entry>
1703 <entry>Description</entry>
1709 <entry>STRING</entry>
1710 <entry>Name of the service to activate</entry>
1714 <entry>UINT32</entry>
1715 <entry>Flags (currently not used)</entry>
1725 <entry>Argument</entry>
1727 <entry>Description</entry>
1733 <entry>UINT32</entry>
1734 <entry>Result code; DBUS_ACTIVATION_REPLY_ACTIVATED if
1735 the service was activated successfutly or
1736 DBUS_ACTIVATION_REPLY_ALREADY_ACTIVE if the service is
1737 already active.</entry>
1744 Tries to launch the executable associated with a service. For more information, see <xref linkend="message-bus-activation">.
1746 [FIXME need semantics in much more detail here; for example,
1747 if I activate a service then send it a message, is the message
1748 queued for the new service or is there a race]
1755 <appendix id="implementation-notes">
1756 <title>Implementation notes</title>
1757 <sect1 id="implementation-notes-subsection">
1765 <glossary><title>Glossary</title>
1767 This glossary defines some of the terms used in this specification.
1770 <glossentry id="term-activation"><glossterm>Activation</glossterm>
1773 The process of creating an owner for a particular service,
1774 typically by launching an executable.
1779 <glossentry id="term-base-service"><glossterm>Base Service</glossterm>
1782 The special service automatically assigned to an application by the
1783 message bus. This service may never change owner, and the service
1784 name will be unique (never reused during the lifetime of the
1790 <glossentry id="term-broadcast"><glossterm>Broadcast</glossterm>
1793 A message sent to the special <literal>org.freedesktop.Broadcast</literal>
1794 service; the message bus will forward the broadcast message
1795 to all applications that have expressed interest in it.
1800 <glossentry id="term-message"><glossterm>Message</glossterm>
1803 A message is the atomic unit of communication via the D-BUS
1804 protocol. It consists of a <firstterm>header</firstterm> and a
1805 <firstterm>body</firstterm>; the body is made up of
1806 <firstterm>arguments</firstterm>.
1811 <glossentry id="term-message-bus"><glossterm>Message Bus</glossterm>
1814 The message bus is a special application that forwards
1815 or broadcasts messages between a group of applications
1816 connected to the message bus. It also manages
1817 <firstterm>services</firstterm>.
1822 <glossentry id="term-service"><glossterm>Service</glossterm>
1825 A service is simply a named application that other
1826 applications can refer to. For example, the
1827 hypothetical <literal>com.yoyodyne.Screensaver</literal>
1828 service might accept messages that affect
1829 a screensaver from Yoyodyne Corporation.
1830 An application is said to <firstterm>own</firstterm>
1831 a service if the message bus has associated the
1832 application with the service name.
1837 <glossentry id="term-service-description-files"><glossterm>Service Description Files</glossterm>
1840 ".service files" tell the bus how to activate a particular service.
1841 See <xref linkend="term-activation">