Announcing dbus 1.11.18

Simon McVittie smcv at collabora.com
Mon Sep 25 23:50:27 UTC 2017 

The “vampire conquistador” release.

1.11.x is a development branch, eading towards a 1.12.x stable branch.
This release is basically 1.12 beta 1: it might gain some minor features
before 1.12.0, but significant feature work is now deferred until 1.13.x.

https://dbus.freedesktop.org/releases/dbus/dbus-1.11.18.tar.gz
https://dbus.freedesktop.org/releases/dbus/dbus-1.11.18.tar.gz.asc
git tag: dbus-1.11.18
git branch: master

Build-time configuration changes:

• By default, dbus-daemon on Unix no longer checks for flag files
  /var/run/console/${username} created by the obsolete pam_console and
  pam_foreground PAM modules when deciding whether ${username} is
  currently at the console. The old default behaviour can be restored
  by specifying --with-console-auth-dir=/var/run/console in the
  recommended Autotools build system, or
  -DDBUS_CONSOLE_AUTH_DIR=/var/run/console in CMake. This feature is
  now deprecated, and will be removed in dbus 1.13 unless feedback via
  fd.o #101629 indicates that this would be problematic.
  (fd.o #101629, Simon McVittie)

• LSB-style init scripts for Red Hat and Slackware, and a non-LSB init
  script for Cygwin, are no longer provided in the upstream dbus
  source. We recommend that distributors who support non-systemd service
  management should maintain their own init scripts or other service
  manager integration as part of their downstream packaging, similar to
  the way Debian distributes a Debian-specific LSB init script for dbus.

  The systemd unit continues to be maintained as part of the upstream
  dbus source, because it receives regular testing and maintenance.

  (fd.o #101706, Simon McVittie)

• The process ID file created by the system bus is no longer influenced
  by the --with-init-scripts=redhat configure option or the presence of
  /etc/redhat-release at build time. If your OS's init script or other
  service management relies on the Red Hat-style pid file, it can be
  restored by specifying --with-system-pid-file=/run/messagebus.pid at
  configure time or using the <pidfile> directive in bus configuration.

  Note that the upstream-supplied systemd unit runs dbus-daemon with
  the --nopidfile option, so it does not normally write a pid file,
  regardless of whether the OS is Red-Hat-derived or not.

  (fd.o #101706, Simon McVittie)

Enhancements:

• <allow> and <deny> rules in dbus-daemon configuration can now
  include send_broadcast="true" or send_broadcast="false", which make
  the rule only match broadcast signals, or only match messages that
  are not broadcast signals, respectively.
  (fd.o #29853, Simon McVittie)

• <allow> and <deny> rules can now be configured to apply only to
  messages with or without Unix file descriptors attached. This would
  typically be used in rules like these:
  <allow send_destination="..." max_unix_fds="0"/>
  <deny send_destination="..." min_unix_fds="1"/>
  <deny receive_sender="..." min_unix_fds="1"/>
  but can also be used to set a nonzero upper limit on the number of
  file descriptors:
  <allow send_destination="..." max_unix_fds="4"/>
  (fd.o #101848, Simon McVittie)

• On Unix platforms, the DBUS_COOKIE_SHA1 authentication mechanism
  now respects the HOME environment variable on the client side, and
  on the server side when the uid attempting to connect is the same
  as the uid of the server. This allows the automated tests to pass in
  environments where the user's "official" home directory in /etc/passwd
  is nonexistent, such as Debian autobuilders.
  (fd.o #101960, Simon McVittie)

Fixes:

• When parsing dbus-daemon configuration, tell Expat not to use
  cryptographic-quality entropy as a salt for its hash tables: we trust
  the configuration files, so we are not concerned about algorithmic
  complexity attacks via hash table collisions. This prevents
  dbus-daemon --system from holding up the boot process (and causing
  early-boot system services like systemd, logind, networkd to time
  out) on entropy-starved embedded systems.
  (fd.o #101858, Simon McVittie)

• Avoid a -Werror=declaration-after-statement build failure on Solaris
  (fd.o #102145, Alan Coopersmith)

• On Unix platform, drop DBUS_SYSTEM_LOG_INFO messages from LOG_NOTICE
  to LOG_INFO, matching how we use this log level in practice
  (fd.o #102686, Simon McVittie)

-- 
Simon McVittie
Collabora Ltd.

More information about the dbus mailing list