Simon McVittie [Tue, 1 Dec 2015 17:31:18 +0000 (17:31 +0000)]
add travis-ci.org build machinery
The idea is that .travis.yml is specific to Travis-CI, but most of the
actual work is done in tools/ci-build.sh, which should be reasonably
CI-platform-agnostic (it currently assumes that build-dependendencies are
preinstalled, that the "native" platform we're building on is GNU/Linux
or something very close, and that "mingw" means mingw-w64 as packaged
in Debian and Ubuntu).
Simon McVittie [Fri, 27 Nov 2015 11:50:57 +0000 (11:50 +0000)]
Fix shell syntax for installcheck-local with no DESTDIR
A closing brace must be preceded by a semicolon. The CI integration
added later in this branch actually runs "make installcheck"
with no DESTDIR; apparently nobody else has ever tried that.
Simon McVittie [Fri, 27 Nov 2015 11:31:03 +0000 (11:31 +0000)]
Do not require systemd to have a service file if using it for activation
With --systemd-activation we special-case the name
org.freedesktop.systemd1 by assuming that it will eventually connect
to the bus. With that in mind, we can ignore whether it has a
.service file, and let it be "activated" regardless.
This fixes a regression test failure on non-systemd systems such
as the Ubuntu 14.04 OS on travis-ci.org: UpdateActivationEnvironment
failed, because it tried to update the (fake) systemd environment,
but because systemd was not actually installed, there was no
service file for it in the system's search paths. We could address this
by placing a dummy service file with Exec=/bin/false in our search path
like the real systemd does, but it seems cleaner to not require this;
this would eventually enable the real systemd to stop installing
that dummy service file.
This would not happen outside the regression tests, because there is
no sense in using --systemd-activation without systemd installed.
Simon McVittie [Tue, 24 Nov 2015 01:19:27 +0000 (01:19 +0000)]
embedded tests: accept and ignore --tap argument
This makes them semi-command-line-compatible with a way we can
invoke the GLib-based tests to get more useful debug logs.
These tests still do not actually produce TAP output yet; I tried
implementing that, but it requires changing a lot of noise on stdout
to come out of stderr, and there was something weird going on with
subprocesses restarting the test numbering which will need further
investigation before making that change.
Simon McVittie [Tue, 1 Dec 2015 17:31:18 +0000 (17:31 +0000)]
add travis-ci.org build machinery
The idea is that .travis.yml is specific to Travis-CI, but most of the
actual work is done in tools/ci-build.sh, which should be reasonably
CI-platform-agnostic (it currently assumes that build-dependendencies are
preinstalled, that the "native" platform we're building on is GNU/Linux
or something very close, and that "mingw" means mingw-w64 as packaged
in Debian and Ubuntu).
Simon McVittie [Fri, 27 Nov 2015 11:50:57 +0000 (11:50 +0000)]
Fix shell syntax for installcheck-local with no DESTDIR
A closing brace must be preceded by a semicolon. The CI integration
added later in this branch actually runs "make installcheck"
with no DESTDIR; apparently nobody else has ever tried that.
Simon McVittie [Fri, 27 Nov 2015 11:31:03 +0000 (11:31 +0000)]
Do not require systemd to have a service file if using it for activation
With --systemd-activation we special-case the name
org.freedesktop.systemd1 by assuming that it will eventually connect
to the bus. With that in mind, we can ignore whether it has a
.service file, and let it be "activated" regardless.
This fixes a regression test failure on non-systemd systems such
as the Ubuntu 14.04 OS on travis-ci.org: UpdateActivationEnvironment
failed, because it tried to update the (fake) systemd environment,
but because systemd was not actually installed, there was no
service file for it in the system's search paths. We could address this
by placing a dummy service file with Exec=/bin/false in our search path
like the real systemd does, but it seems cleaner to not require this;
this would eventually enable the real systemd to stop installing
that dummy service file.
This would not happen outside the regression tests, because there is
no sense in using --systemd-activation without systemd installed.
Simon McVittie [Tue, 24 Nov 2015 01:19:27 +0000 (01:19 +0000)]
embedded tests: accept and ignore --tap argument
This makes them semi-command-line-compatible with a way we can
invoke the GLib-based tests to get more useful debug logs.
These tests still do not actually produce TAP output yet; I tried
implementing that, but it requires changing a lot of noise on stdout
to come out of stderr, and there was something weird going on with
subprocesses restarting the test numbering which will need further
investigation before making that change.
Initialize SELinux and Apparmor after capabilities are set
avc_init() in the SELinux code path is creating a new thread, we need to
set to capabilities before it gets created so it has the permission to
send audit messages.
It also make more sense to open the audit netlink before the different
logging callbacks are set.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92832
[smcv: add comments explaining why initialization must happen in this
specific order] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Thu, 26 Nov 2015 10:37:48 +0000 (10:37 +0000)]
Do not attempt to call child_setup on Windows
child_setup() is defined to be called after fork() and before exec(),
but Windows' process model does not have fork(): the equivalent of
those two operations is a single CreateProcess() call. This means
that there is no point at which we could call child_setup() and
have it affect only the child's process-global state. At the point
where it is currently executed, it affects the parent's process-global
state instead, which would be actively harmful if we used any
child_setup() function that was not a no-op on Windows.
The equivalent function in GLib, g_spawn_async_with_pipes(), documents
child_setup() as unused on Windows. Do the same here.
In practice, our only use of child_setup() outside tests
is #ifdef DBUS_UNIX anyway, so this change has no practical effect
right now.
Simon McVittie [Fri, 20 Nov 2015 17:19:51 +0000 (17:19 +0000)]
uid-permissions test: don't assert that root can UpdateActivationEnvironment
Since 1.10.4 this is hard-coded to be disallowed when an activation
helper is used. That would be a security flaw waiting to happen,
and makes little sense anyway, because the activation helper sanitises
its environment.
Use BecomeMonitor() instead, as our way to assert that root and
messagebus are privileged.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=93036 Reviewed-by: Iain Lane
Simon McVittie [Fri, 6 Nov 2015 14:52:51 +0000 (15:52 +0100)]
monitor: use the addressed_recipient to select matches
This means we respect the destination keyword in arguments to
BecomeMonitor.
In bus_dispatch(), this means that we need to defer capturing until
we have decided whether there is an addressed recipient; so instead
of capturing once, we capture at each leaf of the decision tree.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92074 Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk> Reviewed-by: Lars Uebernickel <lars@uebernic.de>
Simon McVittie [Tue, 17 Nov 2015 16:42:01 +0000 (16:42 +0000)]
name-test: don't run these tests with autotools if targeting Windows.
The wrapper shell script that sets up their environment is nowhere
near being portable. In particular, it uses dbus-run-session,
which is Unix-specific.
[rh: Add autotools scope in commit title]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92899 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Rewieved-by: Ralf Habacker <ralf.habacker@freenet.de>
bus-driver: Support returning org.freedesktop.DBus UID and PID
Attempting to call SetEnvironment on systemd causes it to inquire
about the caller's connection UID and PID. If this check fails,
the call is rejected.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[smcv: go back to DBUS_ERROR_UNIX_PROCESS_ID_UNKNOWN as the error code
for failure to determine the pid]
bus_driver_handle_update_activation_environment: Forward to systemd
If we use systemd activation, forward all UpdateActivationEnvironment
requests to org.freedesktop.systemd1.Manager.SetEnvironment, in order
to ensure variables needed by D-Bus services are available when these
services are launched by systemd.
Since UpdateActivationEnvironment is not available on the system bus,
this only applies to user buses.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
bus_driver_handle_update_activation_environment: Error on system buses
The default policy already disallows calls on system buses. Since any
bus with a service helper cleans the environment anyway, there's no
point in allowing this to be called.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Tue, 17 Nov 2015 13:23:30 +0000 (13:23 +0000)]
fdpass test: assert that TCP connections don't say they can pass fds
As well as slightly increasing our test coverage, this ensures
that at least one test-case in this test is not skipped, working
around CMake's lack of support for the Automake-style exit code
produced by GTest executables (they exit 77 if everything was skipped).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92887 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Simon McVittie [Sat, 7 Nov 2015 12:06:52 +0000 (13:06 +0100)]
Stop statically enabling dbus.socket in dbus.target
dbus.target was relevant in early versions of systemd, but is not
used or installed any more. We also enable the socket in sockets.target,
which is the right place to do this sort of thing.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=78412
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757913 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Lennart Poettering
Simon McVittie [Sat, 7 Nov 2015 12:03:47 +0000 (13:03 +0100)]
Drop [Install] sections from user services
We install the symlink to enable dbus.socket statically, so it doesn't
make much sense to invoke `systemctl enable` on it; and
dbus.service should normally be started by socket activation
(or possibly an explicit dependency) rather than manually.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92402 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Lennart Poettering
It's generally a good idea to avoid trailing whitespace in order to keep
patchs minimal. While it's common to enforce such restrictions for C code,
it's important for docbok XML files too. Hence, let's clean this up and
remove all trailing whitespace currently in place.
[By policy we do not clean up historical trailing whitespace and
tab-indentation in the C source code unless we are modifying those lines
anyway, to retain the ability to merge stable-branch bugfixes into the
development branch. However, the copy of the spec in the development
branch is the only one that receives any updates, so that concern
doesn't apply here. -smcv]
Allowing to send replies when NO_REPLY_EXPECTED is set is useless in
practice: Clients need to be careful not to send these replies, because
bus policy could deny these messages. The spec even mentions that this
issue exists.
To make this more clear and misbehaving clients less likely, disallow
sending unexpected replies entirely.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75749 Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Ralf Habacker [Fri, 6 Nov 2015 13:03:23 +0000 (14:03 +0100)]
Fix test cases running client and server dispatch design issue.
DBus test cases running the server *and* client loop in the same
process assumed that all messages send from the server has to be
received in one client dispatch, which is not the case in all
environments.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Ralf Habacker [Mon, 2 Nov 2015 23:23:56 +0000 (00:23 +0100)]
Test system bus config files on Unix only
Previously, we didn't consistently test parsing of every file in
valid-config-files-system/ everywhere that we tested valid-config-files/.
We now test it on Unix.
The system bus is not supported on Windows, so we do not test
valid-config-files-system/ there.
valid-config-files/many-rules.conf contains <user> and <group> rules
which are not applicable to Windows. Copy the original many-rules.conf
to valid-config-files-system/ so that it will be tested on Unix, and
remove the non-portable rules from valid-config-files/many-rules.conf.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[rh:base patch came from Simon]
projects / thirdparty / dbus.git / log
