Security and authentification with D-Bus

Yoann Sculo yoann.sculo at mindscape.fr
Thu Apr 29 02:48:23 PDT 2010 

It works well !
Setting the config file works perfectly for my use.
Is there any possibility to change security policies in "real time" and 
initiate some kind of reload ? (I mean during an application's execution 
without killing it)
Because right now, when I change security policies during execution, 
this isn't applied. It works yet when my applications get a new 
registration on the bus.
It sounds normal. But could it, by any chance, be possible to apply new 
policies without getting a new bus connection ? :)
Thanks
Yoann

Le 29/04/2010 10:10, Yoann Sculo a écrit :
> Oh great !
> Thank you for your help. I haven't thought of that solution.
> I am trying it right now.
> Yoann
>
> Le 28/04/2010 18:49, Matthew Johnson a écrit :
>> On Wed Apr 28 18:25, Yoann Sculo wrote:
>>> I am working in an embedded Linux environment with multiple users. Each
>>> application has its own user for security manners.
>>> But I don't deal with graphical environment, this is not *real* users.
>>> So, I'd like to get my applications talking each others on D-Bus.
>>> I start my bus session with
>>>
>>> dbus-daemon --session --fork --print-address
>>>
>>> I set and export the result into DBUS_SESSION_BUS_ADDRESS
>>> If I use only one user, my applications work fine together.
>>> But once I change ownerships (and launch them in separate sessions) I
>>> get the following error : "Did not receive a reply. Possible causes
>>> include: the remote application did not send a reply, the message bus
>>> security policy blocked the reply, the reply timeout expired, or the
>>> network connection was broken."
>> Yes, as has been mentioned only one user is allowed to talk to the 
>> session bus
>> - the uid which the bus is running as. You probably don't want a 
>> session bus,
>> but a system bus. You may start your own system bus in addition to 
>> the normal
>> one - it's just a setting in the config file you use which determines 
>> things
>> like whether multiple users can connect.
>>
>> Once you have the applications connecting as different users it is 
>> very easy to
>> determine which user a particular connection belongs to. When you 
>> receive a
>> method call, or are about to make one, you can call a method on the 
>> bus-daemon
>> itself (org.freedesktop.DBus.GetConnectionUnixUser) which will take 
>> the name of
>> the connection in question and give you the UID.
>>
>> Matt
>>
> _______________________________________________
> dbus mailing list
> dbus at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/dbus
>

More information about the dbus mailing list