Commit 88b3c319 authored by Simon McVittie's avatar Simon McVittie

driver: Add a stub implementation of the Containers1 interface

For now, this is considered to be a privileged operation, because the
resource-limiting isn't wired up yet. It only contains the bare minimum
of API.
Signed-off-by: Simon McVittie's avatarSimon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall's avatarPhilip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354
parent 39262d0a
......@@ -117,6 +117,9 @@ DBUS_ENABLE_DOXYGEN_DOCS:BOOL=OFF
// enable bus daemon usage statistics
DBUS_ENABLE_STATS:BOOL=OFF
// enable restricted servers for app containers
DBUS_ENABLE_CONTAINERS:BOOL=OFF
// support verbose debug mode
DBUS_ENABLE_VERBOSE_MODE:BOOL=ON
......
......@@ -97,6 +97,8 @@ BUS_SOURCES= \
config-parser-common.h \
connection.c \
connection.h \
containers.c \
containers.h \
desktop-file.c \
desktop-file.h \
$(DIR_WATCH_SOURCE) \
......
/* containers.c - restricted bus servers for containers
*
* Copyright © 2017 Collabora Ltd.
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA
*/
#include <config.h>
#include "containers.h"
#ifdef DBUS_ENABLE_CONTAINERS
#ifndef DBUS_UNIX
# error DBUS_ENABLE_CONTAINERS requires DBUS_UNIX
#endif
dbus_bool_t
bus_containers_handle_add_server (DBusConnection *connection,
BusTransaction *transaction,
DBusMessage *message,
DBusError *error)
{
dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED, "Not yet implemented");
return FALSE;
}
dbus_bool_t
bus_containers_supported_arguments_getter (BusContext *context,
DBusMessageIter *var_iter)
{
DBusMessageIter arr_iter;
/* There are none so far */
return dbus_message_iter_open_container (var_iter, DBUS_TYPE_ARRAY,
DBUS_TYPE_STRING_AS_STRING,
&arr_iter) &&
dbus_message_iter_close_container (var_iter, &arr_iter);
}
#endif /* DBUS_ENABLE_CONTAINERS */
/* containers.h - restricted bus servers for containers
*
* Copyright © 2017 Collabora Ltd.
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA
*/
#ifndef BUS_CONTAINERS_H
#define BUS_CONTAINERS_H
#include "bus.h"
dbus_bool_t bus_containers_handle_add_server (DBusConnection *connection,
BusTransaction *transaction,
DBusMessage *message,
DBusError *error);
dbus_bool_t bus_containers_supported_arguments_getter (BusContext *context,
DBusMessageIter *var_iter);
#endif /* multiple-inclusion guard */
......@@ -26,6 +26,7 @@
#include "activation.h"
#include "apparmor.h"
#include "connection.h"
#include "containers.h"
#include "driver.h"
#include "dispatch.h"
#include "services.h"
......@@ -2517,6 +2518,18 @@ static const MessageHandler introspectable_message_handlers[] = {
{ NULL, NULL, NULL, NULL }
};
#ifdef DBUS_ENABLE_CONTAINERS
static const MessageHandler containers_message_handlers[] = {
{ "AddServer", "ssa{sv}a{sv}", "oays", bus_containers_handle_add_server,
METHOD_FLAG_PRIVILEGED },
{ NULL, NULL, NULL, NULL }
};
static const PropertyHandler containers_property_handlers[] = {
{ "SupportedArguments", "as", bus_containers_supported_arguments_getter },
{ NULL, NULL, NULL }
};
#endif
static const MessageHandler monitoring_message_handlers[] = {
{ "BecomeMonitor", "asu", "", bus_driver_handle_become_monitor,
METHOD_FLAG_PRIVILEGED },
......@@ -2620,6 +2633,10 @@ static InterfaceHandler interface_handlers[] = {
#ifdef DBUS_ENABLE_STATS
{ BUS_INTERFACE_STATS, stats_message_handlers, NULL,
INTERFACE_FLAG_NONE },
#endif
#ifdef DBUS_ENABLE_CONTAINERS
{ DBUS_INTERFACE_CONTAINERS1, containers_message_handlers, NULL,
INTERFACE_FLAG_NONE, containers_property_handlers },
#endif
{ DBUS_INTERFACE_PEER, peer_message_handlers, NULL,
/* Not in the Interfaces property because it's a pseudo-interface
......
......@@ -128,6 +128,7 @@ endif(NOT WIN32)
option (DBUS_DISABLE_ASSERT "Disable assertion checking" OFF)
option (DBUS_ENABLE_STATS "enable bus daemon usage statistics" OFF)
option (DBUS_ENABLE_CONTAINERS "enable restricted servers for app-containers" OFF)
if(WIN32)
set(FD_SETSIZE "8192" CACHE STRING "The maximum number of connections that can be handled at once")
......
......@@ -52,6 +52,8 @@ set (BUS_SOURCES
# ${BUS_DIR}/config-parser-trivial.c
${BUS_DIR}/connection.c
${BUS_DIR}/connection.h
${BUS_DIR}/containers.c
${BUS_DIR}/containers.h
${BUS_DIR}/desktop-file.c
${BUS_DIR}/desktop-file.h
${BUS_DIR}/dir-watch.h
......
......@@ -28,6 +28,7 @@
#cmakedefine DBUS_RUNSTATEDIR "@DBUS_RUNSTATEDIR@"
#cmakedefine DBUS_ENABLE_STATS
#cmakedefine DBUS_ENABLE_CONTAINERS
#define TEST_LISTEN "@TEST_LISTEN@"
......
......@@ -1762,6 +1762,16 @@ AC_ARG_ENABLE([user-session],
AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION],
[test "x$enable_user_session" = xyes])
AC_ARG_ENABLE([containers],
[AS_HELP_STRING([--enable-containers],
[enable restricted servers for app containers])],
[], [enable_containers=no])
AS_IF([test "x$enable_containers" = xyes && test "x$dbus_unix" != xyes],
[AC_MSG_ERROR([Restricted servers for app containers require Unix])])
AS_IF([test "x$enable_containers" = xyes],
[AC_DEFINE([DBUS_ENABLE_CONTAINERS], [1],
[Define to enable restricted servers for app containers])])
AC_CONFIG_FILES([
Doxyfile
dbus/Version
......@@ -1842,6 +1852,7 @@ echo "
Building assertions: ${enable_asserts}
Building checks: ${enable_checks}
Building bus stats API: ${enable_stats}
Building container API: ${enable_containers}
Building SELinux support: ${have_selinux}
Building AppArmor support: ${have_apparmor}
Building inotify support: ${have_inotify}
......
......@@ -86,6 +86,8 @@ typedef enum
*/
/** The interface exported by the object with #DBUS_SERVICE_DBUS and #DBUS_PATH_DBUS */
#define DBUS_INTERFACE_DBUS "org.freedesktop.DBus"
/** The restricted container interface exported by the dbus-daemon */
#define DBUS_INTERFACE_CONTAINERS1 "org.freedesktop.DBus.Containers1"
/** The monitoring interface exported by the dbus-daemon */
#define DBUS_INTERFACE_MONITORING "org.freedesktop.DBus.Monitoring"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment