bug with 5 code lines

Julien Isorce julien.isorce at gmail.com
Thu Nov 19 12:28:45 PST 2009 

Hi,

First, thx for the reply.

I follow your advises but I am still not able to use dbus.
This is my configuration and the result:

- I am launching dbus-daemon.exe --system in a system service (using
CreateProcess).
So in task manager I can see that the user name of the dbus-daemon process
is "SYSTEM" (because of system service)
- then I open a console and I type: set
DBUS_SYSTEM_BUS_ADDRESS=tcp:host=localhost,port=12434
- then I run:
dbus-send --print-reply --system --dest="org.freedesktop.DBus"
/org/freedesktop /DBus/Introspectable
org.freedesktop.DBus.Introspectable.Introspect

-> the result:
------
Family none
Failed to open connection to system message bus: Did not receive a reply.
Possib
le causes include: the remote application did not send a reply, the message
bus
security policy blocked the reply, the reply timeout expired, or the network
con
nection was broken.
-----

I get the same result with or without typing:
set DBUS_SYSTEM_BUS_ADDRESS=tcp:host=localhost,port=12434

But if I am using CreateProcessAsUser instead of CreateProcess (in the
service run), in order to have "Administrator" as the user name associated
with the dbus-daemon process, then it works.

So I still cannot use dbus with severals users.
Anyway, the result is at least better than using --session.
Here it seems that something is not correct (for my needs) in the
system.conf file.

So here is the system.conf file I am using:
----------------------------------------------------------------------------------------------------------------------
<!-- This configuration file controls the systemwide message bus.
     Add a system-local.conf and edit that rather than changing this
     file directly. -->

<!-- Note that there are any number of ways you can hose yourself
     security-wise by screwing up this file; in particular, you
     probably don't want to listen on any more addresses, add any more
     auth mechanisms, run as a different user, etc. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration
1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- Our well-known bus type, do not change this -->
  <type>system</type>

  <!-- Run as special user -->
  <user>Administrator</user>

  <!-- Fork into daemon mode -->
  <fork/>

  <!-- Write a pid file -->
  <pidfile>/dbus-pid</pidfile>

  <!-- Only allow socket-credentials-based authentication -->
  <auth>EXTERNAL</auth>

  <!-- Only listen on a local socket. (abstract=/path/to/socket
       means use abstract namespace, don't really create filesystem
       file; only Linux supports this. Use path=/whatever on other
       systems.) -->
  <listen>tcp:host=localhost,port=12434</listen>

  <policy context="default">
    <!-- Deny everything then punch holes -->
    <deny send_interface="*"/>
    <deny receive_interface="*"/>
    <deny own="*"/>
    <!-- But allow all users to connect -->
    <allow user="*"/>
    <!-- Allow anyone to talk to the message bus -->
    <!-- FIXME I think currently these allow rules are always implicit
         even if they aren't in here -->
    <allow send_destination="org.freedesktop.DBus"/>
    <allow receive_sender="org.freedesktop.DBus"/>
    <!-- valid replies are always allowed -->
    <allow send_requested_reply="true"/>
    <allow receive_requested_reply="true"/>
  </policy>

  <!-- Config files are placed here that among other things, punch
       holes in the above policy for specific services. -->
  <includedir>system.d</includedir>

  <!-- This is included last so local configuration can override what's
       in this standard file -->
  <include ignore_missing="yes">system-local.conf</include>

  <include if_selinux_enabled="yes"
selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>
----------------------------------------------------------------------------------------------------------------------

Any help would be much appreciated.
Sincerely
Julien


2009/11/19 Ralf Habacker <ralf.habacker at freenet.de>

> Julien Isorce schrieb:
>
>  Hi,
>>
>> I isolated the problem I am facing to:
>>
>> If I run the dbus-daemon with a userA
>> and  if I run dbus-send with a userB
>> then the result is the same as if the dbus-daemon was not running (so it
>> fails)
>> (it's ok if the 2 users are the same)
>>
> By default the dbus library and the daemon provides a session bus which is
> user specific and only accessable by the same user.
>
> In your case you need to run dbus-daemon as system bus by
>
> dbus-daemon --system
>
> then set an environment variable to the recent system bus address (see
> <listen> statement  in <dbus-install-root>/etc/system.conf for details)
>
> set DBUS_SYSTEM_BUS_ADDRESS=tcp:host=localhost,port=12434
>
> and run for example
>
>   qdbus --system
>
> to get a list of possible connections. In my case this is
>
> :1.6
> :1.9
> org.freedesktop.DBus
>
> dbus-send should then work also.
>
> Regards
> Ralf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freedesktop.org/archives/dbus/attachments/20091119/6d6f84b0/attachment.html

More information about the dbus mailing list