Compare commits
No commits in common. "44301cd979ea7b2a03e1dc535fb98cdb2e356580" and "e5918ba3b3e2ed55f15a0ee750bc290a1dd571ed" have entirely different histories.
44301cd979
...
e5918ba3b3
|
@ -1,10 +1,5 @@
|
||||||
package dbus
|
package dbus
|
||||||
|
|
||||||
import (
|
|
||||||
"errors"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
// See set 'see' policy for NAME (--see=NAME)
|
// See set 'see' policy for NAME (--see=NAME)
|
||||||
See []string `json:"see"`
|
See []string `json:"see"`
|
||||||
|
@ -22,7 +17,7 @@ type Config struct {
|
||||||
Filter bool `json:"filter"`
|
Filter bool `json:"filter"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) Args(bus [2]string) (args []string) {
|
func (c *Config) Args(address, path string) (args []string) {
|
||||||
argc := 2 + len(c.See) + len(c.Talk) + len(c.Own) + len(c.Call) + len(c.Broadcast)
|
argc := 2 + len(c.See) + len(c.Talk) + len(c.Own) + len(c.Call) + len(c.Broadcast)
|
||||||
if c.Log {
|
if c.Log {
|
||||||
argc++
|
argc++
|
||||||
|
@ -32,7 +27,7 @@ func (c *Config) Args(bus [2]string) (args []string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
args = make([]string, 0, argc)
|
args = make([]string, 0, argc)
|
||||||
args = append(args, bus[0], bus[1])
|
args = append(args, address, path)
|
||||||
for _, name := range c.See {
|
for _, name := range c.See {
|
||||||
args = append(args, "--see="+name)
|
args = append(args, "--see="+name)
|
||||||
}
|
}
|
||||||
|
@ -58,23 +53,6 @@ func (c *Config) Args(bus [2]string) (args []string) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) buildSeal(seal *strings.Builder, bus [2]string) error {
|
|
||||||
for _, arg := range c.Args(bus) {
|
|
||||||
// reject argument strings containing null
|
|
||||||
for _, b := range arg {
|
|
||||||
if b == '\x00' {
|
|
||||||
return errors.New("argument contains null")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// write null terminated argument
|
|
||||||
seal.WriteString(arg)
|
|
||||||
seal.WriteByte('\x00')
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewConfig returns a reference to a Config struct with optional defaults.
|
// NewConfig returns a reference to a Config struct with optional defaults.
|
||||||
// If id is an empty string own defaults are omitted.
|
// If id is an empty string own defaults are omitted.
|
||||||
func NewConfig(id string, defaults, mpris bool) (c *Config) {
|
func NewConfig(id string, defaults, mpris bool) (c *Config) {
|
||||||
|
|
|
@ -16,9 +16,8 @@ type Proxy struct {
|
||||||
statP [2]*os.File
|
statP [2]*os.File
|
||||||
argsP [2]*os.File
|
argsP [2]*os.File
|
||||||
|
|
||||||
|
address [2]string
|
||||||
path string
|
path string
|
||||||
session [2]string
|
|
||||||
system [2]string
|
|
||||||
|
|
||||||
wait *chan error
|
wait *chan error
|
||||||
read *chan error
|
read *chan error
|
||||||
|
@ -29,13 +28,6 @@ type Proxy struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Proxy) String() string {
|
func (p *Proxy) String() string {
|
||||||
if p == nil {
|
|
||||||
return "(invalid dbus proxy)"
|
|
||||||
}
|
|
||||||
|
|
||||||
p.lock.RLock()
|
|
||||||
defer p.lock.RUnlock()
|
|
||||||
|
|
||||||
if p.cmd != nil {
|
if p.cmd != nil {
|
||||||
return p.cmd.String()
|
return p.cmd.String()
|
||||||
}
|
}
|
||||||
|
@ -48,37 +40,34 @@ func (p *Proxy) String() string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Seal seals the Proxy instance.
|
// Seal seals the Proxy instance.
|
||||||
func (p *Proxy) Seal(session, system *Config) error {
|
func (p *Proxy) Seal(c *Config) error {
|
||||||
p.lock.Lock()
|
p.lock.Lock()
|
||||||
defer p.lock.Unlock()
|
defer p.lock.Unlock()
|
||||||
|
|
||||||
if p.seal != nil {
|
if p.seal != nil {
|
||||||
panic("dbus proxy sealed twice")
|
panic("dbus proxy sealed twice")
|
||||||
}
|
}
|
||||||
|
args := c.Args(p.address[0], p.address[1])
|
||||||
if session == nil && system == nil {
|
|
||||||
return errors.New("no configuration to seal")
|
|
||||||
}
|
|
||||||
|
|
||||||
seal := strings.Builder{}
|
seal := strings.Builder{}
|
||||||
|
for _, arg := range args {
|
||||||
if session != nil {
|
// reject argument strings containing null
|
||||||
if err := session.buildSeal(&seal, p.session); err != nil {
|
for _, b := range arg {
|
||||||
return err
|
if b == '\x00' {
|
||||||
}
|
return errors.New("argument contains null")
|
||||||
}
|
|
||||||
if system != nil {
|
|
||||||
if err := system.buildSeal(&seal, p.system); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// write null terminated argument
|
||||||
|
seal.WriteString(arg)
|
||||||
|
seal.WriteByte('\x00')
|
||||||
|
}
|
||||||
v := seal.String()
|
v := seal.String()
|
||||||
p.seal = &v
|
p.seal = &v
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// New returns a reference to a new unsealed Proxy.
|
// New returns a reference to a new unsealed Proxy.
|
||||||
func New(binPath string, session, system [2]string) *Proxy {
|
func New(binPath, address, path string) *Proxy {
|
||||||
return &Proxy{path: binPath, session: session, system: system}
|
return &Proxy{path: binPath, address: [2]string{address, path}}
|
||||||
}
|
}
|
||||||
|
|
10
flag.go
10
flag.go
|
@ -8,10 +8,7 @@ import (
|
||||||
|
|
||||||
var (
|
var (
|
||||||
userName string
|
userName string
|
||||||
|
dbusConfig string
|
||||||
dbusConfigSession string
|
|
||||||
dbusConfigSystem string
|
|
||||||
dbusVerbose bool
|
|
||||||
dbusID string
|
dbusID string
|
||||||
mpris bool
|
mpris bool
|
||||||
|
|
||||||
|
@ -26,10 +23,7 @@ var (
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
flag.StringVar(&userName, "u", "chronos", "Passwd name of user to run as")
|
flag.StringVar(&userName, "u", "chronos", "Passwd name of user to run as")
|
||||||
|
flag.StringVar(&dbusConfig, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
|
||||||
flag.StringVar(&dbusConfigSession, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
|
|
||||||
flag.StringVar(&dbusConfigSystem, "dbus-system", "nil", "Path to system D-Bus proxy config file, or \"nil\" to disable")
|
|
||||||
flag.BoolVar(&dbusVerbose, "dbus-log", false, "Enable logging in the D-Bus proxy")
|
|
||||||
flag.StringVar(&dbusID, "dbus-id", "", "D-Bus ID of application, leave empty to disable own paths, has no effect if custom config is available")
|
flag.StringVar(&dbusID, "dbus-id", "", "D-Bus ID of application, leave empty to disable own paths, has no effect if custom config is available")
|
||||||
flag.BoolVar(&mpris, "mpris", false, "Allow owning MPRIS D-Bus path, has no effect if custom config is available")
|
flag.BoolVar(&mpris, "mpris", false, "Allow owning MPRIS D-Bus path, has no effect if custom config is available")
|
||||||
|
|
||||||
|
|
|
@ -14,30 +14,16 @@ import (
|
||||||
"git.ophivana.moe/cat/fortify/internal/util"
|
"git.ophivana.moe/cat/fortify/internal/util"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
|
||||||
dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
|
|
||||||
dbusSystemBusAddress = "DBUS_SYSTEM_BUS_ADDRESS"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
var dbusAddress string
|
||||||
dbusAddress [2]string
|
|
||||||
dbusSystem bool
|
|
||||||
)
|
|
||||||
|
|
||||||
func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
|
func (a *App) ShareDBus(c *dbus.Config) {
|
||||||
a.setEnablement(state.EnableDBus)
|
a.setEnablement(state.EnableDBus)
|
||||||
|
|
||||||
dbusSystem = dsg != nil
|
var binPath, address string
|
||||||
var binPath string
|
|
||||||
var sessionBus, systemBus [2]string
|
|
||||||
|
|
||||||
target := path.Join(system.V.Share, strconv.Itoa(os.Getpid()))
|
target := path.Join(system.V.Share, strconv.Itoa(os.Getpid()))
|
||||||
sessionBus[1] = target + ".bus"
|
dbusAddress = "unix:path=" + target
|
||||||
systemBus[1] = target + ".system-bus"
|
|
||||||
dbusAddress = [2]string{
|
|
||||||
"unix:path=" + sessionBus[1],
|
|
||||||
"unix:path=" + systemBus[1],
|
|
||||||
}
|
|
||||||
|
|
||||||
if b, ok := util.Which("xdg-dbus-proxy"); !ok {
|
if b, ok := util.Which("xdg-dbus-proxy"); !ok {
|
||||||
state.Fatal("D-Bus: Did not find 'xdg-dbus-proxy' in PATH")
|
state.Fatal("D-Bus: Did not find 'xdg-dbus-proxy' in PATH")
|
||||||
|
@ -46,36 +32,17 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if addr, ok := os.LookupEnv(dbusSessionBusAddress); !ok {
|
if addr, ok := os.LookupEnv(dbusSessionBusAddress); !ok {
|
||||||
if system.V.Verbose {
|
state.Fatal("D-Bus: DBUS_SESSION_BUS_ADDRESS not set")
|
||||||
fmt.Println("D-Bus: DBUS_SESSION_BUS_ADDRESS not set, assuming default format")
|
|
||||||
}
|
|
||||||
sessionBus[0] = fmt.Sprintf("unix:path=/run/user/%d/bus", os.Getuid())
|
|
||||||
} else {
|
} else {
|
||||||
sessionBus[0] = addr
|
address = addr
|
||||||
}
|
}
|
||||||
|
|
||||||
if addr, ok := os.LookupEnv(dbusSystemBusAddress); !ok {
|
c.Log = system.V.Verbose
|
||||||
|
p := dbus.New(binPath, address, target)
|
||||||
if system.V.Verbose {
|
if system.V.Verbose {
|
||||||
fmt.Println("D-Bus: DBUS_SYSTEM_BUS_ADDRESS not set, assuming default format")
|
fmt.Println("D-Bus: sealing proxy", c.Args(address, target))
|
||||||
}
|
}
|
||||||
systemBus[0] = "unix:path=/run/dbus/system_bus_socket"
|
if err := p.Seal(c); err != nil {
|
||||||
} else {
|
|
||||||
systemBus[0] = addr
|
|
||||||
}
|
|
||||||
|
|
||||||
p := dbus.New(binPath, sessionBus, systemBus)
|
|
||||||
|
|
||||||
dse.Log = verbose
|
|
||||||
if system.V.Verbose {
|
|
||||||
fmt.Println("D-Bus: sealing session proxy", dse.Args(sessionBus))
|
|
||||||
}
|
|
||||||
if dsg != nil {
|
|
||||||
dsg.Log = verbose
|
|
||||||
if system.V.Verbose {
|
|
||||||
fmt.Println("D-Bus: sealing system proxy", dsg.Args(systemBus))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if err := p.Seal(dse, dsg); err != nil {
|
|
||||||
state.Fatal("D-Bus: invalid config when sealing proxy,", err)
|
state.Fatal("D-Bus: invalid config when sealing proxy,", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -83,10 +50,7 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
|
||||||
done := make(chan struct{})
|
done := make(chan struct{})
|
||||||
|
|
||||||
if system.V.Verbose {
|
if system.V.Verbose {
|
||||||
fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress[0], sessionBus[0])
|
fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress, address)
|
||||||
if dsg != nil {
|
|
||||||
fmt.Printf("Starting system bus proxy '%s' for address '%s'\n", dbusAddress[1], systemBus[0])
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if err := p.Start(&ready); err != nil {
|
if err := p.Start(&ready); err != nil {
|
||||||
state.Fatal("D-Bus: error starting proxy,", err)
|
state.Fatal("D-Bus: error starting proxy,", err)
|
||||||
|
@ -116,24 +80,13 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
|
||||||
state.Fatal("D-Bus: proxy did not start correctly")
|
state.Fatal("D-Bus: proxy did not start correctly")
|
||||||
}
|
}
|
||||||
|
|
||||||
a.AppendEnv(dbusSessionBusAddress, dbusAddress[0])
|
a.AppendEnv(dbusSessionBusAddress, dbusAddress)
|
||||||
if err := acl.UpdatePerm(sessionBus[1], a.UID(), acl.Read, acl.Write); err != nil {
|
if err := acl.UpdatePerm(target, a.UID(), acl.Read, acl.Write); err != nil {
|
||||||
state.Fatal(fmt.Sprintf("Error preparing D-Bus session proxy '%s':", dbusAddress[0]), err)
|
state.Fatal(fmt.Sprintf("Error preparing D-Bus proxy '%s':", dbusAddress), err)
|
||||||
} else {
|
} else {
|
||||||
state.RegisterRevertPath(sessionBus[1])
|
state.RegisterRevertPath(target)
|
||||||
}
|
|
||||||
if dsg != nil {
|
|
||||||
a.AppendEnv(dbusSystemBusAddress, dbusAddress[1])
|
|
||||||
if err := acl.UpdatePerm(systemBus[1], a.UID(), acl.Read, acl.Write); err != nil {
|
|
||||||
state.Fatal(fmt.Sprintf("Error preparing D-Bus system proxy '%s':", dbusAddress[1]), err)
|
|
||||||
} else {
|
|
||||||
state.RegisterRevertPath(systemBus[1])
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if system.V.Verbose {
|
if system.V.Verbose {
|
||||||
fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress[0], sessionBus[0])
|
fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress, address)
|
||||||
if dsg != nil {
|
|
||||||
fmt.Printf("System bus proxy '%s' for address '%s' configured\n", dbusAddress[1], systemBus[0])
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -167,10 +167,7 @@ func (a *App) commandBuilderMachineCtl() (args []string) {
|
||||||
state.Fatal("Error reading executable path:", err)
|
state.Fatal("Error reading executable path:", err)
|
||||||
} else {
|
} else {
|
||||||
if a.enablements.Has(state.EnableDBus) {
|
if a.enablements.Has(state.EnableDBus) {
|
||||||
innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress[0] + "' ")
|
innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress + "' ")
|
||||||
if dbusSystem {
|
|
||||||
innerCommand.WriteString(dbusSystemBusAddress + "=" + "'" + dbusAddress[1] + "' ")
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
innerCommand.WriteString("exec " + executable + " -V")
|
innerCommand.WriteString("exec " + executable + " -V")
|
||||||
}
|
}
|
||||||
|
|
25
main.go
25
main.go
|
@ -21,9 +21,7 @@ var (
|
||||||
Version = "impure"
|
Version = "impure"
|
||||||
|
|
||||||
a *app.App
|
a *app.App
|
||||||
|
c *dbus.Config
|
||||||
dbusSession *dbus.Config
|
|
||||||
dbusSystem *dbus.Config
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func tryVersion() {
|
func tryVersion() {
|
||||||
|
@ -49,24 +47,13 @@ func main() {
|
||||||
|
|
||||||
// parse D-Bus config file if applicable
|
// parse D-Bus config file if applicable
|
||||||
if mustDBus {
|
if mustDBus {
|
||||||
if dbusConfigSession == "builtin" {
|
if dbusConfig == "builtin" {
|
||||||
dbusSession = dbus.NewConfig(dbusID, true, mpris)
|
c = dbus.NewConfig(dbusID, true, mpris)
|
||||||
} else {
|
} else {
|
||||||
if f, err := os.Open(dbusConfigSession); err != nil {
|
if f, err := os.Open(dbusConfig); err != nil {
|
||||||
state.Fatal("Error opening D-Bus proxy config file:", err)
|
state.Fatal("Error opening D-Bus proxy config file:", err)
|
||||||
} else {
|
} else {
|
||||||
if err = json.NewDecoder(f).Decode(&dbusSession); err != nil {
|
if err = json.NewDecoder(f).Decode(&c); err != nil {
|
||||||
state.Fatal("Error parsing D-Bus proxy config file:", err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// system bus proxy is optional
|
|
||||||
if dbusConfigSystem != "nil" {
|
|
||||||
if f, err := os.Open(dbusConfigSystem); err != nil {
|
|
||||||
state.Fatal("Error opening D-Bus proxy config file:", err)
|
|
||||||
} else {
|
|
||||||
if err = json.NewDecoder(f).Decode(&dbusSystem); err != nil {
|
|
||||||
state.Fatal("Error parsing D-Bus proxy config file:", err)
|
state.Fatal("Error parsing D-Bus proxy config file:", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -135,7 +122,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if mustDBus {
|
if mustDBus {
|
||||||
a.ShareDBus(dbusSession, dbusSystem, dbusVerbose)
|
a.ShareDBus(c)
|
||||||
}
|
}
|
||||||
|
|
||||||
if mustPulse {
|
if mustPulse {
|
||||||
|
|
Loading…
Reference in New Issue