• Simon McVittie's avatar
    Add a regression test for being a new-style monitor · a650bd05
    Simon McVittie authored
    This includes most of the situations I could think of:
    * method call on dbus-daemon and response
    * NameOwnerChanged
    * NameAcquired, NameLost (although I'm not 100% sure these should
      get captured, since they're redundant with NameOwnerChanged)
    * unicast message is allowed through
    * unicast message is rejected by no-sending or no-receiving policy
    * broadcast is allowed through
    * broadcast is rejected by no-sending policy (the error reply
      is also captured)
    * broadcast is rejected by no-receiving policy (there is no error
    * message causing service activation, and the message telling systemd
      to do the actual activation
    * systemd reporting that activation failed
    It does not cover:
    * sending a message to dbus-daemon, then provoking a reply, then
      dbus-daemon does not allow itself to send the reply due to its
      own security policy
    This is such an obscure corner case that I'm not even convinced it's
    testable without dropping down into lower-level socket manipulation:
    dbus-daemon's replies are always assumed to be requested replies,
    and replies contain so little other metadata that I think we can
    only forbid them by forbidding all method replies. If we do that,
    the reply to Hello() won't arrive and the client-side connection will
    not become active.
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787Reviewed-by: Philip Withnall's avatarPhilip Withnall <philip.withnall@collabora.co.uk>
forbidding.conf.in 602 Bytes