Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
No comment.
Signed-off-by: Colin Walters <walters@verbum.org>
|
|
|
|
We need to start logging denials so that they become more easily trackable
and debuggable.
|
|
Signed-off-by: Colin Walters <walters@verbum.org>
|
|
* bus/Makefile.am:
* bus/config-parser.c: (bus_config_parser_unref),
(start_busconfig_child), (bus_config_parser_end_element),
(servicehelper_path), (bus_config_parser_content),
(bus_config_parser_finished),
(bus_config_parser_get_servicehelper),
(test_default_session_servicedirs),
(test_default_system_servicedirs), (bus_config_parser_test):
* bus/config-parser.h:
Make the config-parser code use the common config code.
Also add the session and systemdirs stuff, and make the config parser
aware of the servicehelper field.
|
|
* Add indent-tabs-mode: nil to all file headers.
|
|
* bus/bus.c (process_config_every_time): Drop existing conf-dir
watches (if applicable) and add new watches
* bus/main.c (signal_handler): Handle SIGIO if using D_NOTIFY
(main): Setup SIGIO signal handler if using D_NOTIFY
* bus/config-parser.h: Add prototype bus_config_parser_get_conf_dirs
* bus/config-parser.c (struct BusConfigParser): Add conf_dirs list
(merge_included): Also merge conf_dirs list
(bus_config_parser_unref): Clear conf_dirs list
(include_dir): Add directory to conf_dirs list
(bus_config_parser_get_conf_dirs): New function
* bus/dir-watch.[ch]: New files
* bus/Makefile.am (BUS_SOURCES): Add dir-watch.[ch]
* configure.in: Add checks for D_NOTIFY on Linux
|
|
* bus/bus.c (load_config): Break into three
separate functions: process_config_first_time_only,
process_config_every_time, and process_config_postinit.
(process_config_every_time): Move call of
bus_registry_set_service_context_table into
process_config_postinit.
(process_config_postinit): New function, does
any processing that needs to happen late
in initialization (and also on reload).
(bus_context_new): Instead of calling load_config,
open config parser here and call process_config_first_time_only
and process_config_every_time directly. Later, after
we have forked but before changing UID,
invoke bus_selinux_full_init, and then call
process_config_postinit.
(bus_context_reload_config): As in bus_context_new,
load parse file inside here, and call process_config_every_time
and process_config_postinit.
* bus/services.h, bus/services.c
(bus_registry_set_service_context_table): Rename
from bus_registry_set_sid_table. Take string hash from config
parser, and convert them here into SIDs.
* bus/config-parser.c (struct BusConfigParser): Have
config parser only store a mapping of service->context
string.
(merge_service_context_hash): New function.
(merge_included): Merge context string hashes instead
of using bus_selinux_id_table_union.
(bus_config_parser_new): Don't use bus_selinux_id_table_new;
simply create a new string hash.
(bus_config_parser_unref): Unref it.
(start_selinux_child): Simply insert strings into hash,
don't call bus_selinux_id_table_copy_over.
* bus/selinux.h, bus/selinux.c (bus_selinux_id_table_union)
(bus_selinux_id_table_copy_over): Delete.
|
|
* COPYING: switch to Academic Free License version 2.1 instead of
2.0, to resolve complaints about patent termination clause.
|
|
SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
functionality
* configure.in: add --enable-selinux
* bus/policy.c (bus_policy_merge): add FIXME to a comment
* bus/main.c (main): initialize and shut down selinux
* bus/connection.c: store SELinux ID on each connection, to avoid
repeated getting of the string context and converting it into
an ID
* bus/bus.c (bus_context_get_policy): new accessor, though it
isn't used
(bus_context_check_security_policy): check whether the security
context of sender connection can send to the security context of
recipient connection
* bus/config-parser.c: add parsing for <selinux> and <associate>
* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
implement dbus_connection_get_unix_fd()
* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
function, used by the selinux stuff
|
|
* bus/config-parser.c (bus_config_parser_new): Added a 'parent'
argument. If non-null, the newly-constructed BusConfigParser will
be initialized with the parent's BusLimits instead of the default
values.
(include_file): When including a config file, pass in
the current parser as the parent and then copy the BusLimits
from the included BusConfigParser pack to the current parser.
(process_test_valid_subdir): Renamed from process_test_subdir.
(process_test_equiv_subdir): Added. Walks through a directory,
descending into each subdirectory and loading the config files
it finds there. If any subdirectory contains two config files
that don't produce identical BusConfigParser structs, fail.
For now, the BusConfigParser's BusPolicies are not compared.
(bus_config_parser_test): Call both process_test_valid_subdir and
process_test_equiv_subdir.
* bus/config-loader-libxml.c (bus_config_load): Take a parent
argument and pass it along to the call to bus_config_parser_new.
Also made a few small changes to allow this code to compile.
* bus/config-loader-expat.c (bus_config_load): Take a parent
argument and pass it along to the call to bus_config_parser_new.
* bus/bus.c (bus_context_new): Load the config file
with a NULL parent argument.
|
|
* Update AFL version to 2.0 throughout the source files to reflect
the update that was done a while ago.
|
|
* bus/*.[ch]:
* dbus/*.[ch]:
* glib/*.[ch]: Made ref functions return the pointer
|
|
* configure.in: 0.10
* NEWS: update
* bus/system.conf.in: add <includedir>system.d</includedir>
* dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when
username was provided but not uid
* bus/config-parser.c (struct BusConfigParser): keep track of
whether the parser is toplevel or was included; change some
of the error handling if it's included.
|
|
* test/data/valid-config-files/basic.conf: add <limit> tags to
this test
* bus/config-parser.h, bus/config-parser.c, bus/bus.c: Implement
<limit> tag in configuration file.
|
|
* bus/policy.h: change BusPolicy to be the thing from the config
file, and rename old BusPolicy to BusClientPolicy
* bus/bus.c, bus/connection.c, bus/config-parser.c: change to
match change in how policy works
* dbus/dbus-internals.h: mark assert_not_reached as
__attribute((noreturn))__
|
|
* dbus/dbus-sysdeps.c (_dbus_become_daemon): write the pidfile
here in the parent process, so we can return an error if it
fails. Also, move some of the code into the child so the parent
is less hosed if we fail midway through.
* bus/bus.c (bus_context_new): move pidfile detection further up
in the function, before we start overwriting sockets and such.
* bus/messagebus.in: adjust this a bit, not sure if it will work.
* configure.in: add --with-system-pid-file and --with-system-socket
2003-04-06 Colin Walters <walters@verbum.org>
* configure.in (DBUS_SYSTEM_PID_FILE): New variable.
* bus/system.conf.in: Declare a pidfile.
* bus/bus.c (bus_context_new): Test for an existing pid file, and
create one (if appropriate).
* bus/config-parser.c (enum ElementType) [ELEMENT_PIDFILE]: New.
(struct BusConfigParser) [pidfile]: New.
(element_type_to_name, merge_included, start_busconfig_child)
(bus_config_parser_end_element, bus_config_parser_content): Handle it.
(bus_config_parser_unref): Free it.
(bus_config_parser_get_pidfile): New function.
* bus/config-parser.h (_dbus_write_pid_file): Prototype.
* dbus/dbus-errors.h (DBUS_ERROR_PIDFILE_EXISTS): New error.
* dbus/dbus-sysdeps.c (_dbus_write_pid_file): New function.
* dbus/dbus-sysdeps.h: Prototype it.
|
|
* bus/config-parser.c (bus_config_parser_unref): free
list of mechanisms, bug discovered by test suite enhancements
(putting system.conf and session.conf into suite)
* test/Makefile.am, test/test-service.c: add placeholder for a
test service that we'll activate as part of test suite. Doesn't
do anything yet.
* dbus/dbus-sysdeps.c (_dbus_setenv): support unsetenv by
setting NULL value, and use system malloc not dbus_malloc()
when we have unavoidable memleakage.
* dbus/dbus-bus.c (dbus_bus_get): fix bug where bus type of 0
didn't work, and support DBUS_BUS_ACTIVATION.
* bus/activation.c (child_setup): pass our well-known bus type to
the child
* bus/config-parser.c: support <type> to specify well-known type
* doc/dbus-specification.sgml: document the env variables to
locate well-known buses and find service activator
|
|
* dbus/dbus-sysdeps.c (_dbus_file_get_contents): include filenames
in error messages
(_dbus_string_get_dirname): new
(_dbus_sysdeps_test): new
(_dbus_directory_open): include dirnames in error messages
* bus/config-parser.c: interpret <include> and <includedir> and
<servicedir> relative to config file location if the given
filename is not absolute.
* dbus/dbus-string.c (_dbus_string_find_byte_backward): new
|
|
* bus/config-parser.c, bus/bus.c: implement <servicedir> and
<includedir> (at least mostly)
* dbus/dbus-sysdeps.c (_dbus_change_identity): set the group ID
first, then the user ID
|
|
* dbus/dbus-server.c (dbus_server_set_auth_mechanisms): new
function
* dbus/dbus-auth.c (_dbus_auth_set_mechanisms): new
* dbus/dbus-internals.c (_dbus_dup_string_array): new function
* dbus/dbus-sysdeps.c (_dbus_listen_unix_socket): chmod the
socket 0777, and unlink any existing socket.
* bus/bus.c (bus_context_new): change our UID/GID and fork if
the configuration file so specifies; set up auth mechanism
restrictions
* bus/config-parser.c (bus_config_parser_content): add support
for <fork> option and fill in code for <auth>
* bus/system.conf.in: add <fork/> to default configuration,
and limit auth mechanisms to EXTERNAL
* doc/config-file.txt (Elements): add <fork>
* dbus/dbus-sysdeps.c (_dbus_become_daemon): new function
(_dbus_change_identity): new function
|
|
* dbus/dbus-transport-unix.c (_dbus_transport_new_for_domain_socket)
(_dbus_transport_new_for_tcp_socket): these didn't need the "server"
argument since they are always client side
* dbus/dbus-server.c (dbus_server_get_address): new function
* bus/main.c (main): take the configuration file as an argument.
* test/data/valid-config-files/debug-allow-all.conf: new file to
use with dispatch.c tests for example
* bus/test-main.c (main): require test data dir
* bus/bus.c (bus_context_new): change this to take a
configuration file name as argument
* doc/config-file.txt (Elements): add <servicedir>
* bus/system.conf, bus/session.conf: new files
* dbus/dbus-bus.c (dbus_bus_get): look for system bus on
well-known socket if none set
* configure.in: create system.conf and session.conf
|
|
* throughout - add more _DBUS_ASSERT_ERROR_IS_CLEAR
* configure.in: add --with-xml option to specify XML library,
right now only libxml is supported.
* bus/config-loader-libxml.c, config-parser.c: sync some minor
nonworking code between home and work, still just stubs
|
|
|