+2005-07-14 Colin Walters <walters@verbum.org>
+
+ * bus/driver.c
+ (bus_driver_handle_get_connection_unix_security_context): New function.
+ (message_handlers): Add.
+
+ * bus/selinux.c (bus_selinux_append_context): New function; appends
+ security context to message.
+
+ * bus/selinux.h: Prototype.
+
+ * dbus/dbus-protocol.h (DBUS_ERROR_UNIX_SECURITY_CONTEXT_UNKNOWN): New.
+
2005-07-14 John (J5) Palmieri <johnp@redhat.com>
* bus/activation.c: clean up all tabs to be 8 spaces
#include "driver.h"
#include "dispatch.h"
#include "services.h"
+#include "selinux.h"
#include "signals.h"
#include "utils.h"
#include <dbus/dbus-string.h>
return FALSE;
}
+static dbus_bool_t
+bus_driver_handle_get_connection_unix_security_context (DBusConnection *connection,
+ BusTransaction *transaction,
+ DBusMessage *message,
+ DBusError *error)
+{
+ const char *service;
+ DBusString str;
+ BusRegistry *registry;
+ BusService *serv;
+ DBusConnection *conn;
+ DBusMessage *reply;
+ BusSELinuxID *context;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ registry = bus_connection_get_registry (connection);
+
+ service = NULL;
+ reply = NULL;
+
+ if (! dbus_message_get_args (message, error,
+ DBUS_TYPE_STRING, &service,
+ DBUS_TYPE_INVALID))
+ goto failed;
+
+ _dbus_verbose ("asked for security context of connection %s\n", service);
+
+ _dbus_string_init_const (&str, service);
+ serv = bus_registry_lookup (registry, &str);
+ if (serv == NULL)
+ {
+ dbus_set_error (error,
+ DBUS_ERROR_NAME_HAS_NO_OWNER,
+ "Could not get security context of name '%s': no such name", service);
+ goto failed;
+ }
+
+ conn = bus_service_get_primary_owner (serv);
+
+ reply = dbus_message_new_method_return (message);
+ if (reply == NULL)
+ goto oom;
+
+ context = bus_connection_get_selinux_id (conn);
+ if (!context)
+ {
+ dbus_set_error (error,
+ DBUS_ERROR_UNIX_SECURITY_CONTEXT_UNKNOWN,
+ "Could not determine security context for '%s'", service);
+ goto failed;
+ }
+
+ if (! bus_selinux_append_context (reply, context))
+ goto oom;
+
+ if (! bus_transaction_send_from_driver (transaction, connection, reply))
+ goto oom;
+
+ dbus_message_unref (reply);
+
+ return TRUE;
+
+ oom:
+ BUS_SET_OOM (error);
+
+ failed:
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ if (reply)
+ dbus_message_unref (reply);
+ return FALSE;
+}
+
static dbus_bool_t
bus_driver_handle_reload_config (DBusConnection *connection,
BusTransaction *transaction,
DBUS_TYPE_STRING_AS_STRING,
DBUS_TYPE_UINT32_AS_STRING,
bus_driver_handle_get_connection_unix_process_id },
+ { "GetConnectionUnixSecurityContext",
+ DBUS_TYPE_STRING_AS_STRING,
+ DBUS_TYPE_STRING_AS_STRING,
+ bus_driver_handle_get_connection_unix_security_context },
{ "ReloadConfig",
"",
"",
#endif /* HAVE_SELINUX */
}
+dbus_bool_t
+bus_selinux_append_context (DBusMessage *message,
+ BusSELinuxID *context)
+{
+ /* Note if you change how the context is marshalled (e.g. to ay),
+ * you also need to change driver.c for the appropriate return value.
+ */
+ return dbus_message_append_args (message,
+ DBUS_TYPE_STRING,
+ SELINUX_SID_FROM_BUS (context),
+ DBUS_TYPE_INVALID);
+}
+
/**
* Gets the security context of a connection to the bus. It is up to
* the caller to freecon() when they are done.
void bus_selinux_id_table_print (DBusHashTable *service_table);
const char* bus_selinux_get_policy_root (void);
+dbus_bool_t bus_selinux_append_context (DBusMessage *message,
+ BusSELinuxID *context);
dbus_bool_t bus_selinux_allows_acquire_service (DBusConnection *connection,
BusSELinuxID *service_sid,
projects / thirdparty / dbus.git / commitdiff
