using DBus between hosts

Sergey Struzh sergeystruzh at gmail.com
Wed Aug 1 12:39:35 PDT 2007 

Hi Havoc!

Thank you for your fast reply!

I've been trying to work with 1.1.2 but the results are pretty much the
same, except that connecting client exits with the weird "Family none"
printing appears for every error to occur.

Here's conf file I am using to run the daemon-dbus:


<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0
//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- Our well-known bus type, do not change this -->
  <type>session</type>

  <!-- Run as special user -->
<!--  <user>messagebus</user> -->

  <!-- Fork into daemon mode -->
  <fork/>

  <!-- Write a pid file -->
  <pidfile>/tmp/dbus/sergey-pid</pidfile>

  <!-- Only allow socket-credentials-based authentication -->
  <auth>ANONYMOUS</auth>

  <!-- Only listen on a local socket. (abstract=/path/to/socket
       means use abstract namespace, don't really create filesystem
       file; only Linux supports this. Use path=/whatever on other
       systems.) -->
  <!-- <listen>unix:path=/var/run/dbus/system_bus_socket</listen> -->
  <listen>tcp:host=0.0.0.0,port=6666</listen>

  <policy context="default">
    <!-- Deny everything then punch holes -->
    <allow send_interface="*"/>
    <allow receive_interface="*"/>

  <allow own="*"/>
    <!-- But allow all users to connect -->
    <allow user="*"/>
    <!-- Allow anyone to talk to the message bus -->
    <!-- FIXME I think currently these allow rules are always implicit
         even if they aren't in here -->
    <allow send_destination="org.freedesktop.DBus"/>
    <allow receive_sender="org.freedesktop.DBus"/>
    <!-- valid replies are always allowed -->
    <allow send_requested_reply="true"/>
    <allow receive_requested_reply="true"/>
  </policy>


  <!-- Config files are placed here that among other things, punch
       holes in the above policy for specific services. -->
  <includedir>system.d</includedir>

  <!-- This is included last so local configuration can override what's
       in this standard file -->
  <include ignore_missing="yes">system-local.conf</include>

  <include if_selinux_enabled="yes"
selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>


 What am I doing wrong?



On 8/1/07, Havoc Pennington <hp at redhat.com> wrote:
>
> Hi,
>
> Sergey Struzh wrote:
> > (browsing the mail list I found that when running
> > dbus-daemon as root "DBUS_COOKIE_SHA1" could work but so far it fails
> > for me).
>
> The cookie mechanism involves both sides of the connection seeing the
> same home directory, e.g. with NFS home directory mounts.
>
> > I understand also that future versions of DBus is planned to
> > include "ANONYMOUS", so can someone provide me with release number it is
> > going to be included in (and approximate date for it)?
>
> It is already in the current development release, see the dbus web site.
> The final 1.2 release should be in the next few months. You can go ahead
> and test with 1.1.2 though.
>
> > Also, may I ask
> > for simple explanation how the brand new protocol works?
>
> The client says "I want to auth anonymously" and the server says "OK"
> (not an oversimplification - that's all that happens)
>
> > As long as I am not concerned so far with the security issues, my main
> > question is whether there's a simple way to disable authentication in
> > the DBus?
>
> That's what the ANONYMOUS auth is, it is authentication that doesn't
> require you to prove you have any particular identity (i.e. no
> authentication at all)
>
> Havoc
>
>


-- 
Regards,

Sergey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freedesktop.org/archives/dbus/attachments/20070801/c9a23940/attachment.htm

More information about the dbus mailing list