#include <config.h>
#include "bus.h"
+
+#include <stdio.h>
+
#include "activation.h"
#include "connection.h"
#include "services.h"
#include <dbus/dbus-hash.h>
#include <dbus/dbus-credentials.h>
#include <dbus/dbus-internals.h>
+
#ifdef DBUS_CYGWIN
#include <signal.h>
#endif
watch, server_watch_callback, server);
}
-
-static void
-server_timeout_callback (DBusTimeout *timeout,
- void *data)
-{
- /* can return FALSE on OOM but we just let it fire again later */
- dbus_timeout_handle (timeout);
-}
-
static dbus_bool_t
add_server_timeout (DBusTimeout *timeout,
void *data)
context = server_get_context (server);
- return _dbus_loop_add_timeout (context->loop,
- timeout, server_timeout_callback, server, NULL);
+ return _dbus_loop_add_timeout (context->loop, timeout);
}
static void
context = server_get_context (server);
- _dbus_loop_remove_timeout (context->loop,
- timeout, server_timeout_callback, server);
+ _dbus_loop_remove_timeout (context->loop, timeout);
}
static void
retval = FALSE;
auth_mechanisms = NULL;
+ _dbus_init_system_log ();
+
context->systemd_activation = systemd_activation;
/* Check for an existing pid file. Of course this is a race;
va_list args;
if (!context->syslog)
- return;
+ {
+ /* we're not syslogging; just output to stderr */
+ va_start (args, msg);
+ vfprintf (stderr, msg, args);
+ fprintf (stderr, "\n");
+ va_end (args);
+ return;
+ }
va_start (args, msg);
*/
static void
complain_about_message (BusContext *context,
+ const char *error_name,
const char *complaint,
int matched_rules,
DBusMessage *message,
const char *sender_loginfo;
const char *proposed_recipient_loginfo;
- if (error == NULL && !(context->syslog && log))
+ if (error == NULL && !log)
return;
if (sender != NULL)
else
proposed_recipient_loginfo = "bus";
- dbus_set_error (&stack_error, DBUS_ERROR_ACCESS_DENIED,
+ dbus_set_error (&stack_error, error_name,
"%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) "
"interface=\"%s\" member=\"%s\" error name=\"%s\" "
"requested_reply=\"%d\" destination=\"%s\" (%s)",
{
if (error != NULL && !dbus_error_is_set (error))
{
- sender_name = bus_connection_get_name (sender);
-
- dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
- "An SELinux policy prevents this sender "
- "from sending this message to this recipient "
- "(rejected message had sender \"%s\" interface \"%s\" "
- "member \"%s\" error name \"%s\" destination \"%s\")",
- sender_name ? sender_name : "(unset)",
- dbus_message_get_interface (message) ?
- dbus_message_get_interface (message) : "(unset)",
- dbus_message_get_member (message) ?
- dbus_message_get_member (message) : "(unset)",
- dbus_message_get_error_name (message) ?
- dbus_message_get_error_name (message) : "(unset)",
- dest ? dest : DBUS_SERVICE_DBUS);
+ /* don't syslog this, just set the error: avc_has_perm should
+ * have already written to either the audit log or syslog */
+ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
+ "An SELinux policy prevents this sender from sending this "
+ "message to this recipient",
+ 0, message, sender, proposed_recipient, FALSE, FALSE, error);
_dbus_verbose ("SELinux security check denying send to service\n");
}
const char *msg = "Rejected send message, %d matched rules; "
"type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))";
- complain_about_message (context, "Rejected send message", toggles,
+ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
+ "Rejected send message", toggles,
message, sender, proposed_recipient, requested_reply,
(addressed_recipient == proposed_recipient), error);
_dbus_verbose ("security policy disallowing message due to sender policy\n");
{
/* We want to drop this message, and are only not doing so for backwards
* compatibility. */
- complain_about_message (context, "Would reject message", toggles,
+ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
+ "Would reject message", toggles,
message, sender, proposed_recipient, requested_reply,
TRUE, NULL);
}
addressed_recipient, proposed_recipient,
message, &toggles))
{
- complain_about_message (context, "Rejected receive message", toggles,
+ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
+ "Rejected receive message", toggles,
message, sender, proposed_recipient, requested_reply,
(addressed_recipient == proposed_recipient), NULL);
_dbus_verbose ("security policy disallowing message due to recipient policy\n");
((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) ||
(dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds)))
{
- dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
- "The destination service \"%s\" has a full message queue",
- dest ? dest : (proposed_recipient ?
- bus_connection_get_name (proposed_recipient) :
- DBUS_SERVICE_DBUS));
+ complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED,
+ "Rejected: destination has a full message queue",
+ 0, message, sender, proposed_recipient, requested_reply, TRUE,
+ error);
_dbus_verbose ("security policy disallowing message due to full message queue\n");
return FALSE;
}
projects / platform / upstream / dbus.git / blobdiff