cat
/
fortify
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

Compare commits

base: cat:44301cd979ea7b2a03e1dc535fb98cdb2e356580
Branches Tags
cat:master
cat:develop
cat:ego
cat:v0.0.0-beta.3
cat:v0.0.0-beta.2
cat:v0.0.0-beta.1
cat:v0.0.0-beta.0
..
compare: cat:e5918ba3b3e2ed55f15a0ee750bc290a1dd571ed
Branches Tags
cat:develop
cat:master
cat:ego
cat:v0.0.0-beta.3
cat:v0.0.0-beta.2
cat:v0.0.0-beta.1
cat:v0.0.0-beta.0

No commits in common. "44301cd979ea7b2a03e1dc535fb98cdb2e356580" and "e5918ba3b3e2ed55f15a0ee750bc290a1dd571ed" have entirely different histories.
44301cd979 ... e5918ba3b3

6 changed files with 46 additions and 148 deletions
Show Stats Expand all files Collapse all files

26
dbus/config.go
View File

@ -1,10 +1,5 @@
package dbus package dbus
import (
"errors"
"strings"
)
type Config struct { type Config struct {
// See set 'see' policy for NAME (--see=NAME) // See set 'see' policy for NAME (--see=NAME)
See []string `json:"see"` See []string `json:"see"`
@ -22,7 +17,7 @@ type Config struct {
Filter bool `json:"filter"` Filter bool `json:"filter"`
} }
func (c *Config) Args(bus [2]string) (args []string) { func (c *Config) Args(address, path string) (args []string) {
argc := 2 + len(c.See) + len(c.Talk) + len(c.Own) + len(c.Call) + len(c.Broadcast) argc := 2 + len(c.See) + len(c.Talk) + len(c.Own) + len(c.Call) + len(c.Broadcast)
if c.Log { if c.Log {
argc++ argc++
@ -32,7 +27,7 @@ func (c *Config) Args(bus [2]string) (args []string) {
} }
args = make([]string, 0, argc) args = make([]string, 0, argc)
args = append(args, bus[0], bus[1]) args = append(args, address, path)
for _, name := range c.See { for _, name := range c.See {
args = append(args, "--see="+name) args = append(args, "--see="+name)
} }
@ -58,23 +53,6 @@ func (c *Config) Args(bus [2]string) (args []string) {
return return
} }
func (c *Config) buildSeal(seal *strings.Builder, bus [2]string) error {
for _, arg := range c.Args(bus) {
// reject argument strings containing null
for _, b := range arg {
if b == '\x00' {
return errors.New("argument contains null")
}
}
// write null terminated argument
seal.WriteString(arg)
seal.WriteByte('\x00')
}
return nil
}
// NewConfig returns a reference to a Config struct with optional defaults. // NewConfig returns a reference to a Config struct with optional defaults.
// If id is an empty string own defaults are omitted. // If id is an empty string own defaults are omitted.
func NewConfig(id string, defaults, mpris bool) (c *Config) { func NewConfig(id string, defaults, mpris bool) (c *Config) {

41
dbus/setup.go
View File

@ -16,9 +16,8 @@ type Proxy struct {
statP [2]*os.File statP [2]*os.File
argsP [2]*os.File argsP [2]*os.File
address [2]string
path string path string
session [2]string
system [2]string
wait *chan error wait *chan error
read *chan error read *chan error
@ -29,13 +28,6 @@ type Proxy struct {
} }
func (p *Proxy) String() string { func (p *Proxy) String() string {
if p == nil {
return "(invalid dbus proxy)"
}
p.lock.RLock()
defer p.lock.RUnlock()
if p.cmd != nil { if p.cmd != nil {
return p.cmd.String() return p.cmd.String()
} }
@ -48,37 +40,34 @@ func (p *Proxy) String() string {
} }
// Seal seals the Proxy instance. // Seal seals the Proxy instance.
func (p *Proxy) Seal(session, system *Config) error { func (p *Proxy) Seal(c *Config) error {
p.lock.Lock() p.lock.Lock()
defer p.lock.Unlock() defer p.lock.Unlock()
if p.seal != nil { if p.seal != nil {
panic("dbus proxy sealed twice") panic("dbus proxy sealed twice")
} }
args := c.Args(p.address[0], p.address[1])
if session == nil && system == nil {
return errors.New("no configuration to seal")
}
seal := strings.Builder{} seal := strings.Builder{}
for _, arg := range args {
if session != nil { // reject argument strings containing null
if err := session.buildSeal(&seal, p.session); err != nil { for _, b := range arg {
return err if b == '\x00' {
return errors.New("argument contains null")
}
} }
}
if system != nil {
if err := system.buildSeal(&seal, p.system); err != nil {
return err
}
}
// write null terminated argument
seal.WriteString(arg)
seal.WriteByte('\x00')
}
v := seal.String() v := seal.String()
p.seal = &v p.seal = &v
return nil return nil
} }
// New returns a reference to a new unsealed Proxy. // New returns a reference to a new unsealed Proxy.
func New(binPath string, session, system [2]string) *Proxy { func New(binPath, address, path string) *Proxy {
return &Proxy{path: binPath, session: session, system: system} return &Proxy{path: binPath, address: [2]string{address, path}}
} }

16
flag.go
View File

@ -7,13 +7,10 @@ import (
) )
var ( var (
userName string userName string
dbusConfig string
dbusConfigSession string dbusID string
dbusConfigSystem string mpris bool
dbusVerbose bool
dbusID string
mpris bool
mustWayland bool mustWayland bool
mustX bool mustX bool
@ -26,10 +23,7 @@ var (
func init() { func init() {
flag.StringVar(&userName, "u", "chronos", "Passwd name of user to run as") flag.StringVar(&userName, "u", "chronos", "Passwd name of user to run as")
flag.StringVar(&dbusConfig, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
flag.StringVar(&dbusConfigSession, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
flag.StringVar(&dbusConfigSystem, "dbus-system", "nil", "Path to system D-Bus proxy config file, or \"nil\" to disable")
flag.BoolVar(&dbusVerbose, "dbus-log", false, "Enable logging in the D-Bus proxy")
flag.StringVar(&dbusID, "dbus-id", "", "D-Bus ID of application, leave empty to disable own paths, has no effect if custom config is available") flag.StringVar(&dbusID, "dbus-id", "", "D-Bus ID of application, leave empty to disable own paths, has no effect if custom config is available")
flag.BoolVar(&mpris, "mpris", false, "Allow owning MPRIS D-Bus path, has no effect if custom config is available") flag.BoolVar(&mpris, "mpris", false, "Allow owning MPRIS D-Bus path, has no effect if custom config is available")

81
internal/app/dbus.go
View File

@ -14,30 +14,16 @@ import (
"git.ophivana.moe/cat/fortify/internal/util" "git.ophivana.moe/cat/fortify/internal/util"
) )
const ( const dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
dbusSystemBusAddress = "DBUS_SYSTEM_BUS_ADDRESS"
)
var ( var dbusAddress string
dbusAddress [2]string
dbusSystem bool
)
func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) { func (a *App) ShareDBus(c *dbus.Config) {
a.setEnablement(state.EnableDBus) a.setEnablement(state.EnableDBus)
dbusSystem = dsg != nil var binPath, address string
var binPath string
var sessionBus, systemBus [2]string
target := path.Join(system.V.Share, strconv.Itoa(os.Getpid())) target := path.Join(system.V.Share, strconv.Itoa(os.Getpid()))
sessionBus[1] = target + ".bus" dbusAddress = "unix:path=" + target
systemBus[1] = target + ".system-bus"
dbusAddress = [2]string{
"unix:path=" + sessionBus[1],
"unix:path=" + systemBus[1],
}
if b, ok := util.Which("xdg-dbus-proxy"); !ok { if b, ok := util.Which("xdg-dbus-proxy"); !ok {
state.Fatal("D-Bus: Did not find 'xdg-dbus-proxy' in PATH") state.Fatal("D-Bus: Did not find 'xdg-dbus-proxy' in PATH")
@ -46,36 +32,17 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
} }
if addr, ok := os.LookupEnv(dbusSessionBusAddress); !ok { if addr, ok := os.LookupEnv(dbusSessionBusAddress); !ok {
if system.V.Verbose { state.Fatal("D-Bus: DBUS_SESSION_BUS_ADDRESS not set")
fmt.Println("D-Bus: DBUS_SESSION_BUS_ADDRESS not set, assuming default format")
}
sessionBus[0] = fmt.Sprintf("unix:path=/run/user/%d/bus", os.Getuid())
} else { } else {
sessionBus[0] = addr address = addr
} }
if addr, ok := os.LookupEnv(dbusSystemBusAddress); !ok { c.Log = system.V.Verbose
if system.V.Verbose { p := dbus.New(binPath, address, target)
fmt.Println("D-Bus: DBUS_SYSTEM_BUS_ADDRESS not set, assuming default format")
}
systemBus[0] = "unix:path=/run/dbus/system_bus_socket"
} else {
systemBus[0] = addr
}
p := dbus.New(binPath, sessionBus, systemBus)
dse.Log = verbose
if system.V.Verbose { if system.V.Verbose {
fmt.Println("D-Bus: sealing session proxy", dse.Args(sessionBus)) fmt.Println("D-Bus: sealing proxy", c.Args(address, target))
} }
if dsg != nil { if err := p.Seal(c); err != nil {
dsg.Log = verbose
if system.V.Verbose {
fmt.Println("D-Bus: sealing system proxy", dsg.Args(systemBus))
}
}
if err := p.Seal(dse, dsg); err != nil {
state.Fatal("D-Bus: invalid config when sealing proxy,", err) state.Fatal("D-Bus: invalid config when sealing proxy,", err)
} }
@ -83,10 +50,7 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
done := make(chan struct{}) done := make(chan struct{})
if system.V.Verbose { if system.V.Verbose {
fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress[0], sessionBus[0]) fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress, address)
if dsg != nil {
fmt.Printf("Starting system bus proxy '%s' for address '%s'\n", dbusAddress[1], systemBus[0])
}
} }
if err := p.Start(&ready); err != nil { if err := p.Start(&ready); err != nil {
state.Fatal("D-Bus: error starting proxy,", err) state.Fatal("D-Bus: error starting proxy,", err)
@ -116,24 +80,13 @@ func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
state.Fatal("D-Bus: proxy did not start correctly") state.Fatal("D-Bus: proxy did not start correctly")
} }
a.AppendEnv(dbusSessionBusAddress, dbusAddress[0]) a.AppendEnv(dbusSessionBusAddress, dbusAddress)
if err := acl.UpdatePerm(sessionBus[1], a.UID(), acl.Read, acl.Write); err != nil { if err := acl.UpdatePerm(target, a.UID(), acl.Read, acl.Write); err != nil {
state.Fatal(fmt.Sprintf("Error preparing D-Bus session proxy '%s':", dbusAddress[0]), err) state.Fatal(fmt.Sprintf("Error preparing D-Bus proxy '%s':", dbusAddress), err)
} else { } else {
state.RegisterRevertPath(sessionBus[1]) state.RegisterRevertPath(target)
}
if dsg != nil {
a.AppendEnv(dbusSystemBusAddress, dbusAddress[1])
if err := acl.UpdatePerm(systemBus[1], a.UID(), acl.Read, acl.Write); err != nil {
state.Fatal(fmt.Sprintf("Error preparing D-Bus system proxy '%s':", dbusAddress[1]), err)
} else {
state.RegisterRevertPath(systemBus[1])
}
} }
if system.V.Verbose { if system.V.Verbose {
fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress[0], sessionBus[0]) fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress, address)
if dsg != nil {
fmt.Printf("System bus proxy '%s' for address '%s' configured\n", dbusAddress[1], systemBus[0])
}
} }
} }

5
internal/app/run.go
View File

@ -167,10 +167,7 @@ func (a *App) commandBuilderMachineCtl() (args []string) {
state.Fatal("Error reading executable path:", err) state.Fatal("Error reading executable path:", err)
} else { } else {
if a.enablements.Has(state.EnableDBus) { if a.enablements.Has(state.EnableDBus) {
innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress[0] + "' ") innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress + "' ")
if dbusSystem {
innerCommand.WriteString(dbusSystemBusAddress + "=" + "'" + dbusAddress[1] + "' ")
}
} }
innerCommand.WriteString("exec " + executable + " -V") innerCommand.WriteString("exec " + executable + " -V")
} }

25
main.go
View File

@ -21,9 +21,7 @@ var (
Version = "impure" Version = "impure"
a *app.App a *app.App
c *dbus.Config
dbusSession *dbus.Config
dbusSystem *dbus.Config
) )
func tryVersion() { func tryVersion() {
@ -49,24 +47,13 @@ func main() {
// parse D-Bus config file if applicable // parse D-Bus config file if applicable
if mustDBus { if mustDBus {
if dbusConfigSession == "builtin" { if dbusConfig == "builtin" {
dbusSession = dbus.NewConfig(dbusID, true, mpris) c = dbus.NewConfig(dbusID, true, mpris)
} else { } else {
if f, err := os.Open(dbusConfigSession); err != nil { if f, err := os.Open(dbusConfig); err != nil {
state.Fatal("Error opening D-Bus proxy config file:", err) state.Fatal("Error opening D-Bus proxy config file:", err)
} else { } else {
if err = json.NewDecoder(f).Decode(&dbusSession); err != nil { if err = json.NewDecoder(f).Decode(&c); err != nil {
state.Fatal("Error parsing D-Bus proxy config file:", err)
}
}
}
// system bus proxy is optional
if dbusConfigSystem != "nil" {
if f, err := os.Open(dbusConfigSystem); err != nil {
state.Fatal("Error opening D-Bus proxy config file:", err)
} else {
if err = json.NewDecoder(f).Decode(&dbusSystem); err != nil {
state.Fatal("Error parsing D-Bus proxy config file:", err) state.Fatal("Error parsing D-Bus proxy config file:", err)
} }
} }
@ -135,7 +122,7 @@ func main() {
} }
if mustDBus { if mustDBus {
a.ShareDBus(dbusSession, dbusSystem, dbusVerbose) a.ShareDBus(c)
} }
if mustPulse { if mustPulse {