per-user dbus
Colin Walters
walters at verbum.org
Tue Nov 10 07:37:10 PST 2009
On Mon, Nov 9, 2009 at 5:16 PM, Lennart Poettering <mzqohf at 0pointer.de> wrote:
>
> While some folks seem not to particularly like the idea (Hey, Colin!)
Well, it's not that I don't like the idea of a per-(kernel,uid) bus,
it's more that I think that's what the "session" bus should be.
In other words, if we have _USER, what should still be using _SESSION?
> For that dbus-launch will talk to a tiny
> auto-spawned dbus system service that can be used to spawn user
> busses.
Would make sense to have this in the system bus process I think (but a
new dbus interface, say org.freedesktop.DBusManagement? better naming
suggestions?)
> That tiny service only has a single method "GetUserBus()"
> whith no arguments. It will create a new user bus for the user
> calling, and returns its address or return the address of an existing
> bus if there already is a user bus for the calling user. It will keep
> track of clients that have issued that call and reference count the
> bus with that. That means the user bus is started when the first
> "dbus-launch --user" is run, and is killed when the last instance of
> it dies.
Sounds reasonable.
> There are some issues to keep in mind though: spawning user code is
> relevant to system security, so we probably need to call into PAM
> before allowing the user bus to be run under the user's uid. I think
> cron does something similar for all user cronjobs is executes.
You mean run pam_session? I'd rather avoid being in the business of
running PAM modules. We're going to be called through gdm, cron, and
ssh which will already be running pam_session.
More information about the dbus
mailing list