DBusServer * _dbus_server_new_for_launchd (const char *launchd_env_var, DBusError * error) { #ifdef DBUS_ENABLE_LAUNCHD DBusServer *server; DBusString address; int launchd_fd; launch_data_t sockets_dict, checkin_response; launch_data_t checkin_request; launch_data_t listening_fd_array, listening_fd; launch_data_t environment_dict, environment_param; const char *launchd_socket_path, *display; launchd_socket_path = _dbus_getenv (launchd_env_var); display = _dbus_getenv ("DISPLAY"); _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (launchd_socket_path == NULL || *launchd_socket_path == '\0') { dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS, "launchd's environment variable %s is empty, but should contain a socket path.\n", launchd_env_var); return NULL; } if (!_dbus_string_init (&address)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } if (!_dbus_string_append (&address, "unix:path=")) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto l_failed_0; } if (!_dbus_string_append (&address, launchd_socket_path)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto l_failed_0; } if ((checkin_request = launch_data_new_string (LAUNCH_KEY_CHECKIN)) == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, "launch_data_new_string(\"%s\") Unable to create string.\n", LAUNCH_KEY_CHECKIN); goto l_failed_0; } if ((checkin_response = launch_msg (checkin_request)) == NULL) { dbus_set_error (error, DBUS_ERROR_IO_ERROR, "launch_msg(\"%s\") IPC failure: %s\n", LAUNCH_KEY_CHECKIN, strerror (errno)); goto l_failed_0; } if (LAUNCH_DATA_ERRNO == launch_data_get_type (checkin_response)) { dbus_set_error (error, DBUS_ERROR_FAILED, "Check-in failed: %s\n", strerror (launch_data_get_errno (checkin_response))); goto l_failed_0; } sockets_dict = launch_data_dict_lookup (checkin_response, LAUNCH_JOBKEY_SOCKETS); if (NULL == sockets_dict) { dbus_set_error (error, DBUS_ERROR_IO_ERROR, "No sockets found to answer requests on!\n"); goto l_failed_0; } listening_fd_array = launch_data_dict_lookup (sockets_dict, "unix_domain_listener"); if (NULL == listening_fd_array) { dbus_set_error (error, DBUS_ERROR_IO_ERROR, "No known sockets found to answer requests on!\n"); goto l_failed_0; } if (launch_data_array_get_count (listening_fd_array) != 1) { dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, "Expected 1 socket from launchd, got %d.\n", launch_data_array_get_count (listening_fd_array)); goto l_failed_0; } listening_fd = launch_data_array_get_index (listening_fd_array, 0); launchd_fd = launch_data_get_fd (listening_fd); _dbus_fd_set_close_on_exec (launchd_fd); if (launchd_fd < 0) { _DBUS_ASSERT_ERROR_IS_SET (error); goto l_failed_0; if (display == NULL || *display == '\0') { environment_dict = launch_data_dict_lookup (checkin_response, LAUNCH_JOBKEY_USERENVIRONMENTVARIABLES); if (NULL == environment_dict) { _dbus_warn ("Unable to retrieve user environment from launchd."); } else { environment_param = launch_data_dict_lookup (environment_dict, "DISPLAY"); if (NULL == environment_param) { _dbus_warn ("Unable to retrieve DISPLAY from launchd."); } else { display = launch_data_get_string(environment_param); dbus_setenv ("DISPLAY", display); } } } } server = _dbus_server_new_for_socket (&launchd_fd, 1, &address, 0, error); if (server == NULL) { goto l_failed_0; } _dbus_string_free (&address); return server; l_failed_0: _dbus_string_free (&address); return NULL; #else /* DBUS_ENABLE_LAUNCHD */ dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS, "address type 'launchd' requested, but launchd support not compiled in"); return NULL; #endif }
BusDesktopFile* bus_desktop_file_load (DBusString *filename, DBusError *error) { DBusString str; BusDesktopFileParser parser; DBusStat sb; _DBUS_ASSERT_ERROR_IS_CLEAR (error); /* Clearly there's a race here, but it's just to make it unlikely * that we do something silly, we still handle doing it below. */ if (!_dbus_stat (filename, &sb, error)) return NULL; if (sb.size > _DBUS_ONE_KILOBYTE * 128) { dbus_set_error (error, DBUS_ERROR_FAILED, "Desktop file size (%ld bytes) is too large", (long) sb.size); return NULL; } if (!_dbus_string_init (&str)) { BUS_SET_OOM (error); return NULL; } if (!_dbus_file_get_contents (&str, filename, error)) { _dbus_string_free (&str); return NULL; } if (!_dbus_string_validate_utf8 (&str, 0, _dbus_string_get_length (&str))) { _dbus_string_free (&str); dbus_set_error (error, DBUS_ERROR_FAILED, "invalid UTF-8"); return NULL; } parser.desktop_file = dbus_new0 (BusDesktopFile, 1); if (parser.desktop_file == NULL) { _dbus_string_free (&str); BUS_SET_OOM (error); return NULL; } parser.data = str; parser.line_num = 1; parser.pos = 0; parser.len = _dbus_string_get_length (&parser.data); parser.current_section = -1; while (parser.pos < parser.len) { if (_dbus_string_get_byte (&parser.data, parser.pos) == '[') { if (!parse_section_start (&parser, error)) { return NULL; } } else if (is_blank_line (&parser) || _dbus_string_get_byte (&parser.data, parser.pos) == '#') parse_comment_or_blank (&parser); else if (parser.current_section < 0) { dbus_set_error(error, DBUS_ERROR_FAILED, "invalid service file: key=value before [Section]"); return NULL; } else { if (!parse_key_value (&parser, error)) { return NULL; } } } _dbus_string_free (&parser.data); return parser.desktop_file; }
/** * Does the chdir, fork, setsid, etc. to become a daemon process. * * @param pidfile #NULL, or pidfile to create * @param print_pid_fd file descriptor to print daemon's pid to, or -1 for none * @param error return location for errors * @returns #FALSE on failure */ dbus_bool_t _dbus_become_daemon (const DBusString *pidfile, int print_pid_fd, DBusError *error) { const char *s; pid_t child_pid; int dev_null_fd; _dbus_verbose ("Becoming a daemon...\n"); _dbus_verbose ("chdir to /\n"); if (chdir ("/") < 0) { dbus_set_error (error, DBUS_ERROR_FAILED, "Could not chdir() to root directory"); return FALSE; } _dbus_verbose ("forking...\n"); switch ((child_pid = fork ())) { case -1: _dbus_verbose ("fork failed\n"); dbus_set_error (error, _dbus_error_from_errno (errno), "Failed to fork daemon: %s", _dbus_strerror (errno)); return FALSE; break; case 0: _dbus_verbose ("in child, closing std file descriptors\n"); /* silently ignore failures here, if someone * doesn't have /dev/null we may as well try * to continue anyhow */ dev_null_fd = open ("/dev/null", O_RDWR); if (dev_null_fd >= 0) { dup2 (dev_null_fd, 0); dup2 (dev_null_fd, 1); s = _dbus_getenv ("DBUS_DEBUG_OUTPUT"); if (s == NULL || *s == '\0') dup2 (dev_null_fd, 2); else _dbus_verbose ("keeping stderr open due to DBUS_DEBUG_OUTPUT\n"); } /* Get a predictable umask */ _dbus_verbose ("setting umask\n"); umask (022); break; default: if (pidfile) { _dbus_verbose ("parent writing pid file\n"); if (!_dbus_write_pid_file (pidfile, child_pid, error)) { _dbus_verbose ("pid file write failed, killing child\n"); kill (child_pid, SIGTERM); return FALSE; } } /* Write PID if requested */ if (print_pid_fd >= 0) { DBusString pid; int bytes; if (!_dbus_string_init (&pid)) { _DBUS_SET_OOM (error); kill (child_pid, SIGTERM); return FALSE; } if (!_dbus_string_append_int (&pid, child_pid) || !_dbus_string_append (&pid, "\n")) { _dbus_string_free (&pid); _DBUS_SET_OOM (error); kill (child_pid, SIGTERM); return FALSE; } bytes = _dbus_string_get_length (&pid); if (_dbus_write_socket (print_pid_fd, &pid, 0, bytes) != bytes) { dbus_set_error (error, DBUS_ERROR_FAILED, "Printing message bus PID: %s\n", _dbus_strerror (errno)); _dbus_string_free (&pid); kill (child_pid, SIGTERM); return FALSE; } _dbus_string_free (&pid); } _dbus_verbose ("parent exiting\n"); _exit (0); break; } _dbus_verbose ("calling setsid()\n"); if (setsid () == -1) _dbus_assert_not_reached ("setsid() failed"); return TRUE; }
/** * Creates a new server listening on TCP. * If host is NULL, it will default to localhost. * If bind is NULL, it will default to the value for the host * parameter, and if that is NULL, then localhost * If bind is a hostname, it will be resolved and will listen * on all returned addresses. * If family is NULL, hostname resolution will try all address * families, otherwise it can be ipv4 or ipv6 to restrict the * addresses considered. * * @param host the hostname to report for the listen address * @param bind the hostname to listen on * @param port the port to listen on or 0 to let the OS choose * @param family * @param error location to store reason for failure. * @param use_nonce whether to use a nonce for low-level authentication (nonce-tcp transport) or not (tcp transport) * @returns the new server, or #NULL on failure. */ DBusServer* _dbus_server_new_for_tcp_socket (const char *host, const char *bind, const char *port, const char *family, DBusError *error, dbus_bool_t use_nonce) { DBusServer *server; int *listen_fds = NULL; int nlisten_fds = 0, i; DBusString address; DBusString host_str; DBusString port_str; DBusNonceFile *noncefile; _DBUS_ASSERT_ERROR_IS_CLEAR (error); noncefile = NULL; if (!_dbus_string_init (&address)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } if (!_dbus_string_init (&port_str)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_0; } if (host == NULL) host = "localhost"; if (port == NULL) port = "0"; if (bind == NULL) bind = host; else if (strcmp (bind, "*") == 0) bind = NULL; nlisten_fds =_dbus_listen_tcp_socket (bind, port, family, &port_str, &listen_fds, error); if (nlisten_fds <= 0) { _DBUS_ASSERT_ERROR_IS_SET(error); goto failed_1; } _dbus_string_init_const (&host_str, host); if (!_dbus_string_append (&address, use_nonce ? "nonce-tcp:host=" : "tcp:host=") || !_dbus_address_append_escaped (&address, &host_str) || !_dbus_string_append (&address, ",port=") || !_dbus_string_append (&address, _dbus_string_get_const_data(&port_str))) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_2; } if (family && (!_dbus_string_append (&address, ",family=") || !_dbus_string_append (&address, family))) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_2; } if (use_nonce) { noncefile = dbus_new0 (DBusNonceFile, 1); if (noncefile == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_2; } if (!_dbus_noncefile_create (noncefile, error)) goto failed_3; if (!_dbus_string_append (&address, ",noncefile=") || !_dbus_address_append_escaped (&address, _dbus_noncefile_get_path (noncefile))) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_4; } } server = _dbus_server_new_for_socket (listen_fds, nlisten_fds, &address, noncefile); if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); if (noncefile != NULL) goto failed_4; else goto failed_2; } _dbus_string_free (&port_str); _dbus_string_free (&address); dbus_free(listen_fds); return server; failed_4: _dbus_noncefile_delete (noncefile, NULL); failed_3: dbus_free (noncefile); failed_2: for (i = 0 ; i < nlisten_fds ; i++) _dbus_close_socket (listen_fds[i], NULL); dbus_free(listen_fds); failed_1: _dbus_string_free (&port_str); failed_0: _dbus_string_free (&address); return NULL; }
/** * Writes the given pid_to_write to a pidfile (if non-NULL) and/or to a * pipe (if non-NULL). Does nothing if pidfile and print_pid_pipe are both * NULL. * * @param pidfile the file to write to or #NULL * @param print_pid_pipe the pipe to write to or #NULL * @param pid_to_write the pid to write out * @param error error on failure * @returns FALSE if error is set */ dbus_bool_t _dbus_write_pid_to_file_and_pipe (const DBusString *pidfile, DBusPipe *print_pid_pipe, dbus_pid_t pid_to_write, DBusError *error) { if (pidfile) { _dbus_verbose ("writing pid file %s\n", _dbus_string_get_const_data (pidfile)); if (!_dbus_write_pid_file (pidfile, pid_to_write, error)) { _dbus_verbose ("pid file write failed\n"); _DBUS_ASSERT_ERROR_IS_SET(error); return FALSE; } } else { _dbus_verbose ("No pid file requested\n"); } if (print_pid_pipe != NULL && _dbus_pipe_is_valid (print_pid_pipe)) { DBusString pid; int bytes; _dbus_verbose ("writing our pid to pipe %"PRIuPTR"\n", print_pid_pipe->fd_or_handle); if (!_dbus_string_init (&pid)) { _DBUS_SET_OOM (error); return FALSE; } if (!_dbus_string_append_int (&pid, pid_to_write) || !_dbus_string_append (&pid, "\n")) { _dbus_string_free (&pid); _DBUS_SET_OOM (error); return FALSE; } bytes = _dbus_string_get_length (&pid); if (_dbus_pipe_write (print_pid_pipe, &pid, 0, bytes, error) != bytes) { /* _dbus_pipe_write sets error only on failure, not short write */ if (error != NULL && !dbus_error_is_set(error)) { dbus_set_error (error, DBUS_ERROR_FAILED, "Printing message bus PID: did not write enough bytes\n"); } _dbus_string_free (&pid); return FALSE; } _dbus_string_free (&pid); } else { _dbus_verbose ("No pid pipe to write to\n"); } return TRUE; }
/** * Appends the contents of the given file to the string, * returning error code. At the moment, won't open a file * more than a megabyte in size. * * @param str the string to append to * @param filename filename to load * @param error place to set an error * @returns #FALSE if error was set */ dbus_bool_t _dbus_file_get_contents (DBusString *str, const DBusString *filename, DBusError *error) { HANDLE hnd; DWORD fsize; DWORD fsize_hi; int orig_len; unsigned int total; const char *filename_c; _DBUS_ASSERT_ERROR_IS_CLEAR (error); filename_c = _dbus_string_get_const_data (filename); hnd = CreateFileA (filename_c, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (hnd == INVALID_HANDLE_VALUE) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Failed to open \"%s\": %s", filename_c, emsg); _dbus_win_free_error_string (emsg); return FALSE; } _dbus_verbose ("file %s hnd %p opened\n", filename_c, hnd); fsize = GetFileSize (hnd, &fsize_hi); if (fsize == 0xFFFFFFFF && GetLastError() != NO_ERROR) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Failed to get file size for \"%s\": %s", filename_c, emsg); _dbus_win_free_error_string (emsg); _dbus_verbose ("GetFileSize() failed: %s", emsg); CloseHandle (hnd); return FALSE; } if (fsize_hi != 0 || fsize > _DBUS_ONE_MEGABYTE) { dbus_set_error (error, DBUS_ERROR_FAILED, "File size %lu/%lu of \"%s\" is too large.", (unsigned long) fsize_hi, (unsigned long) fsize, filename_c); CloseHandle (hnd); return FALSE; } total = 0; orig_len = _dbus_string_get_length (str); if (fsize > 0) { int bytes_read; while (total < fsize) { bytes_read = _dbus_file_read (hnd, str, fsize - total, error); if (bytes_read <= 0) { if (bytes_read == 0) { dbus_set_error (error, DBUS_ERROR_FAILED, "Premature EOF reading \"%s\"", filename_c); } else _DBUS_ASSERT_ERROR_IS_SET (error); CloseHandle (hnd); _dbus_string_set_length (str, orig_len); return FALSE; } else total += bytes_read; } CloseHandle (hnd); return TRUE; } else { CloseHandle (hnd); return TRUE; } }
static dbus_bool_t __ni_objectmodel_bonding_set_slaves(ni_dbus_object_t *object, const ni_dbus_property_t *property, const ni_dbus_variant_t *result, DBusError *error) { ni_bonding_t *bond; ni_dbus_variant_t *var; unsigned int i; if (!(bond = __ni_objectmodel_bonding_write_handle(object, error))) return FALSE; if (!ni_dbus_variant_is_dict_array(result)) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s.%s property - expected dict array", object->path, property->name); return FALSE; } ni_string_free(&bond->primary_slave); ni_string_free(&bond->active_slave); ni_string_array_destroy(&bond->slave_names); for (i = 0, var = result->variant_array_value; i < result->array.len; ++i, ++var) { dbus_bool_t is_primary = FALSE; dbus_bool_t is_active = FALSE; const char *slave_name; if (!ni_dbus_dict_get_string(var, "device", &slave_name)) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s.%s property - missing device attribute", object->path, property->name); return FALSE; } if (ni_string_array_index(&bond->slave_names, slave_name) != -1) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s.%s property - duplicate slave devices", object->path, property->name); return FALSE; } if (ni_dbus_dict_get_bool(var, "primary", &is_primary) && is_primary) { if (bond->primary_slave) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s.%s property - duplicate primary device", object->path, property->name); return FALSE; } ni_string_dup(&bond->primary_slave, slave_name); } if (ni_dbus_dict_get_bool(var, "active", &is_active) && is_active) { if (bond->active_slave) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s.%s property - duplicate active device", object->path, property->name); return FALSE; } ni_string_dup(&bond->active_slave, slave_name); } ni_string_array_append(&bond->slave_names, slave_name); } return TRUE; }
static dbus_bool_t fill_group_info (DBusGroupInfo *info, dbus_gid_t gid, const DBusString *groupname, DBusError *error) { const char *group_c_str; _dbus_assert (groupname != NULL || gid != DBUS_GID_UNSET); _dbus_assert (groupname == NULL || gid == DBUS_GID_UNSET); if (groupname) group_c_str = _dbus_string_get_const_data (groupname); else group_c_str = NULL; /* For now assuming that the getgrnam() and getgrgid() flavors * always correspond to the pwnam flavors, if not we have * to add more configure checks. */ #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R) { struct group *g; int result; size_t buflen; char *buf; struct group g_str; dbus_bool_t b; /* retrieve maximum needed size for buf */ buflen = sysconf (_SC_GETGR_R_SIZE_MAX); /* sysconf actually returns a long, but everything else expects size_t, * so just recast here. * https://bugs.freedesktop.org/show_bug.cgi?id=17061 */ if ((long) buflen <= 0) buflen = 1024; result = -1; while (1) { buf = dbus_malloc (buflen); if (buf == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return FALSE; } g = NULL; #ifdef HAVE_POSIX_GETPWNAM_R if (group_c_str) result = getgrnam_r (group_c_str, &g_str, buf, buflen, &g); else result = getgrgid_r (gid, &g_str, buf, buflen, &g); #else g = getgrnam_r (group_c_str, &g_str, buf, buflen); result = 0; #endif /* !HAVE_POSIX_GETPWNAM_R */ /* Try a bigger buffer if ERANGE was returned: https://bugs.freedesktop.org/show_bug.cgi?id=16727 */ if (result == ERANGE && buflen < 512 * 1024) { dbus_free (buf); buflen *= 2; } else { break; } } if (result == 0 && g == &g_str) { b = fill_user_info_from_group (g, info, error); dbus_free (buf); return b; } else { dbus_set_error (error, _dbus_error_from_errno (errno), "Group %s unknown or failed to look it up\n", group_c_str ? group_c_str : "???"); dbus_free (buf); return FALSE; } } #else /* ! HAVE_GETPWNAM_R */ { /* I guess we're screwed on thread safety here */ struct group *g; g = getgrnam (group_c_str); if (g != NULL) { return fill_user_info_from_group (g, info, error); } else { dbus_set_error (error, _dbus_error_from_errno (errno), "Group %s unknown or failed to look it up\n", group_c_str ? group_c_str : "???"); return FALSE; } } #endif /* ! HAVE_GETPWNAM_R */ }
/** * Creates a new server listening on the given Unix domain socket. * * @param path the path for the domain socket. * @param abstract #TRUE to use abstract socket namespace * @param error location to store reason for failure. * @returns the new server, or #NULL on failure. */ DBusServer* _dbus_server_new_for_domain_socket (const char *path, dbus_bool_t abstract, DBusError *error) { DBusServer *server; int listen_fd; DBusString address; char *path_copy; DBusString path_str; _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (!_dbus_string_init (&address)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } _dbus_string_init_const (&path_str, path); if ((abstract && !_dbus_string_append (&address, "unix:abstract=")) || (!abstract && !_dbus_string_append (&address, "unix:path=")) || !_dbus_address_append_escaped (&address, &path_str)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_0; } path_copy = _dbus_strdup (path); if (path_copy == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_0; } listen_fd = _dbus_listen_unix_socket (path, abstract, error); if (listen_fd < 0) { _DBUS_ASSERT_ERROR_IS_SET (error); goto failed_1; } server = _dbus_server_new_for_socket (&listen_fd, 1, &address, 0); if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto failed_2; } _dbus_server_socket_own_filename(server, path_copy); _dbus_string_free (&address); return server; failed_2: _dbus_close_socket (listen_fd, NULL); failed_1: dbus_free (path_copy); failed_0: _dbus_string_free (&address); return NULL; }
/** * Creates the client-side transport for * a debug-pipe connection connected to the * given debug-pipe server name. * * @param server_name name of server to connect to * @param error address where an error can be returned. * @returns #NULL on no memory or transport */ DBusTransport* _dbus_transport_debug_pipe_new (const char *server_name, DBusError *error) { DBusTransport *client_transport; DBusTransport *server_transport; DBusConnection *connection; int client_fd, server_fd; DBusServer *server; DBusString address; _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (server_pipe_hash == NULL) { dbus_set_error (error, DBUS_ERROR_NO_SERVER, NULL); return NULL; } server = _dbus_hash_table_lookup_string (server_pipe_hash, server_name); if (server == NULL || ((DBusServerDebugPipe*)server)->disconnected) { dbus_set_error (error, DBUS_ERROR_NO_SERVER, NULL); return NULL; } if (!_dbus_string_init (&address)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } if (!_dbus_string_append (&address, "debug-pipe:name=") || !_dbus_string_append (&address, server_name)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_string_free (&address); return NULL; } if (!_dbus_full_duplex_pipe (&client_fd, &server_fd, FALSE, NULL)) { _dbus_verbose ("failed to create full duplex pipe\n"); dbus_set_error (error, DBUS_ERROR_FAILED, "Could not create full-duplex pipe"); _dbus_string_free (&address); return NULL; } client_transport = _dbus_transport_new_for_socket (client_fd, NULL, &address); if (client_transport == NULL) { _dbus_close_socket (client_fd, NULL); _dbus_close_socket (server_fd, NULL); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_string_free (&address); return NULL; } _dbus_string_free (&address); client_fd = -1; server_transport = _dbus_transport_new_for_socket (server_fd, &server->guid_hex, NULL); if (server_transport == NULL) { _dbus_transport_unref (client_transport); _dbus_close_socket (server_fd, NULL); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } server_fd = -1; if (!_dbus_transport_set_auth_mechanisms (server_transport, (const char**) server->auth_mechanisms)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_transport_unref (server_transport); _dbus_transport_unref (client_transport); return NULL; } connection = _dbus_connection_new_for_transport (server_transport); _dbus_transport_unref (server_transport); server_transport = NULL; if (connection == NULL) { _dbus_transport_unref (client_transport); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } /* See if someone wants to handle this new connection, * self-referencing for paranoia */ if (server->new_connection_function) { dbus_server_ref (server); (* server->new_connection_function) (server, connection, server->new_connection_data); dbus_server_unref (server); } /* If no one grabbed a reference, the connection will die, * and the client transport will get an immediate disconnect */ _dbus_connection_close_if_only_one_ref (connection); dbus_connection_unref (connection); return client_transport; }
/** * Get a printable string describing the command used to execute * the process with pid. This string should only be used for * informative purposes such as logging; it may not be trusted. * * The command is guaranteed to be printable ASCII and no longer * than max_len. * * @param pid Process id * @param str Append command to this string * @param max_len Maximum length of returned command * @param error return location for errors * @returns #FALSE on error */ dbus_bool_t _dbus_command_for_pid (unsigned long pid, DBusString *str, int max_len, DBusError *error) { /* This is all Linux-specific for now */ DBusString path; DBusString cmdline; int fd; if (!_dbus_string_init (&path)) { _DBUS_SET_OOM (error); return FALSE; } if (!_dbus_string_init (&cmdline)) { _DBUS_SET_OOM (error); _dbus_string_free (&path); return FALSE; } if (!_dbus_string_append_printf (&path, "/proc/%ld/cmdline", pid)) goto oom; fd = open (_dbus_string_get_const_data (&path), O_RDONLY); if (fd < 0) { dbus_set_error (error, _dbus_error_from_errno (errno), "Failed to open \"%s\": %s", _dbus_string_get_const_data (&path), _dbus_strerror (errno)); goto fail; } if (!_dbus_read (fd, &cmdline, max_len)) { dbus_set_error (error, _dbus_error_from_errno (errno), "Failed to read from \"%s\": %s", _dbus_string_get_const_data (&path), _dbus_strerror (errno)); goto fail; } if (!_dbus_close (fd, error)) goto fail; string_squash_nonprintable (&cmdline); if (!_dbus_string_copy (&cmdline, 0, str, _dbus_string_get_length (str))) goto oom; _dbus_string_free (&cmdline); _dbus_string_free (&path); return TRUE; oom: _DBUS_SET_OOM (error); fail: _dbus_string_free (&cmdline); _dbus_string_free (&path); return FALSE; }
/** * Creates a new debug server using an in-process pipe * * @param server_name the name of the server. * @param error address where an error can be returned. * @returns a new server, or #NULL on failure. */ DBusServer* _dbus_server_debug_pipe_new (const char *server_name, DBusError *error) { DBusServerDebugPipe *debug_server; DBusString address; DBusString name_str; _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (!pipe_hash_ref ()) return NULL; if (_dbus_hash_table_lookup_string (server_pipe_hash, server_name) != NULL) { dbus_set_error (error, DBUS_ERROR_ADDRESS_IN_USE, NULL); pipe_hash_unref (); return NULL; } debug_server = dbus_new0 (DBusServerDebugPipe, 1); if (debug_server == NULL) goto nomem_0; if (!_dbus_string_init (&address)) goto nomem_1; _dbus_string_init_const (&name_str, server_name); if (!_dbus_string_append (&address, "debug-pipe:name=") || !_dbus_address_append_escaped (&address, &name_str)) goto nomem_2; debug_server->name = _dbus_strdup (server_name); if (debug_server->name == NULL) goto nomem_2; if (!_dbus_server_init_base (&debug_server->base, &debug_vtable, &address)) goto nomem_3; if (!_dbus_hash_table_insert_string (server_pipe_hash, debug_server->name, debug_server)) goto nomem_4; _dbus_string_free (&address); /* server keeps the pipe hash ref */ _dbus_server_trace_ref (&debug_server->base, 0, 1, "debug_pipe_new"); return (DBusServer *)debug_server; nomem_4: _dbus_server_finalize_base (&debug_server->base); nomem_3: dbus_free (debug_server->name); nomem_2: _dbus_string_free (&address); nomem_1: dbus_free (debug_server); nomem_0: pipe_hash_unref (); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; }
/* * Create a new TUN/TAP interface */ static ni_netdev_t * __ni_objectmodel_tuntap_create(ni_netdev_t *cfg, DBusError *error) { ni_netconfig_t *nc = ni_global_state_handle(0); ni_netdev_t *dev = NULL; const char *iftype; const ni_tuntap_t *tuntap; const char *err; int rv; iftype = ni_linktype_type_to_name(cfg->link.type); if (cfg->link.type != NI_IFTYPE_TUN && cfg->link.type != NI_IFTYPE_TAP) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "BUG: Cannot handle %s type in tun/tap factory", iftype); return NULL; } ni_debug_dbus("%s.newDevice(name=%s)", iftype, cfg->name); tuntap = ni_netdev_get_tuntap(cfg); if ((err = ni_tuntap_validate(tuntap))) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s", err); return NULL; } if (ni_string_empty(cfg->name)) { if (ni_string_empty(cfg->name) && (cfg->name = (char *) ni_netdev_make_name(nc, iftype, 0))) { ni_string_dup(&cfg->name, cfg->name); } else { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "Unable to create %s interface: " "name argument missed", iftype); return NULL; } cfg->name = NULL; } else if(!ni_string_eq(cfg->name, cfg->name)) { ni_string_dup(&cfg->name, cfg->name); } if (cfg->link.type == NI_IFTYPE_TAP && cfg->link.hwaddr.len) { if (cfg->link.hwaddr.type == ARPHRD_VOID) cfg->link.hwaddr.type = ARPHRD_ETHER; if (cfg->link.hwaddr.type != ARPHRD_ETHER || cfg->link.hwaddr.len != ni_link_address_length(ARPHRD_ETHER)) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "Cannot create %s interface: " "invalid ethernet address '%s'", iftype, ni_link_address_print(&cfg->link.hwaddr)); return NULL; } } if ((rv = ni_system_tuntap_create(nc, cfg, &dev)) < 0) { if (rv != -NI_ERROR_DEVICE_EXISTS || dev == NULL || (cfg->name && dev && !ni_string_eq(dev->name, cfg->name))) { ni_dbus_set_error_from_code(error, rv, "Unable to create %s interface %s", iftype, cfg->name); return NULL; } ni_debug_dbus("%s interface exists (and name matches)", iftype); } if (dev->link.type != cfg->link.type) { dbus_set_error(error, DBUS_ERROR_FAILED, "Unable to create %s: existing interface %s is of type %s", iftype, dev->name, ni_linktype_type_to_name(dev->link.type)); return NULL; } return dev; }
static dbus_bool_t ni_objectmodel_tuntap_change(ni_dbus_object_t *object, const ni_dbus_method_t *method, unsigned int argc, const ni_dbus_variant_t *argv, ni_dbus_message_t *reply, DBusError *error) { ni_netconfig_t *nc = ni_global_state_handle(0); ni_netdev_t *dev, *cfg; ni_tuntap_t *tuntap; const char *err; const char *iftype_name; /* we've already checked that argv matches our signature */ ni_assert(argc == 1); if (!(dev = ni_objectmodel_unwrap_netif(object, error)) || !(cfg = __ni_objectmodel_tuntap_device_arg(&argv[0], dev->link.type)) || !(ni_netdev_get_tuntap(dev))) { ni_dbus_error_invalid_args(error, object->path, method->name); return FALSE; } /* changeDevice method is only needed in case of TAP devices */ if (dev->link.type != NI_IFTYPE_TAP) return TRUE; iftype_name = ni_linktype_type_to_name(dev->link.type); tuntap = ni_netdev_get_tuntap(cfg); if ((err = ni_tuntap_validate(tuntap))) { dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s", err); return FALSE; } cfg->link.ifindex = dev->link.ifindex; if (ni_string_empty(cfg->name)) ni_string_dup(&cfg->name, dev->name); if (ni_netdev_device_is_up(dev)) { ni_debug_objectmodel("Skipping %s changeDevice call on %s: " "device is up", iftype_name, dev->name); return TRUE; } if (ni_system_tap_change(nc, dev, cfg) < 0) { dbus_set_error(error, DBUS_ERROR_FAILED, "Unable to change %s properties on interface %s", iftype_name, dev->name); return FALSE; } if (cfg->link.hwaddr.type == ARPHRD_VOID) cfg->link.hwaddr.type = ARPHRD_ETHER; if (ni_system_hwaddr_change(nc, dev, &cfg->link.hwaddr) < 0) { ni_error("Unable to change hwaddr on %s interface %s", iftype_name, dev->name); /* fail? */ } return TRUE; }
/** * Looks up a uid or username in the user database. Only one of name * or UID can be provided. There are wrapper functions for this that * are better to use, this one does no locking or anything on the * database and otherwise sort of sucks. * * @param db the database * @param uid the user ID or #DBUS_UID_UNSET * @param username username or #NULL * @param error error to fill in * @returns the entry in the database */ DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db, dbus_uid_t uid, const DBusString *username, DBusError *error) { DBusUserInfo *info; _DBUS_ASSERT_ERROR_IS_CLEAR (error); _dbus_assert (uid != DBUS_UID_UNSET || username != NULL); /* See if the username is really a number */ if (uid == DBUS_UID_UNSET) { unsigned long n; if (_dbus_is_a_number (username, &n)) uid = n; } #ifdef DBUS_ENABLE_USERDB_CACHE if (uid != DBUS_UID_UNSET) info = _dbus_hash_table_lookup_ulong (db->users, uid); else info = _dbus_hash_table_lookup_string (db->users_by_name, _dbus_string_get_const_data (username)); if (info) { _dbus_verbose ("Using cache for UID "DBUS_UID_FORMAT" information\n", info->uid); return info; } else #else if (1) #endif { if (uid != DBUS_UID_UNSET) _dbus_verbose ("No cache for UID "DBUS_UID_FORMAT"\n", uid); else _dbus_verbose ("No cache for user \"%s\"\n", _dbus_string_get_const_data (username)); info = dbus_new0 (DBusUserInfo, 1); if (info == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } if (uid != DBUS_UID_UNSET) { if (!_dbus_user_info_fill_uid (info, uid, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); _dbus_user_info_free_allocated (info); return NULL; } } else { if (!_dbus_user_info_fill (info, username, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); _dbus_user_info_free_allocated (info); return NULL; } } /* be sure we don't use these after here */ uid = DBUS_UID_UNSET; username = NULL; /* insert into hash */ if (!_dbus_hash_table_insert_ulong (db->users, info->uid, info)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_user_info_free_allocated (info); return NULL; } if (!_dbus_hash_table_insert_string (db->users_by_name, info->username, info)) { _dbus_hash_table_remove_ulong (db->users, info->uid); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return NULL; } return info; } }
/** * Tries to interpret the address entry in a platform-specific * way, creating a platform-specific server type if appropriate. * Sets error if the result is not OK. * * @param entry an address entry * @param server_p location to store a new DBusServer, or #NULL on failure. * @param error location to store rationale for failure on bad address * @returns the outcome * */ DBusServerListenResult _dbus_server_listen_platform_specific (DBusAddressEntry *entry, DBusServer **server_p, DBusError *error) { const char *method; *server_p = NULL; method = dbus_address_entry_get_method (entry); if (strcmp (method, "unix") == 0) { const char *path = dbus_address_entry_get_value (entry, "path"); const char *tmpdir = dbus_address_entry_get_value (entry, "tmpdir"); const char *abstract = dbus_address_entry_get_value (entry, "abstract"); if (path == NULL && tmpdir == NULL && abstract == NULL) { _dbus_set_bad_address(error, "unix", "path or tmpdir or abstract", NULL); return DBUS_SERVER_LISTEN_BAD_ADDRESS; } if ((path && tmpdir) || (path && abstract) || (tmpdir && abstract)) { _dbus_set_bad_address(error, NULL, NULL, "cannot specify two of \"path\" and \"tmpdir\" and \"abstract\" at the same time"); return DBUS_SERVER_LISTEN_BAD_ADDRESS; } if (tmpdir != NULL) { DBusString full_path; DBusString filename; if (!_dbus_string_init (&full_path)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; } if (!_dbus_string_init (&filename)) { _dbus_string_free (&full_path); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; } if (!_dbus_string_append (&filename, "dbus-") || !_dbus_generate_random_ascii (&filename, 10) || !_dbus_string_append (&full_path, tmpdir) || !_dbus_concat_dir_and_file (&full_path, &filename)) { _dbus_string_free (&full_path); _dbus_string_free (&filename); dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; } /* Always use abstract namespace if possible with tmpdir */ *server_p = _dbus_server_new_for_domain_socket (_dbus_string_get_const_data (&full_path), #ifdef HAVE_ABSTRACT_SOCKETS TRUE, #else FALSE, #endif error); _dbus_string_free (&full_path); _dbus_string_free (&filename); } else { if (path) *server_p = _dbus_server_new_for_domain_socket (path, FALSE, error); else *server_p = _dbus_server_new_for_domain_socket (abstract, TRUE, error); } if (*server_p != NULL) { _DBUS_ASSERT_ERROR_IS_CLEAR(error); return DBUS_SERVER_LISTEN_OK; } else { _DBUS_ASSERT_ERROR_IS_SET(error); return DBUS_SERVER_LISTEN_DID_NOT_CONNECT; } } else { /* If we don't handle the method, we return NULL with the * error unset */ _DBUS_ASSERT_ERROR_IS_CLEAR(error); return DBUS_SERVER_LISTEN_NOT_HANDLED; } }
/* This code only gets executed the first time the * config files are parsed. It is not executed * when config files are reloaded. */ static dbus_bool_t process_config_first_time_only (BusContext *context, BusConfigParser *parser, DBusError *error) { DBusString log_prefix; DBusList *link; DBusList **addresses; const char *user, *pidfile; char **auth_mechanisms; DBusList **auth_mechanisms_list; int len; dbus_bool_t retval; _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = FALSE; auth_mechanisms = NULL; /* Check for an existing pid file. Of course this is a race; * we'd have to use fcntl() locks on the pid file to * avoid that. But we want to check for the pid file * before overwriting any existing sockets, etc. */ pidfile = bus_config_parser_get_pidfile (parser); if (pidfile != NULL) { DBusString u; DBusStat stbuf; _dbus_string_init_const (&u, pidfile); if (_dbus_stat (&u, &stbuf, NULL)) { dbus_set_error (error, DBUS_ERROR_FAILED, "The pid file \"%s\" exists, if the message bus is not running, remove this file", pidfile); goto failed; } } /* keep around the pid filename so we can delete it later */ context->pidfile = _dbus_strdup (pidfile); /* note that type may be NULL */ context->type = _dbus_strdup (bus_config_parser_get_type (parser)); if (bus_config_parser_get_type (parser) != NULL && context->type == NULL) goto oom; user = bus_config_parser_get_user (parser); if (user != NULL) { context->user = _dbus_strdup (user); if (context->user == NULL) goto oom; } /* Set up the prefix for syslog messages */ if (!_dbus_string_init (&log_prefix)) goto oom; if (context->type && !strcmp (context->type, "system")) { if (!_dbus_string_append (&log_prefix, "[system] ")) goto oom; } else if (context->type && !strcmp (context->type, "session")) { DBusCredentials *credentials; credentials = _dbus_credentials_new_from_current_process (); if (!credentials) goto oom; if (!_dbus_string_append (&log_prefix, "[session ")) goto oom; if (!_dbus_credentials_to_string_append (credentials, &log_prefix)) goto oom; if (!_dbus_string_append (&log_prefix, "] ")) goto oom; _dbus_credentials_unref (credentials); } if (!_dbus_string_steal_data (&log_prefix, &context->log_prefix)) goto oom; _dbus_string_free (&log_prefix); /* Build an array of auth mechanisms */ auth_mechanisms_list = bus_config_parser_get_mechanisms (parser); len = _dbus_list_get_length (auth_mechanisms_list); if (len > 0) { int i; auth_mechanisms = dbus_new0 (char*, len + 1); if (auth_mechanisms == NULL) goto oom; i = 0; link = _dbus_list_get_first_link (auth_mechanisms_list); while (link != NULL) { auth_mechanisms[i] = _dbus_strdup (link->data); if (auth_mechanisms[i] == NULL) goto oom; link = _dbus_list_get_next_link (auth_mechanisms_list, link); } }
/** * Check if Apparmor security controls allow the connection to eavesdrop on * other connections. * * @param connection the connection attempting to eavesdrop. * @param bustype name of the bus * @param error the reason for failure when FALSE is returned * @returns TRUE if eavesdropping is permitted */ dbus_bool_t bus_apparmor_allows_eavesdropping (DBusConnection *connection, const char *bustype, DBusError *error) { #ifdef HAVE_APPARMOR BusAppArmorConfinement *con = NULL; DBusString qstr, auxdata; int allow = FALSE, audit = TRUE; dbus_bool_t free_auxdata = FALSE; unsigned long pid; int res, serrno = 0; if (!apparmor_enabled) return TRUE; con = bus_connection_dup_apparmor_confinement (connection); if (is_unconfined (con->label, con->mode)) { allow = TRUE; audit = FALSE; goto out; } if (!_dbus_string_init (&qstr)) goto oom; if (!build_eavesdrop_query (&qstr, con->label, bustype)) { _dbus_string_free (&qstr); goto oom; } res = aa_query_label (AA_DBUS_EAVESDROP, _dbus_string_get_data (&qstr), _dbus_string_get_length (&qstr), &allow, &audit); _dbus_string_free (&qstr); if (res == -1) { serrno = errno; set_error_from_query_errno (error, serrno); goto audit; } /* Don't fail operations on profiles in complain mode */ if (modestr_is_complain (con->mode)) allow = TRUE; if (!allow) dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "Connection \"%s\" is not allowed to eavesdrop due to " "AppArmor policy", bus_connection_is_active (connection) ? bus_connection_get_name (connection) : "(inactive)"); if (!audit) goto out; audit: if (!_dbus_string_init (&auxdata)) goto oom; free_auxdata = TRUE; if (!_dbus_append_pair_str (&auxdata, "bus", bustype ? bustype : "unknown")) goto oom; if (serrno && !_dbus_append_pair_str (&auxdata, "info", strerror (serrno))) goto oom; if (!_dbus_append_pair_str (&auxdata, "mask", "eavesdrop")) goto oom; if (connection && dbus_connection_get_unix_process_id (connection, &pid) && !_dbus_append_pair_uint (&auxdata, "pid", pid)) goto oom; if (con->label && !_dbus_append_pair_str (&auxdata, "label", con->label)) goto oom; log_message (allow, "eavesdrop", &auxdata); out: if (con != NULL) bus_apparmor_confinement_unref (con); if (free_auxdata) _dbus_string_free (&auxdata); return allow; oom: if (error != NULL && !dbus_error_is_set (error)) BUS_SET_OOM (error); allow = FALSE; goto out; #else return TRUE; #endif /* HAVE_APPARMOR */ }
/** * Writes a string out to a file. If the file exists, * it will be atomically overwritten by the new data. * * @param str the string to write out * @param filename the file to save string to * @param world_readable if true, ensure file is world readable * @param error error to be filled in on failure * @returns #FALSE on failure */ dbus_bool_t _dbus_string_save_to_file (const DBusString *str, const DBusString *filename, dbus_bool_t world_readable, DBusError *error) { HANDLE hnd; int bytes_to_write; const char *filename_c; DBusString tmp_filename; const char *tmp_filename_c; int total; const char *str_c; dbus_bool_t need_unlink; dbus_bool_t retval; _DBUS_ASSERT_ERROR_IS_CLEAR (error); hnd = INVALID_HANDLE_VALUE; retval = FALSE; need_unlink = FALSE; if (!_dbus_string_init (&tmp_filename)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return FALSE; } if (!_dbus_string_copy (filename, 0, &tmp_filename, 0)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_string_free (&tmp_filename); return FALSE; } if (!_dbus_string_append (&tmp_filename, ".")) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_string_free (&tmp_filename); return FALSE; } #define N_TMP_FILENAME_RANDOM_BYTES 8 if (!_dbus_generate_random_ascii (&tmp_filename, N_TMP_FILENAME_RANDOM_BYTES)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); _dbus_string_free (&tmp_filename); return FALSE; } filename_c = _dbus_string_get_const_data (filename); tmp_filename_c = _dbus_string_get_const_data (&tmp_filename); /* TODO - support world-readable in an atomic fashion */ hnd = CreateFileA (tmp_filename_c, GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, INVALID_HANDLE_VALUE); if (hnd == INVALID_HANDLE_VALUE) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Could not create \"%s\": %s", filename_c, emsg); _dbus_win_free_error_string (emsg); goto out; } if (world_readable) { if (! _dbus_make_file_world_readable (&tmp_filename, error)) goto out; } _dbus_verbose ("tmp file %s hnd %p opened\n", tmp_filename_c, hnd); need_unlink = TRUE; total = 0; bytes_to_write = _dbus_string_get_length (str); str_c = _dbus_string_get_const_data (str); while (total < bytes_to_write) { DWORD bytes_written; BOOL res; res = WriteFile (hnd, str_c + total, bytes_to_write - total, &bytes_written, NULL); if (res == 0 || bytes_written <= 0) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Could not write to %s: %s", tmp_filename_c, emsg); _dbus_win_free_error_string (emsg); goto out; } total += bytes_written; } if (CloseHandle (hnd) == 0) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Could not close file %s: %s", tmp_filename_c, emsg); _dbus_win_free_error_string (emsg); goto out; } hnd = INVALID_HANDLE_VALUE; /* Unlike rename(), MoveFileEx() can replace existing files */ if (!MoveFileExA (tmp_filename_c, filename_c, MOVEFILE_REPLACE_EXISTING)) { char *emsg = _dbus_win_error_string (GetLastError ()); dbus_set_error (error, _dbus_win_error_from_last_error (), "Could not rename %s to %s: %s", tmp_filename_c, filename_c, emsg); _dbus_win_free_error_string (emsg); goto out; } need_unlink = FALSE; retval = TRUE; out: /* close first, then unlink */ if (hnd != INVALID_HANDLE_VALUE) CloseHandle (hnd); if (need_unlink && DeleteFileA (tmp_filename_c) == 0) { char *emsg = _dbus_win_error_string (GetLastError ()); _dbus_verbose ("Failed to unlink temp file %s: %s", tmp_filename_c, emsg); _dbus_win_free_error_string (emsg); } _dbus_string_free (&tmp_filename); if (!retval) _DBUS_ASSERT_ERROR_IS_SET (error); return retval; }
/** * Returns true if the given connection can acquire a service, * using the tasks security context * * @param connection connection that wants to own the service * @param bustype name of the bus * @param service_name the name of the service to acquire * @param error the reason for failure when FALSE is returned * @returns TRUE if acquire is permitted */ dbus_bool_t bus_apparmor_allows_acquire_service (DBusConnection *connection, const char *bustype, const char *service_name, DBusError *error) { #ifdef HAVE_APPARMOR BusAppArmorConfinement *con = NULL; DBusString qstr, auxdata; dbus_bool_t free_auxdata = FALSE; /* the AppArmor API uses pointers to int for pointers to boolean, and * int is not strictly guaranteed to be the same as dbus_bool_t */ int allow = FALSE, audit = TRUE; unsigned long pid; int res, serrno = 0; if (!apparmor_enabled) return TRUE; _dbus_assert (connection != NULL); con = bus_connection_dup_apparmor_confinement (connection); if (is_unconfined (con->label, con->mode)) { allow = TRUE; audit = FALSE; goto out; } if (!_dbus_string_init (&qstr)) goto oom; if (!build_service_query (&qstr, con->label, bustype, service_name)) { _dbus_string_free (&qstr); goto oom; } res = aa_query_label (AA_DBUS_BIND, _dbus_string_get_data (&qstr), _dbus_string_get_length (&qstr), &allow, &audit); _dbus_string_free (&qstr); if (res == -1) { serrno = errno; set_error_from_query_errno (error, serrno); goto audit; } /* Don't fail operations on profiles in complain mode */ if (modestr_is_complain (con->mode)) allow = TRUE; if (!allow) dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "Connection \"%s\" is not allowed to own the service " "\"%s\" due to AppArmor policy", bus_connection_is_active (connection) ? bus_connection_get_name (connection) : "(inactive)", service_name); if (!audit) goto out; audit: if (!_dbus_string_init (&auxdata)) goto oom; free_auxdata = TRUE; if (!_dbus_append_pair_str (&auxdata, "bus", bustype ? bustype : "unknown")) goto oom; if (!_dbus_append_pair_str (&auxdata, "name", service_name)) goto oom; if (serrno && !_dbus_append_pair_str (&auxdata, "info", strerror (serrno))) goto oom; if (!_dbus_append_mask (&auxdata, AA_DBUS_BIND)) goto oom; if (connection && dbus_connection_get_unix_process_id (connection, &pid) && !_dbus_append_pair_uint (&auxdata, "pid", pid)) goto oom; if (con->label && !_dbus_append_pair_str (&auxdata, "label", con->label)) goto oom; log_message (allow, "bind", &auxdata); out: if (con != NULL) bus_apparmor_confinement_unref (con); if (free_auxdata) _dbus_string_free (&auxdata); return allow; oom: if (error != NULL && !dbus_error_is_set (error)) BUS_SET_OOM (error); allow = FALSE; goto out; #else return TRUE; #endif /* HAVE_APPARMOR */ }
/** * Spawns a new process. The child_setup * function is passed the given user_data and is run in the child * just before calling exec(). * * Also creates a "babysitter" which tracks the status of the * child process, advising the parent if the child exits. * If the spawn fails, no babysitter is created. * If sitter_p is #NULL, no babysitter is kept. * * @param sitter_p return location for babysitter or #NULL * @param log_name the name under which to log messages about this process being spawned * @param argv the executable and arguments * @param env the environment, or #NULL to copy the parent's * @param child_setup function to call in child pre-exec() * @param user_data user data for setup function * @param error error object to be filled in if function fails * @returns #TRUE on success, #FALSE if error is filled in */ dbus_bool_t _dbus_spawn_async_with_babysitter (DBusBabysitter **sitter_p, const char *log_name, char **argv, char **env, DBusSpawnChildSetupFunc child_setup, void *user_data, DBusError *error) { DBusBabysitter *sitter; int child_err_report_pipe[2] = { -1, -1 }; DBusSocket babysitter_pipe[2] = { DBUS_SOCKET_INIT, DBUS_SOCKET_INIT }; pid_t pid; #ifdef HAVE_SYSTEMD int fd_out = -1; int fd_err = -1; #endif _DBUS_ASSERT_ERROR_IS_CLEAR (error); _dbus_assert (argv[0] != NULL); if (sitter_p != NULL) *sitter_p = NULL; sitter = NULL; sitter = _dbus_babysitter_new (); if (sitter == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return FALSE; } sitter->log_name = _dbus_strdup (log_name); if (sitter->log_name == NULL && log_name != NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (sitter->log_name == NULL) sitter->log_name = _dbus_strdup (argv[0]); if (sitter->log_name == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!make_pipe (child_err_report_pipe, error)) goto cleanup_and_fail; if (!_dbus_socketpair (&babysitter_pipe[0], &babysitter_pipe[1], TRUE, error)) goto cleanup_and_fail; /* Setting up the babysitter is only useful in the parent, * but we don't want to run out of memory and fail * after we've already forked, since then we'd leak * child processes everywhere. */ sitter->error_watch = _dbus_watch_new (child_err_report_pipe[READ_END], DBUS_WATCH_READABLE, TRUE, handle_watch, sitter, NULL); if (sitter->error_watch == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!_dbus_watch_list_add_watch (sitter->watches, sitter->error_watch)) { /* we need to free it early so the destructor won't try to remove it * without it having been added, which DBusLoop doesn't allow */ _dbus_watch_invalidate (sitter->error_watch); _dbus_watch_unref (sitter->error_watch); sitter->error_watch = NULL; dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } sitter->sitter_watch = _dbus_watch_new (babysitter_pipe[0].fd, DBUS_WATCH_READABLE, TRUE, handle_watch, sitter, NULL); if (sitter->sitter_watch == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!_dbus_watch_list_add_watch (sitter->watches, sitter->sitter_watch)) { /* we need to free it early so the destructor won't try to remove it * without it having been added, which DBusLoop doesn't allow */ _dbus_watch_invalidate (sitter->sitter_watch); _dbus_watch_unref (sitter->sitter_watch); sitter->sitter_watch = NULL; dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } _DBUS_ASSERT_ERROR_IS_CLEAR (error); #ifdef HAVE_SYSTEMD /* This may fail, but it's not critical. * In particular, if we were compiled with journald support but are now * running on a non-systemd system, this is going to fail, so we * have to cope gracefully. */ fd_out = sd_journal_stream_fd (sitter->log_name, LOG_INFO, FALSE); fd_err = sd_journal_stream_fd (sitter->log_name, LOG_WARNING, FALSE); #endif pid = fork (); if (pid < 0) { dbus_set_error (error, DBUS_ERROR_SPAWN_FORK_FAILED, "Failed to fork (%s)", _dbus_strerror (errno)); goto cleanup_and_fail; } else if (pid == 0) { /* Immediate child, this is the babysitter process. */ int grandchild_pid; /* Be sure we crash if the parent exits * and we write to the err_report_pipe */ signal (SIGPIPE, SIG_DFL); /* Close the parent's end of the pipes. */ close_and_invalidate (&child_err_report_pipe[READ_END]); close_and_invalidate (&babysitter_pipe[0].fd); /* Create the child that will exec () */ grandchild_pid = fork (); if (grandchild_pid < 0) { write_err_and_exit (babysitter_pipe[1].fd, CHILD_FORK_FAILED); _dbus_assert_not_reached ("Got to code after write_err_and_exit()"); } else if (grandchild_pid == 0) { /* Go back to ignoring SIGPIPE, since it's evil */ signal (SIGPIPE, SIG_IGN); close_and_invalidate (&babysitter_pipe[1].fd); #ifdef HAVE_SYSTEMD /* log to systemd journal if possible */ if (fd_out >= 0) dup2 (fd_out, STDOUT_FILENO); if (fd_err >= 0) dup2 (fd_err, STDERR_FILENO); close_and_invalidate (&fd_out); close_and_invalidate (&fd_err); #endif do_exec (child_err_report_pipe[WRITE_END], argv, env, child_setup, user_data); _dbus_assert_not_reached ("Got to code after exec() - should have exited on error"); } else { close_and_invalidate (&child_err_report_pipe[WRITE_END]); #ifdef HAVE_SYSTEMD close_and_invalidate (&fd_out); close_and_invalidate (&fd_err); #endif babysit (grandchild_pid, babysitter_pipe[1].fd); _dbus_assert_not_reached ("Got to code after babysit()"); } } else { /* Close the uncared-about ends of the pipes */ close_and_invalidate (&child_err_report_pipe[WRITE_END]); close_and_invalidate (&babysitter_pipe[1].fd); #ifdef HAVE_SYSTEMD close_and_invalidate (&fd_out); close_and_invalidate (&fd_err); #endif sitter->socket_to_babysitter = babysitter_pipe[0]; babysitter_pipe[0].fd = -1; sitter->error_pipe_from_child = child_err_report_pipe[READ_END]; child_err_report_pipe[READ_END] = -1; sitter->sitter_pid = pid; if (sitter_p != NULL) *sitter_p = sitter; else _dbus_babysitter_unref (sitter); dbus_free_string_array (env); _DBUS_ASSERT_ERROR_IS_CLEAR (error); return TRUE; } cleanup_and_fail: _DBUS_ASSERT_ERROR_IS_SET (error); close_and_invalidate (&child_err_report_pipe[READ_END]); close_and_invalidate (&child_err_report_pipe[WRITE_END]); close_and_invalidate (&babysitter_pipe[0].fd); close_and_invalidate (&babysitter_pipe[1].fd); #ifdef HAVE_SYSTEMD close_and_invalidate (&fd_out); close_and_invalidate (&fd_err); #endif if (sitter != NULL) _dbus_babysitter_unref (sitter); return FALSE; }
EXPORT_C #endif dbus_bool_t _dbus_spawn_async_with_babysitter (DBusBabysitter **sitter_p, char **argv, DBusSpawnChildSetupFunc child_setup, void *user_data, DBusError *error) { #ifndef __SYMBIAN32__ DBusBabysitter *sitter; int child_err_report_pipe[2] = { -1, -1 }; int babysitter_pipe[2] = { -1, -1 }; pid_t pid; #ifndef __SYMBIAN32__ _DBUS_ASSERT_ERROR_IS_CLEAR (error); *sitter_p = NULL; sitter = NULL; sitter = _dbus_babysitter_new (); if (sitter == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); return FALSE; } sitter->executable = _dbus_strdup (argv[0]); if (sitter->executable == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!make_pipe (child_err_report_pipe, error)) goto cleanup_and_fail; _dbus_fd_set_close_on_exec (child_err_report_pipe[READ_END]); _dbus_fd_set_close_on_exec (child_err_report_pipe[WRITE_END]); if (!_dbus_full_duplex_pipe (&babysitter_pipe[0], &babysitter_pipe[1], TRUE, error)) goto cleanup_and_fail; _dbus_fd_set_close_on_exec (babysitter_pipe[0]); _dbus_fd_set_close_on_exec (babysitter_pipe[1]); /* Setting up the babysitter is only useful in the parent, * but we don't want to run out of memory and fail * after we've already forked, since then we'd leak * child processes everywhere. */ sitter->error_watch = _dbus_watch_new (child_err_report_pipe[READ_END], DBUS_WATCH_READABLE, TRUE, handle_watch, sitter, NULL); if (sitter->error_watch == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!_dbus_watch_list_add_watch (sitter->watches, sitter->error_watch)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } sitter->sitter_watch = _dbus_watch_new (babysitter_pipe[0], DBUS_WATCH_READABLE, TRUE, handle_watch, sitter, NULL); if (sitter->sitter_watch == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } if (!_dbus_watch_list_add_watch (sitter->watches, sitter->sitter_watch)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); goto cleanup_and_fail; } _DBUS_ASSERT_ERROR_IS_CLEAR (error); pid = fork (); if (pid < 0) { dbus_set_error (error, DBUS_ERROR_SPAWN_FORK_FAILED, "Failed to fork (%s)", _dbus_strerror (errno)); goto cleanup_and_fail; } else if (pid == 0) { /* Immediate child, this is the babysitter process. */ int grandchild_pid; /* Be sure we crash if the parent exits * and we write to the err_report_pipe */ #ifndef __SYMBIAN32__ signal (SIGPIPE, SIG_DFL); #endif /* Close the parent's end of the pipes. */ close_and_invalidate (&child_err_report_pipe[READ_END]); close_and_invalidate (&babysitter_pipe[0]); /* Create the child that will exec () */ grandchild_pid = fork (); if (grandchild_pid < 0) { write_err_and_exit (babysitter_pipe[1], CHILD_FORK_FAILED); _dbus_assert_not_reached ("Got to code after write_err_and_exit()"); } else if (grandchild_pid == 0) { do_exec (child_err_report_pipe[WRITE_END], argv, child_setup, user_data); _dbus_assert_not_reached ("Got to code after exec() - should have exited on error"); } else { babysit (grandchild_pid, babysitter_pipe[1]); _dbus_assert_not_reached ("Got to code after babysit()"); } } else { /* Close the uncared-about ends of the pipes */ close_and_invalidate (&child_err_report_pipe[WRITE_END]); close_and_invalidate (&babysitter_pipe[1]); sitter->socket_to_babysitter = babysitter_pipe[0]; babysitter_pipe[0] = -1; sitter->error_pipe_from_child = child_err_report_pipe[READ_END]; child_err_report_pipe[READ_END] = -1; sitter->sitter_pid = pid; if (sitter_p != NULL) *sitter_p = sitter; else _dbus_babysitter_unref (sitter); _DBUS_ASSERT_ERROR_IS_CLEAR (error); return TRUE; } cleanup_and_fail: _DBUS_ASSERT_ERROR_IS_SET (error); close_and_invalidate (&child_err_report_pipe[READ_END]); close_and_invalidate (&child_err_report_pipe[WRITE_END]); close_and_invalidate (&babysitter_pipe[0]); close_and_invalidate (&babysitter_pipe[1]); if (sitter != NULL) _dbus_babysitter_unref (sitter); #endif return FALSE; #else /* FILE* ChildProcessStream; ChildProcessStream =popen(argv[0], "r"); if (ChildProcessStream == NULL) { dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED, "Failed to execute service process"); return FALSE; } */ //static pid_t Childpid; //have to make it static for thread fuction to access it pid_t childPid; int retVal; //pthread_t thread; retVal = posix_spawn(&childPid, argv[0], NULL,NULL, NULL, NULL); if (retVal!=0) { dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED, "Failed to execute service process"); return FALSE; } /* pthread_create(&thread, NULL, (void*)&thread_fun, &Childpid); //(void) waitpid(Childpid, NULL, 0); //printf("\r\n*** Child process finished ***\r\n"); */ if(!retVal) return TRUE; else return FALSE; #endif }
/** * Listens for new connections on the given address. If there are * multiple semicolon-separated address entries in the address, tries * each one and listens on the first one that works. * * Returns #NULL and sets error if listening fails for any reason. * Otherwise returns a new #DBusServer. * dbus_server_set_new_connection_function(), * dbus_server_set_watch_functions(), and * dbus_server_set_timeout_functions() should be called immediately to * render the server fully functional. * * To free the server, applications must call first * dbus_server_disconnect() and then dbus_server_unref(). * * @param address the address of this server. * @param error location to store reason for failure. * @returns a new #DBusServer, or #NULL on failure. * */ DBusServer* dbus_server_listen (const char *address, DBusError *error) { DBusServer *server; DBusAddressEntry **entries; int len, i; DBusError first_connect_error = DBUS_ERROR_INIT; dbus_bool_t handled_once; _dbus_return_val_if_fail (address != NULL, NULL); _dbus_return_val_if_error_is_set (error, NULL); if (!dbus_parse_address (address, &entries, &len, error)) return NULL; server = NULL; handled_once = FALSE; for (i = 0; i < len; i++) { int j; for (j = 0; j < (int) _DBUS_N_ELEMENTS (listen_funcs); ++j) { DBusServerListenResult result; DBusError tmp_error = DBUS_ERROR_INIT; result = (* listen_funcs[j].func) (entries[i], &server, &tmp_error); if (result == DBUS_SERVER_LISTEN_OK) { _dbus_assert (server != NULL); _DBUS_ASSERT_ERROR_IS_CLEAR (&tmp_error); handled_once = TRUE; goto out; } else if (result == DBUS_SERVER_LISTEN_ADDRESS_ALREADY_USED) { _dbus_assert (server == NULL); dbus_set_error (error, DBUS_ERROR_ADDRESS_IN_USE, "Address '%s' already used", dbus_address_entry_get_method (entries[0])); handled_once = TRUE; goto out; } else if (result == DBUS_SERVER_LISTEN_BAD_ADDRESS) { _dbus_assert (server == NULL); _DBUS_ASSERT_ERROR_IS_SET (&tmp_error); dbus_move_error (&tmp_error, error); handled_once = TRUE; goto out; } else if (result == DBUS_SERVER_LISTEN_NOT_HANDLED) { _dbus_assert (server == NULL); _DBUS_ASSERT_ERROR_IS_CLEAR (&tmp_error); /* keep trying addresses */ } else if (result == DBUS_SERVER_LISTEN_DID_NOT_CONNECT) { _dbus_assert (server == NULL); _DBUS_ASSERT_ERROR_IS_SET (&tmp_error); if (!dbus_error_is_set (&first_connect_error)) dbus_move_error (&tmp_error, &first_connect_error); else dbus_error_free (&tmp_error); handled_once = TRUE; /* keep trying addresses */ } } _dbus_assert (server == NULL); _DBUS_ASSERT_ERROR_IS_CLEAR (error); } out: if (!handled_once) { _DBUS_ASSERT_ERROR_IS_CLEAR (error); if (len > 0) dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS, "Unknown address type '%s'", dbus_address_entry_get_method (entries[0])); else dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS, "Empty address '%s'", address); } dbus_address_entries_free (entries); if (server == NULL) { _dbus_assert (error == NULL || dbus_error_is_set (&first_connect_error) || dbus_error_is_set (error)); if (error && dbus_error_is_set (error)) { /* already set the error */ } else { /* didn't set the error but either error should be * NULL or first_connect_error should be set. */ _dbus_assert (error == NULL || dbus_error_is_set (&first_connect_error)); dbus_move_error (&first_connect_error, error); } _DBUS_ASSERT_ERROR_IS_CLEAR (&first_connect_error); /* be sure we freed it */ _DBUS_ASSERT_ERROR_IS_SET (error); return NULL; } else { _DBUS_ASSERT_ERROR_IS_CLEAR (error); return server; } }
static dbus_bool_t _dbus_read_uuid_file_without_creating (const DBusString *filename, DBusGUID *uuid, DBusError *error) { DBusString contents; DBusString decoded; int end; if (!_dbus_string_init (&contents)) { _DBUS_SET_OOM (error); return FALSE; } if (!_dbus_string_init (&decoded)) { _dbus_string_free (&contents); _DBUS_SET_OOM (error); return FALSE; } if (!_dbus_file_get_contents (&contents, filename, error)) goto error; _dbus_string_chop_white (&contents); if (_dbus_string_get_length (&contents) != DBUS_UUID_LENGTH_HEX) { dbus_set_error (error, DBUS_ERROR_INVALID_FILE_CONTENT, "UUID file '%s' should contain a hex string of length %d, not length %d, with no other text", _dbus_string_get_const_data (filename), DBUS_UUID_LENGTH_HEX, _dbus_string_get_length (&contents)); goto error; } if (!_dbus_string_hex_decode (&contents, 0, &end, &decoded, 0)) { _DBUS_SET_OOM (error); goto error; } if (end == 0) { dbus_set_error (error, DBUS_ERROR_INVALID_FILE_CONTENT, "UUID file '%s' contains invalid hex data", _dbus_string_get_const_data (filename)); goto error; } if (_dbus_string_get_length (&decoded) != DBUS_UUID_LENGTH_BYTES) { dbus_set_error (error, DBUS_ERROR_INVALID_FILE_CONTENT, "UUID file '%s' contains %d bytes of hex-encoded data instead of %d", _dbus_string_get_const_data (filename), _dbus_string_get_length (&decoded), DBUS_UUID_LENGTH_BYTES); goto error; } _dbus_string_copy_to_buffer (&decoded, uuid->as_bytes, DBUS_UUID_LENGTH_BYTES); _dbus_string_free (&decoded); _dbus_string_free (&contents); _DBUS_ASSERT_ERROR_IS_CLEAR (error); return TRUE; error: _DBUS_ASSERT_ERROR_IS_SET (error); _dbus_string_free (&contents); _dbus_string_free (&decoded); return FALSE; }
/** * Does the chdir, fork, setsid, etc. to become a daemon process. * * @param pidfile #NULL, or pidfile to create * @param print_pid_pipe pipe to print daemon's pid to, or -1 for none * @param error return location for errors * @param keep_umask #TRUE to keep the original umask * @returns #FALSE on failure */ dbus_bool_t _dbus_become_daemon (const DBusString *pidfile, DBusPipe *print_pid_pipe, DBusError *error, dbus_bool_t keep_umask) { const char *s; pid_t child_pid; int dev_null_fd; _dbus_verbose ("Becoming a daemon...\n"); _dbus_verbose ("chdir to /\n"); if (chdir ("/") < 0) { dbus_set_error (error, DBUS_ERROR_FAILED, "Could not chdir() to root directory"); return FALSE; } _dbus_verbose ("forking...\n"); switch ((child_pid = fork ())) { case -1: _dbus_verbose ("fork failed\n"); dbus_set_error (error, _dbus_error_from_errno (errno), "Failed to fork daemon: %s", _dbus_strerror (errno)); return FALSE; break; case 0: _dbus_verbose ("in child, closing std file descriptors\n"); /* silently ignore failures here, if someone * doesn't have /dev/null we may as well try * to continue anyhow */ dev_null_fd = open ("/dev/null", O_RDWR); if (dev_null_fd >= 0) { dup2 (dev_null_fd, 0); dup2 (dev_null_fd, 1); s = _dbus_getenv ("DBUS_DEBUG_OUTPUT"); if (s == NULL || *s == '\0') dup2 (dev_null_fd, 2); else _dbus_verbose ("keeping stderr open due to DBUS_DEBUG_OUTPUT\n"); } if (!keep_umask) { /* Get a predictable umask */ _dbus_verbose ("setting umask\n"); umask (022); } _dbus_verbose ("calling setsid()\n"); if (setsid () == -1) _dbus_assert_not_reached ("setsid() failed"); break; default: if (!_dbus_write_pid_to_file_and_pipe (pidfile, print_pid_pipe, child_pid, error)) { _dbus_verbose ("pid file or pipe write failed: %s\n", error->message); kill (child_pid, SIGTERM); return FALSE; } _dbus_verbose ("parent exiting\n"); _exit (0); break; } return TRUE; }
BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy, DBusConnection *connection, DBusError *error) { BusClientPolicy *client; dbus_uid_t uid; dbus_bool_t at_console; _dbus_assert (dbus_connection_get_is_authenticated (connection)); _DBUS_ASSERT_ERROR_IS_CLEAR (error); client = bus_client_policy_new (); if (client == NULL) goto nomem; if (!add_list_to_client (&policy->default_rules, client)) goto nomem; /* we avoid the overhead of looking up user's groups * if we don't have any group rules anyway */ if (_dbus_hash_table_get_n_entries (policy->rules_by_gid) > 0) { unsigned long *groups; int n_groups; int i; if (!bus_connection_get_groups (connection, &groups, &n_groups, error)) goto failed; i = 0; while (i < n_groups) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_gid, groups[i]); if (list != NULL) { if (!add_list_to_client (list, client)) { dbus_free (groups); goto nomem; } } ++i; } dbus_free (groups); } if (!dbus_connection_get_unix_user (connection, &uid)) { dbus_set_error (error, DBUS_ERROR_FAILED, "No user ID known for connection, cannot determine security policy\n"); goto failed; } if (_dbus_hash_table_get_n_entries (policy->rules_by_uid) > 0) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_uid, uid); if (list != NULL) { if (!add_list_to_client (list, client)) goto nomem; } } /* Add console rules */ at_console = _dbus_is_console_user (uid, error); if (at_console) { if (!add_list_to_client (&policy->at_console_true_rules, client)) goto nomem; } else if (dbus_error_is_set (error) == TRUE) { goto failed; } else if (!add_list_to_client (&policy->at_console_false_rules, client)) { goto nomem; } if (!add_list_to_client (&policy->mandatory_rules, client)) goto nomem; bus_client_policy_optimize (client); return client; nomem: BUS_SET_OOM (error); failed: _DBUS_ASSERT_ERROR_IS_SET (error); if (client) bus_client_policy_unref (client); return NULL; }