[systemd-devel] Cannot call GetUnit method with ssh
Bao Nguyen
baondt at gmail.com
Tue Mar 12 11:17:20 UTC 2019
Hi again,
I tried to add the LDAP user in /etc/dbus-1/system.conf policy and then
send signal SIGHUP to reload the configuration, also for dbus flush user
cache, but dbus said that
Unknown username "ldap_demo" on element <allow>
Reloaded configuration
I search the source code in dbus. it will
call _dbus_get_user_id_and_primary_group ,
then _dbus_user_database_get_system to search user ldap_demo in its
database but I am not clear how this database is built. Could you please
help me for that?
Is there anyway to make dbus aware the new user except restart dbus? If I
restart dbus, does it have any impact to the system?
Thanks,
Brs,
Bao
On Fri, Mar 8, 2019 at 5:54 PM Lennart Poettering <lennart at poettering.net>
wrote:
> On Fr, 08.03.19 11:59, Mantas Mikulėnas (grawity at gmail.com) wrote:
>
> > > dbus policy can only reference users that are available locally at any
> > > time, i.e. generally system users, not human users.
> > >
> > >
> > Hmm, but in this case, the client seems to be completely refused access
> to
> > the bus – not just blocked by policy from sending some message. The
> system
> > bus normally allows any user to connect (I mean, I have no problems
> > accessing it from an LDAP account), so I'm not sure why the bus config
> > should matter at this point.
>
> At this point this is probably something to move to the dbus list... I
> don#t remember how precisely dbus-daemon authenticates stuff, I just
> have a rough idea.
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20190312/b2beed12/attachment.html>
More information about the systemd-devel
mailing list