1. 11 Feb, 2016 1 commit
  2. 03 Nov, 2015 1 commit
    • Ralf Habacker's avatar
      Test system bus config files on Unix only · 34d0c73f
      Ralf Habacker authored
      Previously, we didn't consistently test parsing of every file in
      valid-config-files-system/ everywhere that we tested valid-config-files/.
      We now test it on Unix.
      
      The system bus is not supported on Windows, so we do not test
      valid-config-files-system/ there.
      
      valid-config-files/many-rules.conf contains <user> and <group> rules
      which are not applicable to Windows. Copy the original many-rules.conf
      to valid-config-files-system/ so that it will be tested on Unix, and
      remove the non-portable rules from valid-config-files/many-rules.conf.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721Reviewed-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
      [rh:base patch came from Simon]
      34d0c73f
  3. 21 Oct, 2015 1 commit
  4. 02 Oct, 2015 1 commit
  5. 06 Aug, 2015 1 commit
    • Simon McVittie's avatar
      bus: move shared libaudit code to a new audit.[ch] · 327a52e4
      Simon McVittie authored
      This fixes various duplicated libaudit interactions in both
      SELinux and AppArmor code paths, including opening two audit sockets
      if both SELinux and AppArmor were enabled at compile time.
      In particular, audit.c is now the only user of libcap-ng.
      
      This commit is not intended to introduce any functional changes,
      except for the de-duplication.
      
      The actual audit_log_user_avc_message() call is still duplicated,
      because the SELinux and AppArmor code paths use different mechanisms
      to compose the audit message: the SELinux path uses a statically-sized
      buffer on the stack which might be subject to truncation, whereas
      the AppArmor path uses malloc() (via DBusString) and falls back to
      using syslog on a memory allocation failure.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89225Reviewed-by: Colin Walters's avatarColin Walters <walters@verbum.org>
      [smcv: minor issues raised during review are subsequently fixed]
      Signed-off-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
      327a52e4
  6. 27 May, 2015 1 commit
  7. 14 May, 2015 1 commit
    • Simon McVittie's avatar
      Security hardening: force EXTERNAL auth in session.conf on Unix · 084977cf
      Simon McVittie authored
      DBUS_COOKIE_SHA1 is dependent on unguessable strings, i.e.
      indirectly dependent on high-quality pseudo-random numbers
      whereas EXTERNAL authentication (credentials-passing)
      is mediated by the kernel and cannot be faked.
      
      On Windows, EXTERNAL authentication is not available,
      so we continue to use the hard-coded default (all
      authentication mechanisms are tried).
      
      Users of tcp: or nonce-tcp: on Unix will have to comment
      this out, but they would have had to use a special
      configuration anyway (to set the listening address),
      and the tcp: and nonce-tcp: transports are inherently
      insecure unless special steps are taken to have them
      restricted to a VPN or SSH tunnelling.
      
      Users of obscure Unix platforms (those that trigger
      the warning "Socket credentials not supported on this Unix OS"
      when compiling dbus-sysdeps-unix.c) might also have to
      comment this out, or preferably provide a tested patch
      to enable credentials-passing on that OS.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=90414Reviewed-by: Ralf Habacker's avatarRalf Habacker <ralf.habacker@freenet.de>
      084977cf
  8. 12 May, 2015 1 commit
    • Simon McVittie's avatar
      Security hardening: force EXTERNAL auth in session.conf on Unix · d9ab8931
      Simon McVittie authored
      DBUS_COOKIE_SHA1 is dependent on unguessable strings, i.e.
      indirectly dependent on high-quality pseudo-random numbers
      whereas EXTERNAL authentication (credentials-passing)
      is mediated by the kernel and cannot be faked.
      
      On Windows, EXTERNAL authentication is not available,
      so we continue to use the hard-coded default (all
      authentication mechanisms are tried).
      
      Users of tcp: or nonce-tcp: on Unix will have to comment
      this out, but they would have had to use a special
      configuration anyway (to set the listening address),
      and the tcp: and nonce-tcp: transports are inherently
      insecure unless special steps are taken to have them
      restricted to a VPN or SSH tunnelling.
      
      Users of obscure Unix platforms (those that trigger
      the warning "Socket credentials not supported on this Unix OS"
      when compiling dbus-sysdeps-unix.c) might also have to
      comment this out, or preferably provide a tested patch
      to enable credentials-passing on that OS.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=90414
      d9ab8931
  9. 20 Apr, 2015 3 commits
  10. 15 Apr, 2015 1 commit
  11. 24 Mar, 2015 2 commits
  12. 11 Mar, 2015 2 commits
  13. 06 Mar, 2015 4 commits
  14. 05 Mar, 2015 7 commits
  15. 04 Mar, 2015 2 commits
  16. 03 Mar, 2015 1 commit
  17. 24 Feb, 2015 2 commits
    • Simon McVittie's avatar
      c33996aa
    • Simon McVittie's avatar
      Add dbus-update-activation-environment tool · 2a6cefbc
      Simon McVittie authored
      If OS builders (distributions) have chosen to use the per-user bus,
      this provides two possible modes of operation for compatibility with
      existing X session startup hooks.
      
      A legacy-free system can just upload DISPLAY, XAUTHORITY and possibly
      DBUS_SESSION_BUS_ADDRESS into dbus-daemon's and systemd's activation
      environments, similar to
      http://cgit.freedesktop.org/systemd/systemd/tree/xorg/50-systemd-user.sh
      installed by systemd (but unlike systemctl,
      dbus-update-activation-environment works for traditional
      D-Bus-activated services, not just for systemd services).
      
      A system where compatibility is required for environment variables
      exported by snippets in /etc/X11/xinit/xinitrc.d (in Red Hat derivatives,
      Gentoo, etc.) or /etc/X11/Xsession.d (Debian derivatives) can upload
      the entire environment of the X session, minus some selected environment
      variables which are specific to a login session (notably XDG_SESSION_ID).
      
      In Debian, I plan to put the former in a new dbus-user-session package
      that enables a user-session-centric mode of operation for D-Bus,
      and the latter in the existing dbus-x11 package, with the intention that
      dbus-x11 eventually becomes a tool for change-averse setups or goes
      away entirely.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61301Reviewed-by: Philip Withnall's avatarPhilip Withnall <philip.withnall@collabora.co.uk>
      2a6cefbc
  18. 20 Feb, 2015 4 commits
  19. 18 Feb, 2015 1 commit
  20. 16 Feb, 2015 1 commit
  21. 12 Feb, 2015 2 commits