diff options
Diffstat (limited to 'bus')
| -rw-r--r-- | bus/bus.c | 5 | ||||
| -rw-r--r-- | bus/config-parser-common.c | 6 | ||||
| -rw-r--r-- | bus/config-parser-common.h | 3 | ||||
| -rw-r--r-- | bus/config-parser.c | 24 | ||||
| -rw-r--r-- | bus/connection.c | 11 | ||||
| -rw-r--r-- | bus/dbus-daemon.1.in | 5 | ||||
| -rw-r--r-- | bus/desktop-file.c | 2 | ||||
| -rw-r--r-- | bus/driver.c | 2 | ||||
| -rw-r--r-- | bus/selinux.c | 14 |
9 files changed, 57 insertions, 15 deletions
@@ -56,6 +56,7 @@ struct BusContext unsigned int fork : 1; unsigned int syslog : 1; unsigned int keep_umask : 1; + unsigned int allow_anonymous : 1; }; static dbus_int32_t server_data_slot = -1; @@ -190,6 +191,9 @@ new_connection_callback (DBusServer *server, dbus_connection_set_max_message_size (new_connection, context->limits.max_message_size); + dbus_connection_set_allow_anonymous (new_connection, + context->allow_anonymous); + /* on OOM, we won't have ref'd the connection so it will die. */ } @@ -388,6 +392,7 @@ process_config_first_time_only (BusContext *context, context->fork = bus_config_parser_get_fork (parser); context->syslog = bus_config_parser_get_syslog (parser); context->keep_umask = bus_config_parser_get_keep_umask (parser); + context->allow_anonymous = bus_config_parser_get_allow_anonymous (parser); _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = TRUE; diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c index 88e099ac..5cdbba26 100644 --- a/bus/config-parser-common.c +++ b/bus/config-parser-common.c @@ -122,6 +122,10 @@ bus_config_parser_element_name_to_type (const char *name) { return ELEMENT_KEEP_UMASK; } + else if (strcmp (name, "allow_anonymous") == 0) + { + return ELEMENT_ALLOW_ANONYMOUS; + } return ELEMENT_NONE; } @@ -174,6 +178,8 @@ bus_config_parser_element_type_to_name (ElementType type) return "syslog"; case ELEMENT_KEEP_UMASK: return "keep_umask"; + case ELEMENT_ALLOW_ANONYMOUS: + return "allow_anonymous"; } _dbus_assert_not_reached ("bad element type"); diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h index ae40d089..2c296433 100644 --- a/bus/config-parser-common.h +++ b/bus/config-parser-common.h @@ -48,8 +48,9 @@ typedef enum ELEMENT_ASSOCIATE, ELEMENT_STANDARD_SESSION_SERVICEDIRS, ELEMENT_STANDARD_SYSTEM_SERVICEDIRS, + ELEMENT_KEEP_UMASK, ELEMENT_SYSLOG, - ELEMENT_KEEP_UMASK + ELEMENT_ALLOW_ANONYMOUS } ElementType; ElementType bus_config_parser_element_name_to_type (const char *element_name); diff --git a/bus/config-parser.c b/bus/config-parser.c index 38ce8a1d..c3e8fba1 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -115,6 +115,8 @@ struct BusConfigParser unsigned int keep_umask : 1; /**< TRUE to keep original umask when forking */ unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */ + + unsigned int allow_anonymous : 1; /**< TRUE to allow anonymous connections */ }; static Element* @@ -851,6 +853,20 @@ start_busconfig_child (BusConfigParser *parser, return TRUE; } + else if (element_type == ELEMENT_ALLOW_ANONYMOUS) + { + if (!check_no_attributes (parser, "allow_anonymous", attribute_names, attribute_values, error)) + return FALSE; + + if (push_element (parser, ELEMENT_ALLOW_ANONYMOUS) == NULL) + { + BUS_SET_OOM (error); + return FALSE; + } + + parser->allow_anonymous = TRUE; + return TRUE; + } else if (element_type == ELEMENT_SERVICEDIR) { if (!check_no_attributes (parser, "servicedir", attribute_names, attribute_values, error)) @@ -1994,6 +2010,7 @@ bus_config_parser_end_element (BusConfigParser *parser, case ELEMENT_ASSOCIATE: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS: + case ELEMENT_ALLOW_ANONYMOUS: break; } @@ -2279,6 +2296,7 @@ bus_config_parser_content (BusConfigParser *parser, case ELEMENT_KEEP_UMASK: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS: + case ELEMENT_ALLOW_ANONYMOUS: case ELEMENT_SELINUX: case ELEMENT_ASSOCIATE: if (all_whitespace (content)) @@ -2611,6 +2629,12 @@ bus_config_parser_get_keep_umask (BusConfigParser *parser) return parser->keep_umask; } +dbus_bool_t +bus_config_parser_get_allow_anonymous (BusConfigParser *parser) +{ + return parser->allow_anonymous; +} + const char * bus_config_parser_get_pidfile (BusConfigParser *parser) { diff --git a/bus/connection.c b/bus/connection.c index ab99fa5f..9159c898 100644 --- a/bus/connection.c +++ b/bus/connection.c @@ -575,12 +575,11 @@ cache_peer_loginfo_string (BusConnectionData *d, } if (!_dbus_string_append_printf (&loginfo_buf, "pid=%ld comm=\"", pid)) goto oom; - /* Ignore errors here */ - if (_dbus_command_for_pid (pid, &loginfo_buf, MAX_LOG_COMMAND_LEN, NULL)) - { - if (!_dbus_string_append_byte (&loginfo_buf, '"')) - goto oom; - } + /* Ignore errors here; we may not have permissions to read the + * proc file. */ + _dbus_command_for_pid (pid, &loginfo_buf, MAX_LOG_COMMAND_LEN, NULL); + if (!_dbus_string_append_byte (&loginfo_buf, '"')) + goto oom; } if (dbus_connection_get_windows_user (connection, &windows_sid)) diff --git a/bus/dbus-daemon.1.in b/bus/dbus-daemon.1.in index 8342600e..4b55ac29 100644 --- a/bus/dbus-daemon.1.in +++ b/bus/dbus-daemon.1.in @@ -430,7 +430,6 @@ your service. .PP The <policy> element has one of four attributes: -daemon.1.in .nf context="(default|mandatory)" at_console="(true|false)" @@ -496,9 +495,7 @@ The possible attributes of these elements are: .PP Examples: .nf - <deny send_interface="org.freedesktop.System" send_member="Reboot"/> - <deny receive_interface="org.freedesktop.System" receive_member="Reboot"/> - <deny own="org.freedesktop.System"/> + <deny send_destination="org.freedesktop.Service" send_interface="org.freedesktop.System" send_member="Reboot"/> <deny send_destination="org.freedesktop.System"/> <deny receive_sender="org.freedesktop.System"/> <deny user="john"/> diff --git a/bus/desktop-file.c b/bus/desktop-file.c index 2fe26a11..2ba77292 100644 --- a/bus/desktop-file.c +++ b/bus/desktop-file.c @@ -66,7 +66,7 @@ typedef struct #define VALID_KEY_CHAR 1 #define VALID_LOCALE_CHAR 2 -unsigned char valid[256] = { +static unsigned char valid[256] = { 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x0 , 0x3 , 0x2 , 0x0 , diff --git a/bus/driver.c b/bus/driver.c index c97bff5d..b5138067 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -1643,7 +1643,7 @@ bus_driver_handle_get_id (DBusConnection *connection, * frequency of use (but doesn't matter with only a few items * anyhow) */ -struct +static struct { const char *name; const char *in_args; diff --git a/bus/selinux.c b/bus/selinux.c index c0f6f4db..46a18a93 100644 --- a/bus/selinux.c +++ b/bus/selinux.c @@ -433,8 +433,18 @@ bus_selinux_check (BusSELinuxID *sender_sid, SELINUX_SID_FROM_BUS (bus_sid), target_class, requested, &aeref, auxdata) < 0) { - _dbus_verbose ("SELinux denying due to security policy.\n"); - return FALSE; + switch (errno) + { + case EACCES: + _dbus_verbose ("SELinux denying due to security policy.\n"); + return FALSE; + case EINVAL: + _dbus_verbose ("SELinux denying due to invalid security context.\n"); + return FALSE; + default: + _dbus_verbose ("SELinux denying due to: %s\n", _dbus_strerror (errno)); + return FALSE; + } } else return TRUE; |