D-Bus User Bus

Havoc Pennington hp at pobox.com
Wed May 19 19:12:01 PDT 2010


On Wed, May 19, 2010 at 10:04 PM, Lennart Poettering <mzqohf at 0pointer.de> wrote:
> Maybe as long as this only covers a gconf setting or two. But I am
> pretty sure if actual data loss is involved then people would be pretty
> pissed and ask "Why didn't warn me that app in advance?"

What is the actual data loss beyond some settings?

The problem won't happen with documents.

Apps that store real data generally do attempt some form of locking.
Right now you can't use dbus for that, you have to use a lock file,
which works on network homedirs. I would say you *should* use a lock

(Not an fcntl lock which tends to not really work in real life, but
just a lock file with a timeout on it, much like the one dbus uses for
cookies file...)

> There are more things than just files that have to be managed:
> hardware, network services, and so on. Think PA. Think Rygel. Think
> gnome-user-share. gnome-bluetooth. telepathy. And so on. For them $HOME
> on NFS is completely irrelevant, but they are inherently per-machine,
> not per-session.

I think this is the less-common case, compared to "every other app
that isn't hardware-related" which is the common case.

> Then there are SSH logins (and console, but that doesn't really matter)
> which will not go away. More often than not people are logged in more
> than once if they use SSH (or the console).

So do ssh just like X. start a session bus. ssh needs mods to forward
the dbus address anyway, so somebody should just have an ssh hackfest.

> I'd argue that parallel logins of the same user on the same machines is
> way more likely than parallel network logins.

Really? when is it useful? (other than ssh, anyway)

> And that's reason enough
> to fix the local case even if the network stuff is not really figured
> out. The NFS situation is borked anyway, because we have no good channel
> for communication, and so on. And so far nobody really cared about this,

This is just not true. People have heavily cared about it in the past
and flipped out when it broke.

> I am strongly against mixing priviliged with unpriviliged services on
> one bus. This is just a call for a security desaster.

Most of the stuff on the system bus is not especially privileged, or
has only the exact privs it needs. And all users/apps can connect to
the system bus anyhow.


More information about the dbus mailing list