1 <?xml version="1.0" standalone="no" ?>
2 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
8 <title>D-Bus Specification</title>
9 <releaseinfo>Version 0.19</releaseinfo>
10 <date>UNRELEASED</date>
13 <firstname>Havoc</firstname>
14 <surname>Pennington</surname>
16 <orgname>Red Hat, Inc.</orgname>
18 <email>hp@pobox.com</email>
23 <firstname>Anders</firstname>
24 <surname>Carlsson</surname>
26 <orgname>CodeFactory AB</orgname>
28 <email>andersca@codefactory.se</email>
33 <firstname>Alexander</firstname>
34 <surname>Larsson</surname>
36 <orgname>Red Hat, Inc.</orgname>
38 <email>alexl@redhat.com</email>
43 <firstname>Sven</firstname>
44 <surname>Herzberg</surname>
46 <orgname>Imendio AB</orgname>
48 <email>sven@imendio.com</email>
53 <firstname>Simon</firstname>
54 <surname>McVittie</surname>
56 <orgname>Collabora Ltd.</orgname>
58 <email>simon.mcvittie@collabora.co.uk</email>
63 <firstname>David</firstname>
64 <surname>Zeuthen</surname>
66 <orgname>Red Hat, Inc.</orgname>
68 <email>davidz@redhat.com</email>
75 <revnumber>current</revnumber>
76 <date><ulink url='http://cgit.freedesktop.org/dbus/dbus/log/doc/dbus-specification.xml'>commit log</ulink></date>
77 <authorinitials></authorinitials>
78 <revremark></revremark>
81 <revnumber>0.18</revnumber>
82 <date>29 July 2011</date>
83 <authorinitials>smcv</authorinitials>
84 <revremark>define eavesdropping, unicast, broadcast; add eavesdrop
85 match keyword; promote type system to a top-level section</revremark>
88 <revnumber>0.17</revnumber>
89 <date>1 June 2011</date>
90 <authorinitials>smcv/davidz</authorinitials>
91 <revremark>define ObjectManager; reserve extra pseudo-type-codes used
92 by GVariant</revremark>
95 <revnumber>0.16</revnumber>
96 <date>11 April 2011</date>
97 <authorinitials></authorinitials>
98 <revremark>add path_namespace, arg0namespace; argNpath matches object
102 <revnumber>0.15</revnumber>
103 <date>3 November 2010</date>
104 <authorinitials></authorinitials>
105 <revremark></revremark>
108 <revnumber>0.14</revnumber>
109 <date>12 May 2010</date>
110 <authorinitials></authorinitials>
111 <revremark></revremark>
114 <revnumber>0.13</revnumber>
115 <date>23 Dezember 2009</date>
116 <authorinitials></authorinitials>
117 <revremark></revremark>
120 <revnumber>0.12</revnumber>
121 <date>7 November, 2006</date>
122 <authorinitials></authorinitials>
123 <revremark></revremark>
126 <revnumber>0.11</revnumber>
127 <date>6 February 2005</date>
128 <authorinitials></authorinitials>
129 <revremark></revremark>
132 <revnumber>0.10</revnumber>
133 <date>28 January 2005</date>
134 <authorinitials></authorinitials>
135 <revremark></revremark>
138 <revnumber>0.9</revnumber>
139 <date>7 Januar 2005</date>
140 <authorinitials></authorinitials>
141 <revremark></revremark>
144 <revnumber>0.8</revnumber>
145 <date>06 September 2003</date>
146 <authorinitials></authorinitials>
147 <revremark>First released document.</revremark>
152 <sect1 id="introduction">
153 <title>Introduction</title>
155 D-Bus is a system for low-latency, low-overhead, easy to use
156 interprocess communication (IPC). In more detail:
160 D-Bus is <emphasis>low-latency</emphasis> because it is designed
161 to avoid round trips and allow asynchronous operation, much like
167 D-Bus is <emphasis>low-overhead</emphasis> because it uses a
168 binary protocol, and does not have to convert to and from a text
169 format such as XML. Because D-Bus is intended for potentially
170 high-resolution same-machine IPC, not primarily for Internet IPC,
171 this is an interesting optimization.
176 D-Bus is <emphasis>easy to use</emphasis> because it works in terms
177 of <firstterm>messages</firstterm> rather than byte streams, and
178 automatically handles a lot of the hard IPC issues. Also, the D-Bus
179 library is designed to be wrapped in a way that lets developers use
180 their framework's existing object/type system, rather than learning
181 a new one specifically for IPC.
188 The base D-Bus protocol is a one-to-one (peer-to-peer or client-server)
189 protocol, specified in <xref linkend="message-protocol"/>. That is, it is
190 a system for one application to talk to a single other
191 application. However, the primary intended application of the protocol is the
192 D-Bus <firstterm>message bus</firstterm>, specified in <xref
193 linkend="message-bus"/>. The message bus is a special application that
194 accepts connections from multiple other applications, and forwards
199 Uses of D-Bus include notification of system changes (notification of when
200 a camera is plugged in to a computer, or a new version of some software
201 has been installed), or desktop interoperability, for example a file
202 monitoring service or a configuration service.
206 D-Bus is designed for two specific use cases:
210 A "system bus" for notifications from the system to user sessions,
211 and to allow the system to request input from user sessions.
216 A "session bus" used to implement desktop environments such as
221 D-Bus is not intended to be a generic IPC system for any possible
222 application, and intentionally omits many features found in other
223 IPC systems for this reason.
227 At the same time, the bus daemons offer a number of features not found in
228 other IPC systems, such as single-owner "bus names" (similar to X
229 selections), on-demand startup of services, and security policies.
230 In many ways, these features are the primary motivation for developing
231 D-Bus; other systems would have sufficed if IPC were the only goal.
235 D-Bus may turn out to be useful in unanticipated applications, but future
236 versions of this spec and the reference implementation probably will not
237 incorporate features that interfere with the core use cases.
241 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
242 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
243 document are to be interpreted as described in RFC 2119. However, the
244 document could use a serious audit to be sure it makes sense to do
245 so. Also, they are not capitalized.
248 <sect2 id="stability">
249 <title>Protocol and Specification Stability</title>
251 The D-Bus protocol is frozen (only compatible extensions are allowed) as
252 of November 8, 2006. However, this specification could still use a fair
253 bit of work to make interoperable reimplementation possible without
254 reference to the D-Bus reference implementation. Thus, this
255 specification is not marked 1.0. To mark it 1.0, we'd like to see
256 someone invest significant effort in clarifying the specification
257 language, and growing the specification to cover more aspects of the
258 reference implementation's behavior.
261 Until this work is complete, any attempt to reimplement D-Bus will
262 probably require looking at the reference implementation and/or asking
263 questions on the D-Bus mailing list about intended behavior.
264 Questions on the list are very welcome.
267 Nonetheless, this document should be a useful starting point and is
268 to our knowledge accurate, though incomplete.
274 <sect1 id="type-system">
275 <title>Type System</title>
278 D-Bus has a type system, in which values of various types can be
279 serialized into a sequence of bytes referred to as the
280 <firstterm>wire format</firstterm> in a standard way.
281 Converting a value from some other representation into the wire
282 format is called <firstterm>marshaling</firstterm> and converting
283 it back from the wire format is <firstterm>unmarshaling</firstterm>.
286 <sect2 id="message-protocol-signatures">
287 <title>Type Signatures</title>
290 The D-Bus protocol does not include type tags in the marshaled data; a
291 block of marshaled values must have a known <firstterm>type
292 signature</firstterm>. The type signature is made up of <firstterm>type
293 codes</firstterm>. A type code is an ASCII character representing the
294 type of a value. Because ASCII characters are used, the type signature
295 will always form a valid ASCII string. A simple string compare
296 determines whether two type signatures are equivalent.
300 As a simple example, the type code for 32-bit integer (<literal>INT32</literal>) is
301 the ASCII character 'i'. So the signature for a block of values
302 containing a single <literal>INT32</literal> would be:
306 A block of values containing two <literal>INT32</literal> would have this signature:
313 All <firstterm>basic</firstterm> types work like
314 <literal>INT32</literal> in this example. To marshal and unmarshal
315 basic types, you simply read one value from the data
316 block corresponding to each type code in the signature.
317 In addition to basic types, there are four <firstterm>container</firstterm>
318 types: <literal>STRUCT</literal>, <literal>ARRAY</literal>, <literal>VARIANT</literal>,
319 and <literal>DICT_ENTRY</literal>.
323 <literal>STRUCT</literal> has a type code, ASCII character 'r', but this type
324 code does not appear in signatures. Instead, ASCII characters
325 '(' and ')' are used to mark the beginning and end of the struct.
326 So for example, a struct containing two integers would have this
331 Structs can be nested, so for example a struct containing
332 an integer and another struct:
336 The value block storing that struct would contain three integers; the
337 type signature allows you to distinguish "(i(ii))" from "((ii)i)" or
342 The <literal>STRUCT</literal> type code 'r' is not currently used in the D-Bus protocol,
343 but is useful in code that implements the protocol. This type code
344 is specified to allow such code to interoperate in non-protocol contexts.
348 Empty structures are not allowed; there must be at least one
349 type code between the parentheses.
353 <literal>ARRAY</literal> has ASCII character 'a' as type code. The array type code must be
354 followed by a <firstterm>single complete type</firstterm>. The single
355 complete type following the array is the type of each array element. So
356 the simple example is:
360 which is an array of 32-bit integers. But an array can be of any type,
361 such as this array-of-struct-with-two-int32-fields:
365 Or this array of array of integer:
372 The phrase <firstterm>single complete type</firstterm> deserves some
373 definition. A single complete type is a basic type code, a variant type code,
374 an array with its element type, or a struct with its fields.
375 So the following signatures are not single complete types:
385 And the following signatures contain multiple complete types:
395 Note however that a single complete type may <emphasis>contain</emphasis>
396 multiple other single complete types.
400 <literal>VARIANT</literal> has ASCII character 'v' as its type code. A marshaled value of
401 type <literal>VARIANT</literal> will have the signature of a single complete type as part
402 of the <emphasis>value</emphasis>. This signature will be followed by a
403 marshaled value of that type.
407 A <literal>DICT_ENTRY</literal> works exactly like a struct, but rather
408 than parentheses it uses curly braces, and it has more restrictions.
409 The restrictions are: it occurs only as an array element type; it has
410 exactly two single complete types inside the curly braces; the first
411 single complete type (the "key") must be a basic type rather than a
412 container type. Implementations must not accept dict entries outside of
413 arrays, must not accept dict entries with zero, one, or more than two
414 fields, and must not accept dict entries with non-basic-typed keys. A
415 dict entry is always a key-value pair.
419 The first field in the <literal>DICT_ENTRY</literal> is always the key.
420 A message is considered corrupt if the same key occurs twice in the same
421 array of <literal>DICT_ENTRY</literal>. However, for performance reasons
422 implementations are not required to reject dicts with duplicate keys.
426 In most languages, an array of dict entry would be represented as a
427 map, hash table, or dict object.
431 The following table summarizes the D-Bus types.
436 <entry>Conventional Name</entry>
438 <entry>Description</entry>
443 <entry><literal>INVALID</literal></entry>
444 <entry>0 (ASCII NUL)</entry>
445 <entry>Not a valid type code, used to terminate signatures</entry>
447 <entry><literal>BYTE</literal></entry>
448 <entry>121 (ASCII 'y')</entry>
449 <entry>8-bit unsigned integer</entry>
451 <entry><literal>BOOLEAN</literal></entry>
452 <entry>98 (ASCII 'b')</entry>
453 <entry>Boolean value, 0 is <literal>FALSE</literal> and 1 is <literal>TRUE</literal>. Everything else is invalid.</entry>
455 <entry><literal>INT16</literal></entry>
456 <entry>110 (ASCII 'n')</entry>
457 <entry>16-bit signed integer</entry>
459 <entry><literal>UINT16</literal></entry>
460 <entry>113 (ASCII 'q')</entry>
461 <entry>16-bit unsigned integer</entry>
463 <entry><literal>INT32</literal></entry>
464 <entry>105 (ASCII 'i')</entry>
465 <entry>32-bit signed integer</entry>
467 <entry><literal>UINT32</literal></entry>
468 <entry>117 (ASCII 'u')</entry>
469 <entry>32-bit unsigned integer</entry>
471 <entry><literal>INT64</literal></entry>
472 <entry>120 (ASCII 'x')</entry>
473 <entry>64-bit signed integer</entry>
475 <entry><literal>UINT64</literal></entry>
476 <entry>116 (ASCII 't')</entry>
477 <entry>64-bit unsigned integer</entry>
479 <entry><literal>DOUBLE</literal></entry>
480 <entry>100 (ASCII 'd')</entry>
481 <entry>IEEE 754 double</entry>
483 <entry><literal>STRING</literal></entry>
484 <entry>115 (ASCII 's')</entry>
485 <entry>UTF-8 string (<emphasis>must</emphasis> be valid UTF-8). Must be nul terminated and contain no other nul bytes.</entry>
487 <entry><literal>OBJECT_PATH</literal></entry>
488 <entry>111 (ASCII 'o')</entry>
489 <entry>Name of an object instance</entry>
491 <entry><literal>SIGNATURE</literal></entry>
492 <entry>103 (ASCII 'g')</entry>
493 <entry>A type signature</entry>
495 <entry><literal>ARRAY</literal></entry>
496 <entry>97 (ASCII 'a')</entry>
499 <entry><literal>STRUCT</literal></entry>
500 <entry>114 (ASCII 'r'), 40 (ASCII '('), 41 (ASCII ')')</entry>
501 <entry>Struct; type code 114 'r' is reserved for use in
502 bindings and implementations to represent the general
503 concept of a struct, and must not appear in signatures
504 used on D-Bus.</entry>
506 <entry><literal>VARIANT</literal></entry>
507 <entry>118 (ASCII 'v') </entry>
508 <entry>Variant type (the type of the value is part of the value itself)</entry>
510 <entry><literal>DICT_ENTRY</literal></entry>
511 <entry>101 (ASCII 'e'), 123 (ASCII '{'), 125 (ASCII '}') </entry>
512 <entry>Entry in a dict or map (array of key-value pairs).
513 Type code 101 'e' is reserved for use in bindings and
514 implementations to represent the general concept of a
515 dict or dict-entry, and must not appear in signatures
516 used on D-Bus.</entry>
518 <entry><literal>UNIX_FD</literal></entry>
519 <entry>104 (ASCII 'h')</entry>
520 <entry>Unix file descriptor</entry>
523 <entry>(reserved)</entry>
524 <entry>109 (ASCII 'm')</entry>
525 <entry>Reserved for <ulink
526 url="https://bugs.freedesktop.org/show_bug.cgi?id=27857">a
527 'maybe' type compatible with the one in GVariant</ulink>,
528 and must not appear in signatures used on D-Bus until
529 specified here</entry>
532 <entry>(reserved)</entry>
533 <entry>42 (ASCII '*')</entry>
534 <entry>Reserved for use in bindings/implementations to
535 represent any <firstterm>single complete type</firstterm>,
536 and must not appear in signatures used on D-Bus.</entry>
539 <entry>(reserved)</entry>
540 <entry>63 (ASCII '?')</entry>
541 <entry>Reserved for use in bindings/implementations to
542 represent any <firstterm>basic type</firstterm>, and must
543 not appear in signatures used on D-Bus.</entry>
546 <entry>(reserved)</entry>
547 <entry>64 (ASCII '@'), 38 (ASCII '&'),
548 94 (ASCII '^')</entry>
549 <entry>Reserved for internal use by bindings/implementations,
550 and must not appear in signatures used on D-Bus.
551 GVariant uses these type-codes to encode calling
561 <sect2 id="message-protocol-marshaling">
562 <title>Marshaling (Wire Format)</title>
565 Given a type signature, a block of bytes can be converted into typed
566 values. This section describes the format of the block of bytes. Byte
567 order and alignment issues are handled uniformly for all D-Bus types.
571 A block of bytes has an associated byte order. The byte order
572 has to be discovered in some way; for D-Bus messages, the
573 byte order is part of the message header as described in
574 <xref linkend="message-protocol-messages"/>. For now, assume
575 that the byte order is known to be either little endian or big
580 Each value in a block of bytes is aligned "naturally," for example
581 4-byte values are aligned to a 4-byte boundary, and 8-byte values to an
582 8-byte boundary. To properly align a value, <firstterm>alignment
583 padding</firstterm> may be necessary. The alignment padding must always
584 be the minimum required padding to properly align the following value;
585 and it must always be made up of nul bytes. The alignment padding must
586 not be left uninitialized (it can't contain garbage), and more padding
587 than required must not be used.
591 Given all this, the types are marshaled on the wire as follows:
596 <entry>Conventional Name</entry>
597 <entry>Encoding</entry>
598 <entry>Alignment</entry>
603 <entry><literal>INVALID</literal></entry>
604 <entry>Not applicable; cannot be marshaled.</entry>
607 <entry><literal>BYTE</literal></entry>
608 <entry>A single 8-bit byte.</entry>
611 <entry><literal>BOOLEAN</literal></entry>
612 <entry>As for <literal>UINT32</literal>, but only 0 and 1 are valid values.</entry>
615 <entry><literal>INT16</literal></entry>
616 <entry>16-bit signed integer in the message's byte order.</entry>
619 <entry><literal>UINT16</literal></entry>
620 <entry>16-bit unsigned integer in the message's byte order.</entry>
623 <entry><literal>INT32</literal></entry>
624 <entry>32-bit signed integer in the message's byte order.</entry>
627 <entry><literal>UINT32</literal></entry>
628 <entry>32-bit unsigned integer in the message's byte order.</entry>
631 <entry><literal>INT64</literal></entry>
632 <entry>64-bit signed integer in the message's byte order.</entry>
635 <entry><literal>UINT64</literal></entry>
636 <entry>64-bit unsigned integer in the message's byte order.</entry>
639 <entry><literal>DOUBLE</literal></entry>
640 <entry>64-bit IEEE 754 double in the message's byte order.</entry>
643 <entry><literal>STRING</literal></entry>
644 <entry>A <literal>UINT32</literal> indicating the string's
645 length in bytes excluding its terminating nul, followed by
646 non-nul string data of the given length, followed by a terminating nul
653 <entry><literal>OBJECT_PATH</literal></entry>
654 <entry>Exactly the same as <literal>STRING</literal> except the
655 content must be a valid object path (see below).
661 <entry><literal>SIGNATURE</literal></entry>
662 <entry>The same as <literal>STRING</literal> except the length is a single
663 byte (thus signatures have a maximum length of 255)
664 and the content must be a valid signature (see below).
670 <entry><literal>ARRAY</literal></entry>
672 A <literal>UINT32</literal> giving the length of the array data in bytes, followed by
673 alignment padding to the alignment boundary of the array element type,
674 followed by each array element. The array length is from the
675 end of the alignment padding to the end of the last element,
676 i.e. it does not include the padding after the length,
677 or any padding after the last element.
678 Arrays have a maximum length defined to be 2 to the 26th power or
679 67108864. Implementations must not send or accept arrays exceeding this
686 <entry><literal>STRUCT</literal></entry>
688 A struct must start on an 8-byte boundary regardless of the
689 type of the struct fields. The struct value consists of each
690 field marshaled in sequence starting from that 8-byte
697 <entry><literal>VARIANT</literal></entry>
699 A variant type has a marshaled
700 <literal>SIGNATURE</literal> followed by a marshaled
701 value with the type given in the signature. Unlike
702 a message signature, the variant signature can
703 contain only a single complete type. So "i", "ai"
704 or "(ii)" is OK, but "ii" is not. Use of variants may not
705 cause a total message depth to be larger than 64, including
706 other container types such as structures.
709 1 (alignment of the signature)
712 <entry><literal>DICT_ENTRY</literal></entry>
720 <entry><literal>UNIX_FD</literal></entry>
721 <entry>32-bit unsigned integer in the message's byte
722 order. The actual file descriptors need to be
723 transferred out-of-band via some platform specific
724 mechanism. On the wire, values of this type store the index to the
725 file descriptor in the array of file descriptors that
726 accompany the message.</entry>
734 <sect3 id="message-protocol-marshaling-object-path">
735 <title>Valid Object Paths</title>
738 An object path is a name used to refer to an object instance.
739 Conceptually, each participant in a D-Bus message exchange may have
740 any number of object instances (think of C++ or Java objects) and each
741 such instance will have a path. Like a filesystem, the object
742 instances in an application form a hierarchical tree.
746 The following rules define a valid object path. Implementations must
747 not send or accept messages with invalid object paths.
751 The path may be of any length.
756 The path must begin with an ASCII '/' (integer 47) character,
757 and must consist of elements separated by slash characters.
762 Each element must only contain the ASCII characters
768 No element may be the empty string.
773 Multiple '/' characters cannot occur in sequence.
778 A trailing '/' character is not allowed unless the
779 path is the root path (a single '/' character).
786 Object paths are often namespaced by starting with a reversed
787 domain name and containing an interface version number, in the
789 <link linkend="message-protocol-names-interface">interface
791 <link linkend="message-protocol-names-bus">well-known
793 This makes it possible to implement more than one service, or
794 more than one version of a service, in the same process,
795 even if the services share a connection but cannot otherwise
796 co-operate (for instance, if they are implemented by different
801 For instance, if the owner of <literal>example.com</literal> is
802 developing a D-Bus API for a music player, they might use the
803 hierarchy of object paths that start with
804 <literal>/com/example/MusicPlayer1</literal> for its objects.
808 <sect3 id="message-protocol-marshaling-signature">
809 <title>Valid Signatures</title>
811 An implementation must not send or accept invalid signatures.
812 Valid signatures will conform to the following rules:
816 The signature ends with a nul byte.
821 The signature is a list of single complete types.
822 Arrays must have element types, and structs must
823 have both open and close parentheses.
828 Only type codes and open and close parentheses are
829 allowed in the signature. The <literal>STRUCT</literal> type code
830 is not allowed in signatures, because parentheses
836 The maximum depth of container type nesting is 32 array type
837 codes and 32 open parentheses. This implies that the maximum
838 total depth of recursion is 64, for an "array of array of array
839 of ... struct of struct of struct of ..." where there are 32
845 The maximum length of a signature is 255.
850 Signatures must be nul-terminated.
861 <sect1 id="message-protocol">
862 <title>Message Protocol</title>
865 A <firstterm>message</firstterm> consists of a
866 <firstterm>header</firstterm> and a <firstterm>body</firstterm>. If you
867 think of a message as a package, the header is the address, and the body
868 contains the package contents. The message delivery system uses the header
869 information to figure out where to send the message and how to interpret
870 it; the recipient interprets the body of the message.
874 The body of the message is made up of zero or more
875 <firstterm>arguments</firstterm>, which are typed values, such as an
876 integer or a byte array.
880 Both header and body use the D-Bus <link linkend="type-system">type
881 system</link> and format for serializing data.
884 <sect2 id="message-protocol-messages">
885 <title>Message Format</title>
888 A message consists of a header and a body. The header is a block of
889 values with a fixed signature and meaning. The body is a separate block
890 of values, with a signature specified in the header.
894 The length of the header must be a multiple of 8, allowing the body to
895 begin on an 8-byte boundary when storing the entire message in a single
896 buffer. If the header does not naturally end on an 8-byte boundary
897 up to 7 bytes of nul-initialized alignment padding must be added.
901 The message body need not end on an 8-byte boundary.
905 The maximum length of a message, including header, header alignment padding,
906 and body is 2 to the 27th power or 134217728. Implementations must not
907 send or accept messages exceeding this size.
911 The signature of the header is:
915 Written out more readably, this is:
917 BYTE, BYTE, BYTE, BYTE, UINT32, UINT32, ARRAY of STRUCT of (BYTE,VARIANT)
922 These values have the following meanings:
928 <entry>Description</entry>
933 <entry>1st <literal>BYTE</literal></entry>
934 <entry>Endianness flag; ASCII 'l' for little-endian
935 or ASCII 'B' for big-endian. Both header and body are
936 in this endianness.</entry>
939 <entry>2nd <literal>BYTE</literal></entry>
940 <entry><firstterm>Message type</firstterm>. Unknown types must be ignored.
941 Currently-defined types are described below.
945 <entry>3rd <literal>BYTE</literal></entry>
946 <entry>Bitwise OR of flags. Unknown flags
947 must be ignored. Currently-defined flags are described below.
951 <entry>4th <literal>BYTE</literal></entry>
952 <entry>Major protocol version of the sending application. If
953 the major protocol version of the receiving application does not
954 match, the applications will not be able to communicate and the
955 D-Bus connection must be disconnected. The major protocol
956 version for this version of the specification is 1.
960 <entry>1st <literal>UINT32</literal></entry>
961 <entry>Length in bytes of the message body, starting
962 from the end of the header. The header ends after
963 its alignment padding to an 8-boundary.
967 <entry>2nd <literal>UINT32</literal></entry>
968 <entry>The serial of this message, used as a cookie
969 by the sender to identify the reply corresponding
970 to this request. This must not be zero.
974 <entry><literal>ARRAY</literal> of <literal>STRUCT</literal> of (<literal>BYTE</literal>,<literal>VARIANT</literal>)</entry>
975 <entry>An array of zero or more <firstterm>header
976 fields</firstterm> where the byte is the field code, and the
977 variant is the field value. The message type determines
978 which fields are required.
986 <firstterm>Message types</firstterm> that can appear in the second byte
992 <entry>Conventional name</entry>
993 <entry>Decimal value</entry>
994 <entry>Description</entry>
999 <entry><literal>INVALID</literal></entry>
1001 <entry>This is an invalid type.</entry>
1004 <entry><literal>METHOD_CALL</literal></entry>
1006 <entry>Method call.</entry>
1009 <entry><literal>METHOD_RETURN</literal></entry>
1011 <entry>Method reply with returned data.</entry>
1014 <entry><literal>ERROR</literal></entry>
1016 <entry>Error reply. If the first argument exists and is a
1017 string, it is an error message.</entry>
1020 <entry><literal>SIGNAL</literal></entry>
1022 <entry>Signal emission.</entry>
1029 Flags that can appear in the third byte of the header:
1034 <entry>Conventional name</entry>
1035 <entry>Hex value</entry>
1036 <entry>Description</entry>
1041 <entry><literal>NO_REPLY_EXPECTED</literal></entry>
1043 <entry>This message does not expect method return replies or
1044 error replies; the reply can be omitted as an
1045 optimization. However, it is compliant with this specification
1046 to return the reply despite this flag and the only harm
1047 from doing so is extra network traffic.
1051 <entry><literal>NO_AUTO_START</literal></entry>
1053 <entry>The bus must not launch an owner
1054 for the destination name in response to this message.
1062 <sect3 id="message-protocol-header-fields">
1063 <title>Header Fields</title>
1066 The array at the end of the header contains <firstterm>header
1067 fields</firstterm>, where each field is a 1-byte field code followed
1068 by a field value. A header must contain the required header fields for
1069 its message type, and zero or more of any optional header
1070 fields. Future versions of this protocol specification may add new
1071 fields. Implementations must ignore fields they do not
1072 understand. Implementations must not invent their own header fields;
1073 only changes to this specification may introduce new header fields.
1077 Again, if an implementation sees a header field code that it does not
1078 expect, it must ignore that field, as it will be part of a new
1079 (but compatible) version of this specification. This also applies
1080 to known header fields appearing in unexpected messages, for
1081 example: if a signal has a reply serial it must be ignored
1082 even though it has no meaning as of this version of the spec.
1086 However, implementations must not send or accept known header fields
1087 with the wrong type stored in the field value. So for example a
1088 message with an <literal>INTERFACE</literal> field of type
1089 <literal>UINT32</literal> would be considered corrupt.
1093 Here are the currently-defined header fields:
1098 <entry>Conventional Name</entry>
1099 <entry>Decimal Code</entry>
1101 <entry>Required In</entry>
1102 <entry>Description</entry>
1107 <entry><literal>INVALID</literal></entry>
1110 <entry>not allowed</entry>
1111 <entry>Not a valid field name (error if it appears in a message)</entry>
1114 <entry><literal>PATH</literal></entry>
1116 <entry><literal>OBJECT_PATH</literal></entry>
1117 <entry><literal>METHOD_CALL</literal>, <literal>SIGNAL</literal></entry>
1118 <entry>The object to send a call to,
1119 or the object a signal is emitted from.
1121 <literal>/org/freedesktop/DBus/Local</literal> is reserved;
1122 implementations should not send messages with this path,
1123 and the reference implementation of the bus daemon will
1124 disconnect any application that attempts to do so.
1128 <entry><literal>INTERFACE</literal></entry>
1130 <entry><literal>STRING</literal></entry>
1131 <entry><literal>SIGNAL</literal></entry>
1133 The interface to invoke a method call on, or
1134 that a signal is emitted from. Optional for
1135 method calls, required for signals.
1136 The special interface
1137 <literal>org.freedesktop.DBus.Local</literal> is reserved;
1138 implementations should not send messages with this
1139 interface, and the reference implementation of the bus
1140 daemon will disconnect any application that attempts to
1145 <entry><literal>MEMBER</literal></entry>
1147 <entry><literal>STRING</literal></entry>
1148 <entry><literal>METHOD_CALL</literal>, <literal>SIGNAL</literal></entry>
1149 <entry>The member, either the method name or signal name.</entry>
1152 <entry><literal>ERROR_NAME</literal></entry>
1154 <entry><literal>STRING</literal></entry>
1155 <entry><literal>ERROR</literal></entry>
1156 <entry>The name of the error that occurred, for errors</entry>
1159 <entry><literal>REPLY_SERIAL</literal></entry>
1161 <entry><literal>UINT32</literal></entry>
1162 <entry><literal>ERROR</literal>, <literal>METHOD_RETURN</literal></entry>
1163 <entry>The serial number of the message this message is a reply
1164 to. (The serial number is the second <literal>UINT32</literal> in the header.)</entry>
1167 <entry><literal>DESTINATION</literal></entry>
1169 <entry><literal>STRING</literal></entry>
1170 <entry>optional</entry>
1171 <entry>The name of the connection this message is intended for.
1172 Only used in combination with the message bus, see
1173 <xref linkend="message-bus"/>.</entry>
1176 <entry><literal>SENDER</literal></entry>
1178 <entry><literal>STRING</literal></entry>
1179 <entry>optional</entry>
1180 <entry>Unique name of the sending connection.
1181 The message bus fills in this field so it is reliable; the field is
1182 only meaningful in combination with the message bus.</entry>
1185 <entry><literal>SIGNATURE</literal></entry>
1187 <entry><literal>SIGNATURE</literal></entry>
1188 <entry>optional</entry>
1189 <entry>The signature of the message body.
1190 If omitted, it is assumed to be the
1191 empty signature "" (i.e. the body must be 0-length).</entry>
1194 <entry><literal>UNIX_FDS</literal></entry>
1196 <entry><literal>UINT32</literal></entry>
1197 <entry>optional</entry>
1198 <entry>The number of Unix file descriptors that
1199 accompany the message. If omitted, it is assumed
1200 that no Unix file descriptors accompany the
1201 message. The actual file descriptors need to be
1202 transferred via platform specific mechanism
1203 out-of-band. They must be sent at the same time as
1204 part of the message itself. They may not be sent
1205 before the first byte of the message itself is
1206 transferred or after the last byte of the message
1216 <sect2 id="message-protocol-names">
1217 <title>Valid Names</title>
1219 The various names in D-Bus messages have some restrictions.
1222 There is a <firstterm>maximum name length</firstterm>
1223 of 255 which applies to bus names, interfaces, and members.
1225 <sect3 id="message-protocol-names-interface">
1226 <title>Interface names</title>
1228 Interfaces have names with type <literal>STRING</literal>, meaning that
1229 they must be valid UTF-8. However, there are also some
1230 additional restrictions that apply to interface names
1233 <listitem><para>Interface names are composed of 1 or more elements separated by
1234 a period ('.') character. All elements must contain at least
1238 <listitem><para>Each element must only contain the ASCII characters
1239 "[A-Z][a-z][0-9]_" and must not begin with a digit.
1243 <listitem><para>Interface names must contain at least one '.' (period)
1244 character (and thus at least two elements).
1247 <listitem><para>Interface names must not begin with a '.' (period) character.</para></listitem>
1248 <listitem><para>Interface names must not exceed the maximum name length.</para></listitem>
1253 Interface names should start with the reversed DNS domain name of
1254 the author of the interface (in lower-case), like interface names
1255 in Java. It is conventional for the rest of the interface name
1256 to consist of words run together, with initial capital letters
1257 on all words ("CamelCase"). Several levels of hierarchy can be used.
1258 It is also a good idea to include the major version of the interface
1259 in the name, and increment it if incompatible changes are made;
1260 this way, a single object can implement several versions of an
1261 interface in parallel, if necessary.
1265 For instance, if the owner of <literal>example.com</literal> is
1266 developing a D-Bus API for a music player, they might define
1267 interfaces called <literal>com.example.MusicPlayer1</literal>,
1268 <literal>com.example.MusicPlayer1.Track</literal> and
1269 <literal>com.example.MusicPlayer1.Seekable</literal>.
1273 D-Bus does not distinguish between the concepts that would be
1274 called classes and interfaces in Java: either can be identified on
1275 D-Bus by an interface name.
1278 <sect3 id="message-protocol-names-bus">
1279 <title>Bus names</title>
1281 Connections have one or more bus names associated with them.
1282 A connection has exactly one bus name that is a <firstterm>unique
1283 connection name</firstterm>. The unique connection name remains
1284 with the connection for its entire lifetime.
1285 A bus name is of type <literal>STRING</literal>,
1286 meaning that it must be valid UTF-8. However, there are also
1287 some additional restrictions that apply to bus names
1290 <listitem><para>Bus names that start with a colon (':')
1291 character are unique connection names. Other bus names
1292 are called <firstterm>well-known bus names</firstterm>.
1295 <listitem><para>Bus names are composed of 1 or more elements separated by
1296 a period ('.') character. All elements must contain at least
1300 <listitem><para>Each element must only contain the ASCII characters
1301 "[A-Z][a-z][0-9]_-". Only elements that are part of a unique
1302 connection name may begin with a digit, elements in
1303 other bus names must not begin with a digit.
1307 <listitem><para>Bus names must contain at least one '.' (period)
1308 character (and thus at least two elements).
1311 <listitem><para>Bus names must not begin with a '.' (period) character.</para></listitem>
1312 <listitem><para>Bus names must not exceed the maximum name length.</para></listitem>
1316 Note that the hyphen ('-') character is allowed in bus names but
1317 not in interface names.
1321 Like <link linkend="message-protocol-names-interface">interface
1322 names</link>, well-known bus names should start with the
1323 reversed DNS domain name of the author of the interface (in
1324 lower-case), and it is conventional for the rest of the well-known
1325 bus name to consist of words run together, with initial
1326 capital letters. As with interface names, including a version
1327 number in well-known bus names is a good idea; it's possible to
1328 have the well-known bus name for more than one version
1329 simultaneously if backwards compatibility is required.
1333 If a well-known bus name implies the presence of a "main" interface,
1334 that "main" interface is often given the same name as
1335 the well-known bus name, and situated at the corresponding object
1336 path. For instance, if the owner of <literal>example.com</literal>
1337 is developing a D-Bus API for a music player, they might define
1338 that any application that takes the well-known name
1339 <literal>com.example.MusicPlayer1</literal> should have an object
1340 at the object path <literal>/com/example/MusicPlayer1</literal>
1341 which implements the interface
1342 <literal>com.example.MusicPlayer1</literal>.
1345 <sect3 id="message-protocol-names-member">
1346 <title>Member names</title>
1348 Member (i.e. method or signal) names:
1350 <listitem><para>Must only contain the ASCII characters
1351 "[A-Z][a-z][0-9]_" and may not begin with a
1352 digit.</para></listitem>
1353 <listitem><para>Must not contain the '.' (period) character.</para></listitem>
1354 <listitem><para>Must not exceed the maximum name length.</para></listitem>
1355 <listitem><para>Must be at least 1 byte in length.</para></listitem>
1360 It is conventional for member names on D-Bus to consist of
1361 capitalized words with no punctuation ("camel-case").
1362 Method names should usually be verbs, such as
1363 <literal>GetItems</literal>, and signal names should usually be
1364 a description of an event, such as <literal>ItemsChanged</literal>.
1367 <sect3 id="message-protocol-names-error">
1368 <title>Error names</title>
1370 Error names have the same restrictions as interface names.
1374 Error names have the same naming conventions as interface
1375 names, and often contain <literal>.Error.</literal>; for instance,
1376 the owner of <literal>example.com</literal> might define the
1377 errors <literal>com.example.MusicPlayer.Error.FileNotFound</literal>
1378 and <literal>com.example.MusicPlayer.Error.OutOfMemory</literal>.
1379 The errors defined by D-Bus itself, such as
1380 <literal>org.freedesktop.DBus.Error.Failed</literal>, follow a
1386 <sect2 id="message-protocol-types">
1387 <title>Message Types</title>
1389 Each of the message types (<literal>METHOD_CALL</literal>, <literal>METHOD_RETURN</literal>, <literal>ERROR</literal>, and
1390 <literal>SIGNAL</literal>) has its own expected usage conventions and header fields.
1391 This section describes these conventions.
1393 <sect3 id="message-protocol-types-method">
1394 <title>Method Calls</title>
1396 Some messages invoke an operation on a remote object. These are
1397 called method call messages and have the type tag <literal>METHOD_CALL</literal>. Such
1398 messages map naturally to methods on objects in a typical program.
1401 A method call message is required to have a <literal>MEMBER</literal> header field
1402 indicating the name of the method. Optionally, the message has an
1403 <literal>INTERFACE</literal> field giving the interface the method is a part of. In the
1404 absence of an <literal>INTERFACE</literal> field, if two interfaces on the same object have
1405 a method with the same name, it is undefined which of the two methods
1406 will be invoked. Implementations may also choose to return an error in
1407 this ambiguous case. However, if a method name is unique
1408 implementations must not require an interface field.
1411 Method call messages also include a <literal>PATH</literal> field
1412 indicating the object to invoke the method on. If the call is passing
1413 through a message bus, the message will also have a
1414 <literal>DESTINATION</literal> field giving the name of the connection
1415 to receive the message.
1418 When an application handles a method call message, it is required to
1419 return a reply. The reply is identified by a <literal>REPLY_SERIAL</literal> header field
1420 indicating the serial number of the <literal>METHOD_CALL</literal> being replied to. The
1421 reply can have one of two types; either <literal>METHOD_RETURN</literal> or <literal>ERROR</literal>.
1424 If the reply has type <literal>METHOD_RETURN</literal>, the arguments to the reply message
1425 are the return value(s) or "out parameters" of the method call.
1426 If the reply has type <literal>ERROR</literal>, then an "exception" has been thrown,
1427 and the call fails; no return value will be provided. It makes
1428 no sense to send multiple replies to the same method call.
1431 Even if a method call has no return values, a <literal>METHOD_RETURN</literal>
1432 reply is required, so the caller will know the method
1433 was successfully processed.
1436 The <literal>METHOD_RETURN</literal> or <literal>ERROR</literal> reply message must have the <literal>REPLY_SERIAL</literal>
1440 If a <literal>METHOD_CALL</literal> message has the flag <literal>NO_REPLY_EXPECTED</literal>,
1441 then as an optimization the application receiving the method
1442 call may choose to omit the reply message (regardless of
1443 whether the reply would have been <literal>METHOD_RETURN</literal> or <literal>ERROR</literal>).
1444 However, it is also acceptable to ignore the <literal>NO_REPLY_EXPECTED</literal>
1445 flag and reply anyway.
1448 Unless a message has the flag <literal>NO_AUTO_START</literal>, if the
1449 destination name does not exist then a program to own the destination
1450 name will be started before the message is delivered. The message
1451 will be held until the new program is successfully started or has
1452 failed to start; in case of failure, an error will be returned. This
1453 flag is only relevant in the context of a message bus, it is ignored
1454 during one-to-one communication with no intermediate bus.
1456 <sect4 id="message-protocol-types-method-apis">
1457 <title>Mapping method calls to native APIs</title>
1459 APIs for D-Bus may map method calls to a method call in a specific
1460 programming language, such as C++, or may map a method call written
1461 in an IDL to a D-Bus message.
1464 In APIs of this nature, arguments to a method are often termed "in"
1465 (which implies sent in the <literal>METHOD_CALL</literal>), or "out" (which implies
1466 returned in the <literal>METHOD_RETURN</literal>). Some APIs such as CORBA also have
1467 "inout" arguments, which are both sent and received, i.e. the caller
1468 passes in a value which is modified. Mapped to D-Bus, an "inout"
1469 argument is equivalent to an "in" argument, followed by an "out"
1470 argument. You can't pass things "by reference" over the wire, so
1471 "inout" is purely an illusion of the in-process API.
1474 Given a method with zero or one return values, followed by zero or more
1475 arguments, where each argument may be "in", "out", or "inout", the
1476 caller constructs a message by appending each "in" or "inout" argument,
1477 in order. "out" arguments are not represented in the caller's message.
1480 The recipient constructs a reply by appending first the return value
1481 if any, then each "out" or "inout" argument, in order.
1482 "in" arguments are not represented in the reply message.
1485 Error replies are normally mapped to exceptions in languages that have
1489 In converting from native APIs to D-Bus, it is perhaps nice to
1490 map D-Bus naming conventions ("FooBar") to native conventions
1491 such as "fooBar" or "foo_bar" automatically. This is OK
1492 as long as you can say that the native API is one that
1493 was specifically written for D-Bus. It makes the most sense
1494 when writing object implementations that will be exported
1495 over the bus. Object proxies used to invoke remote D-Bus
1496 objects probably need the ability to call any D-Bus method,
1497 and thus a magic name mapping like this could be a problem.
1500 This specification doesn't require anything of native API bindings;
1501 the preceding is only a suggested convention for consistency
1507 <sect3 id="message-protocol-types-signal">
1508 <title>Signal Emission</title>
1510 Unlike method calls, signal emissions have no replies.
1511 A signal emission is simply a single message of type <literal>SIGNAL</literal>.
1512 It must have three header fields: <literal>PATH</literal> giving the object
1513 the signal was emitted from, plus <literal>INTERFACE</literal> and <literal>MEMBER</literal> giving
1514 the fully-qualified name of the signal. The <literal>INTERFACE</literal> header is required
1515 for signals, though it is optional for method calls.
1519 <sect3 id="message-protocol-types-errors">
1520 <title>Errors</title>
1522 Messages of type <literal>ERROR</literal> are most commonly replies
1523 to a <literal>METHOD_CALL</literal>, but may be returned in reply
1524 to any kind of message. The message bus for example
1525 will return an <literal>ERROR</literal> in reply to a signal emission if
1526 the bus does not have enough memory to send the signal.
1529 An <literal>ERROR</literal> may have any arguments, but if the first
1530 argument is a <literal>STRING</literal>, it must be an error message.
1531 The error message may be logged or shown to the user
1536 <sect3 id="message-protocol-types-notation">
1537 <title>Notation in this document</title>
1539 This document uses a simple pseudo-IDL to describe particular method
1540 calls and signals. Here is an example of a method call:
1542 org.freedesktop.DBus.StartServiceByName (in STRING name, in UINT32 flags,
1543 out UINT32 resultcode)
1545 This means <literal>INTERFACE</literal> = org.freedesktop.DBus, <literal>MEMBER</literal> = StartServiceByName,
1546 <literal>METHOD_CALL</literal> arguments are <literal>STRING</literal> and <literal>UINT32</literal>, <literal>METHOD_RETURN</literal> argument
1547 is <literal>UINT32</literal>. Remember that the <literal>MEMBER</literal> field can't contain any '.' (period)
1548 characters so it's known that the last part of the name in
1549 the "IDL" is the member name.
1552 In C++ that might end up looking like this:
1554 unsigned int org::freedesktop::DBus::StartServiceByName (const char *name,
1555 unsigned int flags);
1557 or equally valid, the return value could be done as an argument:
1559 void org::freedesktop::DBus::StartServiceByName (const char *name,
1561 unsigned int *resultcode);
1563 It's really up to the API designer how they want to make
1564 this look. You could design an API where the namespace wasn't used
1565 in C++, using STL or Qt, using varargs, or whatever you wanted.
1568 Signals are written as follows:
1570 org.freedesktop.DBus.NameLost (STRING name)
1572 Signals don't specify "in" vs. "out" because only
1573 a single direction is possible.
1576 It isn't especially encouraged to use this lame pseudo-IDL in actual
1577 API implementations; you might use the native notation for the
1578 language you're using, or you might use COM or CORBA IDL, for example.
1583 <sect2 id="message-protocol-handling-invalid">
1584 <title>Invalid Protocol and Spec Extensions</title>
1587 For security reasons, the D-Bus protocol should be strictly parsed and
1588 validated, with the exception of defined extension points. Any invalid
1589 protocol or spec violations should result in immediately dropping the
1590 connection without notice to the other end. Exceptions should be
1591 carefully considered, e.g. an exception may be warranted for a
1592 well-understood idiosyncrasy of a widely-deployed implementation. In
1593 cases where the other end of a connection is 100% trusted and known to
1594 be friendly, skipping validation for performance reasons could also make
1595 sense in certain cases.
1599 Generally speaking violations of the "must" requirements in this spec
1600 should be considered possible attempts to exploit security, and violations
1601 of the "should" suggestions should be considered legitimate (though perhaps
1602 they should generate an error in some cases).
1606 The following extension points are built in to D-Bus on purpose and must
1607 not be treated as invalid protocol. The extension points are intended
1608 for use by future versions of this spec, they are not intended for third
1609 parties. At the moment, the only way a third party could extend D-Bus
1610 without breaking interoperability would be to introduce a way to negotiate new
1611 feature support as part of the auth protocol, using EXTENSION_-prefixed
1612 commands. There is not yet a standard way to negotiate features.
1616 In the authentication protocol (see <xref linkend="auth-protocol"/>) unknown
1617 commands result in an ERROR rather than a disconnect. This enables
1618 future extensions to the protocol. Commands starting with EXTENSION_ are
1619 reserved for third parties.
1624 The authentication protocol supports pluggable auth mechanisms.
1629 The address format (see <xref linkend="addresses"/>) supports new
1635 Messages with an unknown type (something other than
1636 <literal>METHOD_CALL</literal>, <literal>METHOD_RETURN</literal>,
1637 <literal>ERROR</literal>, <literal>SIGNAL</literal>) are ignored.
1638 Unknown-type messages must still be well-formed in the same way
1639 as the known messages, however. They still have the normal
1645 Header fields with an unknown or unexpected field code must be ignored,
1646 though again they must still be well-formed.
1651 New standard interfaces (with new methods and signals) can of course be added.
1661 <sect1 id="auth-protocol">
1662 <title>Authentication Protocol</title>
1664 Before the flow of messages begins, two applications must
1665 authenticate. A simple plain-text protocol is used for
1666 authentication; this protocol is a SASL profile, and maps fairly
1667 directly from the SASL specification. The message encoding is
1668 NOT used here, only plain text messages.
1671 In examples, "C:" and "S:" indicate lines sent by the client and
1672 server respectively.
1674 <sect2 id="auth-protocol-overview">
1675 <title>Protocol Overview</title>
1677 The protocol is a line-based protocol, where each line ends with
1678 \r\n. Each line begins with an all-caps ASCII command name containing
1679 only the character range [A-Z_], a space, then any arguments for the
1680 command, then the \r\n ending the line. The protocol is
1681 case-sensitive. All bytes must be in the ASCII character set.
1683 Commands from the client to the server are as follows:
1686 <listitem><para>AUTH [mechanism] [initial-response]</para></listitem>
1687 <listitem><para>CANCEL</para></listitem>
1688 <listitem><para>BEGIN</para></listitem>
1689 <listitem><para>DATA <data in hex encoding></para></listitem>
1690 <listitem><para>ERROR [human-readable error explanation]</para></listitem>
1691 <listitem><para>NEGOTIATE_UNIX_FD</para></listitem>
1694 From server to client are as follows:
1697 <listitem><para>REJECTED <space-separated list of mechanism names></para></listitem>
1698 <listitem><para>OK <GUID in hex></para></listitem>
1699 <listitem><para>DATA <data in hex encoding></para></listitem>
1700 <listitem><para>ERROR</para></listitem>
1701 <listitem><para>AGREE_UNIX_FD</para></listitem>
1705 Unofficial extensions to the command set must begin with the letters
1706 "EXTENSION_", to avoid conflicts with future official commands.
1707 For example, "EXTENSION_COM_MYDOMAIN_DO_STUFF".
1710 <sect2 id="auth-nul-byte">
1711 <title>Special credentials-passing nul byte</title>
1713 Immediately after connecting to the server, the client must send a
1714 single nul byte. This byte may be accompanied by credentials
1715 information on some operating systems that use sendmsg() with
1716 SCM_CREDS or SCM_CREDENTIALS to pass credentials over UNIX domain
1717 sockets. However, the nul byte must be sent even on other kinds of
1718 socket, and even on operating systems that do not require a byte to be
1719 sent in order to transmit credentials. The text protocol described in
1720 this document begins after the single nul byte. If the first byte
1721 received from the client is not a nul byte, the server may disconnect
1725 A nul byte in any context other than the initial byte is an error;
1726 the protocol is ASCII-only.
1729 The credentials sent along with the nul byte may be used with the
1730 SASL mechanism EXTERNAL.
1733 <sect2 id="auth-command-auth">
1734 <title>AUTH command</title>
1736 If an AUTH command has no arguments, it is a request to list
1737 available mechanisms. The server must respond with a REJECTED
1738 command listing the mechanisms it understands, or with an error.
1741 If an AUTH command specifies a mechanism, and the server supports
1742 said mechanism, the server should begin exchanging SASL
1743 challenge-response data with the client using DATA commands.
1746 If the server does not support the mechanism given in the AUTH
1747 command, it must send either a REJECTED command listing the mechanisms
1748 it does support, or an error.
1751 If the [initial-response] argument is provided, it is intended for use
1752 with mechanisms that have no initial challenge (or an empty initial
1753 challenge), as if it were the argument to an initial DATA command. If
1754 the selected mechanism has an initial challenge and [initial-response]
1755 was provided, the server should reject authentication by sending
1759 If authentication succeeds after exchanging DATA commands,
1760 an OK command must be sent to the client.
1763 The first octet received by the server after the \r\n of the BEGIN
1764 command from the client must be the first octet of the
1765 authenticated/encrypted stream of D-Bus messages.
1768 If BEGIN is received by the server, the first octet received
1769 by the client after the \r\n of the OK command must be the
1770 first octet of the authenticated/encrypted stream of D-Bus
1774 <sect2 id="auth-command-cancel">
1775 <title>CANCEL Command</title>
1777 At any time up to sending the BEGIN command, the client may send a
1778 CANCEL command. On receiving the CANCEL command, the server must
1779 send a REJECTED command and abort the current authentication
1783 <sect2 id="auth-command-data">
1784 <title>DATA Command</title>
1786 The DATA command may come from either client or server, and simply
1787 contains a hex-encoded block of data to be interpreted
1788 according to the SASL mechanism in use.
1791 Some SASL mechanisms support sending an "empty string";
1792 FIXME we need some way to do this.
1795 <sect2 id="auth-command-begin">
1796 <title>BEGIN Command</title>
1798 The BEGIN command acknowledges that the client has received an
1799 OK command from the server, and that the stream of messages
1803 The first octet received by the server after the \r\n of the BEGIN
1804 command from the client must be the first octet of the
1805 authenticated/encrypted stream of D-Bus messages.
1808 <sect2 id="auth-command-rejected">
1809 <title>REJECTED Command</title>
1811 The REJECTED command indicates that the current authentication
1812 exchange has failed, and further exchange of DATA is inappropriate.
1813 The client would normally try another mechanism, or try providing
1814 different responses to challenges.
1816 Optionally, the REJECTED command has a space-separated list of
1817 available auth mechanisms as arguments. If a server ever provides
1818 a list of supported mechanisms, it must provide the same list
1819 each time it sends a REJECTED message. Clients are free to
1820 ignore all lists received after the first.
1823 <sect2 id="auth-command-ok">
1824 <title>OK Command</title>
1826 The OK command indicates that the client has been
1827 authenticated. The client may now proceed with negotiating
1828 Unix file descriptor passing. To do that it shall send
1829 NEGOTIATE_UNIX_FD to the server.
1832 Otherwise, the client must respond to the OK command by
1833 sending a BEGIN command, followed by its stream of messages,
1834 or by disconnecting. The server must not accept additional
1835 commands using this protocol after the BEGIN command has been
1836 received. Further communication will be a stream of D-Bus
1837 messages (optionally encrypted, as negotiated) rather than
1841 If a client sends BEGIN the first octet received by the client
1842 after the \r\n of the OK command must be the first octet of
1843 the authenticated/encrypted stream of D-Bus messages.
1846 The OK command has one argument, which is the GUID of the server.
1847 See <xref linkend="addresses"/> for more on server GUIDs.
1850 <sect2 id="auth-command-error">
1851 <title>ERROR Command</title>
1853 The ERROR command indicates that either server or client did not
1854 know a command, does not accept the given command in the current
1855 context, or did not understand the arguments to the command. This
1856 allows the protocol to be extended; a client or server can send a
1857 command present or permitted only in new protocol versions, and if
1858 an ERROR is received instead of an appropriate response, fall back
1859 to using some other technique.
1862 If an ERROR is sent, the server or client that sent the
1863 error must continue as if the command causing the ERROR had never been
1864 received. However, the the server or client receiving the error
1865 should try something other than whatever caused the error;
1866 if only canceling/rejecting the authentication.
1869 If the D-Bus protocol changes incompatibly at some future time,
1870 applications implementing the new protocol would probably be able to
1871 check for support of the new protocol by sending a new command and
1872 receiving an ERROR from applications that don't understand it. Thus the
1873 ERROR feature of the auth protocol is an escape hatch that lets us
1874 negotiate extensions or changes to the D-Bus protocol in the future.
1877 <sect2 id="auth-command-negotiate-unix-fd">
1878 <title>NEGOTIATE_UNIX_FD Command</title>
1880 The NEGOTIATE_UNIX_FD command indicates that the client
1881 supports Unix file descriptor passing. This command may only
1882 be sent after the connection is authenticated, i.e. after OK
1883 was received by the client. This command may only be sent on
1884 transports that support Unix file descriptor passing.
1887 On receiving NEGOTIATE_UNIX_FD the server must respond with
1888 either AGREE_UNIX_FD or ERROR. It shall respond the former if
1889 the transport chosen supports Unix file descriptor passing and
1890 the server supports this feature. It shall respond the latter
1891 if the transport does not support Unix file descriptor
1892 passing, the server does not support this feature, or the
1893 server decides not to enable file descriptor passing due to
1894 security or other reasons.
1897 <sect2 id="auth-command-agree-unix-fd">
1898 <title>AGREE_UNIX_FD Command</title>
1900 The AGREE_UNIX_FD command indicates that the server supports
1901 Unix file descriptor passing. This command may only be sent
1902 after the connection is authenticated, and the client sent
1903 NEGOTIATE_UNIX_FD to enable Unix file descriptor passing. This
1904 command may only be sent on transports that support Unix file
1908 On receiving AGREE_UNIX_FD the client must respond with BEGIN,
1909 followed by its stream of messages, or by disconnecting. The
1910 server must not accept additional commands using this protocol
1911 after the BEGIN command has been received. Further
1912 communication will be a stream of D-Bus messages (optionally
1913 encrypted, as negotiated) rather than this protocol.
1916 <sect2 id="auth-command-future">
1917 <title>Future Extensions</title>
1919 Future extensions to the authentication and negotiation
1920 protocol are possible. For that new commands may be
1921 introduced. If a client or server receives an unknown command
1922 it shall respond with ERROR and not consider this fatal. New
1923 commands may be introduced both before, and after
1924 authentication, i.e. both before and after the OK command.
1927 <sect2 id="auth-examples">
1928 <title>Authentication examples</title>
1932 <title>Example of successful magic cookie authentication</title>
1934 (MAGIC_COOKIE is a made up mechanism)
1936 C: AUTH MAGIC_COOKIE 3138363935333137393635383634
1942 <title>Example of finding out mechanisms then picking one</title>
1945 S: REJECTED KERBEROS_V4 SKEY
1946 C: AUTH SKEY 7ab83f32ee
1947 S: DATA 8799cabb2ea93e
1948 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1954 <title>Example of client sends unknown command then falls back to regular auth</title>
1958 C: AUTH MAGIC_COOKIE 3736343435313230333039
1964 <title>Example of server doesn't support initial auth mechanism</title>
1966 C: AUTH MAGIC_COOKIE 3736343435313230333039
1967 S: REJECTED KERBEROS_V4 SKEY
1968 C: AUTH SKEY 7ab83f32ee
1969 S: DATA 8799cabb2ea93e
1970 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1976 <title>Example of wrong password or the like followed by successful retry</title>
1978 C: AUTH MAGIC_COOKIE 3736343435313230333039
1979 S: REJECTED KERBEROS_V4 SKEY
1980 C: AUTH SKEY 7ab83f32ee
1981 S: DATA 8799cabb2ea93e
1982 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1984 C: AUTH SKEY 7ab83f32ee
1985 S: DATA 8799cabb2ea93e
1986 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1992 <title>Example of skey cancelled and restarted</title>
1994 C: AUTH MAGIC_COOKIE 3736343435313230333039
1995 S: REJECTED KERBEROS_V4 SKEY
1996 C: AUTH SKEY 7ab83f32ee
1997 S: DATA 8799cabb2ea93e
2000 C: AUTH SKEY 7ab83f32ee
2001 S: DATA 8799cabb2ea93e
2002 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
2008 <title>Example of successful magic cookie authentication with successful negotiation of Unix FD passing</title>
2010 (MAGIC_COOKIE is a made up mechanism)
2012 C: AUTH MAGIC_COOKIE 3138363935333137393635383634
2014 C: NEGOTIATE_UNIX_FD
2020 <title>Example of successful magic cookie authentication with unsuccessful negotiation of Unix FD passing</title>
2022 (MAGIC_COOKIE is a made up mechanism)
2024 C: AUTH MAGIC_COOKIE 3138363935333137393635383634
2026 C: NEGOTIATE_UNIX_FD
2033 <sect2 id="auth-states">
2034 <title>Authentication state diagrams</title>
2037 This section documents the auth protocol in terms of
2038 a state machine for the client and the server. This is
2039 probably the most robust way to implement the protocol.
2042 <sect3 id="auth-states-client">
2043 <title>Client states</title>
2046 To more precisely describe the interaction between the
2047 protocol state machine and the authentication mechanisms the
2048 following notation is used: MECH(CHALL) means that the
2049 server challenge CHALL was fed to the mechanism MECH, which
2055 CONTINUE(RESP) means continue the auth conversation
2056 and send RESP as the response to the server;
2062 OK(RESP) means that after sending RESP to the server
2063 the client side of the auth conversation is finished
2064 and the server should return "OK";
2070 ERROR means that CHALL was invalid and could not be
2076 Both RESP and CHALL may be empty.
2080 The Client starts by getting an initial response from the
2081 default mechanism and sends AUTH MECH RESP, or AUTH MECH if
2082 the mechanism did not provide an initial response. If the
2083 mechanism returns CONTINUE, the client starts in state
2084 <emphasis>WaitingForData</emphasis>, if the mechanism
2085 returns OK the client starts in state
2086 <emphasis>WaitingForOK</emphasis>.
2090 The client should keep track of available mechanisms and
2091 which it mechanisms it has already attempted. This list is
2092 used to decide which AUTH command to send. When the list is
2093 exhausted, the client should give up and close the
2098 <title><emphasis>WaitingForData</emphasis></title>
2106 MECH(CHALL) returns CONTINUE(RESP) → send
2108 <emphasis>WaitingForData</emphasis>
2112 MECH(CHALL) returns OK(RESP) → send DATA
2113 RESP, goto <emphasis>WaitingForOK</emphasis>
2117 MECH(CHALL) returns ERROR → send ERROR
2118 [msg], goto <emphasis>WaitingForData</emphasis>
2126 Receive REJECTED [mechs] →
2127 send AUTH [next mech], goto
2128 WaitingForData or <emphasis>WaitingForOK</emphasis>
2133 Receive ERROR → send
2135 <emphasis>WaitingForReject</emphasis>
2140 Receive OK → send
2141 BEGIN, terminate auth
2142 conversation, authenticated
2147 Receive anything else → send
2149 <emphasis>WaitingForData</emphasis>
2157 <title><emphasis>WaitingForOK</emphasis></title>
2162 Receive OK → send BEGIN, terminate auth
2163 conversation, <emphasis>authenticated</emphasis>
2168 Receive REJECT [mechs] → send AUTH [next mech],
2169 goto <emphasis>WaitingForData</emphasis> or
2170 <emphasis>WaitingForOK</emphasis>
2176 Receive DATA → send CANCEL, goto
2177 <emphasis>WaitingForReject</emphasis>
2183 Receive ERROR → send CANCEL, goto
2184 <emphasis>WaitingForReject</emphasis>
2190 Receive anything else → send ERROR, goto
2191 <emphasis>WaitingForOK</emphasis>
2199 <title><emphasis>WaitingForReject</emphasis></title>
2204 Receive REJECT [mechs] → send AUTH [next mech],
2205 goto <emphasis>WaitingForData</emphasis> or
2206 <emphasis>WaitingForOK</emphasis>
2212 Receive anything else → terminate auth
2213 conversation, disconnect
2222 <sect3 id="auth-states-server">
2223 <title>Server states</title>
2226 For the server MECH(RESP) means that the client response
2227 RESP was fed to the the mechanism MECH, which returns one of
2232 CONTINUE(CHALL) means continue the auth conversation and
2233 send CHALL as the challenge to the client;
2239 OK means that the client has been successfully
2246 REJECT means that the client failed to authenticate or
2247 there was an error in RESP.
2252 The server starts out in state
2253 <emphasis>WaitingForAuth</emphasis>. If the client is
2254 rejected too many times the server must disconnect the
2259 <title><emphasis>WaitingForAuth</emphasis></title>
2265 Receive AUTH → send REJECTED [mechs], goto
2266 <emphasis>WaitingForAuth</emphasis>
2272 Receive AUTH MECH RESP
2276 MECH not valid mechanism → send REJECTED
2278 <emphasis>WaitingForAuth</emphasis>
2282 MECH(RESP) returns CONTINUE(CHALL) → send
2284 <emphasis>WaitingForData</emphasis>
2288 MECH(RESP) returns OK → send OK, goto
2289 <emphasis>WaitingForBegin</emphasis>
2293 MECH(RESP) returns REJECT → send REJECTED
2295 <emphasis>WaitingForAuth</emphasis>
2303 Receive BEGIN → terminate
2304 auth conversation, disconnect
2310 Receive ERROR → send REJECTED [mechs], goto
2311 <emphasis>WaitingForAuth</emphasis>
2317 Receive anything else → send
2319 <emphasis>WaitingForAuth</emphasis>
2328 <title><emphasis>WaitingForData</emphasis></title>
2336 MECH(RESP) returns CONTINUE(CHALL) → send
2338 <emphasis>WaitingForData</emphasis>
2342 MECH(RESP) returns OK → send OK, goto
2343 <emphasis>WaitingForBegin</emphasis>
2347 MECH(RESP) returns REJECT → send REJECTED
2349 <emphasis>WaitingForAuth</emphasis>
2357 Receive BEGIN → terminate auth conversation,
2364 Receive CANCEL → send REJECTED [mechs], goto
2365 <emphasis>WaitingForAuth</emphasis>
2371 Receive ERROR → send REJECTED [mechs], goto
2372 <emphasis>WaitingForAuth</emphasis>
2378 Receive anything else → send ERROR, goto
2379 <emphasis>WaitingForData</emphasis>
2387 <title><emphasis>WaitingForBegin</emphasis></title>
2392 Receive BEGIN → terminate auth conversation,
2393 client authenticated
2399 Receive CANCEL → send REJECTED [mechs], goto
2400 <emphasis>WaitingForAuth</emphasis>
2406 Receive ERROR → send REJECTED [mechs], goto
2407 <emphasis>WaitingForAuth</emphasis>
2413 Receive anything else → send ERROR, goto
2414 <emphasis>WaitingForBegin</emphasis>
2424 <sect2 id="auth-mechanisms">
2425 <title>Authentication mechanisms</title>
2427 This section describes some new authentication mechanisms.
2428 D-Bus also allows any standard SASL mechanism of course.
2430 <sect3 id="auth-mechanisms-sha">
2431 <title>DBUS_COOKIE_SHA1</title>
2433 The DBUS_COOKIE_SHA1 mechanism is designed to establish that a client
2434 has the ability to read a private file owned by the user being
2435 authenticated. If the client can prove that it has access to a secret
2436 cookie stored in this file, then the client is authenticated.
2437 Thus the security of DBUS_COOKIE_SHA1 depends on a secure home
2441 Throughout this description, "hex encoding" must output the digits
2442 from a to f in lower-case; the digits A to F must not be used
2443 in the DBUS_COOKIE_SHA1 mechanism.
2446 Authentication proceeds as follows:
2450 The client sends the username it would like to authenticate
2456 The server sends the name of its "cookie context" (see below); a
2457 space character; the integer ID of the secret cookie the client
2458 must demonstrate knowledge of; a space character; then a
2459 randomly-generated challenge string, all of this hex-encoded into
2465 The client locates the cookie and generates its own
2466 randomly-generated challenge string. The client then concatenates
2467 the server's decoded challenge, a ":" character, its own challenge,
2468 another ":" character, and the cookie. It computes the SHA-1 hash
2469 of this composite string as a hex digest. It concatenates the
2470 client's challenge string, a space character, and the SHA-1 hex
2471 digest, hex-encodes the result and sends it back to the server.
2476 The server generates the same concatenated string used by the
2477 client and computes its SHA-1 hash. It compares the hash with
2478 the hash received from the client; if the two hashes match, the
2479 client is authenticated.
2485 Each server has a "cookie context," which is a name that identifies a
2486 set of cookies that apply to that server. A sample context might be
2487 "org_freedesktop_session_bus". Context names must be valid ASCII,
2488 nonzero length, and may not contain the characters slash ("/"),
2489 backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"),
2490 tab ("\t"), or period ("."). There is a default context,
2491 "org_freedesktop_general" that's used by servers that do not specify
2495 Cookies are stored in a user's home directory, in the directory
2496 <filename>~/.dbus-keyrings/</filename>. This directory must
2497 not be readable or writable by other users. If it is,
2498 clients and servers must ignore it. The directory
2499 contains cookie files named after the cookie context.
2502 A cookie file contains one cookie per line. Each line
2503 has three space-separated fields:
2507 The cookie ID number, which must be a non-negative integer and
2508 may not be used twice in the same file.
2513 The cookie's creation time, in UNIX seconds-since-the-epoch
2519 The cookie itself, a hex-encoded random block of bytes. The cookie
2520 may be of any length, though obviously security increases
2521 as the length increases.
2527 Only server processes modify the cookie file.
2528 They must do so with this procedure:
2532 Create a lockfile name by appending ".lock" to the name of the
2533 cookie file. The server should attempt to create this file
2534 using <literal>O_CREAT | O_EXCL</literal>. If file creation
2535 fails, the lock fails. Servers should retry for a reasonable
2536 period of time, then they may choose to delete an existing lock
2537 to keep users from having to manually delete a stale
2538 lock. <footnote><para>Lockfiles are used instead of real file
2539 locking <literal>fcntl()</literal> because real locking
2540 implementations are still flaky on network
2541 filesystems.</para></footnote>
2546 Once the lockfile has been created, the server loads the cookie
2547 file. It should then delete any cookies that are old (the
2548 timeout can be fairly short), or more than a reasonable
2549 time in the future (so that cookies never accidentally
2550 become permanent, if the clock was set far into the future
2551 at some point). If no recent keys remain, the
2552 server may generate a new key.
2557 The pruned and possibly added-to cookie file
2558 must be resaved atomically (using a temporary
2559 file which is rename()'d).
2564 The lock must be dropped by deleting the lockfile.
2570 Clients need not lock the file in order to load it,
2571 because servers are required to save the file atomically.
2576 <sect1 id="addresses">
2577 <title>Server Addresses</title>
2579 Server addresses consist of a transport name followed by a colon, and
2580 then an optional, comma-separated list of keys and values in the form key=value.
2581 Each value is escaped.
2585 <programlisting>unix:path=/tmp/dbus-test</programlisting>
2586 Which is the address to a unix socket with the path /tmp/dbus-test.
2589 Value escaping is similar to URI escaping but simpler.
2593 The set of optionally-escaped bytes is:
2594 <literal>[0-9A-Za-z_-/.\]</literal>. To escape, each
2595 <emphasis>byte</emphasis> (note, not character) which is not in the
2596 set of optionally-escaped bytes must be replaced with an ASCII
2597 percent (<literal>%</literal>) and the value of the byte in hex.
2598 The hex value must always be two digits, even if the first digit is
2599 zero. The optionally-escaped bytes may be escaped if desired.
2604 To unescape, append each byte in the value; if a byte is an ASCII
2605 percent (<literal>%</literal>) character then append the following
2606 hex value instead. It is an error if a <literal>%</literal> byte
2607 does not have two hex digits following. It is an error if a
2608 non-optionally-escaped byte is seen unescaped.
2612 The set of optionally-escaped bytes is intended to preserve address
2613 readability and convenience.
2617 A server may specify a key-value pair with the key <literal>guid</literal>
2618 and the value a hex-encoded 16-byte sequence. <xref linkend="uuids"/>
2619 describes the format of the <literal>guid</literal> field. If present,
2620 this UUID may be used to distinguish one server address from another. A
2621 server should use a different UUID for each address it listens on. For
2622 example, if a message bus daemon offers both UNIX domain socket and TCP
2623 connections, but treats clients the same regardless of how they connect,
2624 those two connections are equivalent post-connection but should have
2625 distinct UUIDs to distinguish the kinds of connection.
2629 The intent of the address UUID feature is to allow a client to avoid
2630 opening multiple identical connections to the same server, by allowing the
2631 client to check whether an address corresponds to an already-existing
2632 connection. Comparing two addresses is insufficient, because addresses
2633 can be recycled by distinct servers, and equivalent addresses may look
2634 different if simply compared as strings (for example, the host in a TCP
2635 address can be given as an IP address or as a hostname).
2639 Note that the address key is <literal>guid</literal> even though the
2640 rest of the API and documentation says "UUID," for historical reasons.
2644 [FIXME clarify if attempting to connect to each is a requirement
2645 or just a suggestion]
2646 When connecting to a server, multiple server addresses can be
2647 separated by a semi-colon. The library will then try to connect
2648 to the first address and if that fails, it'll try to connect to
2649 the next one specified, and so forth. For example
2650 <programlisting>unix:path=/tmp/dbus-test;unix:path=/tmp/dbus-test2</programlisting>
2655 <sect1 id="transports">
2656 <title>Transports</title>
2658 [FIXME we need to specify in detail each transport and its possible arguments]
2660 Current transports include: unix domain sockets (including
2661 abstract namespace on linux), launchd, systemd, TCP/IP, and a debug/testing transport
2662 using in-process pipes. Future possible transports include one that
2663 tunnels over X11 protocol.
2666 <sect2 id="transports-unix-domain-sockets">
2667 <title>Unix Domain Sockets</title>
2669 Unix domain sockets can be either paths in the file system or on Linux
2670 kernels, they can be abstract which are similar to paths but
2671 do not show up in the file system.
2675 When a socket is opened by the D-Bus library it truncates the path
2676 name right before the first trailing Nul byte. This is true for both
2677 normal paths and abstract paths. Note that this is a departure from
2678 previous versions of D-Bus that would create sockets with a fixed
2679 length path name. Names which were shorter than the fixed length
2680 would be padded by Nul bytes.
2683 Unix domain sockets are not available on windows.
2685 <sect3 id="transports-unix-domain-sockets-addresses">
2686 <title>Server Address Format</title>
2688 Unix domain socket addresses are identified by the "unix:" prefix
2689 and support the following key/value pairs:
2696 <entry>Values</entry>
2697 <entry>Description</entry>
2703 <entry>(path)</entry>
2704 <entry>path of the unix domain socket. If set, the "tmpdir" and "abstract" key must not be set.</entry>
2707 <entry>tmpdir</entry>
2708 <entry>(path)</entry>
2709 <entry>temporary directory in which a socket file with a random file name starting with 'dbus-' will be created by the server. This key can only be used in server addresses, not in client addresses. If set, the "path" and "abstract" key must not be set.</entry>
2712 <entry>abstract</entry>
2713 <entry>(string)</entry>
2714 <entry>unique string (path) in the abstract namespace. If set, the "path" or "tempdir" key must not be set.</entry>
2721 <sect2 id="transports-launchd">
2722 <title>launchd</title>
2724 launchd is an open-source server management system that replaces init, inetd
2725 and cron on Apple Mac OS X versions 10.4 and above. It provides a common session
2726 bus address for each user and deprecates the X11-enabled D-Bus launcher on OSX.
2730 launchd allocates a socket and provides it with the unix path through the
2731 DBUS_LAUNCHD_SESSION_BUS_SOCKET variable in launchd's environment. Every process
2732 spawned by launchd (or dbus-daemon, if it was started by launchd) can access
2733 it through its environment.
2734 Other processes can query for the launchd socket by executing:
2735 $ launchctl getenv DBUS_LAUNCHD_SESSION_BUS_SOCKET
2736 This is normally done by the D-Bus client library so doesn't have to be done
2740 launchd is not available on Microsoft Windows.
2742 <sect3 id="transports-launchd-addresses">
2743 <title>Server Address Format</title>
2745 launchd addresses are identified by the "launchd:" prefix
2746 and support the following key/value pairs:
2753 <entry>Values</entry>
2754 <entry>Description</entry>
2760 <entry>(environment variable)</entry>
2761 <entry>path of the unix domain socket for the launchd created dbus-daemon.</entry>
2768 <sect2 id="transports-systemd">
2769 <title>systemd</title>
2771 systemd is an open-source server management system that
2772 replaces init and inetd on newer Linux systems. It supports
2773 socket activation. The D-Bus systemd transport is used to acquire
2774 socket activation file descriptors from systemd and use them
2775 as D-Bus transport when the current process is spawned by
2776 socket activation from it.
2779 The systemd transport accepts only one or more Unix domain or
2780 TCP streams sockets passed in via socket activation.
2783 The systemd transport is not available on non-Linux operating systems.
2786 The systemd transport defines no parameter keys.
2789 <sect2 id="transports-tcp-sockets">
2790 <title>TCP Sockets</title>
2792 The tcp transport provides TCP/IP based connections between clients
2793 located on the same or different hosts.
2796 Using tcp transport without any additional secure authentification mechanismus
2797 over a network is unsecure.
2800 Windows notes: Because of the tcp stack on windows does not provide sending
2801 credentials over a tcp connection, the EXTERNAL authentification
2802 mechanismus does not work.
2804 <sect3 id="transports-tcp-sockets-addresses">
2805 <title>Server Address Format</title>
2807 TCP/IP socket addresses are identified by the "tcp:" prefix
2808 and support the following key/value pairs:
2815 <entry>Values</entry>
2816 <entry>Description</entry>
2822 <entry>(string)</entry>
2823 <entry>dns name or ip address</entry>
2827 <entry>(number)</entry>
2828 <entry>The tcp port the server will open. A zero value let the server
2829 choose a free port provided from the underlaying operating system.
2830 libdbus is able to retrieve the real used port from the server.
2834 <entry>family</entry>
2835 <entry>(string)</entry>
2836 <entry>If set, provide the type of socket family either "ipv4" or "ipv6". If unset, the family is unspecified.</entry>
2843 <sect2 id="transports-nonce-tcp-sockets">
2844 <title>Nonce-secured TCP Sockets</title>
2846 The nonce-tcp transport provides a secured TCP transport, using a
2847 simple authentication mechanism to ensure that only clients with read
2848 access to a certain location in the filesystem can connect to the server.
2849 The server writes a secret, the nonce, to a file and an incoming client
2850 connection is only accepted if the client sends the nonce right after
2851 the connect. The nonce mechanism requires no setup and is orthogonal to
2852 the higher-level authentication mechanisms described in the
2853 Authentication section.
2857 On start, the server generates a random 16 byte nonce and writes it
2858 to a file in the user's temporary directory. The nonce file location
2859 is published as part of the server's D-Bus address using the
2860 "noncefile" key-value pair.
2862 After an accept, the server reads 16 bytes from the socket. If the
2863 read bytes do not match the nonce stored in the nonce file, the
2864 server MUST immediately drop the connection.
2865 If the nonce match the received byte sequence, the client is accepted
2866 and the transport behaves like an unsecured tcp transport.
2869 After a successful connect to the server socket, the client MUST read
2870 the nonce from the file published by the server via the noncefile=
2871 key-value pair and send it over the socket. After that, the
2872 transport behaves like an unsecured tcp transport.
2874 <sect3 id="transports-nonce-tcp-sockets-addresses">
2875 <title>Server Address Format</title>
2877 Nonce TCP/IP socket addresses uses the "nonce-tcp:" prefix
2878 and support the following key/value pairs:
2885 <entry>Values</entry>
2886 <entry>Description</entry>
2892 <entry>(string)</entry>
2893 <entry>dns name or ip address</entry>
2897 <entry>(number)</entry>
2898 <entry>The tcp port the server will open. A zero value let the server
2899 choose a free port provided from the underlaying operating system.
2900 libdbus is able to retrieve the real used port from the server.
2904 <entry>family</entry>
2905 <entry>(string)</entry>
2906 <entry>If set, provide the type of socket family either "ipv4" or "ipv6". If unset, the family is unspecified.</entry>
2909 <entry>noncefile</entry>
2910 <entry>(path)</entry>
2911 <entry>file location containing the secret</entry>
2919 <sect1 id="meta-transports">
2920 <title>Meta Transports</title>
2922 Meta transports are a kind of transport with special enhancements or
2923 behavior. Currently available meta transports include: autolaunch
2926 <sect2 id="meta-transports-autolaunch">
2927 <title>Autolaunch</title>
2928 <para>The autolaunch transport provides a way for dbus clients to autodetect
2929 a running dbus session bus and to autolaunch a session bus if not present.
2931 <sect3 id="meta-transports-autolaunch-addresses">
2932 <title>Server Address Format</title>
2934 Autolaunch addresses uses the "autolaunch:" prefix and support the
2935 following key/value pairs:
2942 <entry>Values</entry>
2943 <entry>Description</entry>
2948 <entry>scope</entry>
2949 <entry>(string)</entry>
2950 <entry>scope of autolaunch (Windows only)
2954 "*install-path" - limit session bus to dbus installation path.
2955 The dbus installation path is determined from the location of
2956 the shared dbus library. If the library is located in a 'bin'
2957 subdirectory the installation root is the directory above,
2958 otherwise the directory where the library lives is taken as
2961 <install-root>/bin/[lib]dbus-1.dll
2962 <install-root>/[lib]dbus-1.dll
2968 "*user" - limit session bus to the recent user.
2973 other values - specify dedicated session bus like "release",
2985 <sect3 id="meta-transports-autolaunch-windows-implementation">
2986 <title>Windows implementation</title>
2988 On start, the server opens a platform specific transport, creates a mutex
2989 and a shared memory section containing the related session bus address.
2990 This mutex will be inspected by the dbus client library to detect a
2991 running dbus session bus. The access to the mutex and the shared memory
2992 section are protected by global locks.
2995 In the recent implementation the autolaunch transport uses a tcp transport
2996 on localhost with a port choosen from the operating system. This detail may
2997 change in the future.
3000 Disclaimer: The recent implementation is in an early state and may not
3001 work in all cirumstances and/or may have security issues. Because of this
3002 the implementation is not documentated yet.
3009 <title>UUIDs</title>
3011 A working D-Bus implementation uses universally-unique IDs in two places.
3012 First, each server address has a UUID identifying the address,
3013 as described in <xref linkend="addresses"/>. Second, each operating
3014 system kernel instance running a D-Bus client or server has a UUID
3015 identifying that kernel, retrieved by invoking the method
3016 org.freedesktop.DBus.Peer.GetMachineId() (see <xref
3017 linkend="standard-interfaces-peer"/>).
3020 The term "UUID" in this document is intended literally, i.e. an
3021 identifier that is universally unique. It is not intended to refer to
3022 RFC4122, and in fact the D-Bus UUID is not compatible with that RFC.
3025 The UUID must contain 128 bits of data and be hex-encoded. The
3026 hex-encoded string may not contain hyphens or other non-hex-digit
3027 characters, and it must be exactly 32 characters long. To generate a
3028 UUID, the current reference implementation concatenates 96 bits of random
3029 data followed by the 32-bit time in seconds since the UNIX epoch (in big
3033 It would also be acceptable and probably better to simply generate 128
3034 bits of random data, as long as the random number generator is of high
3035 quality. The timestamp could conceivably help if the random bits are not
3036 very random. With a quality random number generator, collisions are
3037 extremely unlikely even with only 96 bits, so it's somewhat academic.
3040 Implementations should, however, stick to random data for the first 96 bits
3045 <sect1 id="standard-interfaces">
3046 <title>Standard Interfaces</title>
3048 See <xref linkend="message-protocol-types-notation"/> for details on
3049 the notation used in this section. There are some standard interfaces
3050 that may be useful across various D-Bus applications.
3052 <sect2 id="standard-interfaces-peer">
3053 <title><literal>org.freedesktop.DBus.Peer</literal></title>
3055 The <literal>org.freedesktop.DBus.Peer</literal> interface
3058 org.freedesktop.DBus.Peer.Ping ()
3059 org.freedesktop.DBus.Peer.GetMachineId (out STRING machine_uuid)
3063 On receipt of the <literal>METHOD_CALL</literal> message
3064 <literal>org.freedesktop.DBus.Peer.Ping</literal>, an application should do
3065 nothing other than reply with a <literal>METHOD_RETURN</literal> as
3066 usual. It does not matter which object path a ping is sent to. The
3067 reference implementation handles this method automatically.
3070 On receipt of the <literal>METHOD_CALL</literal> message
3071 <literal>org.freedesktop.DBus.Peer.GetMachineId</literal>, an application should
3072 reply with a <literal>METHOD_RETURN</literal> containing a hex-encoded
3073 UUID representing the identity of the machine the process is running on.
3074 This UUID must be the same for all processes on a single system at least
3075 until that system next reboots. It should be the same across reboots
3076 if possible, but this is not always possible to implement and is not
3078 It does not matter which object path a GetMachineId is sent to. The
3079 reference implementation handles this method automatically.
3082 The UUID is intended to be per-instance-of-the-operating-system, so may represent
3083 a virtual machine running on a hypervisor, rather than a physical machine.
3084 Basically if two processes see the same UUID, they should also see the same
3085 shared memory, UNIX domain sockets, process IDs, and other features that require
3086 a running OS kernel in common between the processes.
3089 The UUID is often used where other programs might use a hostname. Hostnames
3090 can change without rebooting, however, or just be "localhost" - so the UUID
3094 <xref linkend="uuids"/> explains the format of the UUID.
3098 <sect2 id="standard-interfaces-introspectable">
3099 <title><literal>org.freedesktop.DBus.Introspectable</literal></title>
3101 This interface has one method:
3103 org.freedesktop.DBus.Introspectable.Introspect (out STRING xml_data)
3107 Objects instances may implement
3108 <literal>Introspect</literal> which returns an XML description of
3109 the object, including its interfaces (with signals and methods), objects
3110 below it in the object path tree, and its properties.
3113 <xref linkend="introspection-format"/> describes the format of this XML string.
3116 <sect2 id="standard-interfaces-properties">
3117 <title><literal>org.freedesktop.DBus.Properties</literal></title>
3119 Many native APIs will have a concept of object <firstterm>properties</firstterm>
3120 or <firstterm>attributes</firstterm>. These can be exposed via the
3121 <literal>org.freedesktop.DBus.Properties</literal> interface.
3125 org.freedesktop.DBus.Properties.Get (in STRING interface_name,
3126 in STRING property_name,
3128 org.freedesktop.DBus.Properties.Set (in STRING interface_name,
3129 in STRING property_name,
3131 org.freedesktop.DBus.Properties.GetAll (in STRING interface_name,
3132 out DICT<STRING,VARIANT> props);
3136 It is conventional to give D-Bus properties names consisting of
3137 capitalized words without punctuation ("CamelCase"), like
3138 <link linkend="message-protocol-names-member">member names</link>.
3139 For instance, the GObject property
3140 <literal>connection-status</literal> or the Qt property
3141 <literal>connectionStatus</literal> could be represented on D-Bus
3142 as <literal>ConnectionStatus</literal>.
3145 Strictly speaking, D-Bus property names are not required to follow
3146 the same naming restrictions as member names, but D-Bus property
3147 names that would not be valid member names (in particular,
3148 GObject-style dash-separated property names) can cause interoperability
3149 problems and should be avoided.
3152 The available properties and whether they are writable can be determined
3153 by calling <literal>org.freedesktop.DBus.Introspectable.Introspect</literal>,
3154 see <xref linkend="standard-interfaces-introspectable"/>.
3157 An empty string may be provided for the interface name; in this case,
3158 if there are multiple properties on an object with the same name,
3159 the results are undefined (picking one by according to an arbitrary
3160 deterministic rule, or returning an error, are the reasonable
3164 If one or more properties change on an object, the
3165 <literal>org.freedesktop.DBus.Properties.PropertiesChanged</literal>
3166 signal may be emitted (this signal was added in 0.14):
3170 org.freedesktop.DBus.Properties.PropertiesChanged (STRING interface_name,
3171 DICT<STRING,VARIANT> changed_properties,
3172 ARRAY<STRING> invalidated_properties);
3176 where <literal>changed_properties</literal> is a dictionary
3177 containing the changed properties with the new values and
3178 <literal>invalidated_properties</literal> is an array of
3179 properties that changed but the value is not conveyed.
3182 Whether the <literal>PropertiesChanged</literal> signal is
3183 supported can be determined by calling
3184 <literal>org.freedesktop.DBus.Introspectable.Introspect</literal>. Note
3185 that the signal may be supported for an object but it may
3186 differ how whether and how it is used on a per-property basis
3187 (for e.g. performance or security reasons). Each property (or
3188 the parent interface) must be annotated with the
3189 <literal>org.freedesktop.DBus.Property.EmitsChangedSignal</literal>
3190 annotation to convey this (usually the default value
3191 <literal>true</literal> is sufficient meaning that the
3192 annotation does not need to be used). See <xref
3193 linkend="introspection-format"/> for details on this
3198 <sect2 id="standard-interfaces-objectmanager">
3199 <title><literal>org.freedesktop.DBus.ObjectManager</literal></title>
3201 An API can optionally make use of this interface for one or
3202 more sub-trees of objects. The root of each sub-tree implements
3203 this interface so other applications can get all objects,
3204 interfaces and properties in a single method call. It is
3205 appropriate to use this interface if users of the tree of
3206 objects are expected to be interested in all interfaces of all
3207 objects in the tree; a more granular API should be used if
3208 users of the objects are expected to be interested in a small
3209 subset of the objects, a small subset of their interfaces, or
3213 The method that applications can use to get all objects and
3214 properties is <literal>GetManagedObjects</literal>:
3218 org.freedesktop.DBus.ObjectManager.GetManagedObjects (out DICT<OBJPATH,DICT<STRING,DICT<STRING,VARIANT>>> objpath_interfaces_and_properties);
3222 The return value of this method is a dict whose keys are
3223 object paths. All returned object paths are children of the
3224 object path implementing this interface, i.e. their object
3225 paths start with the ObjectManager's object path plus '/'.
3228 Each value is a dict whose keys are interfaces names. Each
3229 value in this inner dict is the same dict that would be
3230 returned by the <link
3231 linkend="standard-interfaces-properties">org.freedesktop.DBus.Properties.GetAll()</link>
3232 method for that combination of object path and interface. If
3233 an interface has no properties, the empty dict is returned.
3236 Changes are emitted using the following two signals:
3240 org.freedesktop.DBus.ObjectManager.InterfacesAdded (OBJPATH object_path,
3241 DICT<STRING,DICT<STRING,VARIANT>> interfaces_and_properties);
3242 org.freedesktop.DBus.ObjectManager.InterfacesRemoved (OBJPATH object_path,
3243 ARRAY<STRING> interfaces);
3247 The <literal>InterfacesAdded</literal> signal is emitted when
3248 either a new object is added or when an existing object gains
3249 one or more interfaces. The
3250 <literal>InterfacesRemoved</literal> signal is emitted
3251 whenever an object is removed or it loses one or more
3252 interfaces. The second parameter of the
3253 <literal>InterfacesAdded</literal> signal contains a dict with
3254 the interfaces and properties (if any) that have been added to
3255 the given object path. Similarly, the second parameter of the
3256 <literal>InterfacesRemoved</literal> signal contains an array
3257 of the interfaces that were removed. Note that changes on
3258 properties on existing interfaces are not reported using this
3259 interface - an application should also monitor the existing <link
3260 linkend="standard-interfaces-properties">PropertiesChanged</link>
3261 signal on each object.
3264 Applications SHOULD NOT export objects that are children of an
3265 object (directly or otherwise) implementing this interface but
3266 which are not returned in the reply from the
3267 <literal>GetManagedObjects()</literal> method of this
3268 interface on the given object.
3271 The intent of the <literal>ObjectManager</literal> interface
3272 is to make it easy to write a robust client
3273 implementation. The trivial client implementation only needs
3274 to make two method calls:
3278 org.freedesktop.DBus.AddMatch (bus_proxy,
3279 "type='signal',name='org.example.App',path_namespace='/org/example/App'");
3280 objects = org.freedesktop.DBus.ObjectManager.GetManagedObjects (app_proxy);
3284 on the message bus and the remote application's
3285 <literal>ObjectManager</literal>, respectively. Whenever a new
3286 remote object is created (or an existing object gains a new
3287 interface), the <literal>InterfacesAdded</literal> signal is
3288 emitted, and since this signal contains all properties for the
3289 interfaces, no calls to the
3290 <literal>org.freedesktop.Properties</literal> interface on the
3291 remote object are needed. Additionally, since the initial
3292 <literal>AddMatch()</literal> rule already includes signal
3293 messages from the newly created child object, no new
3294 <literal>AddMatch()</literal> call is needed.
3299 The <literal>org.freedesktop.DBus.ObjectManager</literal>
3300 interface was added in version 0.17 of the D-Bus
3307 <sect1 id="introspection-format">
3308 <title>Introspection Data Format</title>
3310 As described in <xref linkend="standard-interfaces-introspectable"/>,
3311 objects may be introspected at runtime, returning an XML string
3312 that describes the object. The same XML format may be used in
3313 other contexts as well, for example as an "IDL" for generating
3314 static language bindings.
3317 Here is an example of introspection data:
3319 <!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
3320 "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
3321 <node name="/org/freedesktop/sample_object">
3322 <interface name="org.freedesktop.SampleInterface">
3323 <method name="Frobate">
3324 <arg name="foo" type="i" direction="in"/>
3325 <arg name="bar" type="s" direction="out"/>
3326 <arg name="baz" type="a{us}" direction="out"/>
3327 <annotation name="org.freedesktop.DBus.Deprecated" value="true"/>
3329 <method name="Bazify">
3330 <arg name="bar" type="(iiu)" direction="in"/>
3331 <arg name="bar" type="v" direction="out"/>
3333 <method name="Mogrify">
3334 <arg name="bar" type="(iiav)" direction="in"/>
3336 <signal name="Changed">
3337 <arg name="new_value" type="b"/>
3339 <property name="Bar" type="y" access="readwrite"/>
3341 <node name="child_of_sample_object"/>
3342 <node name="another_child_of_sample_object"/>
3347 A more formal DTD and spec needs writing, but here are some quick notes.
3351 Only the root <node> element can omit the node name, as it's
3352 known to be the object that was introspected. If the root
3353 <node> does have a name attribute, it must be an absolute
3354 object path. If child <node> have object paths, they must be
3360 If a child <node> has any sub-elements, then they
3361 must represent a complete introspection of the child.
3362 If a child <node> is empty, then it may or may
3363 not have sub-elements; the child must be introspected
3364 in order to find out. The intent is that if an object
3365 knows that its children are "fast" to introspect
3366 it can go ahead and return their information, but
3367 otherwise it can omit it.
3372 The direction element on <arg> may be omitted,
3373 in which case it defaults to "in" for method calls
3374 and "out" for signals. Signals only allow "out"
3375 so while direction may be specified, it's pointless.
3380 The possible directions are "in" and "out",
3381 unlike CORBA there is no "inout"
3386 The possible property access flags are
3387 "readwrite", "read", and "write"
3392 Multiple interfaces can of course be listed for
3398 The "name" attribute on arguments is optional.
3404 Method, interface, property, and signal elements may have
3405 "annotations", which are generic key/value pairs of metadata.
3406 They are similar conceptually to Java's annotations and C# attributes.
3407 Well-known annotations:
3414 <entry>Values (separated by ,)</entry>
3415 <entry>Description</entry>
3420 <entry>org.freedesktop.DBus.Deprecated</entry>
3421 <entry>true,false</entry>
3422 <entry>Whether or not the entity is deprecated; defaults to false</entry>
3425 <entry>org.freedesktop.DBus.GLib.CSymbol</entry>
3426 <entry>(string)</entry>
3427 <entry>The C symbol; may be used for methods and interfaces</entry>
3430 <entry>org.freedesktop.DBus.Method.NoReply</entry>
3431 <entry>true,false</entry>
3432 <entry>If set, don't expect a reply to the method call; defaults to false.</entry>
3435 <entry>org.freedesktop.DBus.Property.EmitsChangedSignal</entry>
3436 <entry>true,invalidates,false</entry>
3439 If set to <literal>false</literal>, the
3440 <literal>org.freedesktop.DBus.Properties.PropertiesChanged</literal>
3442 linkend="standard-interfaces-properties"/> is not
3443 guaranteed to be emitted if the property changes.
3446 If set to <literal>invalidates</literal> the signal
3447 is emitted but the value is not included in the
3451 If set to <literal>true</literal> the signal is
3452 emitted with the value included.
3455 The value for the annotation defaults to
3456 <literal>true</literal> if the enclosing interface
3457 element does not specify the annotation. Otherwise it
3458 defaults to the value specified in the enclosing
3467 <sect1 id="message-bus">
3468 <title>Message Bus Specification</title>
3469 <sect2 id="message-bus-overview">
3470 <title>Message Bus Overview</title>
3472 The message bus accepts connections from one or more applications.
3473 Once connected, applications can exchange messages with other
3474 applications that are also connected to the bus.
3477 In order to route messages among connections, the message bus keeps a
3478 mapping from names to connections. Each connection has one
3479 unique-for-the-lifetime-of-the-bus name automatically assigned.
3480 Applications may request additional names for a connection. Additional
3481 names are usually "well-known names" such as
3482 "org.freedesktop.TextEditor". When a name is bound to a connection,
3483 that connection is said to <firstterm>own</firstterm> the name.
3486 The bus itself owns a special name, <literal>org.freedesktop.DBus</literal>.
3487 This name routes messages to the bus, allowing applications to make
3488 administrative requests. For example, applications can ask the bus
3489 to assign a name to a connection.
3492 Each name may have <firstterm>queued owners</firstterm>. When an
3493 application requests a name for a connection and the name is already in
3494 use, the bus will optionally add the connection to a queue waiting for
3495 the name. If the current owner of the name disconnects or releases
3496 the name, the next connection in the queue will become the new owner.
3500 This feature causes the right thing to happen if you start two text
3501 editors for example; the first one may request "org.freedesktop.TextEditor",
3502 and the second will be queued as a possible owner of that name. When
3503 the first exits, the second will take over.
3507 Applications may send <firstterm>unicast messages</firstterm> to
3508 a specific recipient or to the message bus itself, or
3509 <firstterm>broadcast messages</firstterm> to all interested recipients.
3510 See <xref linkend="message-bus-routing"/> for details.
3514 <sect2 id="message-bus-names">
3515 <title>Message Bus Names</title>
3517 Each connection has at least one name, assigned at connection time and
3518 returned in response to the
3519 <literal>org.freedesktop.DBus.Hello</literal> method call. This
3520 automatically-assigned name is called the connection's <firstterm>unique
3521 name</firstterm>. Unique names are never reused for two different
3522 connections to the same bus.
3525 Ownership of a unique name is a prerequisite for interaction with
3526 the message bus. It logically follows that the unique name is always
3527 the first name that an application comes to own, and the last
3528 one that it loses ownership of.
3531 Unique connection names must begin with the character ':' (ASCII colon
3532 character); bus names that are not unique names must not begin
3533 with this character. (The bus must reject any attempt by an application
3534 to manually request a name beginning with ':'.) This restriction
3535 categorically prevents "spoofing"; messages sent to a unique name
3536 will always go to the expected connection.
3539 When a connection is closed, all the names that it owns are deleted (or
3540 transferred to the next connection in the queue if any).
3543 A connection can request additional names to be associated with it using
3544 the <literal>org.freedesktop.DBus.RequestName</literal> message. <xref
3545 linkend="message-protocol-names-bus"/> describes the format of a valid
3546 name. These names can be released again using the
3547 <literal>org.freedesktop.DBus.ReleaseName</literal> message.
3550 <sect3 id="bus-messages-request-name">
3551 <title><literal>org.freedesktop.DBus.RequestName</literal></title>
3555 UINT32 RequestName (in STRING name, in UINT32 flags)
3562 <entry>Argument</entry>
3564 <entry>Description</entry>
3570 <entry>STRING</entry>
3571 <entry>Name to request</entry>
3575 <entry>UINT32</entry>
3576 <entry>Flags</entry>
3586 <entry>Argument</entry>
3588 <entry>Description</entry>
3594 <entry>UINT32</entry>
3595 <entry>Return value</entry>
3602 This method call should be sent to
3603 <literal>org.freedesktop.DBus</literal> and asks the message bus to
3604 assign the given name to the method caller. Each name maintains a
3605 queue of possible owners, where the head of the queue is the primary
3606 or current owner of the name. Each potential owner in the queue
3607 maintains the DBUS_NAME_FLAG_ALLOW_REPLACEMENT and
3608 DBUS_NAME_FLAG_DO_NOT_QUEUE settings from its latest RequestName
3609 call. When RequestName is invoked the following occurs:
3613 If the method caller is currently the primary owner of the name,
3614 the DBUS_NAME_FLAG_ALLOW_REPLACEMENT and DBUS_NAME_FLAG_DO_NOT_QUEUE
3615 values are updated with the values from the new RequestName call,
3616 and nothing further happens.
3622 If the current primary owner (head of the queue) has
3623 DBUS_NAME_FLAG_ALLOW_REPLACEMENT set, and the RequestName
3624 invocation has the DBUS_NAME_FLAG_REPLACE_EXISTING flag, then
3625 the caller of RequestName replaces the current primary owner at
3626 the head of the queue and the current primary owner moves to the
3627 second position in the queue. If the caller of RequestName was
3628 in the queue previously its flags are updated with the values from
3629 the new RequestName in addition to moving it to the head of the queue.
3635 If replacement is not possible, and the method caller is
3636 currently in the queue but not the primary owner, its flags are
3637 updated with the values from the new RequestName call.
3643 If replacement is not possible, and the method caller is
3644 currently not in the queue, the method caller is appended to the
3651 If any connection in the queue has DBUS_NAME_FLAG_DO_NOT_QUEUE
3652 set and is not the primary owner, it is removed from the
3653 queue. This can apply to the previous primary owner (if it
3654 was replaced) or the method caller (if it updated the
3655 DBUS_NAME_FLAG_DO_NOT_QUEUE flag while still stuck in the
3656 queue, or if it was just added to the queue with that flag set).
3662 Note that DBUS_NAME_FLAG_REPLACE_EXISTING results in "jumping the
3663 queue," even if another application already in the queue had specified
3664 DBUS_NAME_FLAG_REPLACE_EXISTING. This comes up if a primary owner
3665 that does not allow replacement goes away, and the next primary owner
3666 does allow replacement. In this case, queued items that specified
3667 DBUS_NAME_FLAG_REPLACE_EXISTING <emphasis>do not</emphasis>
3668 automatically replace the new primary owner. In other words,
3669 DBUS_NAME_FLAG_REPLACE_EXISTING is not saved, it is only used at the
3670 time RequestName is called. This is deliberate to avoid an infinite loop
3671 anytime two applications are both DBUS_NAME_FLAG_ALLOW_REPLACEMENT
3672 and DBUS_NAME_FLAG_REPLACE_EXISTING.
3675 The flags argument contains any of the following values logically ORed
3682 <entry>Conventional Name</entry>
3683 <entry>Value</entry>
3684 <entry>Description</entry>
3689 <entry>DBUS_NAME_FLAG_ALLOW_REPLACEMENT</entry>
3693 If an application A specifies this flag and succeeds in
3694 becoming the owner of the name, and another application B
3695 later calls RequestName with the
3696 DBUS_NAME_FLAG_REPLACE_EXISTING flag, then application A
3697 will lose ownership and receive a
3698 <literal>org.freedesktop.DBus.NameLost</literal> signal, and
3699 application B will become the new owner. If DBUS_NAME_FLAG_ALLOW_REPLACEMENT
3700 is not specified by application A, or DBUS_NAME_FLAG_REPLACE_EXISTING
3701 is not specified by application B, then application B will not replace
3702 application A as the owner.
3707 <entry>DBUS_NAME_FLAG_REPLACE_EXISTING</entry>
3711 Try to replace the current owner if there is one. If this
3712 flag is not set the application will only become the owner of
3713 the name if there is no current owner. If this flag is set,
3714 the application will replace the current owner if
3715 the current owner specified DBUS_NAME_FLAG_ALLOW_REPLACEMENT.
3720 <entry>DBUS_NAME_FLAG_DO_NOT_QUEUE</entry>
3724 Without this flag, if an application requests a name that is
3725 already owned, the application will be placed in a queue to
3726 own the name when the current owner gives it up. If this
3727 flag is given, the application will not be placed in the
3728 queue, the request for the name will simply fail. This flag
3729 also affects behavior when an application is replaced as
3730 name owner; by default the application moves back into the
3731 waiting queue, unless this flag was provided when the application
3732 became the name owner.
3740 The return code can be one of the following values:
3746 <entry>Conventional Name</entry>
3747 <entry>Value</entry>
3748 <entry>Description</entry>
3753 <entry>DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER</entry>
3754 <entry>1</entry> <entry>The caller is now the primary owner of
3755 the name, replacing any previous owner. Either the name had no
3756 owner before, or the caller specified
3757 DBUS_NAME_FLAG_REPLACE_EXISTING and the current owner specified
3758 DBUS_NAME_FLAG_ALLOW_REPLACEMENT.</entry>
3761 <entry>DBUS_REQUEST_NAME_REPLY_IN_QUEUE</entry>
3764 <entry>The name already had an owner,
3765 DBUS_NAME_FLAG_DO_NOT_QUEUE was not specified, and either
3766 the current owner did not specify
3767 DBUS_NAME_FLAG_ALLOW_REPLACEMENT or the requesting
3768 application did not specify DBUS_NAME_FLAG_REPLACE_EXISTING.
3772 <entry>DBUS_REQUEST_NAME_REPLY_EXISTS</entry> <entry>3</entry>
3773 <entry>The name already has an owner,
3774 DBUS_NAME_FLAG_DO_NOT_QUEUE was specified, and either
3775 DBUS_NAME_FLAG_ALLOW_REPLACEMENT was not specified by the
3776 current owner, or DBUS_NAME_FLAG_REPLACE_EXISTING was not
3777 specified by the requesting application.</entry>
3780 <entry>DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER</entry>
3782 <entry>The application trying to request ownership of a name is already the owner of it.</entry>
3790 <sect3 id="bus-messages-release-name">
3791 <title><literal>org.freedesktop.DBus.ReleaseName</literal></title>
3795 UINT32 ReleaseName (in STRING name)
3802 <entry>Argument</entry>
3804 <entry>Description</entry>
3810 <entry>STRING</entry>
3811 <entry>Name to release</entry>
3821 <entry>Argument</entry>
3823 <entry>Description</entry>
3829 <entry>UINT32</entry>
3830 <entry>Return value</entry>
3837 This method call should be sent to
3838 <literal>org.freedesktop.DBus</literal> and asks the message bus to
3839 release the method caller's claim to the given name. If the caller is
3840 the primary owner, a new primary owner will be selected from the
3841 queue if any other owners are waiting. If the caller is waiting in
3842 the queue for the name, the caller will removed from the queue and
3843 will not be made an owner of the name if it later becomes available.
3844 If there are no other owners in the queue for the name, it will be
3845 removed from the bus entirely.
3847 The return code can be one of the following values:
3853 <entry>Conventional Name</entry>
3854 <entry>Value</entry>
3855 <entry>Description</entry>
3860 <entry>DBUS_RELEASE_NAME_REPLY_RELEASED</entry>
3861 <entry>1</entry> <entry>The caller has released his claim on
3862 the given name. Either the caller was the primary owner of
3863 the name, and the name is now unused or taken by somebody
3864 waiting in the queue for the name, or the caller was waiting
3865 in the queue for the name and has now been removed from the
3869 <entry>DBUS_RELEASE_NAME_REPLY_NON_EXISTENT</entry>
3871 <entry>The given name does not exist on this bus.</entry>
3874 <entry>DBUS_RELEASE_NAME_REPLY_NOT_OWNER</entry>
3876 <entry>The caller was not the primary owner of this name,
3877 and was also not waiting in the queue to own this name.</entry>
3885 <sect3 id="bus-messages-list-queued-owners">
3886 <title><literal>org.freedesktop.DBus.ListQueuedOwners</literal></title>
3890 ARRAY of STRING ListQueuedOwners (in STRING name)
3897 <entry>Argument</entry>
3899 <entry>Description</entry>
3905 <entry>STRING</entry>
3906 <entry>The well-known bus name to query, such as
3907 <literal>com.example.cappuccino</literal></entry>
3917 <entry>Argument</entry>
3919 <entry>Description</entry>
3925 <entry>ARRAY of STRING</entry>
3926 <entry>The unique bus names of connections currently queued
3927 for the name</entry>
3934 This method call should be sent to
3935 <literal>org.freedesktop.DBus</literal> and lists the connections
3936 currently queued for a bus name (see
3937 <xref linkend="term-queued-owner"/>).
3942 <sect2 id="message-bus-routing">
3943 <title>Message Bus Message Routing</title>
3946 Messages may have a <literal>DESTINATION</literal> field (see <xref
3947 linkend="message-protocol-header-fields"/>), resulting in a
3948 <firstterm>unicast message</firstterm>. If the
3949 <literal>DESTINATION</literal> field is present, it specifies a message
3950 recipient by name. Method calls and replies normally specify this field.
3951 The message bus must send messages (of any type) with the
3952 <literal>DESTINATION</literal> field set to the specified recipient,
3953 regardless of whether the recipient has set up a match rule matching
3958 When the message bus receives a signal, if the
3959 <literal>DESTINATION</literal> field is absent, it is considered to
3960 be a <firstterm>broadcast signal</firstterm>, and is sent to all
3961 applications with <firstterm>message matching rules</firstterm> that
3962 match the message. Most signal messages are broadcasts.
3966 Unicast signal messages (those with a <literal>DESTINATION</literal>
3967 field) are not commonly used, but they are treated like any unicast
3968 message: they are delivered to the specified receipient,
3969 regardless of its match rules. One use for unicast signals is to
3970 avoid a race condition in which a signal is emitted before the intended
3971 recipient can call <xref linkend="bus-messages-add-match"/> to
3972 receive that signal: if the signal is sent directly to that recipient
3973 using a unicast message, it does not need to add a match rule at all,
3974 and there is no race condition. Another use for unicast signals,
3975 on message buses whose security policy prevents eavesdropping, is to
3976 send sensitive information which should only be visible to one
3981 When the message bus receives a method call, if the
3982 <literal>DESTINATION</literal> field is absent, the call is taken to be
3983 a standard one-to-one message and interpreted by the message bus
3984 itself. For example, sending an
3985 <literal>org.freedesktop.DBus.Peer.Ping</literal> message with no
3986 <literal>DESTINATION</literal> will cause the message bus itself to
3987 reply to the ping immediately; the message bus will not make this
3988 message visible to other applications.
3992 Continuing the <literal>org.freedesktop.DBus.Peer.Ping</literal> example, if
3993 the ping message were sent with a <literal>DESTINATION</literal> name of
3994 <literal>com.yoyodyne.Screensaver</literal>, then the ping would be
3995 forwarded, and the Yoyodyne Corporation screensaver application would be
3996 expected to reply to the ping.
4000 Message bus implementations may impose a security policy which
4001 prevents certain messages from being sent or received.
4002 When a message cannot be sent or received due to a security
4003 policy, the message bus should send an error reply, unless the
4004 original message had the <literal>NO_REPLY</literal> flag.
4007 <sect3 id="message-bus-routing-eavesdropping">
4008 <title>Eavesdropping</title>
4010 Receiving a unicast message whose <literal>DESTINATION</literal>
4011 indicates a different recipient is called
4012 <firstterm>eavesdropping</firstterm>. On a message bus which acts as
4013 a security boundary (like the standard system bus), the security
4014 policy should usually prevent eavesdropping, since unicast messages
4015 are normally kept private and may contain security-sensitive
4020 Eavesdropping is mainly useful for debugging tools, such as
4021 the <literal>dbus-monitor</literal> tool in the reference
4022 implementation of D-Bus. Tools which eavesdrop on the message bus
4023 should be careful to avoid sending a reply or error in response to
4024 messages intended for a different client.
4028 Clients may attempt to eavesdrop by adding match rules
4029 (see <xref linkend="message-bus-routing-match-rules"/>) containing
4030 the <literal>eavesdrop='true'</literal> match. If the message bus'
4031 security policy does not allow eavesdropping, the match rule can
4032 still be added, but will not have any practical effect. For
4033 compatibility with older message bus implementations, if adding such
4034 a match rule results in an error reply, the client may fall back to
4035 adding the same rule with the <literal>eavesdrop</literal> match
4040 <sect3 id="message-bus-routing-match-rules">
4041 <title>Match Rules</title>
4043 An important part of the message bus routing protocol is match
4044 rules. Match rules describe the messages that should be sent to a
4045 client, based on the contents of the message. Broadcast signals
4046 are only sent to clients which have a suitable match rule: this
4047 avoids waking up client processes to deal with signals that are
4048 not relevant to that client.
4051 Messages that list a client as their <literal>DESTINATION</literal>
4052 do not need to match the client's match rules, and are sent to that
4053 client regardless. As a result, match rules are mainly used to
4054 receive a subset of broadcast signals.
4057 Match rules can also be used for eavesdropping
4058 (see <xref linkend="message-bus-routing-eavesdropping"/>),
4059 if the security policy of the message bus allows it.
4062 Match rules are added using the AddMatch bus method
4063 (see <xref linkend="bus-messages-add-match"/>). Rules are
4064 specified as a string of comma separated key/value pairs.
4065 Excluding a key from the rule indicates a wildcard match.
4066 For instance excluding the the member from a match rule but
4067 adding a sender would let all messages from that sender through.
4068 An example of a complete rule would be
4069 "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='Foo',path='/bar/foo',destination=':452345.34',arg2='bar'"
4072 The following table describes the keys that can be used to create
4074 The following table summarizes the D-Bus types.
4080 <entry>Possible Values</entry>
4081 <entry>Description</entry>
4086 <entry><literal>type</literal></entry>
4087 <entry>'signal', 'method_call', 'method_return', 'error'</entry>
4088 <entry>Match on the message type. An example of a type match is type='signal'</entry>
4091 <entry><literal>sender</literal></entry>
4092 <entry>A bus or unique name (see <xref linkend="term-bus-name"/>
4093 and <xref linkend="term-unique-name"/> respectively)
4095 <entry>Match messages sent by a particular sender. An example of a sender match
4096 is sender='org.freedesktop.Hal'</entry>
4099 <entry><literal>interface</literal></entry>
4100 <entry>An interface name (see <xref linkend="message-protocol-names-interface"/>)</entry>
4101 <entry>Match messages sent over or to a particular interface. An example of an
4102 interface match is interface='org.freedesktop.Hal.Manager'.
4103 If a message omits the interface header, it must not match any rule
4104 that specifies this key.</entry>
4107 <entry><literal>member</literal></entry>
4108 <entry>Any valid method or signal name</entry>
4109 <entry>Matches messages which have the give method or signal name. An example of
4110 a member match is member='NameOwnerChanged'</entry>
4113 <entry><literal>path</literal></entry>
4114 <entry>An object path (see <xref linkend="message-protocol-marshaling-object-path"/>)</entry>
4115 <entry>Matches messages which are sent from or to the given object. An example of a
4116 path match is path='/org/freedesktop/Hal/Manager'</entry>
4119 <entry><literal>path_namespace</literal></entry>
4120 <entry>An object path</entry>
4123 Matches messages which are sent from or to an
4124 object for which the object path is either the
4125 given value, or that value followed by one or
4126 more path components.
4131 <literal>path_namespace='/com/example/foo'</literal>
4132 would match signals sent by
4133 <literal>/com/example/foo</literal>
4135 <literal>/com/example/foo/bar</literal>,
4137 <literal>/com/example/foobar</literal>.
4141 Using both <literal>path</literal> and
4142 <literal>path_namespace</literal> in the same match
4143 rule is not allowed.
4148 This match key was added in version 0.16 of the
4149 D-Bus specification and implemented by the bus
4150 daemon in dbus 1.5.0 and later.
4156 <entry><literal>destination</literal></entry>
4157 <entry>A unique name (see <xref linkend="term-unique-name"/>)</entry>
4158 <entry>Matches messages which are being sent to the given unique name. An
4159 example of a destination match is destination=':1.0'</entry>
4162 <entry><literal>arg[0, 1, 2, 3, ...]</literal></entry>
4163 <entry>Any string</entry>
4164 <entry>Arg matches are special and are used for further restricting the
4165 match based on the arguments in the body of a message. Only arguments of type
4166 STRING can be matched in this way. An example of an argument match
4167 would be arg3='Foo'. Only argument indexes from 0 to 63 should be
4171 <entry><literal>arg[0, 1, 2, 3, ...]path</literal></entry>
4172 <entry>Any string</entry>
4174 <para>Argument path matches provide a specialised form of wildcard matching for
4175 path-like namespaces. They can match arguments whose type is either STRING or
4176 OBJECT_PATH. As with normal argument matches,
4177 if the argument is exactly equal to the string given in the match
4178 rule then the rule is satisfied. Additionally, there is also a
4179 match when either the string given in the match rule or the
4180 appropriate message argument ends with '/' and is a prefix of the
4181 other. An example argument path match is arg0path='/aa/bb/'. This
4182 would match messages with first arguments of '/', '/aa/',
4183 '/aa/bb/', '/aa/bb/cc/' and '/aa/bb/cc'. It would not match
4184 messages with first arguments of '/aa/b', '/aa' or even '/aa/bb'.</para>
4186 <para>This is intended for monitoring “directories” in file system-like
4187 hierarchies, as used in the <citetitle>dconf</citetitle> configuration
4188 system. An application interested in all nodes in a particular hierarchy would
4189 monitor <literal>arg0path='/ca/example/foo/'</literal>. Then the service could
4190 emit a signal with zeroth argument <literal>"/ca/example/foo/bar"</literal> to
4191 represent a modification to the “bar” property, or a signal with zeroth
4192 argument <literal>"/ca/example/"</literal> to represent atomic modification of
4193 many properties within that directory, and the interested application would be
4194 notified in both cases.</para>
4197 This match key was added in version 0.12 of the
4198 D-Bus specification, implemented for STRING
4199 arguments by the bus daemon in dbus 1.2.0 and later,
4200 and implemented for OBJECT_PATH arguments in dbus 1.5.0
4207 <entry><literal>arg0namespace</literal></entry>
4208 <entry>Like a bus name, except that the string is not
4209 required to contain a '.' (period)</entry>
4211 <para>Match messages whose first argument is of type STRING, and is a bus name
4212 or interface name within the specified namespace. This is primarily intended
4213 for watching name owner changes for a group of related bus names, rather than
4214 for a single name or all name changes.</para>
4216 <para>Because every valid interface name is also a valid
4217 bus name, this can also be used for messages whose
4218 first argument is an interface name.</para>
4220 <para>For example, the match rule
4221 <literal>member='NameOwnerChanged',arg0namespace='com.example.backend'</literal>
4222 matches name owner changes for bus names such as
4223 <literal>com.example.backend.foo</literal>,
4224 <literal>com.example.backend.foo.bar</literal>, and
4225 <literal>com.example.backend</literal> itself.</para>
4227 <para>See also <xref linkend='bus-messages-name-owner-changed'/>.</para>
4230 This match key was added in version 0.16 of the
4231 D-Bus specification and implemented by the bus
4232 daemon in dbus 1.5.0 and later.
4238 <entry><literal>eavesdrop</literal></entry>
4239 <entry><literal>'true'</literal>, <literal>'false'</literal></entry>
4240 <entry>Since D-Bus 1.5.6, match rules do not
4241 match messages which have a <literal>DESTINATION</literal>
4242 field unless the match rule specifically
4244 (see <xref linkend="message-bus-routing-eavesdropping"/>)
4245 by specifying <literal>eavesdrop='true'</literal>
4246 in the match rule. <literal>eavesdrop='false'</literal>
4247 restores the default behaviour. Messages are
4248 delivered to their <literal>DESTINATION</literal>
4249 regardless of match rules, so this match does not
4250 affect normal delivery of unicast messages.
4251 If the message bus has a security policy which forbids
4252 eavesdropping, this match may still be used without error,
4253 but will not have any practical effect.
4254 In older versions of D-Bus, this match was not allowed
4255 in match rules, and all match rules behaved as if
4256 <literal>eavesdrop='true'</literal> had been used.
4265 <sect2 id="message-bus-starting-services">
4266 <title>Message Bus Starting Services</title>
4268 The message bus can start applications on behalf of other applications.
4269 In CORBA terms, this would be called <firstterm>activation</firstterm>.
4270 An application that can be started in this way is called a
4271 <firstterm>service</firstterm>.
4274 With D-Bus, starting a service is normally done by name. That is,
4275 applications ask the message bus to start some program that will own a
4276 well-known name, such as <literal>org.freedesktop.TextEditor</literal>.
4277 This implies a contract documented along with the name
4278 <literal>org.freedesktop.TextEditor</literal> for which objects
4279 the owner of that name will provide, and what interfaces those
4283 To find an executable corresponding to a particular name, the bus daemon
4284 looks for <firstterm>service description files</firstterm>. Service
4285 description files define a mapping from names to executables. Different
4286 kinds of message bus will look for these files in different places, see
4287 <xref linkend="message-bus-types"/>.
4290 Service description files have the ".service" file
4291 extension. The message bus will only load service description files
4292 ending with .service; all other files will be ignored. The file format
4293 is similar to that of <ulink
4294 url="http://standards.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html">desktop
4295 entries</ulink>. All service description files must be in UTF-8
4296 encoding. To ensure that there will be no name collisions, service files
4297 must be namespaced using the same mechanism as messages and service
4302 [FIXME the file format should be much better specified than "similar to
4303 .desktop entries" esp. since desktop entries are already
4304 badly-specified. ;-)]
4305 These sections from the specification apply to service files as well:
4308 <listitem><para>General syntax</para></listitem>
4309 <listitem><para>Comment format</para></listitem>
4313 <title>Example service description file</title>
4315 # Sample service description file
4317 Names=org.freedesktop.ConfigurationDatabase;org.gnome.GConf;
4318 Exec=/usr/libexec/gconfd-2
4323 When an application asks to start a service by name, the bus daemon tries to
4324 find a service that will own that name. It then tries to spawn the
4325 executable associated with it. If this fails, it will report an
4326 error. [FIXME what happens if two .service files offer the same service;
4327 what kind of error is reported, should we have a way for the client to
4331 The executable launched will have the environment variable
4332 <literal>DBUS_STARTER_ADDRESS</literal> set to the address of the
4333 message bus so it can connect and request the appropriate names.
4336 The executable being launched may want to know whether the message bus
4337 starting it is one of the well-known message buses (see <xref
4338 linkend="message-bus-types"/>). To facilitate this, the bus must also set
4339 the <literal>DBUS_STARTER_BUS_TYPE</literal> environment variable if it is one
4340 of the well-known buses. The currently-defined values for this variable
4341 are <literal>system</literal> for the systemwide message bus,
4342 and <literal>session</literal> for the per-login-session message
4343 bus. The new executable must still connect to the address given
4344 in <literal>DBUS_STARTER_ADDRESS</literal>, but may assume that the
4345 resulting connection is to the well-known bus.
4348 [FIXME there should be a timeout somewhere, either specified
4349 in the .service file, by the client, or just a global value
4350 and if the client being activated fails to connect within that
4351 timeout, an error should be sent back.]
4354 <sect3 id="message-bus-starting-services-scope">
4355 <title>Message Bus Service Scope</title>
4357 The "scope" of a service is its "per-", such as per-session,
4358 per-machine, per-home-directory, or per-display. The reference
4359 implementation doesn't yet support starting services in a different
4360 scope from the message bus itself. So e.g. if you start a service
4361 on the session bus its scope is per-session.
4364 We could add an optional scope to a bus name. For example, for
4365 per-(display,session pair), we could have a unique ID for each display
4366 generated automatically at login and set on screen 0 by executing a
4367 special "set display ID" binary. The ID would be stored in a
4368 <literal>_DBUS_DISPLAY_ID</literal> property and would be a string of
4369 random bytes. This ID would then be used to scope names.
4370 Starting/locating a service could be done by ID-name pair rather than
4374 Contrast this with a per-display scope. To achieve that, we would
4375 want a single bus spanning all sessions using a given display.
4376 So we might set a <literal>_DBUS_DISPLAY_BUS_ADDRESS</literal>
4377 property on screen 0 of the display, pointing to this bus.
4382 <sect2 id="message-bus-types">
4383 <title>Well-known Message Bus Instances</title>
4385 Two standard message bus instances are defined here, along with how
4386 to locate them and where their service files live.
4388 <sect3 id="message-bus-types-login">
4389 <title>Login session message bus</title>
4391 Each time a user logs in, a <firstterm>login session message
4392 bus</firstterm> may be started. All applications in the user's login
4393 session may interact with one another using this message bus.
4396 The address of the login session message bus is given
4397 in the <literal>DBUS_SESSION_BUS_ADDRESS</literal> environment
4398 variable. If that variable is not set, applications may
4399 also try to read the address from the X Window System root
4400 window property <literal>_DBUS_SESSION_BUS_ADDRESS</literal>.
4401 The root window property must have type <literal>STRING</literal>.
4402 The environment variable should have precedence over the
4403 root window property.
4405 <para>The address of the login session message bus is given in the
4406 <literal>DBUS_SESSION_BUS_ADDRESS</literal> environment variable. If
4407 DBUS_SESSION_BUS_ADDRESS is not set, or if it's set to the string
4408 "autolaunch:", the system should use platform-specific methods of
4409 locating a running D-Bus session server, or starting one if a running
4410 instance cannot be found. Note that this mechanism is not recommended
4411 for attempting to determine if a daemon is running. It is inherently
4412 racy to attempt to make this determination, since the bus daemon may
4413 be started just before or just after the determination is made.
4414 Therefore, it is recommended that applications do not try to make this
4415 determination for their functionality purposes, and instead they
4416 should attempt to start the server.</para>
4418 <sect4 id="message-bus-types-login-x-windows">
4419 <title>X Windowing System</title>
4421 For the X Windowing System, the application must locate the
4422 window owner of the selection represented by the atom formed by
4426 <para>the literal string "_DBUS_SESSION_BUS_SELECTION_"</para>
4430 <para>the current user's username</para>
4434 <para>the literal character '_' (underscore)</para>
4438 <para>the machine's ID</para>
4444 The following properties are defined for the window that owns
4446 <informaltable frame="all">
4455 <para>meaning</para>
4461 <para>_DBUS_SESSION_BUS_ADDRESS</para>
4465 <para>the actual address of the server socket</para>
4471 <para>_DBUS_SESSION_BUS_PID</para>
4475 <para>the PID of the server process</para>
4484 At least the _DBUS_SESSION_BUS_ADDRESS property MUST be
4485 present in this window.
4489 If the X selection cannot be located or if reading the
4490 properties from the window fails, the implementation MUST conclude
4491 that there is no D-Bus server running and proceed to start a new
4492 server. (See below on concurrency issues)
4496 Failure to connect to the D-Bus server address thus obtained
4497 MUST be treated as a fatal connection error and should be reported
4502 As an alternative, an implementation MAY find the information
4503 in the following file located in the current user's home directory,
4504 in subdirectory .dbus/session-bus/:
4507 <para>the machine's ID</para>
4511 <para>the literal character '-' (dash)</para>
4515 <para>the X display without the screen number, with the
4516 following prefixes removed, if present: ":", "localhost:"
4517 ."localhost.localdomain:". That is, a display of
4518 "localhost:10.0" produces just the number "10"</para>
4524 The contents of this file NAME=value assignment pairs and
4525 lines starting with # are comments (no comments are allowed
4526 otherwise). The following variable names are defined:
4533 <para>Variable</para>
4537 <para>meaning</para>
4543 <para>DBUS_SESSION_BUS_ADDRESS</para>
4547 <para>the actual address of the server socket</para>
4553 <para>DBUS_SESSION_BUS_PID</para>
4557 <para>the PID of the server process</para>
4563 <para>DBUS_SESSION_BUS_WINDOWID</para>
4567 <para>the window ID</para>
4576 At least the DBUS_SESSION_BUS_ADDRESS variable MUST be present
4581 Failure to open this file MUST be interpreted as absence of a
4582 running server. Therefore, the implementation MUST proceed to
4583 attempting to launch a new bus server if the file cannot be
4588 However, success in opening this file MUST NOT lead to the
4589 conclusion that the server is running. Thus, a failure to connect to
4590 the bus address obtained by the alternative method MUST NOT be
4591 considered a fatal error. If the connection cannot be established,
4592 the implementation MUST proceed to check the X selection settings or
4593 to start the server on its own.
4597 If the implementation concludes that the D-Bus server is not
4598 running it MUST attempt to start a new server and it MUST also
4599 ensure that the daemon started as an effect of the "autolaunch"
4600 mechanism provides the lookup mechanisms described above, so
4601 subsequent calls can locate the newly started server. The
4602 implementation MUST also ensure that if two or more concurrent
4603 initiations happen, only one server remains running and all other
4604 initiations are able to obtain the address of this server and
4605 connect to it. In other words, the implementation MUST ensure that
4606 the X selection is not present when it attempts to set it, without
4607 allowing another process to set the selection between the
4608 verification and the setting (e.g., by using XGrabServer /
4615 On Unix systems, the session bus should search for .service files
4616 in <literal>$XDG_DATA_DIRS/dbus-1/services</literal> as defined
4618 <ulink url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG Base Directory Specification</ulink>.
4619 Implementations may also search additional locations, which
4620 should be searched with lower priority than anything in
4621 XDG_DATA_HOME, XDG_DATA_DIRS or their respective defaults;
4622 for example, the reference implementation also
4623 looks in <literal>${datadir}/dbus-1/services</literal> as
4624 set at compile time.
4627 As described in the XDG Base Directory Specification, software
4628 packages should install their session .service files to their
4629 configured <literal>${datadir}/dbus-1/services</literal>,
4630 where <literal>${datadir}</literal> is as defined by the GNU
4631 coding standards. System administrators or users can arrange
4632 for these service files to be read by setting XDG_DATA_DIRS or by
4633 symlinking them into the default locations.
4637 <sect3 id="message-bus-types-system">
4638 <title>System message bus</title>
4640 A computer may have a <firstterm>system message bus</firstterm>,
4641 accessible to all applications on the system. This message bus may be
4642 used to broadcast system events, such as adding new hardware devices,
4643 changes in the printer queue, and so forth.
4646 The address of the system message bus is given
4647 in the <literal>DBUS_SYSTEM_BUS_ADDRESS</literal> environment
4648 variable. If that variable is not set, applications should try
4649 to connect to the well-known address
4650 <literal>unix:path=/var/run/dbus/system_bus_socket</literal>.
4653 The D-Bus reference implementation actually honors the
4654 <literal>$(localstatedir)</literal> configure option
4655 for this address, on both client and server side.
4660 On Unix systems, the system bus should default to searching
4661 for .service files in
4662 <literal>/usr/local/share/dbus-1/system-services</literal>,
4663 <literal>/usr/share/dbus-1/system-services</literal> and
4664 <literal>/lib/dbus-1/system-services</literal>, with that order
4665 of precedence. It may also search other implementation-specific
4666 locations, but should not vary these locations based on environment
4670 The system bus is security-sensitive and is typically executed
4671 by an init system with a clean environment. Its launch helper
4672 process is particularly security-sensitive, and specifically
4673 clears its own environment.
4678 Software packages should install their system .service
4679 files to their configured
4680 <literal>${datadir}/dbus-1/system-services</literal>,
4681 where <literal>${datadir}</literal> is as defined by the GNU
4682 coding standards. System administrators can arrange
4683 for these service files to be read by editing the system bus'
4684 configuration file or by symlinking them into the default
4690 <sect2 id="message-bus-messages">
4691 <title>Message Bus Messages</title>
4693 The special message bus name <literal>org.freedesktop.DBus</literal>
4694 responds to a number of additional messages.
4697 <sect3 id="bus-messages-hello">
4698 <title><literal>org.freedesktop.DBus.Hello</literal></title>
4709 <entry>Argument</entry>
4711 <entry>Description</entry>
4717 <entry>STRING</entry>
4718 <entry>Unique name assigned to the connection</entry>
4725 Before an application is able to send messages to other applications
4726 it must send the <literal>org.freedesktop.DBus.Hello</literal> message
4727 to the message bus to obtain a unique name. If an application without
4728 a unique name tries to send a message to another application, or a
4729 message to the message bus itself that isn't the
4730 <literal>org.freedesktop.DBus.Hello</literal> message, it will be
4731 disconnected from the bus.
4734 There is no corresponding "disconnect" request; if a client wishes to
4735 disconnect from the bus, it simply closes the socket (or other
4736 communication channel).
4739 <sect3 id="bus-messages-list-names">
4740 <title><literal>org.freedesktop.DBus.ListNames</literal></title>
4744 ARRAY of STRING ListNames ()
4751 <entry>Argument</entry>
4753 <entry>Description</entry>
4759 <entry>ARRAY of STRING</entry>
4760 <entry>Array of strings where each string is a bus name</entry>
4767 Returns a list of all currently-owned names on the bus.
4770 <sect3 id="bus-messages-list-activatable-names">
4771 <title><literal>org.freedesktop.DBus.ListActivatableNames</literal></title>
4775 ARRAY of STRING ListActivatableNames ()
4782 <entry>Argument</entry>
4784 <entry>Description</entry>
4790 <entry>ARRAY of STRING</entry>
4791 <entry>Array of strings where each string is a bus name</entry>
4798 Returns a list of all names that can be activated on the bus.
4801 <sect3 id="bus-messages-name-exists">
4802 <title><literal>org.freedesktop.DBus.NameHasOwner</literal></title>
4806 BOOLEAN NameHasOwner (in STRING name)
4813 <entry>Argument</entry>
4815 <entry>Description</entry>
4821 <entry>STRING</entry>
4822 <entry>Name to check</entry>
4832 <entry>Argument</entry>
4834 <entry>Description</entry>
4840 <entry>BOOLEAN</entry>
4841 <entry>Return value, true if the name exists</entry>
4848 Checks if the specified name exists (currently has an owner).
4852 <sect3 id="bus-messages-name-owner-changed">
4853 <title><literal>org.freedesktop.DBus.NameOwnerChanged</literal></title>
4857 NameOwnerChanged (STRING name, STRING old_owner, STRING new_owner)
4864 <entry>Argument</entry>
4866 <entry>Description</entry>
4872 <entry>STRING</entry>
4873 <entry>Name with a new owner</entry>
4877 <entry>STRING</entry>
4878 <entry>Old owner or empty string if none</entry>
4882 <entry>STRING</entry>
4883 <entry>New owner or empty string if none</entry>
4890 This signal indicates that the owner of a name has changed.
4891 It's also the signal to use to detect the appearance of
4892 new names on the bus.
4895 <sect3 id="bus-messages-name-lost">
4896 <title><literal>org.freedesktop.DBus.NameLost</literal></title>
4900 NameLost (STRING name)
4907 <entry>Argument</entry>
4909 <entry>Description</entry>
4915 <entry>STRING</entry>
4916 <entry>Name which was lost</entry>
4923 This signal is sent to a specific application when it loses
4924 ownership of a name.
4928 <sect3 id="bus-messages-name-acquired">
4929 <title><literal>org.freedesktop.DBus.NameAcquired</literal></title>
4933 NameAcquired (STRING name)
4940 <entry>Argument</entry>
4942 <entry>Description</entry>
4948 <entry>STRING</entry>
4949 <entry>Name which was acquired</entry>
4956 This signal is sent to a specific application when it gains
4957 ownership of a name.
4961 <sect3 id="bus-messages-start-service-by-name">
4962 <title><literal>org.freedesktop.DBus.StartServiceByName</literal></title>
4966 UINT32 StartServiceByName (in STRING name, in UINT32 flags)
4973 <entry>Argument</entry>
4975 <entry>Description</entry>
4981 <entry>STRING</entry>
4982 <entry>Name of the service to start</entry>
4986 <entry>UINT32</entry>
4987 <entry>Flags (currently not used)</entry>
4997 <entry>Argument</entry>
4999 <entry>Description</entry>
5005 <entry>UINT32</entry>
5006 <entry>Return value</entry>
5011 Tries to launch the executable associated with a name. For more information, see <xref linkend="message-bus-starting-services"/>.
5015 The return value can be one of the following values:
5020 <entry>Identifier</entry>
5021 <entry>Value</entry>
5022 <entry>Description</entry>
5027 <entry>DBUS_START_REPLY_SUCCESS</entry>
5029 <entry>The service was successfully started.</entry>
5032 <entry>DBUS_START_REPLY_ALREADY_RUNNING</entry>
5034 <entry>A connection already owns the given name.</entry>
5043 <sect3 id="bus-messages-update-activation-environment">
5044 <title><literal>org.freedesktop.DBus.UpdateActivationEnvironment</literal></title>
5048 UpdateActivationEnvironment (in ARRAY of DICT<STRING,STRING> environment)
5055 <entry>Argument</entry>
5057 <entry>Description</entry>
5063 <entry>ARRAY of DICT<STRING,STRING></entry>
5064 <entry>Environment to add or update</entry>
5069 Normally, session bus activated services inherit the environment of the bus daemon. This method adds to or modifies that environment when activating services.
5072 Some bus instances, such as the standard system bus, may disable access to this method for some or all callers.
5075 Note, both the environment variable names and values must be valid UTF-8. There's no way to update the activation environment with data that is invalid UTF-8.
5080 <sect3 id="bus-messages-get-name-owner">
5081 <title><literal>org.freedesktop.DBus.GetNameOwner</literal></title>
5085 STRING GetNameOwner (in STRING name)
5092 <entry>Argument</entry>
5094 <entry>Description</entry>
5100 <entry>STRING</entry>
5101 <entry>Name to get the owner of</entry>
5111 <entry>Argument</entry>
5113 <entry>Description</entry>
5119 <entry>STRING</entry>
5120 <entry>Return value, a unique connection name</entry>
5125 Returns the unique connection name of the primary owner of the name
5126 given. If the requested name doesn't have an owner, returns a
5127 <literal>org.freedesktop.DBus.Error.NameHasNoOwner</literal> error.
5131 <sect3 id="bus-messages-get-connection-unix-user">
5132 <title><literal>org.freedesktop.DBus.GetConnectionUnixUser</literal></title>
5136 UINT32 GetConnectionUnixUser (in STRING bus_name)
5143 <entry>Argument</entry>
5145 <entry>Description</entry>
5151 <entry>STRING</entry>
5152 <entry>Unique or well-known bus name of the connection to
5153 query, such as <literal>:12.34</literal> or
5154 <literal>com.example.tea</literal></entry>
5164 <entry>Argument</entry>
5166 <entry>Description</entry>
5172 <entry>UINT32</entry>
5173 <entry>Unix user ID</entry>
5178 Returns the Unix user ID of the process connected to the server. If
5179 unable to determine it (for instance, because the process is not on the
5180 same machine as the bus daemon), an error is returned.
5184 <sect3 id="bus-messages-get-connection-unix-process-id">
5185 <title><literal>org.freedesktop.DBus.GetConnectionUnixProcessID</literal></title>
5189 UINT32 GetConnectionUnixProcessID (in STRING bus_name)
5196 <entry>Argument</entry>
5198 <entry>Description</entry>
5204 <entry>STRING</entry>
5205 <entry>Unique or well-known bus name of the connection to
5206 query, such as <literal>:12.34</literal> or
5207 <literal>com.example.tea</literal></entry>
5217 <entry>Argument</entry>
5219 <entry>Description</entry>
5225 <entry>UINT32</entry>
5226 <entry>Unix process id</entry>
5231 Returns the Unix process ID of the process connected to the server. If
5232 unable to determine it (for instance, because the process is not on the
5233 same machine as the bus daemon), an error is returned.
5237 <sect3 id="bus-messages-add-match">
5238 <title><literal>org.freedesktop.DBus.AddMatch</literal></title>
5242 AddMatch (in STRING rule)
5249 <entry>Argument</entry>
5251 <entry>Description</entry>
5257 <entry>STRING</entry>
5258 <entry>Match rule to add to the connection</entry>
5263 Adds a match rule to match messages going through the message bus (see <xref linkend='message-bus-routing-match-rules'/>).
5264 If the bus does not have enough resources the <literal>org.freedesktop.DBus.Error.OOM</literal>
5268 <sect3 id="bus-messages-remove-match">
5269 <title><literal>org.freedesktop.DBus.RemoveMatch</literal></title>
5273 RemoveMatch (in STRING rule)
5280 <entry>Argument</entry>
5282 <entry>Description</entry>
5288 <entry>STRING</entry>
5289 <entry>Match rule to remove from the connection</entry>
5294 Removes the first rule that matches (see <xref linkend='message-bus-routing-match-rules'/>).
5295 If the rule is not found the <literal>org.freedesktop.DBus.Error.MatchRuleNotFound</literal>
5300 <sect3 id="bus-messages-get-id">
5301 <title><literal>org.freedesktop.DBus.GetId</literal></title>
5305 GetId (out STRING id)
5312 <entry>Argument</entry>
5314 <entry>Description</entry>
5320 <entry>STRING</entry>
5321 <entry>Unique ID identifying the bus daemon</entry>
5326 Gets the unique ID of the bus. The unique ID here is shared among all addresses the
5327 bus daemon is listening on (TCP, UNIX domain socket, etc.) and its format is described in
5328 <xref linkend="uuids"/>. Each address the bus is listening on also has its own unique
5329 ID, as described in <xref linkend="addresses"/>. The per-bus and per-address IDs are not related.
5330 There is also a per-machine ID, described in <xref linkend="standard-interfaces-peer"/> and returned
5331 by org.freedesktop.DBus.Peer.GetMachineId().
5332 For a desktop session bus, the bus ID can be used as a way to uniquely identify a user's session.
5340 <appendix id="implementation-notes">
5341 <title>Implementation notes</title>
5342 <sect1 id="implementation-notes-subsection">
5350 <glossary><title>Glossary</title>
5352 This glossary defines some of the terms used in this specification.
5355 <glossentry id="term-bus-name"><glossterm>Bus Name</glossterm>
5358 The message bus maintains an association between names and
5359 connections. (Normally, there's one connection per application.) A
5360 bus name is simply an identifier used to locate connections. For
5361 example, the hypothetical <literal>com.yoyodyne.Screensaver</literal>
5362 name might be used to send a message to a screensaver from Yoyodyne
5363 Corporation. An application is said to <firstterm>own</firstterm> a
5364 name if the message bus has associated the application's connection
5365 with the name. Names may also have <firstterm>queued
5366 owners</firstterm> (see <xref linkend="term-queued-owner"/>).
5367 The bus assigns a unique name to each connection,
5368 see <xref linkend="term-unique-name"/>. Other names
5369 can be thought of as "well-known names" and are
5370 used to find applications that offer specific functionality.
5374 See <xref linkend="message-protocol-names-bus"/> for details of
5375 the syntax and naming conventions for bus names.
5380 <glossentry id="term-message"><glossterm>Message</glossterm>
5383 A message is the atomic unit of communication via the D-Bus
5384 protocol. It consists of a <firstterm>header</firstterm> and a
5385 <firstterm>body</firstterm>; the body is made up of
5386 <firstterm>arguments</firstterm>.
5391 <glossentry id="term-message-bus"><glossterm>Message Bus</glossterm>
5394 The message bus is a special application that forwards
5395 or routes messages between a group of applications
5396 connected to the message bus. It also manages
5397 <firstterm>names</firstterm> used for routing
5403 <glossentry id="term-name"><glossterm>Name</glossterm>
5406 See <xref linkend="term-bus-name"/>. "Name" may
5407 also be used to refer to some of the other names
5408 in D-Bus, such as interface names.
5413 <glossentry id="namespace"><glossterm>Namespace</glossterm>
5416 Used to prevent collisions when defining new interfaces, bus names
5417 etc. The convention used is the same one Java uses for defining
5418 classes: a reversed domain name.
5419 See <xref linkend="message-protocol-names-bus"/>,
5420 <xref linkend="message-protocol-names-interface"/>,
5421 <xref linkend="message-protocol-names-error"/>,
5422 <xref linkend="message-protocol-marshaling-object-path"/>.
5427 <glossentry id="term-object"><glossterm>Object</glossterm>
5430 Each application contains <firstterm>objects</firstterm>, which have
5431 <firstterm>interfaces</firstterm> and
5432 <firstterm>methods</firstterm>. Objects are referred to by a name,
5433 called a <firstterm>path</firstterm>.
5438 <glossentry id="one-to-one"><glossterm>One-to-One</glossterm>
5441 An application talking directly to another application, without going
5442 through a message bus. One-to-one connections may be "peer to peer" or
5443 "client to server." The D-Bus protocol has no concept of client
5444 vs. server after a connection has authenticated; the flow of messages
5445 is symmetrical (full duplex).
5450 <glossentry id="term-path"><glossterm>Path</glossterm>
5453 Object references (object names) in D-Bus are organized into a
5454 filesystem-style hierarchy, so each object is named by a path. As in
5455 LDAP, there's no difference between "files" and "directories"; a path
5456 can refer to an object, while still having child objects below it.
5461 <glossentry id="term-queued-owner"><glossterm>Queued Name Owner</glossterm>
5464 Each bus name has a primary owner; messages sent to the name go to the
5465 primary owner. However, certain names also maintain a queue of
5466 secondary owners "waiting in the wings." If the primary owner releases
5467 the name, then the first secondary owner in the queue automatically
5468 becomes the new owner of the name.
5473 <glossentry id="term-service"><glossterm>Service</glossterm>
5476 A service is an executable that can be launched by the bus daemon.
5477 Services normally guarantee some particular features, for example they
5478 may guarantee that they will request a specific name such as
5479 "org.freedesktop.Screensaver", have a singleton object
5480 "/org/freedesktop/Application", and that object will implement the
5481 interface "org.freedesktop.ScreensaverControl".
5486 <glossentry id="term-service-description-files"><glossterm>Service Description Files</glossterm>
5489 ".service files" tell the bus about service applications that can be
5490 launched (see <xref linkend="term-service"/>). Most importantly they
5491 provide a mapping from bus names to services that will request those
5492 names when they start up.
5497 <glossentry id="term-unique-name"><glossterm>Unique Connection Name</glossterm>
5500 The special name automatically assigned to each connection by the
5501 message bus. This name will never change owner, and will be unique
5502 (never reused during the lifetime of the message bus).
5503 It will begin with a ':' character.
projects / platform / upstream / dbus.git / blob