Connect plugin to program
John (J5) Palmieri
johnp at redhat.com
Mon Sep 15 08:41:34 PDT 2008
On Sun, 2008-09-14 at 13:14 +0200, Timo wrote:
> Ignacio Vazquez-Abrams schreef:
> > On Sat, 2008-09-13 at 14:23 +0200, Timo wrote:
> >
> >> Hello all, I want to know if the following can be done with d-bus.
> >> I have written a program that needs to do all of it's commands as root,
> >> so I always start it as root. Now I want to write a plugin for a
> >> messenger client that also needs to do these commands, but instead of
> >> activating the plugin as root, I was thinking if it was possible to
> >> start my main program (as root ofcourse) and then let the plugin use the
> >> commands in the program. So the plugin can be used as normal user, but
> >> can execute commands that need root-privileges.
> >> Can d-bus do something like this? The program + plugin are written in
> >> Python.
> >>
> >
> > Take a look at hal and gnome-volume-manager for an example of something
> > like this.
> >
> >
>
> Thanks, but I know very little about C, so has anyone tips/examples for
> doing this in Python?
>
> I found a simple example (
> http://www.flaper87.org/2008/06/04/communicating-with-our-application-using-python-and-dbus
> ), and it works. But if I start the code as root (like my program will
> be), I can't connect to it as normal user.
>
> Timo
First you should check out oddjob
(http://people.redhat.com/nalin/oddjob/) which runs scripts as root but
also supplies a security model on top. It is written in C but uses XML
files to describe what messages to execute scripts on and who has access
to those scripts.
Secondly, if you want to talk to a daemon running on the system bus,
that daemon must have an associated policy file which describes who can
talk to that daemon. Check out /etc/dbus-1/system.d for examples.
Remember if you don't configure that correctly it could become a huge
security hole.
--
John (J5) Palmieri <johnp at redhat.com>
More information about the dbus
mailing list