[rfc] move activation to a helper process

David Zeuthen david at fubar.dk
Mon Oct 16 07:21:07 PDT 2006 

Hi,

Here's an almost finished patch for moving activation into a helper
process. This enables us to fork off the activation helper early and
keep it running as root, thus being able to make activation on the
system message bus useful.

Details

 - Move some test harness around
 - BusContext now requires a function to clean up
 - The bus process and the helper process communicate over a pair
   of pipes. I specifically avoided using D-Bus as the IPC because
   if the bus process is compromised the likely way it is compromised
   is by libdbus being compromised. The protocol is very custom and
   simple. Should be feasible to do security audits on it.
 - Helper process is written with paranoia in mind - it does not trust
   the bus process
 - There's a new 'User' key that can be set in service files to specify
   what user to run the activated service as

TODO's

 - What should we do if 'User' key is not set for system bus activation?
   Just run it as root?
 - Conversely, what to do if 'User' key is set for session bus
   activation? Just refuse to run it?
 - The test suite fails, says OOM handling doesn't work. I'm looking at
   this, I think I'm doing the wrong thing if a BusTransactions fails,
   should be feasible to fix (any quick ideas what I'm doing wrong?)
   Apart from OOM handling the test suite works and this is good as the
   test suite exercises a lot of the activation subsystem.
 - Not sure how to do OOM tests for helper since it's a separate
   process, ideas welcome
 - Not sure how add meaningful tests to activation-helper.c, ideas
   welcome too
 - Some general cleanups and removing some noise I've introduced in
   places.

Anyway, I think the patch is in a state and I'd like feedback on the
approach and details too. Thanks!

     David

 Makefile.am         |    5 
 activation-helper.c | 1537 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 activation-helper.h |   67 ++
 activation.c        |  321 +++++-----
 bus.c               |   46 +
 bus.h               |   11 
 dispatch.c          |   24 
 main.c              |    9 
 test-main.c         |   92 ---
 test.c              |   76 ++
 test.h              |   17 
 11 files changed, 1976 insertions(+), 229 deletions(-)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus-sysbus-activation-helper.patch
Type: text/x-patch
Size: 78492 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20061016/3b817ca6/dbus-sysbus-activation-helper-0001.bin

More information about the dbus mailing list