Simon McVittie [Thu, 21 Jul 2016 07:24:38 +0000 (08:24 +0100)]
dbus-daemon, dbus-launch: cope with callers having closed standard fds
In Debian bug <https://bugs.debian.org/829348>, lightdm appears to
have been starting dbus-launch with at least one of the three
standard fds 0, 1, 2 (stdin, stdout, stderr) closed. This resulted
in the dbus-daemon's epoll_create1() returning a fd less than 3.
Later, _dbus_become_daemon() replaces fds 0-2 with /dev/null. As a
result, a subsequent call to _dbus_loop_add_watch() for the reload
pipe resulted in calling epoll_ctl on the non-epoll fd pointing to
/dev/null, which fails with EINVAL, resulting in the dbus-daemon
exiting unsuccessfully.
Unix programs are not normally expected to behave correctly when
launched with the standard fds not already open; but at the same time,
X11 autolaunching means that dbus-launch (and hence the dbus-daemon)
can get started from an arbitrarily precarious situation.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97008 Signed-off-by: Simon McVittie <smcv@debian.org> Reviewed-by: Thiago Macieira <thiago@kde.org>
(cherry picked from commit c8f73a2a3a9d9d10587f596a62ebb64e8963197e)
Simon McVittie [Thu, 21 Jul 2016 07:23:12 +0000 (08:23 +0100)]
_dbus_ensure_standard_fds: new function to ensure std* fds are open
This function opens stdin, stdout, stderr pointing to /dev/null
if they aren't already open. Optionally, it can also replace
whatever is available on those fds with /dev/null.
To allow for use in contexts where only async-signal-safe functions
should be used, such as between fork() and a following exec(),
this function does not use conventional libdbus error handling
(which would require malloc). Instead, it sets errno and returns
an explanatory string.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97008 Signed-off-by: Simon McVittie <smcv@debian.org> Reviewed-by: Thiago Macieira <thiago@kde.org>
(cherry picked from commit 69123a6bd2adabbaec1f770fc4573fc3ed4ceca6)
Simon McVittie [Thu, 11 Aug 2016 15:08:39 +0000 (16:08 +0100)]
Mark WaitingForOK state as unused
It should probably be used (see #97298) but the fact that it isn't
is breaking compatibility with gcc 6, so apply a quick workaround
while we look into what's wrong here.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97282
(cherry picked from commit 21d61180819c141e779d6ecf9919e62e768b6fd9)
Simon McVittie [Mon, 11 Jul 2016 09:52:44 +0000 (10:52 +0100)]
update-activation-environment: produce better diagnostics on error
If dbus-daemon or systemd replied to our method call with an error,
we would report it as "invalid arguments" instead of the true error
name and message.
Same root cause as <https://bugs.freedesktop.org/show_bug.cgi?id=96653>.
Otherwise HAVE_STDINT_H will not be defined or the var will not be
picked up from cache so builds could fail with errors like:
| ../../dbus-1.10.8/dbus/dbus-internals.h:239:8: error: ‘uintptr_t’ undeclared (first use in this function)
WaLyong Cho [Tue, 7 Jun 2016 14:26:42 +0000 (23:26 +0900)]
activation: set children oom_score_adj to 0
If dbus is running as systemd service, dbus daemon is running with
oom_score_adj -900 by OOMScoreAdjust=-900. And children will also have
same value with dbus daemon.
To avoid this, set the child itself values after fork () to 0.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32851 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Mon, 16 May 2016 12:48:37 +0000 (13:48 +0100)]
travis: compile with mingw in both production and debug flavours
This should detect anything that is only a build failure when embedded
tests or verbose mode are enabled, such as the missing include fixed
in commit 4858faf. I'm not enabling embedded tests and verbose mode
orthogonally because we don't want CI builds to take too long.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
(cherry picked from commit 8f6fe1451ead14b82475177f40bbc2c256cba876)
Ralf Habacker [Thu, 12 May 2016 22:56:42 +0000 (00:56 +0200)]
Eliminates a race condition accessing DBusBabysitter instance at startup of babysitter() on Windows.
Ensure that the babysitter thread already owns its one reference to the
babysitter when it starts up, and eliminates the race condition.
This patch requires that DBusBabysitter refcounting is thread-safe
and is based on an analysis and proposal of Simon Mc Vittie.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=95191 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Mon, 15 Feb 2016 15:00:22 +0000 (15:00 +0000)]
DBusMessageIter: eliminate padding on 64-bit platforms
Previously, 64-bit (LP64 or LLP64) platforms would have had 32 bits
of padding between pad2 and pad3. We want to guarantee that an ISO C
compiler will copy the entire struct when assigning between structs,
but padding is not guaranteed to be copied, so we want to ensure that
the struct is "packed".
Statically assert that the old ABI is compatible with the new ABI.
Reviewed-by: Thiago Macieira <thiago@kde.org>
[smcv: change >= to == as Thiago requested] Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=94136
Simon McVittie [Mon, 15 Feb 2016 14:58:59 +0000 (14:58 +0000)]
DBusMessage: assert the properties we need DBusMessageIter to have
We already asserted that DBusMessageIter must be at least as large
as DBusMessageRealIter (so that casting DBusMessageIter * to
DBusMessageRealIter * does not result in overflowing the stack
variable). Also assert that it must have alignment requirements at
least as strict as those of DBusMessageRealIter * (so that casting
does not increase the required alignment).
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Thiago Macieira <thiago@kde.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=94136
Simon McVittie [Mon, 8 Feb 2016 20:32:34 +0000 (20:32 +0000)]
name-test: run most C tests directly, not via run-test.sh
The exception is test-autolaunch, which is really not particularly
useful as a build-time test. The only way we can really test
autolaunch is as a whole-system integration test, and "make check"
is not that.
The two tests written in Python and one test based on dbus-send
are also not run directly yet; in particular, that includes both
the tests in run-test-systemserver.sh.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92899 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Simon McVittie [Mon, 8 Feb 2016 20:09:58 +0000 (20:09 +0000)]
Replace $DBUS_USE_TEST_BINARY with $DBUS_TEST_DBUS_LAUNCH
Instead of using $DBUS_USE_TEST_BINARY to control whether to use the
hard-coded test binary TEST_BUS_LAUNCH_BINARY, we can just use
$DBUS_TEST_DBUS_LAUNCH to control what we launch directly, as we
were already doing for $DBUS_TEST_DAEMON.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92899 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Nick Lewycky [Thu, 28 Jan 2016 20:24:56 +0000 (12:24 -0800)]
marshal-validate: run all the tests instead of just the even ones
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=93908 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[smcv: Re-enable the failing test that Nick disabled, and fix the
expected result; the result given by our current implementation is
reasonable.]
Simon McVittie [Mon, 8 Feb 2016 17:25:38 +0000 (17:25 +0000)]
configure.ac: support large-file for stat64
dbus-daemon is not expected to open files with large *sizes*, but without
large file support, calling [f]stat() on a file that happens to have a
large inode number will fail with EOVERFLOW (see stat(2)). For example,
files mounted from an NFS server might have large inode numbers.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=93545 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
[smcv: shorten and clarify commit message; move AC_SYS_LARGEFILE
after AC_USE_SYSTEM_EXTENSIONS because nothing should compile C before
that point] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Tue, 1 Dec 2015 17:31:18 +0000 (17:31 +0000)]
add travis-ci.org build machinery
The idea is that .travis.yml is specific to Travis-CI, but most of the
actual work is done in tools/ci-build.sh, which should be reasonably
CI-platform-agnostic (it currently assumes that build-dependendencies are
preinstalled, that the "native" platform we're building on is GNU/Linux
or something very close, and that "mingw" means mingw-w64 as packaged
in Debian and Ubuntu).
Simon McVittie [Fri, 27 Nov 2015 11:50:57 +0000 (11:50 +0000)]
Fix shell syntax for installcheck-local with no DESTDIR
A closing brace must be preceded by a semicolon. The CI integration
added later in this branch actually runs "make installcheck"
with no DESTDIR; apparently nobody else has ever tried that.
Simon McVittie [Fri, 27 Nov 2015 11:31:03 +0000 (11:31 +0000)]
Do not require systemd to have a service file if using it for activation
With --systemd-activation we special-case the name
org.freedesktop.systemd1 by assuming that it will eventually connect
to the bus. With that in mind, we can ignore whether it has a
.service file, and let it be "activated" regardless.
This fixes a regression test failure on non-systemd systems such
as the Ubuntu 14.04 OS on travis-ci.org: UpdateActivationEnvironment
failed, because it tried to update the (fake) systemd environment,
but because systemd was not actually installed, there was no
service file for it in the system's search paths. We could address this
by placing a dummy service file with Exec=/bin/false in our search path
like the real systemd does, but it seems cleaner to not require this;
this would eventually enable the real systemd to stop installing
that dummy service file.
This would not happen outside the regression tests, because there is
no sense in using --systemd-activation without systemd installed.
Simon McVittie [Tue, 24 Nov 2015 01:19:27 +0000 (01:19 +0000)]
embedded tests: accept and ignore --tap argument
This makes them semi-command-line-compatible with a way we can
invoke the GLib-based tests to get more useful debug logs.
These tests still do not actually produce TAP output yet; I tried
implementing that, but it requires changing a lot of noise on stdout
to come out of stderr, and there was something weird going on with
subprocesses restarting the test numbering which will need further
investigation before making that change.
Simon McVittie [Fri, 20 Nov 2015 17:19:51 +0000 (17:19 +0000)]
uid-permissions test: don't assert that root can UpdateActivationEnvironment
Since 1.10.4 this is hard-coded to be disallowed when an activation
helper is used. That would be a security flaw waiting to happen,
and makes little sense anyway, because the activation helper sanitises
its environment.
Use BecomeMonitor() instead, as our way to assert that root and
messagebus are privileged.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=93036 Reviewed-by: Iain Lane
Simon McVittie [Tue, 17 Nov 2015 16:42:01 +0000 (16:42 +0000)]
name-test: don't run these tests with autotools if targeting Windows.
The wrapper shell script that sets up their environment is nowhere
near being portable. In particular, it uses dbus-run-session,
which is Unix-specific.
[rh: Add autotools scope in commit title]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92899 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Rewieved-by: Ralf Habacker <ralf.habacker@freenet.de>
bus-driver: Support returning org.freedesktop.DBus UID and PID
Attempting to call SetEnvironment on systemd causes it to inquire
about the caller's connection UID and PID. If this check fails,
the call is rejected.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[smcv: go back to DBUS_ERROR_UNIX_PROCESS_ID_UNKNOWN as the error code
for failure to determine the pid]
bus_driver_handle_update_activation_environment: Forward to systemd
If we use systemd activation, forward all UpdateActivationEnvironment
requests to org.freedesktop.systemd1.Manager.SetEnvironment, in order
to ensure variables needed by D-Bus services are available when these
services are launched by systemd.
Since UpdateActivationEnvironment is not available on the system bus,
this only applies to user buses.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
bus_driver_handle_update_activation_environment: Error on system buses
The default policy already disallows calls on system buses. Since any
bus with a service helper cleans the environment anyway, there's no
point in allowing this to be called.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92857 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Tue, 17 Nov 2015 13:23:30 +0000 (13:23 +0000)]
fdpass test: assert that TCP connections don't say they can pass fds
As well as slightly increasing our test coverage, this ensures
that at least one test-case in this test is not skipped, working
around CMake's lack of support for the Automake-style exit code
produced by GTest executables (they exit 77 if everything was skipped).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92887 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Ralf Habacker [Fri, 6 Nov 2015 13:03:23 +0000 (14:03 +0100)]
Fix test cases running client and server dispatch design issue.
DBus test cases running the server *and* client loop in the same
process assumed that all messages send from the server has to be
received in one client dispatch, which is not the case in all
environments.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Ralf Habacker [Mon, 2 Nov 2015 23:23:56 +0000 (00:23 +0100)]
Test system bus config files on Unix only
Previously, we didn't consistently test parsing of every file in
valid-config-files-system/ everywhere that we tested valid-config-files/.
We now test it on Unix.
The system bus is not supported on Windows, so we do not test
valid-config-files-system/ there.
valid-config-files/many-rules.conf contains <user> and <group> rules
which are not applicable to Windows. Copy the original many-rules.conf
to valid-config-files-system/ so that it will be tested on Unix, and
remove the non-portable rules from valid-config-files/many-rules.conf.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[rh:base patch came from Simon]
projects / thirdparty / dbus.git / log
