Let root query screensaver status for user
Krzysztof Konopko
krzysztof.konopko at youview.com
Fri Nov 9 07:19:51 PST 2012
Hi Joe,
By default session bus doesn't allow to connect users other than the one
that owns the session bus. The idea is that every user runs their
private session. You don't even get to a point where you'd be able to
make *any* method call as the root user is first of all denied to
connect to the bus.
Quite opposite is for the system bus where everyone is allowed to
connect to the bus but the method calls are policed. See <allow
user="*"/> in system.conf in the default context.
It's tempting to add <allow user="root"> in session.conf or
session-local.conf but I wouldn't recommend that. Instead why don't you
just call sudo -u <your user> dbus-send (or with su) instead?
HTH,
Kris
On 09/11/12 15:04, Johannes Bauer wrote:
> Hi list,
>
> I'm having trouble here: I have a script that runs as root and needs to
> determine the screensaver status of the only user using the system. When
> I do the dbus query as the user, it works nicely:
>
> dbus-send --session --dest=org.gnome.ScreenSaver --type=method_call
> --print-reply /org/gnome/ScreenSaver org.gnome.ScreenSaver.GetActive
>
> When I do it from within my script as root, the method call succeeds,
> but always returns "false". Obviously, since the
> DBUS_SESSION_BUS_ADDRESS environment variable isn't set as root. When I
> set it as root to the value that it has for my user, it doesn't work
> either, however:
>
> Failed to open connection to "session" message bus: Did not receive a
> reply. Possible causes include: the remote application did not send a
> reply, the message bus security policy blocked the reply, the reply
> timeout expired, or the network connection was broken.
>
> How can I enable root to query that information? I tried to add a file
> called /etc/dbus-1/session.d/allow_root_screensaver.conf in which I wrote
>
> [...]
> <policy user="root">
> <allow send_destination="org.gnome.ScreenSaver"/>
> <allow send_destination="org.gnome.ScreenSaver"
> send_interface="org.gnome.ScreenSaver.GetActive"/>
> </policy>
> [...]
>
> But this didn't change anything (yes, I restarted dbus). How can I do
> this?
>
> Best regards,
> Joe
> _______________________________________________
> dbus mailing list
> dbus at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/dbus
>
More information about the dbus
mailing list