This makes sure we notice problems early.

Signed-off-by: Simon McVittie <smcv@collabora.com>

Now that we have resolved the failure to build with newer mingw-w64,
we don't need to hold these back to Debian 10 'buster' and can upgrade
to the current stable release, Debian 11 'bullseye'.

Signed-off-by: Simon McVittie <smcv@collabora.com>

The Windows code in dbus is careful to use Windows-specific equivalents
of the Standard C features that are not implemented by msvcrt.dll, so
we don't need to substitute a Standard C printf implementation.

This avoids compiler warnings/errors when gcc expects us to be using
Microsoft printf syntax (`ms_printf` attribute), but newer versions of
mingw-w64 expect us to be using GNU or Standard C printf syntax
(`gnu_printf` attribute) as a result of `__USE_MINGW_ANSI_STDIO` being
enabled by default if not otherwise specified.

Resolves: dbus/dbus#380


Signed-off-by: Simon McVittie <smcv@collabora.com>

CI: Update Debian releases

See merge request dbus/dbus!260

Signed-off-by: Simon McVittie <smcv@collabora.com>

We need this to be able to download MSYS packages now.

Signed-off-by: Simon McVittie <smcv@collabora.com>

This is the current stable release for Debian, making Debian 10 a much
less interesting target for backports. Add a manually-triggered job
so we can still try buster occasionally.

Continue to use buster for mingw-w64 builds until format string issues
with bullseye toolchains can be sorted out.

Signed-off-by: Simon McVittie <smcv@collabora.com>

Debian 9 'stretch' is EOL, and Ubuntu 16.04 is EOL unless you enter into
a special subscription with Canonical. This puts them outside our
informal security-support policy, and realistically, anyone sufficiently
change-averse to be following these distributions is not going to be
backporting a current version of dbus.

Signed-off-by: Simon McVittie <smcv@collabora.com>

The necessary CI runner doesn't seem to be available, and we shouldn't
let that prevent us from merging dbus changes. This can be reverted
when the runner comes back.

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Fix handling of /proc/self/oom_score_adj on Linux

Closes #374 and #378

See merge request dbus/dbus!255

Previously, we silently ignored this, but now that we're more careful
about the contexts in which we try to reset the OOM score and whether
we log failures as a warning, we can let the dbus-daemon-launch-helper
show a message if it can't write there.

Signed-off-by: Simon McVittie <smcv@collabora.com>

We cannot safely log between fork() and exec() because it isn't an
async-signal-safe operation (in particular it might allocate memory).

We also don't want to treat a failure here as a real problem, because
it might legitimately not work: in a system dbus-daemon that has dropped
privileges from root, the pseudo-file representing this process parameter
remains owned by root and cannot be altered by the unprivileged user.

For the main use-case for this operation, the system dbus-daemon, we
have another opportunity to do this in the dbus-daemon-launch-helper
(see the previous commit).

Signed-off-by: Simon McVittie <smcv@collabora.com>

Previously, we were relying on the system bus being able to reset
its OOM score adjustment after it forks, but before it execs the
dbus-daemon-launch-helper. However, it can't actually do that (leading
to dbus#378), because the system bus typically starts as root, uses its
root privileges to adjust resource limits, and then drops privileges
to the `@DBUS_USER@`, typically `dbus` or `messagebus`. This leaves the
pseudo-files in /proc for its process parameters owned by root, and the
`@DBUS_USER@` is not allowed to open them for writing.

The dbus-daemon-launch-helper is setuid root, so it can certainly
alter its OOM score adjustment before exec'ing the actual activated
service. We need to do this before dropping privileges, because after
dropping privileges we would be unable to write to this process
parameter.

This is a non-async-signal-safe context, so we can safely log errors
here, unlike the fork-and-exec code paths.

Resolves: dbus/dbus#378


Signed-off-by: Simon McVittie <smcv@collabora.com>

The oom_score_adj parameter is a signed integer, with increasingly
positive values being more likely to be killed by the OOM-killer,
and increasingly negative values being less likely.

Previously, we assumed that oom_score_adj would be negative or zero,
and reset it to zero, which does not require privileges because it
meant we're voluntarily giving up our OOM-killer protection.
In particular, bus/dbus.service.in has OOMScoreAdjust=-900, which
we don't want system services to inherit.

However, systemd >= 250 has started putting a positive oom_score_adj
on user processes, to make it more likely that the OOM killer will kill
a user process rather than a system process. Changing from a positive
oom_score_adj to zero is increasing protection from the OOM-killer,
which only a privileged process is allowed to do, resulting in warnings
whenever we carry out traditional (non-systemd) service activation
on the session bus.

To avoid this, do the equivalent of:

    if (oom_score_adj < 0)
        oom_score_adj = 0;

which is always allowed.

Resolves: dbus/dbus#374


Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

Signed-off-by: Simon McVittie <smcv@collabora.com>

tests: Ensure session bus has started before integration test

See merge request dbus/dbus!256

Simon McVittie authored Feb 21, 2022 and Simon McVittie committed Feb 21, 2022

The session dbus-daemon won't necessarily be run immediately on login
if we are using systemd socket activation for it, and the transient
services directory $XDG_RUNTIME_DIR/dbus-1/services isn't created until
it's actually run. Ping the dbus-daemon to make sure it's available.

Signed-off-by: Simon McVittie <smcv@debian.org>
Bug-Debian: https://bugs.debian.org/1005889

cmake: remove obsolete variable DBUS_SOURCE_DIR

See merge request dbus/dbus!254

This issue has been reported at #377

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

doc: Introduce XML catalog

See merge request dbus/dbus!202

Jan Tojnar authored Feb 11, 2021 and Simon McVittie committed Feb 21, 2022

This adds a nice way of loading the DTD files based on the identifier
in the DOCTYPE declaration, no matter where the DTDs are installed.
See also ‘XML catalog’ Wikipedia entry and update-xmlcatalog(8).

CONTRIBUTING.md: creation of "confidential" merge requests added

See merge request dbus/dbus!252

Ralf Habacker authored Feb 17, 2022 and Simon McVittie committed Feb 21, 2022

See #368

cmake: fix for ninja phony cycle related configuring errors

Closes #377

See merge request dbus/dbus!253

A prefix has been added to the custom target names in docbook-related
macros to fix the reported error:

  ninja: error: build.ninja:xxx: multiple rules generate
  doc/dbus-xxx.1.html [-w dupbuild=err]

Fixes #377

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

The docbook source files are already dependencies of the generated
docbook files.

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

dbus-daemon: Inform dbus clients about configuration changes

Closes #376

See merge request dbus/dbus!250

After any reload of the activatable service files the mentioned signal is
emitted to the current bus to inform clients.

The calls to signal emmission have not been implemented in the platform
specific functions _dbus_daemon_report_reloaded() to avoid duplicate
implementations.

Fixes #376


Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

spec: add * to optionally-escaped bytes set

See merge request dbus/dbus!248

Commit ee71e1ff

 added * to the list of optionally escaped bytes
set, but did not update the documentation. I guess this happened because
the change is not backward compatible.

It seems that the period of 14+ years should be enough to not cause any
backward compatibility issues, so let's document this.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

docker/windows: fix bad path from MR !218

See merge request dbus/dbus!247