summaryrefslogtreecommitdiff
path: root/bus/config-parser.c
Commit message (Collapse)AuthorAgeFilesLines
* Add apparmor element support to bus config parsingTyler Hicks2015-02-181-0/+24
| | | | | | | | | | | | | | | | | | | The <apparmor> element can contain a single mode attribute that has one of three values: "enabled" "disabled" "required" "enabled" means that kernel support is autodetected and, if available, AppArmor mediation occurs in dbus-daemon. If kernel support is not detected, mediation is disabled. "disabled" means that mediation does not occur. "required" means that kernel support must be detected for dbus-daemon to start. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Revert "config: change default auth_timeout to 5 seconds"Simon McVittie2014-11-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 54d26df52b6a394bea175651d1d7ad2ab3f87dea. It appears this change may cause intermittent slow or failed boot, more commonly on slower/older machines, in at least Mageia and possibly also Debian. This would indicate that while the system is under load, system services are not completing authentication within 5 seconds. This change was not the main part of fixing CVE-2014-3639, but does help to mitigate that attack. As such, increasing this timeout makes the denial of service attack described by CVE-2014-3639 somewhat more effective: a local user connecting to the system bus repeatedly from many parallel processes can cause other users' attempts to connect to take longer. If your machine boots reliably with the shorter timeout, and resilience against local denial of service attacks is important to you, putting this in /etc/dbus-1/system-local.conf or a file matching /etc/dbus-1/system.d/*.conf can restore the lower limit: <busconfig> <limit name="auth_timeout">5000</limit> </busconfig> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=86431
* config: add new limit: pending_fd_timeoutAlban Crequy2014-09-151-0/+12
| | | | | | | | | | | | | | | | | This is one of four commits needed to address CVE-2014-3637. When a file descriptor is passed to dbus-daemon, the associated D-Bus message might not be fully sent to dbus-daemon yet. Dbus-daemon keeps the file descriptor in the DBusMessageLoader of the connection, waiting for the rest of the message. If the client stops sending the remaining bytes, dbus-daemon will wait forever and keep that file descriptor. This patch adds pending_fd_timeout (milliseconds) in the configuration to disconnect a connection after a timeout when a file descriptor was sent but not the remaining message. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80559 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* config: change default auth_timeout to 5 secondsAlban Crequy2014-09-151-1/+1
| | | | | | | | | | | | This partially addresses CVE-2014-3639. This will change the default on the system bus where the limit <limit name="auth_timeout">...</limit> is not specified. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80919 Reviewed-by: Thiago Macieira <thiago@kde.org> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* system bus limit: use max_replies_per_connection=128 by defaultAlban Crequy2014-09-151-1/+1
| | | | | | | This addresses CVE-2014-3638. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=81053 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Don't forget allow_anonymous when merging configsMatt Hoosier2014-01-141-0/+3
| | | | | | | | | The algorithm to collapse a subsidiary config file's data into the master data structure forgot to examine this flag. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=73475 Reviewed-by: Chengwei Yang <chengwei.yang@intel.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Export dbus_setenv() as a utility functionSimon McVittie2013-08-231-4/+5
| | | | | | | | | | It's sufficiently portable that GLib has an equivalent, and I really don't want to have to either open-code it in dbus-run-session or link dbus-run-session statically. We have enough statically-linked rubbish already. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39196 Reviewed-by: Colin Walters <walters@verbum.org>
* tests to embedded tests: replaced in dbus-daemonChengwei Yang2013-06-281-2/+2
| | | | | | Signed-off-by: Chengwei Yang <chengwei.yang@intel.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=66291
* Set default maximum number of Unix fds according to OSMatt Fischer2013-04-111-3/+3
| | | | | | | | | | | | | | | | | QNX has an arbitrary limit to the number of file descriptors which may be passed in a message, which is smaller than the current default. This patch therefore changes the default from a hardcoded constant to a macro, which is determined at configure time by looking at the host operating system. [This reduces the limit from 4096 (session)/1024 (system) to 128 fds per message on QNX, and 1024 fds per message on other operating systems. I think the reduced session bus limit on other OSs is a reasonable change too, given that the default hard/soft ulimits in Linux are only 4096/1024 fds per process. -smcv] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61176 Reviewed-by: Simon McVittie <simon.mcvittie.collabora.co.uk>
* Merge <servicehelper> from included config fileKrzysztof Konopko2013-02-121-1/+8
| | | | | | | | | | | <servicehelper> is not supported in the included config file, i. e. it's not merged in merge_included(). There's clearly no reason it shouldn't be supported in the included config file along with <user>, <type> and others. It's quite reasonable for a client willing to override the default servicehelper, e. g. in system-local.conf. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=51560 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* test: enforce own_prefix policy rulesAlban Crequy2012-03-221-2/+61
| | | | | | | After parsing [allow|deny] rules with own_prefix, check they are enforced correctly. https://bugs.freedesktop.org/show_bug.cgi?id=46886
* config parser: add own_prefixAlban Crequy2012-03-041-21/+36
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=46882
* Explicitly don't search XDG_DATA_DIRS for system services, and document itSimon McVittie2012-02-081-2/+2
| | | | | | | | | | | In practice, it never works, because the activation helper doesn't respect environment variables for security reasons. If you want to vary the search path, alter system.conf instead, to replace or augment <standard_system_servicedirs/> with your preferred search path. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=21620 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* config-parser: don't try to get CommonProgramFiles from the environment on UnixSimon McVittie2011-08-051-3/+8
| | | | | | | It's unused on Unix, and gcc warns. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39231 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
* activation: add /lib/dbus-1/system-services to the search path for servicesLennart Poettering2011-07-281-0/+4
| | | | | | | | | | In order to allow D-Bus usage during early boot (where /usr is not accessible) also search for bus activation files in /lib/dbus-1/system-services/. This is only a first step in the right direction, before we really can boot without /usr we'd need to move all current activation files (or possibly replace /usr/dbus-1/system-services to a symlink to /lib/dbus-1/system-services).
* Break up the monster conditional in config-parser so gcov can copeSimon McVittie2011-04-071-91/+90
| | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=10887 Reviewed-by: Colin Walters <walters@verbum.org>
* Do not use the name ELEMENT_TYPEAndre Heinecke2011-03-071-4/+4
| | | | | | | | | | On Windows Systems ELEMENT_TYPE is already defined in Winioctl.h this header is included indirectly in dbus-sysdeps.h. By avoiding the use of the Name ELEMENT_TYPE it is ensured that config-parser-common.h can be included together with dbus-sysdeps.h Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* config-parser regression test: don't require that fd.o #34496 existsSimon McVittie2011-02-241-1/+1
| | | | Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
* If a file included via <includedir/> is invalid, syslog and skip itSimon McVittie2011-01-311-2/+13
| | | | | | | | | | | | | | | This is more graceful than failing entirely (our previous behaviour), but more visible than ignoring it completely (the previous behaviour patched in by Debian and derivatives). Based on a patch from Daniel Silverstone back in 2004, which was meant to be temporary; I think it makes sense to change this permanently, since files in *.d are typically supplied by other packages, whose bugs shouldn't be able to bring down dbus-daemon. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=19186 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=230231 Reviewed-by: Colin Walters <walters@verbum.org>
* Use absolute session service dir path in bus-test on windows.Ralf Habacker2010-12-291-2/+13
|
* Consistently include <config.h> in all C source files and never in header files.Marcus Brinkmann2010-03-191-0/+2
|
* uses tcp based test connections for nowRalf Habacker2009-12-011-0/+10
|
* Merge branch 'fd-passing'Thiago Macieira2009-07-161-0/+27
|\ | | | | | | | | | | | | Conflicts: dbus/dbus-connection.c dbus/dbus-message-util.c dbus/dbus-sysdeps-unix.c
| * bus: make use of new unix fd limitsLennart Poettering2009-05-201-0/+27
| | | | | | | | | | Create configuration settings and enforce message unix fd limits the same way we do for allocated message memory.
* | Bug 21161 - Update the FSF addressTobias Mueller2009-07-101-1/+1
| | | | | | | | | | | | No comment. Signed-off-by: Colin Walters <walters@verbum.org>
* | Change default reply timeout.Scott James Remnant2009-05-281-1/+1
|/ | | | | | | * bus/config-parser.c (bus_config_parser_new): change the default reply timeout to "never" Signed-off-by: Scott James Remnant <scott@ubuntu.com>
* Merge branch 'dbus-1.2'Thiago Macieira2009-04-281-17/+16
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: bus/bus.c bus/config-parser-common.c bus/config-parser-common.h bus/config-parser.c bus/connection.c bus/dbus-daemon.1.in dbus/dbus-marshal-validate-util.c dbus/dbus-marshal-validate.c dbus/dbus-sysdeps-util-unix.c test/name-test/tmp-session-like-system.conf
| * Bug 18446: Keep umask for session busMatt McCutchen2009-01-061-1/+31
| | | | | | | | Signed-off-by: Colin Walters <walters@verbum.org>
| * Add optional logging on allow rulesColin Walters2008-12-161-0/+5
| | | | | | | | | | This lets us have a backwards compatibility allow rule but still easily see when that rule is being used.
| * Add syslog of security denials and configuration file reloadsColin Walters2008-12-121-0/+25
| | | | | | | | | | We need to start logging denials so that they become more easily trackable and debuggable.
* | Add optional logging on allow rulesColin Walters2008-12-161-0/+5
| | | | | | | | | | This lets us have a backwards compatibility allow rule but still easily see when that rule is being used.
* | Add syslog of security denials and configuration file reloadsColin Walters2008-12-121-0/+25
| | | | | | | | | | We need to start logging denials so that they become more easily trackable and debuggable.
* | Bug 15393 - support allow_anonymous config variableDennis Kaarsemaker2008-11-121-0/+24
| | | | | | | | | | | | | | | | | | * bus/bus.c: Set allow_anonymous if specified from parser. * bus/config-parser.c: Parse it. * bus/config-parser-common.h: Declare it. Signed-off-by: Colin Walters <walters@verbum.org>
* | Bug 18446: Keep umask for session busMatt McCutchen2008-11-101-0/+31
|/ | | | Signed-off-by: Colin Walters <walters@verbum.org>
* remove dead codeJohn (J5) Palmieri2008-01-151-3/+0
| | | | | | | | | | | 2008-01-15 John (J5) Palmieri <johnp@redhat.com> * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com> * bus/config-parser.c (locate_attributes): remove dead code which always evaluated to TRUE * dbus/dbus-shell.c (_dbus_shell_quote): remove unused code
* 2007-07-24 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-07-241-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | * configure.in: add AM_PROG_CC_C_O to allow per-target CPPFLAGS * bus/dispatch.c (bus_dispatch_test_conf): Fix up setting TEST_LAUNCH_HELPER_CONFIG to include the full path, and enable test shell_fail_service_auto_start when use_launcher==TRUE * bus/activation-helper-bin.c (convert_error_to_exit_code): pass through the INVALID_ARGS error so the test suite works * bus/activation.c (handle_activation_exit_error): return DBUS_ERROR_NO_MEMORY if we get BUS_SPAWN_EXIT_CODE_NO_MEMORY * dbus/dbus-spawn.c (_dbus_babysitter_get_child_exit_status): return only the exit code of the child, not the entire thingy from waitpid(), and make the return value indicate whether the child exited normally (with a status code) * bus/bus.c (process_config_first_time_only): _dbus_strdup works on NULL so no need to check (process_config_every_time): move servicehelper init here, so we reload it on HUP or config file change * bus/Makefile.am (install-data-hook): remove comment because Emacs make mode seems to be grumpy about it
* 2007-07-24 Richard Hughes <richard@hughsie.com>Richard Hughes2007-07-241-96/+268
| | | | | | | | | | | | | | | * bus/Makefile.am: * bus/config-parser.c: (bus_config_parser_unref), (start_busconfig_child), (bus_config_parser_end_element), (servicehelper_path), (bus_config_parser_content), (bus_config_parser_finished), (bus_config_parser_get_servicehelper), (test_default_session_servicedirs), (test_default_system_servicedirs), (bus_config_parser_test): * bus/config-parser.h: Make the config-parser code use the common config code. Also add the session and systemdirs stuff, and make the config parser aware of the servicehelper field.
* 2007-07-13 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-07-141-1/+1
| | | | * Add indent-tabs-mode: nil to all file headers.
* add a comment about the match rules limitHavoc Pennington2007-06-191-1/+9
|
* 2007-06-09 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-06-091-8/+7
| | | | | | | | | | | | | | | | | | | * bus/policy.c (bus_policy_create_client_policy): gracefully continue if the connection has no unix user - just don't apply any unix user dependent rules. * bus/config-parser.c: remove dbus-userdb.h usage * bus/bus.c: remove dbus-userdb.h usage * dbus/dbus-transport.c (_dbus_transport_get_is_authenticated): support Windows user function; also, fix the logic for checking auth as root in the default auth code (broken in the previous commit) * dbus/dbus-connection.c (dbus_connection_set_windows_user_function): new function (dbus_connection_get_windows_user): new function
* * bus/config-parser.c (test_service_dir_matches): fixed ordering for unix.Ralf Habacker2007-05-241-6/+12
| | | | * bus/config-parser.c (test_default_session_servicedirs): made allocation of _progs platform independent.
* * bus\config-parser.c (test_default_session_servicedirs):win32 fix.Ralf Habacker2007-05-171-4/+39
|
* * bus/config-parser.c, bus/policy.c, bus/policy.h, ↵Ralf Habacker2007-03-151-8/+14
| | | | bus/dbus-daemon.1.in,bus/session.conf.in: added eavesdrop support for replies - patch by olli.salli at collabora.co.uk approved by Havoc Pennington.
* 2007-03-11 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-03-121-0/+1
| | | | | | | | | | | | | | * tools/dbus-launch.c (do_close_stderr): fix C89 problem and formatting problem * Mostly fix the DBusPipe mess. - put line break after function return types - put space before parens - do not pass structs around by value - don't use dbus_strerror after calling supposedly cross-platform api - don't name pipe variables "fd" - abstract special fd numbers like -1 and 1
* 2007-01-26 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-01-261-8/+12
| | | | | | | | | | * bus/session.conf.in: override all the default limits with much higher limits on the session bus, there is no reason the session bus should have low limits * bus/config-parser.c (bus_config_parser_new): increase default limits so they are less likely to be hit; in particular the max replies per connection was way too low
* * bus/config-parser.c (service_dirs_find_dir): useJohn (J5) Palmieri2006-11-021-14/+15
| | | | | | | | | | | _dbus_list_get_next_link so we don't get stuck in an infinite loop (start_busconfig_child): move processing of standard_session_servicedirs tags here because they have no content (bus_config_parser_content): check we don't have content in standard_session_servicedirs tag * tools/Makefile.am: Make sure the /var/lib/dbus directory is created Packagers need to own this directory
* * configure.in: expose DBUS_DATADIRJohn (J5) Palmieri2006-11-011-1/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * bus/config-parser.c: add the standard_session_servicedirs element to the parser (bus_config_parser_content): process the standard_session_servicedirs element by getting the standard directories from sysdeps and merging them into the service directory list (test_default_session_servicedirs): make sure we get what we expect * bus/session.conf.in: replace the servicedir tag with the standard_session_servicedirs tag * dbus/dbus-list.h: remove the typedef of DBusList and place it in dbus-sysdeps.h to avoid circular header dependencies * dbus/dbus-sysdeps.h: add the typedef of DBusList * dbus/dbus-sysdeps-unix.c (split_paths_and_append): utility function which takes a string of directories delimited by colons, parses them out, appends a suffix and puts them in a list ignoring empty elements (_dbus_get_standard_session_servicedirs): returns the standard directories for a session bus to look for service activation files on Unix which includes the XDG_DATA_HOME, XDG_DATA_DIRS and DBUS_DATADIR directories * test/data/valid-config-files/many-rules.conf: add the standard_session_servicedirs tag to the valid config file tests
* * bus/config-parser.c (service_dirs_find_dir,John (J5) Palmieri2006-10-271-2/+48
| | | | | | | | | service_dirs_append_unique_or_free, service_dirs_append_link_unique_or_free): New static methods for only appending unique service directory names into the service directory list (merge_included, bus_config_parser_content): Only add unique service directory names into the list
* These are all patches from Kjartan Maraas <kmaraas at gnome dot org>John (J5) Palmieri2006-08-081-15/+41
| | | | | | | | | | | | | | | | | | | | | | | | | with cleanups of bugs found from Coverity reports: * dbus/dbus-sysdeps-util.c (_dbus_write_pid_file): close the file on error to avoid a leak * bus/expirelist.c (bus_expire_list_test): Check for NULL on dbus_new0 * bus/activation.c (update_directory): remove dead code * bus/config-parser.c (merge_service_context_hash, start_selinux_child): Fix some leaks * bus/bus.c (process_config_every_time): Fixed a leak * bus/desktop-file.c (parse_key_value): Fixed leak * bus/selinux.c (bus_selinux_id_table_insert): Fixed leak
* 2005-06-14 David Zeuthen <davidz@redhat.com>David Zeuthen2005-06-151-1/+33
| | | | | | | | | | | | | | | | | | | | | | * bus/bus.c (process_config_every_time): Drop existing conf-dir watches (if applicable) and add new watches * bus/main.c (signal_handler): Handle SIGIO if using D_NOTIFY (main): Setup SIGIO signal handler if using D_NOTIFY * bus/config-parser.h: Add prototype bus_config_parser_get_conf_dirs * bus/config-parser.c (struct BusConfigParser): Add conf_dirs list (merge_included): Also merge conf_dirs list (bus_config_parser_unref): Clear conf_dirs list (include_dir): Add directory to conf_dirs list (bus_config_parser_get_conf_dirs): New function * bus/dir-watch.[ch]: New files * bus/Makefile.am (BUS_SOURCES): Add dir-watch.[ch] * configure.in: Add checks for D_NOTIFY on Linux
View Lorry Controller Status