Test system bus config files on Unix only

Previously, we didn't consistently test parsing of every file in
valid-config-files-system/ everywhere that we tested valid-config-files/.
We now test it on Unix.

The system bus is not supported on Windows, so we do not test
valid-config-files-system/ there.

valid-config-files/many-rules.conf contains <user> and <group> rules
which are not applicable to Windows. Copy the original many-rules.conf
to valid-config-files-system/ so that it will be tested on Unix, and
remove the non-portable rules from valid-config-files/many-rules.conf.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[rh:base patch came from Simon]

5 files changed, 72 insertions, 13 deletions

diff --git a/test/Makefile.am b/test/Makefile.am
index 5812c1a9..b7f40bb0 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -384,7 +384,7 @@ static_data = \
 	data/valid-config-files/entities.conf \
 	data/valid-config-files/listen-unix-runtime.conf \
 	data/valid-config-files/many-rules.conf \
-	data/valid-config-files/system.d/test.conf \
+	data/valid-config-files-system/system.d/test.conf \
 	data/valid-messages/array-of-array-of-uint32.message \
 	data/valid-messages/dict-simple.message \
 	data/valid-messages/dict.message \
@@ -468,7 +468,7 @@ if DBUS_ENABLE_INSTALLED_TESTS
 		install -m644 "installable/$${F%.in}" "$(DESTDIR)$(testexecdir)/$${F%.in}"; \
 	done
 	ln -nfs $(datadir)/dbus-1/session.conf $(DESTDIR)$(testexecdir)/data/valid-config-files/session.conf
-	ln -nfs $(datadir)/dbus-1/system.conf $(DESTDIR)$(testexecdir)/data/valid-config-files/system.conf
+	ln -nfs $(datadir)/dbus-1/system.conf $(DESTDIR)$(testexecdir)/data/valid-config-files-system/system.conf
 else
 	@:
 endif
@@ -486,7 +486,7 @@ clean-local:
 
 imported_data = \
 	data/valid-config-files/session.conf \
-	data/valid-config-files/system.conf \
+	data/valid-config-files-system/system.conf \
 	$(NULL)
 
 noinst_DATA = $(imported_data)
@@ -496,10 +496,14 @@ CLEANFILES += \
 	installable \
 	$(NULL)
 
-$(imported_data): data/valid-config-files/%.conf: $(top_builddir)/bus/%.conf
+data/valid-config-files/session.conf: $(top_builddir)/bus/session.conf
 	$(AM_V_at)$(MKDIR_P) data/valid-config-files
 	$(AM_V_GEN)cp $< $@
 
+data/valid-config-files-system/system.conf: $(top_builddir)/bus/system.conf
+	$(AM_V_at)$(MKDIR_P) data/valid-config-files-system
+	$(AM_V_GEN)cp $< $@
+
 $(installable_test_meta): %.test: %$(EXEEXT) Makefile
 	$(AM_V_GEN) ( \
 		echo '[Test]'; \
diff --git a/test/data/valid-config-files-system/many-rules.conf b/test/data/valid-config-files-system/many-rules.conf
new file mode 100644
index 00000000..8537fd90
--- /dev/null
+++ b/test/data/valid-config-files-system/many-rules.conf
@@ -0,0 +1,60 @@
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <user>mybususer</user>
+  <listen>unix:path=/foo/bar</listen>
+  <listen>tcp:port=1234</listen>
+  <includedir>basic.d</includedir>
+  <standard_session_servicedirs />
+  <servicedir>/usr/share/foo</servicedir>
+  <include ignore_missing="yes">nonexistent.conf</include>
+  <policy context="default">
+    <allow user="*"/>
+    <deny send_interface="org.freedesktop.System" send_member="Reboot"/>
+    <deny receive_interface="org.freedesktop.System" receive_member="Reboot"/>
+    <deny send_path="/foo/bar/SystemObjectThing" send_member="Reboot"/>
+    <deny own="org.freedesktop.System"/>
+    <deny own_prefix="org.freedesktop.ManySystems"/>
+    <deny send_destination="org.freedesktop.System"/>
+    <deny receive_sender="org.freedesktop.System"/>
+    <deny user="root"/>
+    <deny group="bin"/>
+    <allow send_type="error"/>
+    <allow send_type="method_call"/>
+    <allow send_type="method_return"/>
+    <allow send_type="signal"/>
+    <deny send_destination="org.freedesktop.Bar" send_interface="org.freedesktop.Foo"/>
+    <deny send_destination="org.freedesktop.Bar" send_interface="org.freedesktop.Foo" send_type="method_call"/>
+  </policy>
+
+  <policy context="mandatory">
+    <allow user="*"/>
+    <deny send_interface="org.freedesktop.System" send_member="Reboot"/>
+    <deny receive_interface="org.freedesktop.System" receive_member="Reboot"/>
+    <deny send_path="/foo/bar/SystemObjectThing" send_member="Reboot"/>
+    <deny own="org.freedesktop.System"/>
+    <deny own_prefix="org.freedesktop.ManySystems"/>
+    <deny send_destination="org.freedesktop.System"/>
+    <deny receive_sender="org.freedesktop.System"/>
+    <deny user="root"/>
+    <deny group="bin"/>
+    <allow send_type="error"/>
+    <allow send_type="method_call"/>
+    <allow send_type="method_return"/>
+    <allow send_type="signal"/>
+    <deny send_destination="org.freedesktop.Bar" send_interface="org.freedesktop.Foo"/>
+    <deny send_destination="org.freedesktop.Bar" send_interface="org.freedesktop.Foo" send_type="method_call"/>
+  </policy>
+
+  <limit name="max_incoming_bytes">5000</limit>
+  <limit name="max_outgoing_bytes">5000</limit>
+  <limit name="max_message_size">300</limit>
+  <limit name="service_start_timeout">5000</limit>
+  <limit name="auth_timeout">6000</limit>
+  <limit name="max_completed_connections">50</limit>
+  <limit name="max_incomplete_connections">80</limit>
+  <limit name="max_connections_per_user">64</limit>
+  <limit name="max_pending_service_starts">64</limit>
+  <limit name="max_names_per_connection">256</limit>
+  <limit name="max_match_rules_per_connection">512</limit>
+</busconfig>
diff --git a/test/data/valid-config-files/system.d/test.conf b/test/data/valid-config-files-system/system.d/test.conf
index 5b60a1fc..ee6afcdf 100644
--- a/test/data/valid-config-files/system.d/test.conf
+++ b/test/data/valid-config-files-system/system.d/test.conf
@@ -1,18 +1,18 @@
 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
-  <!-- The following demonstrates how to punch holes in a default deny-all 
-       policy so that a particular user can own a service, and other 
+  <!-- The following demonstrates how to punch holes in a default deny-all
+       policy so that a particular user can own a service, and other
        connections can get messages from it -->
 
-  <!-- Only root can own the FooService service, and 
+  <!-- Only root can own the FooService service, and
        this user can only send the one kind of message -->
   <policy user="root">
     <allow own="org.foo.FooService"/>
     <allow send_interface="org.foo.FooBroadcastInterface"/>
   </policy>
 
-  <!-- Allow any connection to receive the message, but 
+  <!-- Allow any connection to receive the message, but
        only if the message is sent by the owner of FooService -->
   <policy context="default">
     <allow receive_interface="org.foo.FooBroadcastInterface" receive_sender="org.foo.FooService"/>
diff --git a/test/data/valid-config-files/.gitignore b/test/data/valid-config-files/.gitignore
index 2a09552e..b6929096 100644
--- a/test/data/valid-config-files/.gitignore
+++ b/test/data/valid-config-files/.gitignore
@@ -2,6 +2,5 @@ debug-allow-all.conf
 debug-allow-all-sha1.conf
 incoming-limit.conf
 session.conf
-system.conf
 run-with-tmp-session-bus.conf
 finite-timeout.conf
diff --git a/test/data/valid-config-files/many-rules.conf b/test/data/valid-config-files/many-rules.conf
index 23931626..df9a9943 100644
--- a/test/data/valid-config-files/many-rules.conf
+++ b/test/data/valid-config-files/many-rules.conf
@@ -17,8 +17,6 @@
     <deny own_prefix="org.freedesktop.ManySystems"/>
     <deny send_destination="org.freedesktop.System"/>
     <deny receive_sender="org.freedesktop.System"/>
-    <deny user="root"/>
-    <deny group="bin"/>
     <allow send_type="error"/>
     <allow send_type="method_call"/>
     <allow send_type="method_return"/>
@@ -36,8 +34,6 @@
     <deny own_prefix="org.freedesktop.ManySystems"/>
     <deny send_destination="org.freedesktop.System"/>
     <deny receive_sender="org.freedesktop.System"/>
-    <deny user="root"/>
-    <deny group="bin"/>
     <allow send_type="error"/>
     <allow send_type="method_call"/>
     <allow send_type="method_return"/>