Mailinglist Archive: yast-commit (650 mails)
| < Previous | Next > |
[yast-commit] r55454 - in /branches/tmp/lslezak/core: ./ agent-any/doc/ agent-dbus/ agent-dbus/conf/ agent-dbus/doc/ agent-dbus/src/ agent-dummy/doc/ agent-ini/doc/ agent-modules/doc/ agent-process/doc/ agent-re...
- From: lslezak@xxxxxxxxxxxxxxxx
- Date: Thu, 12 Feb 2009 09:51:17 -0000
- Message-id: <E1LXYE2-0006Rn-0a@xxxxxxxxxxxxxxxx>
Author: lslezak
Date: Thu Feb 12 10:51:17 2009
New Revision: 55454
URL: http://svn.opensuse.org/viewcvs/yast?rev=55454&view=rev
Log:
- merged changes from trunk - updated to rev. 55453
Added:
branches/tmp/lslezak/core/agent-dbus/ (props changed)
- copied from r55453, trunk/core/agent-dbus/
branches/tmp/lslezak/core/agent-dbus/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/Makefile.am
branches/tmp/lslezak/core/agent-dbus/conf/ (props changed)
- copied from r55453, trunk/core/agent-dbus/conf/
branches/tmp/lslezak/core/agent-dbus/conf/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/conf/Makefile.am
branches/tmp/lslezak/core/agent-dbus/conf/dbus.session.scr
- copied unchanged from r55453,
trunk/core/agent-dbus/conf/dbus.session.scr
branches/tmp/lslezak/core/agent-dbus/conf/dbus.system.scr
- copied unchanged from r55453, trunk/core/agent-dbus/conf/dbus.system.scr
branches/tmp/lslezak/core/agent-dbus/doc/ (props changed)
- copied from r55453, trunk/core/agent-dbus/doc/
branches/tmp/lslezak/core/agent-dbus/doc/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/doc/Makefile.am
branches/tmp/lslezak/core/agent-dbus/src/ (props changed)
- copied from r55453, trunk/core/agent-dbus/src/
branches/tmp/lslezak/core/agent-dbus/src/DbusAgent.cc
- copied unchanged from r55453, trunk/core/agent-dbus/src/DbusAgent.cc
branches/tmp/lslezak/core/agent-dbus/src/DbusAgent.h
- copied unchanged from r55453, trunk/core/agent-dbus/src/DbusAgent.h
branches/tmp/lslezak/core/agent-dbus/src/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/src/Makefile.am
branches/tmp/lslezak/core/agent-dbus/src/Y2CCDbusAgent.cc
- copied unchanged from r55453, trunk/core/agent-dbus/src/Y2CCDbusAgent.cc
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in.in
- copied unchanged from r55453,
trunk/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in.in
branches/tmp/lslezak/core/dbus/SCR_service/scr_names.h.in
- copied unchanged from r55453, trunk/core/dbus/SCR_service/scr_names.h.in
branches/tmp/lslezak/core/dbus/SCR_service/test_SCR_dbus_server.rb.in
- copied unchanged from r55453,
trunk/core/dbus/SCR_service/test_SCR_dbus_server.rb.in
Removed:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in
Modified:
branches/tmp/lslezak/core/ (props changed)
branches/tmp/lslezak/core/SUBDIRS
branches/tmp/lslezak/core/VERSION
branches/tmp/lslezak/core/agent-any/doc/ag_anyagent.html (props changed)
branches/tmp/lslezak/core/agent-dummy/doc/ag_dummy.html (props changed)
branches/tmp/lslezak/core/agent-ini/doc/ag_ini.html (props changed)
branches/tmp/lslezak/core/agent-modules/doc/ag_modules.html (props
changed)
branches/tmp/lslezak/core/agent-process/doc/ag_process.html (props
changed)
branches/tmp/lslezak/core/agent-resolver/doc/ag_resolver.html (props
changed)
branches/tmp/lslezak/core/agents-perl/doc/ag_modinfo.html (props changed)
branches/tmp/lslezak/core/agents-perl/doc/ag_yp_makefile.html (props
changed)
branches/tmp/lslezak/core/configure.in.in
branches/tmp/lslezak/core/dbus/SCR_service/ (props changed)
branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc
branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
branches/tmp/lslezak/core/dbus/namespace_service/Yast_dbus_server.cc
(props changed)
branches/tmp/lslezak/core/liby2dbus/ (props changed)
branches/tmp/lslezak/core/package/yast2-core.changes
Modified: branches/tmp/lslezak/core/SUBDIRS
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/SUBDIRS?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/SUBDIRS (original)
+++ branches/tmp/lslezak/core/SUBDIRS Thu Feb 12 10:51:17 2009
@@ -1 +1 @@
-liby2util-r liby2 libycp liby2dbus libscr agent-dummy scr agent-system
agent-any agent-ini agent-modules agent-resolver agents-non-y2 agents-perl wfm
agent-process base autodocs dbus
+liby2util-r liby2 libycp liby2dbus libscr agent-dummy scr agent-system
agent-dbus agent-any agent-ini agent-modules agent-resolver agents-non-y2
agents-perl wfm agent-process base autodocs dbus
Modified: branches/tmp/lslezak/core/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/VERSION?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/VERSION (original)
+++ branches/tmp/lslezak/core/VERSION Thu Feb 12 10:51:17 2009
@@ -1 +1 @@
-2.18.2
+2.18.3
Modified: branches/tmp/lslezak/core/configure.in.in
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/configure.in.in?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/configure.in.in (original)
+++ branches/tmp/lslezak/core/configure.in.in Thu Feb 12 10:51:17 2009
@@ -124,6 +124,28 @@
HAVE_POLKIT=0
fi
+#
+# configuration for dbus/SCR_service
+#
+
+# set access mode according to the PolicyKit status
+# if policykit is disabled only root can access the service
+if test $HAVE_POLKIT -ne 0; then
+ACCESS_MODE=allow
+else
+ACCESS_MODE=deny
+fi
+
+
+YAST_SCR_SERVICE=org.opensuse.yast.SCR
+YAST_SCR_SERVICE_METHODS=$YAST_SCR_SERVICE.Methods
+# @ybindir@ expands to ${prefix}/lib/..., force full expansion here
+YAST_SCR_SERVICE_DIR=$ybindir
+AC_SUBST(YAST_SCR_SERVICE)
+AC_SUBST(YAST_SCR_SERVICE_METHODS)
+AC_SUBST(YAST_SCR_SERVICE_DIR)
+AC_SUBST(ACCESS_MODE)
+
AC_SUBST(POLKIT_CFLAGS)
AC_SUBST(POLKIT_LIBS)
AC_SUBST(HAVE_POLKIT)
@@ -137,5 +159,9 @@
scr/doc/SCR.html
scr/doc/intro_to_scr.html
dbus/namespace_service/Yast_dbus_names.h
+ dbus/SCR_service/org.opensuse.yast.SCR.conf
+ dbus/SCR_service/org.opensuse.yast.SCR.service.in
+ dbus/SCR_service/scr_names.h
+ dbus/SCR_service/test_SCR_dbus_server.rb
])
@YAST2-OUTPUT@
Modified: branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc (original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc Thu Feb 12
10:51:17 2009
@@ -14,6 +14,10 @@
#include <ycp/y2log.h>
+#include "scr_names.h"
+
+#define TIMEOUT 15 /* 30 secs idle timeout */
+
extern "C"
{
// nanosleep()
@@ -44,16 +48,16 @@
}
+// connect to DBus, request a service name
bool DBusServer::connect()
{
- // connect to DBus, request a service name
- return connection.connect(DBUS_BUS_SYSTEM, "org.opensuse.yast.SCR");
+ return connection.connect(DBUS_BUS_SYSTEM, YAST_SCR_SERVICE);
}
-// set 30 second timer
+// reset idle timer
void DBusServer::resetTimer()
{
- ::alarm(30);
+ ::alarm(TIMEOUT);
}
// NOTE: this is a signal handler, do only really necessary tasks here!
@@ -67,6 +71,7 @@
}
}
+// register signal handler for idle timeout
void DBusServer::registerSignalHandler()
{
struct sigaction new_action, old_action;
@@ -82,10 +87,10 @@
}
}
+// check if clients are still running,
+// remove finished clients
bool DBusServer::canFinish()
{
- // check if clients are still running,
- // remove finished clients
for(Clients::iterator it = clients.begin();
it != clients.end();)
{
@@ -134,7 +139,7 @@
// the time is over
if (finish)
{
- y2milestone("Timout signal received");
+ y2milestone("Timeout signal received");
if (canFinish())
{
@@ -150,14 +155,14 @@
}
}
- // set 5 seconds timeout
- connection.setTimeout(5000);
// try reading a message from DBus
DBusMsg request(connection.receive());
// check if a message was received
if (request.empty())
{
+ /* run the mainloop only on message or after(!) reaching the idle
timeout */
+ connection.setTimeout((TIMEOUT+1)*1000); /* returns on message or
timeout */
continue;
}
@@ -172,7 +177,9 @@
request.interface().c_str(), request.method().c_str());
// check this is a method call for the right object, interface & method
- if (request.type() == DBUS_MESSAGE_TYPE_METHOD_CALL &&
request.interface() == "org.opensuse.yast.SCR.Methods" && request.path() ==
"/SCR")
+ if (request.type() == DBUS_MESSAGE_TYPE_METHOD_CALL
+ && request.interface() == YAST_SCR_INTERFACE
+ && request.path() == SCR_OBJECT_PATH)
{
std::string method(request.method());
@@ -182,9 +189,14 @@
bool check_ok = false;
// check missing arguments
- if (method == "Read" || method == "Write" || method == "Execute" ||
- method == "Dir" || method == "Error" || method ==
"UnregisterAgent" ||
- method == "UnmountAgent" || method == "RegisterAgent")
+ if (method == METHOD_READ
+ || method == METHOD_WRITE
+ || method == METHOD_EXECUTE
+ || method == METHOD_DIR
+ || method == METHOD_ERROR
+ || method == METHOD_UNREGISTER
+ || method == METHOD_UNMOUNT
+ || method == METHOD_REGISTER)
{
if (request.arguments() == 0)
{
@@ -207,7 +219,7 @@
}
}
}
- else if (method == "UnregisterAllAgents" || method !=
"RegisterNewAgents")
+ else if (method == METHOD_UNREGISTER_ALL || method !=
METHOD_REGISTER_NEW)
{
check_ok = true;
}
@@ -255,29 +267,29 @@
YCPValue ret;
- if (method == "Read")
+ if (method == METHOD_READ)
ret = sa->Read(pth, arg, opt);
- else if (method == "Write")
+ else if (method == METHOD_WRITE)
ret = sa->Write(pth, arg, opt);
- else if (method == "Execute")
+ else if (method == METHOD_EXECUTE)
ret = sa->Execute(pth, arg, opt);
- else if (method == "Dir")
+ else if (method == METHOD_DIR)
{
ret = sa->Dir(pth);
if (ret.isNull())
ret = YCPList();
}
- else if (method == "Error")
+ else if (method == METHOD_ERROR)
ret = sa->Error(pth);
- else if (method == "UnregisterAgent")
+ else if (method == METHOD_UNREGISTER)
ret = sa->UnregisterAgent(pth);
- else if (method == "UnregisterAllAgents")
+ else if (method == METHOD_UNREGISTER_ALL)
ret = sa->UnregisterAllAgents();
- else if (method == "UnmountAgent")
+ else if (method == METHOD_UNMOUNT)
ret = sa->UnmountAgent(pth);
- else if (method == "RegisterNewAgents")
+ else if (method == METHOD_REGISTER_NEW)
ret = sa->RegisterNewAgents();
- else if (method == "RegisterAgent")
+ else if (method == METHOD_REGISTER)
ret = sa->RegisterAgent(pth, arg);
else
y2internal("Unhandled method %s", method.c_str());
@@ -299,11 +311,11 @@
{
y2milestone("Requesting path: %s", request.path().c_str());
// define all exported methods here
- const char *introspect = (request.path() != "/SCR") ?
+ const char *introspect = (request.path() != SCR_OBJECT_PATH) ?
// introcpection data for the root node
DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>"
-" <interface name='org.freedesktop.DBus.Introspectable'>"
+" <interface name='"DBUS_INTERFACE_INTROSPECTABLE"'>"
" <method name='Introspect'>"
" <arg name='xml_data' type='s' direction='out'/>"
" </method>"
@@ -314,58 +326,58 @@
// introcpection data for SCR node
DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>"
-" <interface name='org.opensuse.yast.SCR.Methods'>"
-" <method name='Read'>"
+" <interface name='"YAST_SCR_INTERFACE"'>"
+" <method name='"METHOD_READ"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Write'>"
+" <method name='"METHOD_WRITE"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Execute'>"
+" <method name='"METHOD_EXECUTE"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Dir'>"
+" <method name='"METHOD_DIR"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Error'>"
+" <method name='"METHOD_ERROR"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnregisterAgent'>"
+" <method name='"METHOD_UNREGISTER"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnregisterAllAgents'>"
+" <method name='"METHOD_UNREGISTER_ALL"'>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='RegisterNewAgents'>"
+" <method name='"METHOD_REGISTER_NEW"'>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='RegisterAgent'>"
+" <method name='"METHOD_REGISTER"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnmountAgent'>"
+" <method name='"METHOD_UNMOUNT"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <interface name='org.freedesktop.DBus.Introspectable'>"
+" </interface>"
+" <interface name='"DBUS_INTERFACE_INTROSPECTABLE"'>"
" <method name='Introspect'>"
" <arg name='xml_data' type='s' direction='out'/>"
" </method>"
" </interface>"
-" </interface>"
"</node>";
// create a reply to the request
@@ -422,11 +434,12 @@
}
#ifdef HAVE_POLKIT
+// check if action is allowed by PolicyKit
bool DBusServer::isActionAllowed(const std::string &caller, const std::string
&path, const std::string &method,
const std::string &arg, const std::string &opt)
{
// create actionId
- static const char *polkit_prefix = "org.opensuse.yast.scr";
+ static const char *polkit_prefix = POLKIT_PREFIX;
// check the access right to all methods at first (see bnc#449794)
std::string action_id(PolKit::createActionId(polkit_prefix, "", method,
"", ""));
@@ -460,3 +473,50 @@
}
#endif
+
+bool DBusServer::isProcessRunning(pid_t pid)
+{
+ ostringstream sstr;
+ sstr << "/proc/" << pid;
+
+ struct stat stat_result;
+ bool ret = ::stat(sstr.str().c_str(), &stat_result) == 0;
+
+ y2milestone("Process /proc/%d is running: %s", pid, ret ? "true" :
"false");
+ return ret;
+}
+
+pid_t DBusServer::callerPid(const std::string &bus_name)
+{
+ pid_t pid;
+ DBusMsg query;
+
+ // ask the DBus server for the PID of the caller
+ query.createCall(DBUS_SERVICE_DBUS, DBUS_PATH_DBUS"/Bus",
+ DBUS_SERVICE_DBUS, "GetConnectionUnixProcessID");
+
+ query.addString(bus_name);
+
+ // send the request
+ DBusMsg reply(connection.call(query));
+
+ // read the answer
+ DBusMessageIter iter;
+ dbus_message_iter_init(reply.getMessage(), &iter);
+
+ int type = dbus_message_iter_get_arg_type(&iter);
+ y2debug("Message type: %d, %c", type, (char)type);
+
+ if (type == DBUS_TYPE_UINT32)
+ {
+ dbus_message_iter_get_basic(&iter, &pid);
+ }
+ else
+ {
+ y2internal("Unexpected type in PID reply %d (%c)", type, (char)type);
+ }
+
+ y2milestone("Message from PID %d", pid);
+
+ return pid;
+}
Modified: branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am (original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am Thu Feb 12 10:51:17
2009
@@ -1,8 +1,12 @@
#
-# Makefile.am for dbus/service
+# Makefile.am for dbus/SCR_service
#
-EXTRA_DIST=org.opensuse.yast.SCR.service.in org.opensuse.yast.SCR.conf.in
org.opensuse.yast.scr.policy
+EXTRA_DIST=org.opensuse.yast.SCR.service.in.in \
+ org.opensuse.yast.SCR.conf.in \
+ org.opensuse.yast.scr.policy \
+ scr_names.h.in \
+ test_SCR_dbus_server.rb.in
AM_CXXFLAGS = -DY2LOG=\"SCR-service\" -DSUSEVERSION=\"${SUSEVERSION}\"
@@ -24,35 +28,22 @@
check-local:
polkit-policy-file-validate $(polkit_policies_DATA)
-
# service activation config
# FIXME?? dbus pkgconfig provides only 'session_bus_services_dir'
dbus_servicesdir = `pkg-config --print-errors --variable prefix
dbus-1`/share/dbus-1/system-services
-dbus_services_in_files = org.opensuse.yast.SCR.service.in
+# Can't use autoconf only because @ybindir@ expands to '${prefix}/...'.
+# So must use %YBINDIR% and expand it via sed during make
+# Ouch, ouch, ouch
+dbus_services_in_files = org.opensuse.yast.SCR.service.in
dbus_services_DATA = $(dbus_services_in_files:.service.in=.service)
$(dbus_services_DATA): $(dbus_services_in_files)
- sed -e "s|\@YBINDIR\@|$(ybindir)|" $< > $@
+ sed -e "s|\%YBINDIR\%|$(ybindir)|" $< > $@
# service config
dbus_confdir = `pkg-config --print-errors --variable sysconfdir
dbus-1`/dbus-1/system.d
-
-dbus_conf_in_files = org.opensuse.yast.SCR.conf.in
-
-dbus_conf_DATA = $(dbus_conf_in_files:.conf.in=.conf)
-
-# set access mode according to the PolicyKit status
-# if policykit is disabled only root can access the service
-if HAVE_POLKIT
-dbus_access_mode=allow
-else
-dbus_access_mode=deny
-endif
-
-$(dbus_conf_DATA): $(dbus_conf_in_files)
- sed -e "s|\@ACCESS_MODE\@|$(dbus_access_mode)|" $< > $@
-
+dbus_conf_DATA = org.opensuse.yast.SCR.conf
Modified:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
(original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
Thu Feb 12 10:51:17 2009
@@ -5,16 +5,20 @@
http://lists.opensuse.org/opensuse-packaging/2009-01/msg00132.html
https://bugzilla.novell.com/show_bug.cgi?id=468390
-->
+
+<!--
+ Only a root process may start a DBus Service requesting to own
YAST_SCR_SERVICE
+-->
<policy user="root">
- <allow own="org.opensuse.yast.SCR"/>
- <allow send_destination="org.opensuse.yast.SCR"/>
+ <allow own="@YAST_SCR_SERVICE@"/>
+ <allow send_destination="@YAST_SCR_SERVICE@"/>
</policy>
<policy context="default">
<!-- allowed iff compiled with PolicyKit -->
- <@ACCESS_MODE@ send_destination="org.opensuse.yast.SCR"
- send_interface="org.opensuse.yast.SCR.Methods"/>
+ <@ACCESS_MODE@ send_destination="@YAST_SCR_SERVICE@"
+ send_interface="@YAST_SCR_INTERFACE@"/>
<!-- introspection is allowed -->
- <allow send_destination="org.opensuse.yast.SCR"
+ <allow send_destination="@YAST_SCR_SERVICE@"
send_interface="org.freedesktop.DBus.Introspectable" />
</policy>
</busconfig>
Modified:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
(original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy Thu
Feb 12 10:51:17 2009
@@ -29,7 +29,7 @@
</action>
<action id="org.opensuse.yast.scr.execute">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Execute Method</description>
<message>System policy prevents the Yast SCR service from executing system
calls.</message>
<defaults>
@@ -40,7 +40,7 @@
</action>
<action id="org.opensuse.yast.scr.dir">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Dir Method</description>
<message>System policy prevents the Yast SCR service from listing agent
properties.</message>
<defaults>
@@ -51,7 +51,7 @@
</action>
<action id="org.opensuse.yast.scr.registeragent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR RegisterAgent Method</description>
<message>System policy prevents the Yast SCR service from registering a
new agent.</message>
<defaults>
@@ -62,7 +62,7 @@
</action>
<action id="org.opensuse.yast.scr.unregisteragent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnregisterAgent Method</description>
<message>System policy prevents the Yast SCR service from unregistering an
agent.</message>
<defaults>
@@ -73,7 +73,7 @@
</action>
<action id="org.opensuse.yast.scr.unmountagent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnmountAgent Method</description>
<message>System policy prevents the Yast SCR service from unmounting an
agent.</message>
<defaults>
@@ -84,7 +84,7 @@
</action>
<action id="org.opensuse.yast.scr.error">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Error Method</description>
<message>System policy prevents the Yast SCR service from reading error
status.</message>
<defaults>
@@ -95,7 +95,7 @@
</action>
<action id="org.opensuse.yast.scr.unregisterallagents">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnregisterAllAgents Method</description>
<message>System policy prevents the Yast SCR service from unregistering
all agents.</message>
<defaults>
@@ -106,7 +106,7 @@
</action>
<action id="org.opensuse.yast.scr.registernewagents">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR RegisterNewAgents Method</description>
<message>System policy prevents the Yast SCR service from registering new
unloaded agents.</message>
<defaults>
Modified: branches/tmp/lslezak/core/package/yast2-core.changes
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/package/yast2-core.changes?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/package/yast2-core.changes (original)
+++ branches/tmp/lslezak/core/package/yast2-core.changes Thu Feb 12 10:51:17
2009
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu Jan 29 15:15:57 CET 2009 - aschnell@xxxxxxx
+
+- added dbus client agent (required for bnc #464453)
+- 2.18.3
+
+-------------------------------------------------------------------
Mon Jan 26 14:00:31 CET 2009 - mvidner@xxxxxxx
- Fixed the D-Bus access policy (bnc#468390, CVE-2008-4311).
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
Date: Thu Feb 12 10:51:17 2009
New Revision: 55454
URL: http://svn.opensuse.org/viewcvs/yast?rev=55454&view=rev
Log:
- merged changes from trunk - updated to rev. 55453
Added:
branches/tmp/lslezak/core/agent-dbus/ (props changed)
- copied from r55453, trunk/core/agent-dbus/
branches/tmp/lslezak/core/agent-dbus/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/Makefile.am
branches/tmp/lslezak/core/agent-dbus/conf/ (props changed)
- copied from r55453, trunk/core/agent-dbus/conf/
branches/tmp/lslezak/core/agent-dbus/conf/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/conf/Makefile.am
branches/tmp/lslezak/core/agent-dbus/conf/dbus.session.scr
- copied unchanged from r55453,
trunk/core/agent-dbus/conf/dbus.session.scr
branches/tmp/lslezak/core/agent-dbus/conf/dbus.system.scr
- copied unchanged from r55453, trunk/core/agent-dbus/conf/dbus.system.scr
branches/tmp/lslezak/core/agent-dbus/doc/ (props changed)
- copied from r55453, trunk/core/agent-dbus/doc/
branches/tmp/lslezak/core/agent-dbus/doc/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/doc/Makefile.am
branches/tmp/lslezak/core/agent-dbus/src/ (props changed)
- copied from r55453, trunk/core/agent-dbus/src/
branches/tmp/lslezak/core/agent-dbus/src/DbusAgent.cc
- copied unchanged from r55453, trunk/core/agent-dbus/src/DbusAgent.cc
branches/tmp/lslezak/core/agent-dbus/src/DbusAgent.h
- copied unchanged from r55453, trunk/core/agent-dbus/src/DbusAgent.h
branches/tmp/lslezak/core/agent-dbus/src/Makefile.am
- copied unchanged from r55453, trunk/core/agent-dbus/src/Makefile.am
branches/tmp/lslezak/core/agent-dbus/src/Y2CCDbusAgent.cc
- copied unchanged from r55453, trunk/core/agent-dbus/src/Y2CCDbusAgent.cc
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in.in
- copied unchanged from r55453,
trunk/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in.in
branches/tmp/lslezak/core/dbus/SCR_service/scr_names.h.in
- copied unchanged from r55453, trunk/core/dbus/SCR_service/scr_names.h.in
branches/tmp/lslezak/core/dbus/SCR_service/test_SCR_dbus_server.rb.in
- copied unchanged from r55453,
trunk/core/dbus/SCR_service/test_SCR_dbus_server.rb.in
Removed:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.service.in
Modified:
branches/tmp/lslezak/core/ (props changed)
branches/tmp/lslezak/core/SUBDIRS
branches/tmp/lslezak/core/VERSION
branches/tmp/lslezak/core/agent-any/doc/ag_anyagent.html (props changed)
branches/tmp/lslezak/core/agent-dummy/doc/ag_dummy.html (props changed)
branches/tmp/lslezak/core/agent-ini/doc/ag_ini.html (props changed)
branches/tmp/lslezak/core/agent-modules/doc/ag_modules.html (props
changed)
branches/tmp/lslezak/core/agent-process/doc/ag_process.html (props
changed)
branches/tmp/lslezak/core/agent-resolver/doc/ag_resolver.html (props
changed)
branches/tmp/lslezak/core/agents-perl/doc/ag_modinfo.html (props changed)
branches/tmp/lslezak/core/agents-perl/doc/ag_yp_makefile.html (props
changed)
branches/tmp/lslezak/core/configure.in.in
branches/tmp/lslezak/core/dbus/SCR_service/ (props changed)
branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc
branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
branches/tmp/lslezak/core/dbus/namespace_service/Yast_dbus_server.cc
(props changed)
branches/tmp/lslezak/core/liby2dbus/ (props changed)
branches/tmp/lslezak/core/package/yast2-core.changes
Modified: branches/tmp/lslezak/core/SUBDIRS
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/SUBDIRS?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/SUBDIRS (original)
+++ branches/tmp/lslezak/core/SUBDIRS Thu Feb 12 10:51:17 2009
@@ -1 +1 @@
-liby2util-r liby2 libycp liby2dbus libscr agent-dummy scr agent-system
agent-any agent-ini agent-modules agent-resolver agents-non-y2 agents-perl wfm
agent-process base autodocs dbus
+liby2util-r liby2 libycp liby2dbus libscr agent-dummy scr agent-system
agent-dbus agent-any agent-ini agent-modules agent-resolver agents-non-y2
agents-perl wfm agent-process base autodocs dbus
Modified: branches/tmp/lslezak/core/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/VERSION?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/VERSION (original)
+++ branches/tmp/lslezak/core/VERSION Thu Feb 12 10:51:17 2009
@@ -1 +1 @@
-2.18.2
+2.18.3
Modified: branches/tmp/lslezak/core/configure.in.in
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/configure.in.in?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/configure.in.in (original)
+++ branches/tmp/lslezak/core/configure.in.in Thu Feb 12 10:51:17 2009
@@ -124,6 +124,28 @@
HAVE_POLKIT=0
fi
+#
+# configuration for dbus/SCR_service
+#
+
+# set access mode according to the PolicyKit status
+# if policykit is disabled only root can access the service
+if test $HAVE_POLKIT -ne 0; then
+ACCESS_MODE=allow
+else
+ACCESS_MODE=deny
+fi
+
+
+YAST_SCR_SERVICE=org.opensuse.yast.SCR
+YAST_SCR_SERVICE_METHODS=$YAST_SCR_SERVICE.Methods
+# @ybindir@ expands to ${prefix}/lib/..., force full expansion here
+YAST_SCR_SERVICE_DIR=$ybindir
+AC_SUBST(YAST_SCR_SERVICE)
+AC_SUBST(YAST_SCR_SERVICE_METHODS)
+AC_SUBST(YAST_SCR_SERVICE_DIR)
+AC_SUBST(ACCESS_MODE)
+
AC_SUBST(POLKIT_CFLAGS)
AC_SUBST(POLKIT_LIBS)
AC_SUBST(HAVE_POLKIT)
@@ -137,5 +159,9 @@
scr/doc/SCR.html
scr/doc/intro_to_scr.html
dbus/namespace_service/Yast_dbus_names.h
+ dbus/SCR_service/org.opensuse.yast.SCR.conf
+ dbus/SCR_service/org.opensuse.yast.SCR.service.in
+ dbus/SCR_service/scr_names.h
+ dbus/SCR_service/test_SCR_dbus_server.rb
])
@YAST2-OUTPUT@
Modified: branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc (original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/DBusServer.cc Thu Feb 12
10:51:17 2009
@@ -14,6 +14,10 @@
#include <ycp/y2log.h>
+#include "scr_names.h"
+
+#define TIMEOUT 15 /* 30 secs idle timeout */
+
extern "C"
{
// nanosleep()
@@ -44,16 +48,16 @@
}
+// connect to DBus, request a service name
bool DBusServer::connect()
{
- // connect to DBus, request a service name
- return connection.connect(DBUS_BUS_SYSTEM, "org.opensuse.yast.SCR");
+ return connection.connect(DBUS_BUS_SYSTEM, YAST_SCR_SERVICE);
}
-// set 30 second timer
+// reset idle timer
void DBusServer::resetTimer()
{
- ::alarm(30);
+ ::alarm(TIMEOUT);
}
// NOTE: this is a signal handler, do only really necessary tasks here!
@@ -67,6 +71,7 @@
}
}
+// register signal handler for idle timeout
void DBusServer::registerSignalHandler()
{
struct sigaction new_action, old_action;
@@ -82,10 +87,10 @@
}
}
+// check if clients are still running,
+// remove finished clients
bool DBusServer::canFinish()
{
- // check if clients are still running,
- // remove finished clients
for(Clients::iterator it = clients.begin();
it != clients.end();)
{
@@ -134,7 +139,7 @@
// the time is over
if (finish)
{
- y2milestone("Timout signal received");
+ y2milestone("Timeout signal received");
if (canFinish())
{
@@ -150,14 +155,14 @@
}
}
- // set 5 seconds timeout
- connection.setTimeout(5000);
// try reading a message from DBus
DBusMsg request(connection.receive());
// check if a message was received
if (request.empty())
{
+ /* run the mainloop only on message or after(!) reaching the idle
timeout */
+ connection.setTimeout((TIMEOUT+1)*1000); /* returns on message or
timeout */
continue;
}
@@ -172,7 +177,9 @@
request.interface().c_str(), request.method().c_str());
// check this is a method call for the right object, interface & method
- if (request.type() == DBUS_MESSAGE_TYPE_METHOD_CALL &&
request.interface() == "org.opensuse.yast.SCR.Methods" && request.path() ==
"/SCR")
+ if (request.type() == DBUS_MESSAGE_TYPE_METHOD_CALL
+ && request.interface() == YAST_SCR_INTERFACE
+ && request.path() == SCR_OBJECT_PATH)
{
std::string method(request.method());
@@ -182,9 +189,14 @@
bool check_ok = false;
// check missing arguments
- if (method == "Read" || method == "Write" || method == "Execute" ||
- method == "Dir" || method == "Error" || method ==
"UnregisterAgent" ||
- method == "UnmountAgent" || method == "RegisterAgent")
+ if (method == METHOD_READ
+ || method == METHOD_WRITE
+ || method == METHOD_EXECUTE
+ || method == METHOD_DIR
+ || method == METHOD_ERROR
+ || method == METHOD_UNREGISTER
+ || method == METHOD_UNMOUNT
+ || method == METHOD_REGISTER)
{
if (request.arguments() == 0)
{
@@ -207,7 +219,7 @@
}
}
}
- else if (method == "UnregisterAllAgents" || method !=
"RegisterNewAgents")
+ else if (method == METHOD_UNREGISTER_ALL || method !=
METHOD_REGISTER_NEW)
{
check_ok = true;
}
@@ -255,29 +267,29 @@
YCPValue ret;
- if (method == "Read")
+ if (method == METHOD_READ)
ret = sa->Read(pth, arg, opt);
- else if (method == "Write")
+ else if (method == METHOD_WRITE)
ret = sa->Write(pth, arg, opt);
- else if (method == "Execute")
+ else if (method == METHOD_EXECUTE)
ret = sa->Execute(pth, arg, opt);
- else if (method == "Dir")
+ else if (method == METHOD_DIR)
{
ret = sa->Dir(pth);
if (ret.isNull())
ret = YCPList();
}
- else if (method == "Error")
+ else if (method == METHOD_ERROR)
ret = sa->Error(pth);
- else if (method == "UnregisterAgent")
+ else if (method == METHOD_UNREGISTER)
ret = sa->UnregisterAgent(pth);
- else if (method == "UnregisterAllAgents")
+ else if (method == METHOD_UNREGISTER_ALL)
ret = sa->UnregisterAllAgents();
- else if (method == "UnmountAgent")
+ else if (method == METHOD_UNMOUNT)
ret = sa->UnmountAgent(pth);
- else if (method == "RegisterNewAgents")
+ else if (method == METHOD_REGISTER_NEW)
ret = sa->RegisterNewAgents();
- else if (method == "RegisterAgent")
+ else if (method == METHOD_REGISTER)
ret = sa->RegisterAgent(pth, arg);
else
y2internal("Unhandled method %s", method.c_str());
@@ -299,11 +311,11 @@
{
y2milestone("Requesting path: %s", request.path().c_str());
// define all exported methods here
- const char *introspect = (request.path() != "/SCR") ?
+ const char *introspect = (request.path() != SCR_OBJECT_PATH) ?
// introcpection data for the root node
DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>"
-" <interface name='org.freedesktop.DBus.Introspectable'>"
+" <interface name='"DBUS_INTERFACE_INTROSPECTABLE"'>"
" <method name='Introspect'>"
" <arg name='xml_data' type='s' direction='out'/>"
" </method>"
@@ -314,58 +326,58 @@
// introcpection data for SCR node
DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>"
-" <interface name='org.opensuse.yast.SCR.Methods'>"
-" <method name='Read'>"
+" <interface name='"YAST_SCR_INTERFACE"'>"
+" <method name='"METHOD_READ"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Write'>"
+" <method name='"METHOD_WRITE"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Execute'>"
+" <method name='"METHOD_EXECUTE"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='opt' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Dir'>"
+" <method name='"METHOD_DIR"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='Error'>"
+" <method name='"METHOD_ERROR"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnregisterAgent'>"
+" <method name='"METHOD_UNREGISTER"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnregisterAllAgents'>"
+" <method name='"METHOD_UNREGISTER_ALL"'>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='RegisterNewAgents'>"
+" <method name='"METHOD_REGISTER_NEW"'>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='RegisterAgent'>"
+" <method name='"METHOD_REGISTER"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='arg' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <method name='UnmountAgent'>"
+" <method name='"METHOD_UNMOUNT"'>"
" <arg name='path' type='(bsv)' direction='in'/>"
" <arg name='ret' type='(bsv)' direction='out'/>"
" </method>"
-" <interface name='org.freedesktop.DBus.Introspectable'>"
+" </interface>"
+" <interface name='"DBUS_INTERFACE_INTROSPECTABLE"'>"
" <method name='Introspect'>"
" <arg name='xml_data' type='s' direction='out'/>"
" </method>"
" </interface>"
-" </interface>"
"</node>";
// create a reply to the request
@@ -422,11 +434,12 @@
}
#ifdef HAVE_POLKIT
+// check if action is allowed by PolicyKit
bool DBusServer::isActionAllowed(const std::string &caller, const std::string
&path, const std::string &method,
const std::string &arg, const std::string &opt)
{
// create actionId
- static const char *polkit_prefix = "org.opensuse.yast.scr";
+ static const char *polkit_prefix = POLKIT_PREFIX;
// check the access right to all methods at first (see bnc#449794)
std::string action_id(PolKit::createActionId(polkit_prefix, "", method,
"", ""));
@@ -460,3 +473,50 @@
}
#endif
+
+bool DBusServer::isProcessRunning(pid_t pid)
+{
+ ostringstream sstr;
+ sstr << "/proc/" << pid;
+
+ struct stat stat_result;
+ bool ret = ::stat(sstr.str().c_str(), &stat_result) == 0;
+
+ y2milestone("Process /proc/%d is running: %s", pid, ret ? "true" :
"false");
+ return ret;
+}
+
+pid_t DBusServer::callerPid(const std::string &bus_name)
+{
+ pid_t pid;
+ DBusMsg query;
+
+ // ask the DBus server for the PID of the caller
+ query.createCall(DBUS_SERVICE_DBUS, DBUS_PATH_DBUS"/Bus",
+ DBUS_SERVICE_DBUS, "GetConnectionUnixProcessID");
+
+ query.addString(bus_name);
+
+ // send the request
+ DBusMsg reply(connection.call(query));
+
+ // read the answer
+ DBusMessageIter iter;
+ dbus_message_iter_init(reply.getMessage(), &iter);
+
+ int type = dbus_message_iter_get_arg_type(&iter);
+ y2debug("Message type: %d, %c", type, (char)type);
+
+ if (type == DBUS_TYPE_UINT32)
+ {
+ dbus_message_iter_get_basic(&iter, &pid);
+ }
+ else
+ {
+ y2internal("Unexpected type in PID reply %d (%c)", type, (char)type);
+ }
+
+ y2milestone("Message from PID %d", pid);
+
+ return pid;
+}
Modified: branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am (original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/Makefile.am Thu Feb 12 10:51:17
2009
@@ -1,8 +1,12 @@
#
-# Makefile.am for dbus/service
+# Makefile.am for dbus/SCR_service
#
-EXTRA_DIST=org.opensuse.yast.SCR.service.in org.opensuse.yast.SCR.conf.in
org.opensuse.yast.scr.policy
+EXTRA_DIST=org.opensuse.yast.SCR.service.in.in \
+ org.opensuse.yast.SCR.conf.in \
+ org.opensuse.yast.scr.policy \
+ scr_names.h.in \
+ test_SCR_dbus_server.rb.in
AM_CXXFLAGS = -DY2LOG=\"SCR-service\" -DSUSEVERSION=\"${SUSEVERSION}\"
@@ -24,35 +28,22 @@
check-local:
polkit-policy-file-validate $(polkit_policies_DATA)
-
# service activation config
# FIXME?? dbus pkgconfig provides only 'session_bus_services_dir'
dbus_servicesdir = `pkg-config --print-errors --variable prefix
dbus-1`/share/dbus-1/system-services
-dbus_services_in_files = org.opensuse.yast.SCR.service.in
+# Can't use autoconf only because @ybindir@ expands to '${prefix}/...'.
+# So must use %YBINDIR% and expand it via sed during make
+# Ouch, ouch, ouch
+dbus_services_in_files = org.opensuse.yast.SCR.service.in
dbus_services_DATA = $(dbus_services_in_files:.service.in=.service)
$(dbus_services_DATA): $(dbus_services_in_files)
- sed -e "s|\@YBINDIR\@|$(ybindir)|" $< > $@
+ sed -e "s|\%YBINDIR\%|$(ybindir)|" $< > $@
# service config
dbus_confdir = `pkg-config --print-errors --variable sysconfdir
dbus-1`/dbus-1/system.d
-
-dbus_conf_in_files = org.opensuse.yast.SCR.conf.in
-
-dbus_conf_DATA = $(dbus_conf_in_files:.conf.in=.conf)
-
-# set access mode according to the PolicyKit status
-# if policykit is disabled only root can access the service
-if HAVE_POLKIT
-dbus_access_mode=allow
-else
-dbus_access_mode=deny
-endif
-
-$(dbus_conf_DATA): $(dbus_conf_in_files)
- sed -e "s|\@ACCESS_MODE\@|$(dbus_access_mode)|" $< > $@
-
+dbus_conf_DATA = org.opensuse.yast.SCR.conf
Modified:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
(original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
Thu Feb 12 10:51:17 2009
@@ -5,16 +5,20 @@
http://lists.opensuse.org/opensuse-packaging/2009-01/msg00132.html
https://bugzilla.novell.com/show_bug.cgi?id=468390
-->
+
+<!--
+ Only a root process may start a DBus Service requesting to own
YAST_SCR_SERVICE
+-->
<policy user="root">
- <allow own="org.opensuse.yast.SCR"/>
- <allow send_destination="org.opensuse.yast.SCR"/>
+ <allow own="@YAST_SCR_SERVICE@"/>
+ <allow send_destination="@YAST_SCR_SERVICE@"/>
</policy>
<policy context="default">
<!-- allowed iff compiled with PolicyKit -->
- <@ACCESS_MODE@ send_destination="org.opensuse.yast.SCR"
- send_interface="org.opensuse.yast.SCR.Methods"/>
+ <@ACCESS_MODE@ send_destination="@YAST_SCR_SERVICE@"
+ send_interface="@YAST_SCR_INTERFACE@"/>
<!-- introspection is allowed -->
- <allow send_destination="org.opensuse.yast.SCR"
+ <allow send_destination="@YAST_SCR_SERVICE@"
send_interface="org.freedesktop.DBus.Introspectable" />
</policy>
</busconfig>
Modified:
branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy
(original)
+++ branches/tmp/lslezak/core/dbus/SCR_service/org.opensuse.yast.scr.policy Thu
Feb 12 10:51:17 2009
@@ -29,7 +29,7 @@
</action>
<action id="org.opensuse.yast.scr.execute">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Execute Method</description>
<message>System policy prevents the Yast SCR service from executing system
calls.</message>
<defaults>
@@ -40,7 +40,7 @@
</action>
<action id="org.opensuse.yast.scr.dir">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Dir Method</description>
<message>System policy prevents the Yast SCR service from listing agent
properties.</message>
<defaults>
@@ -51,7 +51,7 @@
</action>
<action id="org.opensuse.yast.scr.registeragent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR RegisterAgent Method</description>
<message>System policy prevents the Yast SCR service from registering a
new agent.</message>
<defaults>
@@ -62,7 +62,7 @@
</action>
<action id="org.opensuse.yast.scr.unregisteragent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnregisterAgent Method</description>
<message>System policy prevents the Yast SCR service from unregistering an
agent.</message>
<defaults>
@@ -73,7 +73,7 @@
</action>
<action id="org.opensuse.yast.scr.unmountagent">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnmountAgent Method</description>
<message>System policy prevents the Yast SCR service from unmounting an
agent.</message>
<defaults>
@@ -84,7 +84,7 @@
</action>
<action id="org.opensuse.yast.scr.error">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR Error Method</description>
<message>System policy prevents the Yast SCR service from reading error
status.</message>
<defaults>
@@ -95,7 +95,7 @@
</action>
<action id="org.opensuse.yast.scr.unregisterallagents">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR UnregisterAllAgents Method</description>
<message>System policy prevents the Yast SCR service from unregistering
all agents.</message>
<defaults>
@@ -106,7 +106,7 @@
</action>
<action id="org.opensuse.yast.scr.registernewagents">
- <description>Yast SCR Write Method</description>
+ <description>Yast SCR RegisterNewAgents Method</description>
<message>System policy prevents the Yast SCR service from registering new
unloaded agents.</message>
<defaults>
Modified: branches/tmp/lslezak/core/package/yast2-core.changes
URL:
http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/core/package/yast2-core.changes?rev=55454&r1=55453&r2=55454&view=diff
==============================================================================
--- branches/tmp/lslezak/core/package/yast2-core.changes (original)
+++ branches/tmp/lslezak/core/package/yast2-core.changes Thu Feb 12 10:51:17
2009
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu Jan 29 15:15:57 CET 2009 - aschnell@xxxxxxx
+
+- added dbus client agent (required for bnc #464453)
+- 2.18.3
+
+-------------------------------------------------------------------
Mon Jan 26 14:00:31 CET 2009 - mvidner@xxxxxxx
- Fixed the D-Bus access policy (bnc#468390, CVE-2008-4311).
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
| < Previous | Next > |