Skip to content

Commit

Permalink
🔧 Support <(allow|deny) (send|recieve)_member=
Browse files Browse the repository at this point in the history
  • Loading branch information
jokeyrhyme committed Nov 27, 2024
1 parent 5d96ec2 commit a6b47a1
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 27 deletions.
38 changes: 12 additions & 26 deletions src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -274,14 +274,6 @@ impl TryFrom<RuleAttributes> for OptionalOperation {
return Err(Error::msg(format!("`send_destination_prefix` cannot be combined with `send_destination` in the same rule: {value:?}")));
}

// https://github.com/dbus2/busd/issues/79
if value.receive_member.is_some() {
warn!("warning: busd does not implement `<(allow|deny) receive_member=...`: {value:?}");
}
if value.send_member.is_some() {
warn!("warning: busd does not implement `<(allow|deny) send_member=...`: {value:?}");
}

if has_connect {
Ok(Some(Operation::Connect(ConnectOperation::from(value))))
} else if has_own {
Expand Down Expand Up @@ -395,6 +387,7 @@ pub struct ReceiveOperation {
pub error: Option<String>,
pub interface: Option<String>,
pub max_fds: Option<u32>,
pub member: Option<String>,
pub min_fds: Option<u32>,
pub path: Option<String>,
pub sender: Option<String>,
Expand All @@ -406,6 +399,7 @@ impl From<RuleAttributes> for ReceiveOperation {
error: value.receive_error,
interface: value.receive_interface,
max_fds: value.max_fds,
member: value.receive_member,
min_fds: value.min_fds,
path: value.receive_path,
sender: value.receive_sender,
Expand Down Expand Up @@ -524,6 +518,7 @@ pub struct SendOperation {
pub error: Option<String>,
pub interface: Option<String>,
pub max_fds: Option<u32>,
pub member: Option<String>,
pub min_fds: Option<u32>,
pub path: Option<String>,
pub r#type: Option<MessageType>,
Expand Down Expand Up @@ -554,6 +549,7 @@ impl From<RuleAttributes> for SendOperation {
error: value.send_error,
interface: value.send_interface,
max_fds: value.max_fds,
member: value.send_member,
min_fds: value.min_fds,
path: value.send_path,
r#type: value.send_type,
Expand Down Expand Up @@ -804,6 +800,7 @@ mod tests {
send_destination="org.freedesktop.DBus"
send_error="something bad"
send_interface="org.freedesktop.systemd1.Activator"
send_member="DoSomething"
send_path="/org/freedesktop"
send_type="signal"
max_fds="128"
Expand All @@ -812,6 +809,7 @@ mod tests {
<allow
receive_error="something bad"
receive_interface="org.freedesktop.systemd1.Activator"
receive_member="DoSomething"
receive_path="/org/freedesktop"
receive_sender="org.freedesktop.DBus"
receive_type="signal"
Expand Down Expand Up @@ -877,6 +875,7 @@ mod tests {
"org.freedesktop.systemd1.Activator"
)),
max_fds: Some(128),
member: Some(String::from("DoSomething")),
min_fds: Some(12),
path: Some(String::from("/org/freedesktop")),
r#type: Some(MessageType::Signal),
Expand All @@ -890,6 +889,7 @@ mod tests {
"org.freedesktop.systemd1.Activator"
)),
max_fds: Some(128),
member: Some(String::from("DoSomething")),
min_fds: Some(12),
path: Some(String::from("/org/freedesktop")),
sender: Some(String::from("org.freedesktop.DBus")),
Expand All @@ -911,6 +911,7 @@ mod tests {
error: None,
interface: None,
max_fds: None,
member: Some(String::from("DoSomething")),
min_fds: None,
path: None,
r#type: None
Expand All @@ -924,6 +925,7 @@ mod tests {
error: None,
interface: None,
max_fds: None,
member: Some(String::from("DoSomething")),
min_fds: None,
path: None,
r#type: None
Expand All @@ -940,6 +942,7 @@ mod tests {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None
Expand Down Expand Up @@ -979,9 +982,6 @@ mod tests {
<allow send_requested_reply="false" send_type="method_return"/>
<deny receive_requested_reply="true" receive_type="error"/>
<allow receive_requested_reply="false" receive_type="error"/>
<allow send_destination="org.gnome.DisplayManager"
send_interface="org.gnome.DisplayManager.Manager"
send_member="GetRemoteHostname"/>
</policy>
<policy at_console="true">
<allow send_destination="org.freedesktop.DBus" send_interface="org.freedesktop.systemd1.Activator"/>
Expand All @@ -1005,6 +1005,7 @@ mod tests {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None
Expand All @@ -1016,21 +1017,6 @@ mod tests {
// `<allow send_requested_reply="false" ...` is completely ignored
// `<deny receive_requested_reply="true" ...` is completely ignored
// `<allow receive_requested_reply="false" ...` is completely ignored
(
Access::Allow,
Operation::Send(SendOperation {
broadcast: None,
destination: Some(Name::Exact(String::from(
"org.gnome.DisplayManager"
))),
interface: Some(String::from("org.gnome.DisplayManager.Manager")),
error: None,
max_fds: None,
min_fds: None,
path: None,
r#type: None
}),
),
]),
// `<policy at_console="true">` is completely ignored
],
Expand Down
22 changes: 21 additions & 1 deletion tests/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ fn config_read_file_example_session_disable_stats_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Debug.Stats")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None
Expand Down Expand Up @@ -99,6 +100,7 @@ fn config_read_file_example_system_enable_stats_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Debug.Stats")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None
Expand Down Expand Up @@ -135,6 +137,7 @@ fn config_read_file_session_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand Down Expand Up @@ -183,6 +186,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: Some(MessageType::MethodCall),
Expand All @@ -196,6 +200,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: Some(MessageType::Signal),
Expand All @@ -209,6 +214,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: Some(MessageType::MethodReturn),
Expand All @@ -222,6 +228,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: Some(MessageType::Error),
Expand All @@ -233,6 +240,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
sender: None,
Expand All @@ -245,6 +253,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
sender: None,
Expand All @@ -257,6 +266,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
sender: None,
Expand All @@ -269,6 +279,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: None,
max_fds: None,
member: None,
min_fds: None,
path: None,
sender: None,
Expand All @@ -283,6 +294,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -296,6 +308,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Introspectable")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -309,6 +322,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Properties")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -322,20 +336,21 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Containers1")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
}),
),
(
// TODO: this is a mistake, deny with send_member rule should be omitted
Access::Deny,
Operation::Send(SendOperation {
broadcast: None,
destination: Some(Name::Exact(String::from("org.freedesktop.DBus"))),
error: None,
interface: Some(String::from("org.freedesktop.DBus")),
max_fds: None,
member: Some(String::from("UpdateActivationEnvironment")),
min_fds: None,
path: None,
r#type: None,
Expand All @@ -349,6 +364,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Debug.Stats")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -362,6 +378,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.systemd1.Activator")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -377,6 +394,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.systemd1.Activator")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -393,6 +411,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Monitoring")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand All @@ -409,6 +428,7 @@ fn config_read_file_system_conf_ok() {
error: None,
interface: Some(String::from("org.freedesktop.DBus.Debug.Stats")),
max_fds: None,
member: None,
min_fds: None,
path: None,
r#type: None,
Expand Down

0 comments on commit a6b47a1

Please sign in to comment.