D-Bus n00b: system, session, or... (?)
simon.mcvittie at collabora.co.uk
Thu Apr 29 02:50:53 PDT 2010
On Wed, 28 Apr 2010 at 15:39:27 -0800, Christopher Howard wrote:
> If I use a session bus (through Python D-Bus session object), and then
> test the daemon and a client inside my development user account,
> everything work fine. However, the daemon is actually supposed to be
> started at boot, while the client processes might be started later.
The intended scope of the session bus is a desktop session for a user (you
log in to GNOME or KDE or whatever, a session bus is started, you log out,
the session bus dies), so I think you want the system bus.
The system bus supports multiple users and is deny-by-default, so you'll need
to think about your security policy, then install a configuration snippet in
/etc/dbus-1/system.d to allow that policy. You could use something simple
like "a particular Unix group is allowed to talk to the daemon", or even
let all messages through to the daemon and have the daemon check credentials
(which it would probably do by calling GetConnectionUnixUser on the bus
daemon, to find out who they came from; it could also use PolicyKit).
More information about the dbus