Merge lp:~attente/ubuntu-system-settings/session-settings-service into lp:ubuntu-system-settings
Status: | Work in progress |
---|---|
Proposed branch: | lp:~attente/ubuntu-system-settings/session-settings-service |
Merge into: | lp:ubuntu-system-settings |
Diff against target: |
291 lines (+201/-2) 10 files modified
CMakeLists.txt (+6/-0) data/CMakeLists.txt (+2/-0) data/session-settings-service.conf.in (+9/-0) debian/control (+3/-0) debian/ubuntu-system-settings.install (+1/-0) lib/SystemSettings/CMakeLists.txt (+8/-2) lib/SystemSettings/com.ubuntu.Settings.xml (+17/-0) src/CMakeLists.txt (+1/-0) src/service/CMakeLists.txt (+10/-0) src/service/server.vala (+144/-0) |
To merge this branch: | bzr merge lp:~attente/ubuntu-system-settings/session-settings-service |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Thomas Voß (community) | Disapprove | ||
PS Jenkins bot | continuous-integration | Approve | |
Ubuntu Touch System Settings | Pending | ||
Review via email: mp+228121@code.launchpad.net |
Commit message
Add a session-
Providing confined apps with direct access to AccountsService is too dangerous. There's too much sensitive information such as LoginHistory, PasswordHint, etc. Also, because object paths for users are dynamic (e.g. /org/freedeskto
We propose a service that allows confined apps to read-only access for a limited subset of non-sensitive AccountsService data (language and locale). The service lives on the session bus and provides explicit getters and change notification signals. The service does not provide D-Bus properties since that requires AppArmor policy that opens up the org.freedesktop
Compare the following policies. The first is what's needed for direct AccountsService access, the second is what's needed using the proposed session service:
dbus bus=system
path=
interface=
member=GetAll,
dbus bus=system
path=
interface=
member=
dbus bus=system
path=
interface=
member=
dbus bus=system
interface=
member=GetAll,
dbus bus=system
interface=
member=
vs.
dbus (send)
bus=session
path=
interface=
member=
dbus (send)
bus=session
path=
interface=
member=
dbus (receive)
bus=session
path=
interface=
member=
dbus (receive)
bus=session
path=
interface=
member=
Description of the change
Add a session-
Providing confined apps with direct access to AccountsService is too dangerous. There's too much sensitive information such as LoginHistory, PasswordHint, etc. Also, because object paths for users are dynamic (e.g. /org/freedeskto
We propose a service that allows confined apps to read-only access for a limited subset of non-sensitive AccountsService data (language and locale). The service lives on the session bus and provides explicit getters and change notification signals. The service does not provide D-Bus properties since that requires AppArmor policy that opens up the org.freedesktop
Compare the following policies. The first is what's needed for direct AccountsService access, the second is what's needed using the proposed session service:
dbus bus=system
path=
interface=
member=GetAll,
dbus bus=system
path=
interface=
member=
dbus bus=system
path=
interface=
member=
dbus bus=system
interface=
member=GetAll,
dbus bus=system
interface=
member=
vs.
dbus (send)
bus=session
path=
interface=
member=
dbus (send)
bus=session
path=
interface=
member=
dbus (receive)
bus=session
path=
interface=
member=
dbus (receive)
bus=session
path=
interface=
member=
Unmerged revisions
- 816. By William Hua
-
Merge trunk.
- 815. By William Hua
-
Update com.ubuntu.Settings interface.
- 814. By William Hua
-
Use explicit getters and change signals.
- 813. By William Hua
-
Rename system-
settings- service to session- settings- service. - 812. By William Hua
-
Use dash instead of underscore.
- 811. By William Hua
-
Capitalize property names.
- 810. By William Hua
-
Add missing build dependencies.
- 809. By William Hua
-
Add copyright header.
- 808. By William Hua
-
Remove Service header.
- 807. By William Hua
-
System settings service.
FAILED: Continuous integration, rev:815 jenkins. qa.ubuntu. com/job/ ubuntu- system- settings- ci/1053/ jenkins. qa.ubuntu. com/job/ generic- deb-autopilot- utopic- touch/2449/ console jenkins. qa.ubuntu. com/job/ generic- mediumtests- utopic/ 1989/console jenkins. qa.ubuntu. com/job/ ubuntu- system- settings- utopic- amd64-ci/ 245/console jenkins. qa.ubuntu. com/job/ ubuntu- system- settings- utopic- armhf-ci/ 245/console jenkins. qa.ubuntu. com/job/ ubuntu- system- settings- utopic- i386-ci/ 245/console jenkins. qa.ubuntu. com/job/ generic- mediumtests- builder- utopic- armhf/3685/ console jenkins. qa.ubuntu. com/job/ generic- mediumtests- builder- utopic- amd64/2239/ console
http://
Executed test runs:
FAILURE: http://
FAILURE: http://
FAILURE: http://
FAILURE: http://
FAILURE: http://
FAILURE: http://
FAILURE: http://
Click here to trigger a rebuild: s-jenkins. ubuntu- ci:8080/ job/ubuntu- system- settings- ci/1053/ rebuild
http://