app/dbus: accept system bus config

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>

dbus/config.go

@@ -1,5 +1,10 @@
 package dbus
 
+import (
+	"errors"
+	"strings"
+)
+
 type Config struct {
 	// See set 'see' policy for NAME (--see=NAME)
 	See []string `json:"see"`
@@ -17,7 +22,7 @@ type Config struct {
 	Filter bool `json:"filter"`
 }
 
-func (c *Config) Args(address, path string) (args []string) {
+func (c *Config) Args(bus [2]string) (args []string) {
 	argc := 2 + len(c.See) + len(c.Talk) + len(c.Own) + len(c.Call) + len(c.Broadcast)
 	if c.Log {
 		argc++
@@ -27,7 +32,7 @@ func (c *Config) Args(address, path string) (args []string) {
 	}
 
 	args = make([]string, 0, argc)
-	args = append(args, address, path)
+	args = append(args, bus[0], bus[1])
 	for _, name := range c.See {
 		args = append(args, "--see="+name)
 	}
@@ -53,6 +58,23 @@ func (c *Config) Args(address, path string) (args []string) {
 	return
 }
 
+func (c *Config) buildSeal(seal *strings.Builder, bus [2]string) error {
+	for _, arg := range c.Args(bus) {
+		// reject argument strings containing null
+		for _, b := range arg {
+			if b == '\x00' {
+				return errors.New("argument contains null")
+			}
+		}
+
+		// write null terminated argument
+		seal.WriteString(arg)
+		seal.WriteByte('\x00')
+	}
+
+	return nil
+}
+
 // NewConfig returns a reference to a Config struct with optional defaults.
 // If id is an empty string own defaults are omitted.
 func NewConfig(id string, defaults, mpris bool) (c *Config) {

dbus/setup.go

@@ -16,8 +16,9 @@ type Proxy struct {
 	statP [2]*os.File
 	argsP [2]*os.File
 
-	address [2]string
 	path    string
+	session [2]string
+	system  [2]string
 
 	wait  *chan error
 	read  *chan error
@@ -28,6 +29,13 @@ type Proxy struct {
 }
 
 func (p *Proxy) String() string {
+	if p == nil {
+		return "(invalid dbus proxy)"
+	}
+
+	p.lock.RLock()
+	defer p.lock.RUnlock()
+
 	if p.cmd != nil {
 		return p.cmd.String()
 	}
@@ -40,34 +48,37 @@ func (p *Proxy) String() string {
 }
 
 // Seal seals the Proxy instance.
-func (p *Proxy) Seal(c *Config) error {
+func (p *Proxy) Seal(session, system *Config) error {
 	p.lock.Lock()
 	defer p.lock.Unlock()
 
 	if p.seal != nil {
 		panic("dbus proxy sealed twice")
 	}
-	args := c.Args(p.address[0], p.address[1])
+
+	if session == nil && system == nil {
+		return errors.New("no configuration to seal")
+	}
 
 	seal := strings.Builder{}
-	for _, arg := range args {
-		// reject argument strings containing null
-		for _, b := range arg {
-			if b == '\x00' {
-				return errors.New("argument contains null")
-			}
-		}
 
-		// write null terminated argument
+	if session != nil {
-		seal.WriteString(arg)
+		if err := session.buildSeal(&seal, p.session); err != nil {
-		seal.WriteByte('\x00')
+			return err
+		}
 	}
+	if system != nil {
+		if err := system.buildSeal(&seal, p.system); err != nil {
+			return err
+		}
+	}
+
 	v := seal.String()
 	p.seal = &v
 	return nil
 }
 
 // New returns a reference to a new unsealed Proxy.
-func New(binPath, address, path string) *Proxy {
+func New(binPath string, session, system [2]string) *Proxy {
-	return &Proxy{path: binPath, address: [2]string{address, path}}
+	return &Proxy{path: binPath, session: session, system: system}
 }

flag.go

@@ -7,10 +7,13 @@ import (
 )
 
 var (
-	userName   string
+	userName string
-	dbusConfig string
+
-	dbusID     string
+	dbusConfigSession string
-	mpris      bool
+	dbusConfigSystem  string
+	dbusVerbose       bool
+	dbusID            string
+	mpris             bool
 
 	mustWayland bool
 	mustX       bool
@@ -23,7 +26,10 @@ var (
 
 func init() {
 	flag.StringVar(&userName, "u", "chronos", "Passwd name of user to run as")
-	flag.StringVar(&dbusConfig, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
+
+	flag.StringVar(&dbusConfigSession, "dbus-config", "builtin", "Path to D-Bus proxy config file, or \"builtin\" for defaults")
+	flag.StringVar(&dbusConfigSystem, "dbus-system", "nil", "Path to system D-Bus proxy config file, or \"nil\" to disable")
+	flag.BoolVar(&dbusVerbose, "dbus-log", false, "Enable logging in the D-Bus proxy")
 	flag.StringVar(&dbusID, "dbus-id", "", "D-Bus ID of application, leave empty to disable own paths, has no effect if custom config is available")
 	flag.BoolVar(&mpris, "mpris", false, "Allow owning MPRIS D-Bus path, has no effect if custom config is available")
 

internal/app/dbus.go

@@ -14,16 +14,30 @@ import (
 	"git.ophivana.moe/cat/fortify/internal/util"
 )
 
-const dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
+const (
+	dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
+	dbusSystemBusAddress  = "DBUS_SYSTEM_BUS_ADDRESS"
+)
 
-var dbusAddress string
+var (
+	dbusAddress [2]string
+	dbusSystem  bool
+)
 
-func (a *App) ShareDBus(c *dbus.Config) {
+func (a *App) ShareDBus(dse, dsg *dbus.Config, verbose bool) {
 	a.setEnablement(state.EnableDBus)
 
-	var binPath, address string
+	dbusSystem = dsg != nil
+	var binPath string
+	var sessionBus, systemBus [2]string
+
 	target := path.Join(system.V.Share, strconv.Itoa(os.Getpid()))
-	dbusAddress = "unix:path=" + target
+	sessionBus[1] = target + ".bus"
+	systemBus[1] = target + ".system-bus"
+	dbusAddress = [2]string{
+		"unix:path=" + sessionBus[1],
+		"unix:path=" + systemBus[1],
+	}
 
 	if b, ok := util.Which("xdg-dbus-proxy"); !ok {
 		state.Fatal("D-Bus: Did not find 'xdg-dbus-proxy' in PATH")
@@ -32,17 +46,36 @@ func (a *App) ShareDBus(c *dbus.Config) {
 	}
 
 	if addr, ok := os.LookupEnv(dbusSessionBusAddress); !ok {
-		state.Fatal("D-Bus: DBUS_SESSION_BUS_ADDRESS not set")
+		if system.V.Verbose {
+			fmt.Println("D-Bus: DBUS_SESSION_BUS_ADDRESS not set, assuming default format")
+		}
+		sessionBus[0] = fmt.Sprintf("unix:path=/run/user/%d/bus", os.Getuid())
 	} else {
-		address = addr
+		sessionBus[0] = addr
 	}
 
-	c.Log = system.V.Verbose
+	if addr, ok := os.LookupEnv(dbusSystemBusAddress); !ok {
-	p := dbus.New(binPath, address, target)
+		if system.V.Verbose {
-	if system.V.Verbose {
+			fmt.Println("D-Bus: DBUS_SYSTEM_BUS_ADDRESS not set, assuming default format")
-		fmt.Println("D-Bus: sealing proxy", c.Args(address, target))
+		}
+		systemBus[0] = "unix:path=/run/dbus/system_bus_socket"
+	} else {
+		systemBus[0] = addr
 	}
-	if err := p.Seal(c); err != nil {
+
+	p := dbus.New(binPath, sessionBus, systemBus)
+
+	dse.Log = verbose
+	if system.V.Verbose {
+		fmt.Println("D-Bus: sealing session proxy", dse.Args(sessionBus))
+	}
+	if dsg != nil {
+		dsg.Log = verbose
+		if system.V.Verbose {
+			fmt.Println("D-Bus: sealing system proxy", dsg.Args(systemBus))
+		}
+	}
+	if err := p.Seal(dse, dsg); err != nil {
 		state.Fatal("D-Bus: invalid config when sealing proxy,", err)
 	}
 
@@ -50,7 +83,10 @@ func (a *App) ShareDBus(c *dbus.Config) {
 	done := make(chan struct{})
 
 	if system.V.Verbose {
-		fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress, address)
+		fmt.Printf("Starting session bus proxy '%s' for address '%s'\n", dbusAddress[0], sessionBus[0])
+		if dsg != nil {
+			fmt.Printf("Starting system bus proxy '%s' for address '%s'\n", dbusAddress[1], systemBus[0])
+		}
 	}
 	if err := p.Start(&ready); err != nil {
 		state.Fatal("D-Bus: error starting proxy,", err)
@@ -80,13 +116,24 @@ func (a *App) ShareDBus(c *dbus.Config) {
 		state.Fatal("D-Bus: proxy did not start correctly")
 	}
 
-	a.AppendEnv(dbusSessionBusAddress, dbusAddress)
+	a.AppendEnv(dbusSessionBusAddress, dbusAddress[0])
-	if err := acl.UpdatePerm(target, a.UID(), acl.Read, acl.Write); err != nil {
+	if err := acl.UpdatePerm(sessionBus[1], a.UID(), acl.Read, acl.Write); err != nil {
-		state.Fatal(fmt.Sprintf("Error preparing D-Bus proxy '%s':", dbusAddress), err)
+		state.Fatal(fmt.Sprintf("Error preparing D-Bus session proxy '%s':", dbusAddress[0]), err)
 	} else {
-		state.RegisterRevertPath(target)
+		state.RegisterRevertPath(sessionBus[1])
+	}
+	if dsg != nil {
+		a.AppendEnv(dbusSystemBusAddress, dbusAddress[1])
+		if err := acl.UpdatePerm(systemBus[1], a.UID(), acl.Read, acl.Write); err != nil {
+			state.Fatal(fmt.Sprintf("Error preparing D-Bus system proxy '%s':", dbusAddress[1]), err)
+		} else {
+			state.RegisterRevertPath(systemBus[1])
+		}
 	}
 	if system.V.Verbose {
-		fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress, address)
+		fmt.Printf("Session bus proxy '%s' for address '%s' configured\n", dbusAddress[0], sessionBus[0])
+		if dsg != nil {
+			fmt.Printf("System bus proxy '%s' for address '%s' configured\n", dbusAddress[1], systemBus[0])
+		}
 	}
 }

internal/app/run.go

@@ -167,7 +167,10 @@ func (a *App) commandBuilderMachineCtl() (args []string) {
 		state.Fatal("Error reading executable path:", err)
 	} else {
 		if a.enablements.Has(state.EnableDBus) {
-			innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress + "' ")
+			innerCommand.WriteString(dbusSessionBusAddress + "=" + "'" + dbusAddress[0] + "' ")
+			if dbusSystem {
+				innerCommand.WriteString(dbusSystemBusAddress + "=" + "'" + dbusAddress[1] + "' ")
+			}
 		}
 		innerCommand.WriteString("exec " + executable + " -V")
 	}

main.go

@@ -21,7 +21,9 @@ var (
 	Version = "impure"
 
 	a *app.App
-	c *dbus.Config
+
+	dbusSession *dbus.Config
+	dbusSystem  *dbus.Config
 )
 
 func tryVersion() {
@@ -47,13 +49,24 @@ func main() {
 
 	// parse D-Bus config file if applicable
 	if mustDBus {
-		if dbusConfig == "builtin" {
+		if dbusConfigSession == "builtin" {
-			c = dbus.NewConfig(dbusID, true, mpris)
+			dbusSession = dbus.NewConfig(dbusID, true, mpris)
 		} else {
-			if f, err := os.Open(dbusConfig); err != nil {
+			if f, err := os.Open(dbusConfigSession); err != nil {
 				state.Fatal("Error opening D-Bus proxy config file:", err)
 			} else {
-				if err = json.NewDecoder(f).Decode(&c); err != nil {
+				if err = json.NewDecoder(f).Decode(&dbusSession); err != nil {
+					state.Fatal("Error parsing D-Bus proxy config file:", err)
+				}
+			}
+		}
+
+		// system bus proxy is optional
+		if dbusConfigSystem != "nil" {
+			if f, err := os.Open(dbusConfigSystem); err != nil {
+				state.Fatal("Error opening D-Bus proxy config file:", err)
+			} else {
+				if err = json.NewDecoder(f).Decode(&dbusSystem); err != nil {
 					state.Fatal("Error parsing D-Bus proxy config file:", err)
 				}
 			}
@@ -122,7 +135,7 @@ func main() {
 	}
 
 	if mustDBus {
-		a.ShareDBus(c)
+		a.ShareDBus(dbusSession, dbusSystem, dbusVerbose)
 	}
 
 	if mustPulse {