about using privileged (KAuth) helpers: system dbus daemon on OS X?

René J.V. Bertin rjvbertin at gmail.com
Sun Sep 18 22:22:25 UTC 2016 

> NB: forcibly pointing the slave to the system dbus socket also provides a working solution:
> %> sudo launchctl setenv DBUS_LAUNCHD_SESSION_BUS_SOCKET "unix:path=/opt/local/var/run/dbus/system_bus_socket"

A proof-of-concept hack that fixes the issue:

in _dbus_lookup_launchd_socket(), check first if DBUS_LAUNCHD_SESSION_BUS_SOCKET is set in the environment before querying launchd :

--- dbus/orig.dbus-sysdeps-unix.c       2016-09-15 22:15:03.000000000 +0200
+++ dbus/dbus-sysdeps-unix.c    2016-09-19 00:12:14.000000000 +0200
@@ -3836,6 +3836,13 @@
 
   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
+  const char *c = getenv (launchd_env_var);
+  if (c && *c)
+    {
+      _dbus_string_append (socket_path, c);
+      return TRUE;
+    }
+
   if (_dbus_check_setuid ())
     {
       dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
@@ -3883,12 +3890,12 @@
   dbus_bool_t valid_socket;
   DBusString socket_path;
 
-  if (_dbus_check_setuid ())
-    {
-      dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
-                            "Unable to find launchd socket when setuid");
-      return FALSE;
-    }
+//   if (_dbus_check_setuid ())
+//     {
+//       dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
+//                             "Unable to find launchd socket when setuid");
+//       return FALSE;
+//     }
 
   if (!_dbus_string_init (&socket_path))
     {

In clear_environment(), ensure the bus is set to system on OS X too. There's probably a way to do that by changing dbus-sysdeps-unix.c so that DBUS_STARTER_ADDRESS is used, but this is simpler (as a PoC, and the function is only used in dbus-daemon-helper-tool anyway):

--- bus/orig.activation-helper.c        2016-09-19 00:05:00.000000000 +0200
+++ bus/activation-helper.c     2016-09-18 22:54:28.000000000 +0200
@@ -159,6 +159,9 @@
   /* Ensure the bus is set to system */
   dbus_setenv ("DBUS_STARTER_ADDRESS", DBUS_SYSTEM_BUS_DEFAULT_ADDRESS);
   dbus_setenv ("DBUS_STARTER_BUS_TYPE", "system");
+#ifdef __APPLE__
+  dbus_setenv ("DBUS_LAUNCHD_SESSION_BUS_SOCKET", DBUS_SYSTEM_BUS_DEFAULT_ADDRESS);
+#endif
 #endif
 
   return TRUE;

More information about the dbus mailing list