diff options
| author | Colin Walters <walters@verbum.org> | 2009-01-21 16:05:59 -0500 |
|---|---|---|
| committer | Colin Walters <walters@verbum.org> | 2009-01-21 16:05:59 -0500 |
| commit | f303c2525792188f9d65df3113e23d41ab342b01 (patch) | |
| tree | f5f7a1148f2473ad456b5ad94a118624823845c6 | |
| parent | c42a14b936d7adb993b701cc6e3078cf75125c99 (diff) | |
| download | dbus-f303c2525792188f9d65df3113e23d41ab342b01.tar.gz | |
Add optional logging on allow rules
This lets us have a backwards compatibility allow rule but still easily
see when that rule is being used.
Conflicts:
bus/config-parser.c
| -rw-r--r-- | bus/bus.c | 37 | ||||
| -rw-r--r-- | bus/config-parser.c | 5 | ||||
| -rw-r--r-- | bus/policy.c | 4 | ||||
| -rw-r--r-- | bus/policy.h | 4 |
4 files changed, 34 insertions, 16 deletions
@@ -1149,22 +1149,25 @@ bus_context_check_security_policy (BusContext *context, DBusMessage *message, DBusError *error) { + const char *dest; BusClientPolicy *sender_policy; BusClientPolicy *recipient_policy; dbus_int32_t toggles; + dbus_bool_t log; int type; dbus_bool_t requested_reply; const char *sender_name; type = dbus_message_get_type (message); + dest = dbus_message_get_destination (message); /* dispatch.c was supposed to ensure these invariants */ - _dbus_assert (dbus_message_get_destination (message) != NULL || + _dbus_assert (dest != NULL || type == DBUS_MESSAGE_TYPE_SIGNAL || (sender == NULL && !bus_connection_is_active (proposed_recipient))); _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL || addressed_recipient != NULL || - strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0); + strcmp (dest, DBUS_SERVICE_DBUS) == 0); /* Used in logging below */ if (sender != NULL) @@ -1194,10 +1197,6 @@ bus_context_check_security_policy (BusContext *context, if (sender != NULL) { - const char *dest; - - dest = dbus_message_get_destination (message); - /* First verify the SELinux access controls. If allowed then * go on with the standard checks. */ @@ -1330,18 +1329,18 @@ bus_context_check_security_policy (BusContext *context, (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) || (proposed_recipient == NULL && recipient_policy == NULL)); + log = FALSE; if (sender_policy && !bus_client_policy_check_can_send (sender_policy, context->registry, requested_reply, proposed_recipient, - message, &toggles)) + message, &toggles, &log)) { - const char *dest; const char *msg = "Rejected send message, %d matched rules; " "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; - dest = dbus_message_get_destination (message); + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), @@ -1369,6 +1368,21 @@ bus_context_check_security_policy (BusContext *context, return FALSE; } + if (log) + bus_context_log_security (context, + "Would reject message, %d matched rules; " + "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")", + toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), + sender_name ? sender_name : "(unset)", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_DBUS); + if (recipient_policy && !bus_client_policy_check_can_receive (recipient_policy, context->registry, @@ -1379,9 +1393,7 @@ bus_context_check_security_policy (BusContext *context, { const char *msg = "Rejected receive message, %d matched rules; " "type=\"%s\" sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; - const char *dest; - dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), @@ -1418,9 +1430,6 @@ bus_context_check_security_policy (BusContext *context, dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) { - const char *dest; - - dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, "The destination service \"%s\" has a full message queue", dest ? dest : (proposed_recipient ? diff --git a/bus/config-parser.c b/bus/config-parser.c index ab1bd34d..fee1a2d6 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -1111,6 +1111,7 @@ append_rule_from_element (BusConfigParser *parser, dbus_bool_t allow, DBusError *error) { + const char *log; const char *send_interface; const char *send_member; const char *send_error; @@ -1154,6 +1155,7 @@ append_rule_from_element (BusConfigParser *parser, "own", &own, "user", &user, "group", &group, + "log", &log, NULL)) return FALSE; @@ -1352,6 +1354,9 @@ append_rule_from_element (BusConfigParser *parser, if (rule == NULL) goto nomem; + if (log) + rule->d.send.log = (strcmp (log, "true") == 0); + if (send_requested_reply) rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0); diff --git a/bus/policy.c b/bus/policy.c index 1113eaa3..bf481304 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -856,7 +856,8 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, dbus_bool_t requested_reply, DBusConnection *receiver, DBusMessage *message, - dbus_int32_t *toggles) + dbus_int32_t *toggles, + dbus_bool_t *log) { DBusList *link; dbus_bool_t allowed; @@ -1017,6 +1018,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, /* Use this rule */ allowed = rule->allow; + *log = rule->d.send.log; (*toggles)++; _dbus_verbose (" (policy) used rule, allow now = %d\n", diff --git a/bus/policy.h b/bus/policy.h index 7e2df1e7..5218973e 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -64,6 +64,7 @@ struct BusPolicyRule char *error; char *destination; unsigned int requested_reply : 1; + unsigned int log : 1; } send; struct @@ -140,7 +141,8 @@ dbus_bool_t bus_client_policy_check_can_send (BusClientPolicy *policy, dbus_bool_t requested_reply, DBusConnection *receiver, DBusMessage *message, - dbus_int32_t *toggles); + dbus_int32_t *toggles, + dbus_bool_t *log); dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy, BusRegistry *registry, dbus_bool_t requested_reply, |