about using privileged (KAuth) helpers: system dbus daemon on OS X?

Sun Sep 25 09:33:49 UTC 2016

On Saturday September 24 2016 11:08:14 Thiago Macieira wrote:

>> Or am I missing something and is there a reason why a session address has to
>> exist when the client wants to connect to the system bus?
>
>That's the part I was missing.

You too? :)

>How about just setting the default to "launchd:", which means that the address 
>exists, even if it is abstract.

Yes, any address would do as long as it's never used, or leads to a clear error being raised. As far as I've been able to tell that is also the case for a NULL address; there are enough protections in place upstreams from init_connections_unlocked() to prevent NULL pointer dereference.

The current fallback is whatever value DBUS_SESSION_BUS_CONNECT_ADDRESS is set to; on Linux that's "autolaunch:", on Mac that could be set to "launchd:" or "launchd:env=FOO" since that appears to be an existing convention.

What I am missing is how to accomplish this fallback. For an outside, the interplay between init_session_address() (in dbus/dbus-bus.c) and _dbus_lookup_session_address() (in dbus/dbus-sysdeps-unix.c) where the former calls the latter is a complex mess (pardon the term).

Currently, _dbus_lookup_session_address() has 2 completely separate code paths, one for launchd support, and one without. This is also a big part of the reason why Mac users cannot do `eval `dbus-launch`` to start an additional session bus when working from a remote X11 display. I have already verified that it is possible to reenable that particular feature by modifying _dbus_lookup_session_address() (and 2 other functions); I'd have to test whether a version as below would also lead to setting a fallback address in init_connections_unlocked().

What do you think of defining _dbus_lookup_session_address() like this?

dbus_bool_t
_dbus_lookup_session_address (dbus_bool_t *supported,
                              DBusString  *address,
                              DBusError   *error)
{
#ifdef DBUS_ENABLE_LAUNCHD
  *supported = TRUE;
  if (_dbus_lookup_session_address_launchd (address, error))
    {
      // success, no need to attempt anything else
      return TRUE;
    }
// dbus can function without launchd like it does on other Unix versions, even when
// it will use launchd by default (on Mac). So there is no need to disable the
// non-launchd code path below.
#endif
  *supported = FALSE;

  if (!_dbus_lookup_user_bus (supported, address, error))
    return FALSE;
#if defined(DBUS_ENABLE_LAUNCHD) && defined(DBUS_ENABLE_VERBOSE_MODE)
  {
    const char *c = _dbus_string_get_const_data (address);
    _dbus_verbose ("traditional session bus lookup yielded address \"%s\"",
              c ? c : "NULL");
  }
#endif
  if (*supported)
    return TRUE;

  /* On non-Mac Unix platforms, if the session address isn't already
   * set in DBUS_SESSION_BUS_ADDRESS environment variable and the
   * $XDG_RUNTIME_DIR/bus can't be used, we punt and fall back to the
   * autolaunch: global default; see init_session_address in
   * dbus/dbus-bus.c. */
  return TRUE;
}

R.