upstart

Merge lp:~jamesodhunt/upstart/disable-system-bus into lp:upstart

  1. disable-system-bus
  2. Merge into trunk
Proposed by James Hunt
Status: Superseded
Proposed branch: lp:~jamesodhunt/upstart/disable-system-bus
Merge into: lp:upstart
Diff against target: 200 lines (+108/-12)
5 files modified
ChangeLog (+8/-0)
init/control.c (+1/-1)
init/main.c (+31/-11)
init/man/init.8 (+4/-0)
util/tests/test_initctl.c (+64/-0)
To merge this branch: bzr merge lp:~jamesodhunt/upstart/disable-system-bus
Reviewer Review Type Date Requested Status
James Hunt Needs Resubmitting
Review via email: mp+186599@code.launchpad.net

This proposal has been superseded by a proposal from 2013-11-04.

Description of the change

* init/control.c: Typo.
* init/main.c: Add '--no-dbus' command-line option.
  init/man/init.8: Added '--no-dbus' option.

This option has the effect of stopping Session Inits having access to system-level events for those systems which require such behaviour; in such environments, even if the upstart-event-bridge is running, no events will (can) be proxied from the system level.

A side-effect of booting with '--no-dbus' is that a non-priv user will be unable to query system jobs using initctl (since such users will not have access to the private socket). However, for those making use of '--no-dbus', such behaviour would be deemed a security advantage rather than a limitation.

To post a comment you must log in.
Revision history for this message
Stéphane Graber (stgraber) wrote :

The code looks good to me, we should just add one test to confirm that upstart with --disable-dbus won't do anything on SIGUSR1.

lp:~jamesodhunt/upstart/disable-system-bus updated
1535. By James Hunt

* util/tests/test_initctl.c: test_no_dbus(): New test to test
  '--no-dbus' option.

1536. By James Hunt

* util/tests/test_initctl.c: test_no_dbus(): Added explicit test for
  SIGUSR1 handling.

Revision history for this message
James Hunt (jamesodhunt) wrote :

Hi Stéphane - new tests added.

review: Needs Resubmitting

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'ChangeLog'
--- ChangeLog 2013-09-13 04:44:55 +0000
+++ ChangeLog 2013-09-19 20:37:08 +0000
@@ -1,3 +1,11 @@
12013-09-19 James Hunt <james.hunt@ubuntu.com>
2
3 * init/control.c: Typo.
4 * init/main.c: Add '--no-dbus' command-line option.
5 init/man/init.8: Added '--no-dbus' option.
6 * util/tests/test_initctl.c: test_no_dbus(): New test
7 to test '--no-dbus' option.
8
12013-09-12 Steve Langasek <steve.langasek@ubuntu.com>92013-09-12 Steve Langasek <steve.langasek@ubuntu.com>
210
3 * configure.ac:11 * configure.ac:
412
=== modified file 'init/control.c'
--- init/control.c 2013-04-22 10:30:09 +0000
+++ init/control.c 2013-09-19 20:37:08 +0000
@@ -260,7 +260,7 @@
260260
261 control_handle_bus_type ();261 control_handle_bus_type ();
262262
263 /* Connect to the D-Bus System Bus and hook everything up into263 /* Connect to the appropriate D-Bus bus and hook everything up into
264 * our own main loop automatically.264 * our own main loop automatically.
265 */265 */
266 conn = nih_dbus_bus (use_session_bus ? DBUS_BUS_SESSION : DBUS_BUS_SYSTEM,266 conn = nih_dbus_bus (use_session_bus ? DBUS_BUS_SESSION : DBUS_BUS_SYSTEM,
267267
=== modified file 'init/main.c'
--- init/main.c 2013-07-31 09:28:48 +0000
+++ init/main.c 2013-09-19 20:37:08 +0000
@@ -120,6 +120,14 @@
120 **/120 **/
121static int disable_startup_event = FALSE;121static int disable_startup_event = FALSE;
122122
123/**
124 * disable_dbus:
125 *
126 * If TRUE, do not connect to a D-Bus bus
127 * (only connect to the private socket).
128 **/
129static int disable_dbus = FALSE;
130
123extern int no_inherit_env;131extern int no_inherit_env;
124extern int user_mode;132extern int user_mode;
125extern int disable_sessions;133extern int disable_sessions;
@@ -142,6 +150,9 @@
142 { 0, "default-console", N_("default value for console stanza"),150 { 0, "default-console", N_("default value for console stanza"),
143 NULL, "VALUE", NULL, console_type_setter },151 NULL, "VALUE", NULL, console_type_setter },
144152
153 { 0, "no-dbus", N_("do not connect to a D-Bus bus"),
154 NULL, NULL, &disable_dbus, NULL },
155
145 { 0, "no-inherit-env", N_("jobs will not inherit environment of init"),156 { 0, "no-inherit-env", N_("jobs will not inherit environment of init"),
146 NULL, NULL, &no_inherit_env ,NULL },157 NULL, NULL, &no_inherit_env ,NULL },
147158
@@ -592,16 +603,21 @@
592 * fail (since dbus-daemon probably isn't running yet) and will try again603 * fail (since dbus-daemon probably isn't running yet) and will try again
593 * later - don't let ENOMEM stop us though.604 * later - don't let ENOMEM stop us though.
594 */605 */
595 while (control_bus_open () < 0) {606 if (disable_dbus) {
596 NihError *err;607 nih_info (_("Not connecting to %s bus"),
597 int number;608 use_session_bus ? "session" : "system");
598609 } else {
599 err = nih_error_get ();610 while (control_bus_open () < 0) {
600 number = err->number;611 NihError *err;
601 nih_free (err);612 int number;
602613
603 if (number != ENOMEM)614 err = nih_error_get ();
604 break;615 number = err->number;
616 nih_free (err);
617
618 if (number != ENOMEM)
619 break;
620 }
605 }621 }
606622
607#ifndef DEBUG623#ifndef DEBUG
@@ -932,8 +948,12 @@
932usr1_handler (void *data,948usr1_handler (void *data,
933 NihSignal *signal)949 NihSignal *signal)
934{950{
951 if (disable_dbus)
952 return;
953
935 if (! control_bus) {954 if (! control_bus) {
936 nih_info (_("Reconnecting to system bus"));955 nih_info (_("Reconnecting to %s bus"),
956 use_session_bus ? "session" : "system");
937957
938 if (control_bus_open () < 0) {958 if (control_bus_open () < 0) {
939 NihError *err;959 NihError *err;
940960
=== modified file 'init/man/init.8'
--- init/man/init.8 2013-04-02 10:19:07 +0000
+++ init/man/init.8 2013-09-19 20:37:08 +0000
@@ -84,6 +84,10 @@
84.BR console "."84.BR console "."
85.\"85.\"
86.TP86.TP
87.B \-\-no\-dbus
88Do not connect to a D-Bus bus.
89.\"
90.TP
87.B \-\-no\-inherit\-env91.B \-\-no\-inherit\-env
88Stop jobs from inheriting the initial environment. Only meaningful when92Stop jobs from inheriting the initial environment. Only meaningful when
89running in user mode.93running in user mode.
9094
=== modified file 'util/tests/test_initctl.c'
--- util/tests/test_initctl.c 2013-09-05 16:19:06 +0000
+++ util/tests/test_initctl.c 2013-09-19 20:37:08 +0000
@@ -11121,6 +11121,69 @@
11121}11121}
1112211122
11123void11123void
11124test_no_dbus (void)
11125{
11126 nih_local char *cmd = NULL;
11127 char **output;
11128 size_t lines;
11129 pid_t upstart_pid = 0;
11130 pid_t dbus_pid = 0;
11131 char *extra[] = { "--no-dbus", NULL };
11132
11133 TEST_GROUP ("Test '--no-dbus'");
11134
11135 TEST_DBUS (dbus_pid);
11136
11137 /*******************************************************************/
11138 /* First perform a sanity check */
11139
11140 TEST_FEATURE ("Ensure version can be queried normally");
11141
11142 start_upstart_common (&upstart_pid, FALSE, NULL, NULL, NULL);
11143
11144 cmd = nih_sprintf (NULL, "%s version 2>/dev/null", get_initctl ());
11145 TEST_NE_P (cmd, NULL);
11146 RUN_COMMAND (NULL, cmd, &output, &lines);
11147 TEST_EQ (lines, 1);
11148 TEST_STR_MATCH (output[0], "init*(upstart [0-9]*");
11149 nih_free (output);
11150
11151 STOP_UPSTART (upstart_pid);
11152
11153 /*******************************************************************/
11154 /* Now, try with dbus disabled */
11155
11156 TEST_FEATURE ("Ensure '--no-dbus' disables D-Bus");
11157
11158 start_upstart_common (&upstart_pid, FALSE, NULL, NULL, extra);
11159
11160 cmd = nih_sprintf (NULL, "%s version 2>/dev/null", get_initctl ());
11161 TEST_NE_P (cmd, NULL);
11162 RUN_COMMAND (NULL, cmd, &output, &lines);
11163
11164 /* No output on stdout expected */
11165 TEST_EQ (lines, 0);
11166
11167 /*******************************************************************/
11168 TEST_FEATURE ("Ensure D-Bus still disabled on SIGUSR1");
11169
11170 assert0 (kill (upstart_pid, SIGUSR1));
11171
11172 cmd = nih_sprintf (NULL, "%s version 2>/dev/null", get_initctl ());
11173 TEST_NE_P (cmd, NULL);
11174 RUN_COMMAND (NULL, cmd, &output, &lines);
11175
11176 /* No output on stdout expected */
11177 TEST_EQ (lines, 0);
11178
11179 STOP_UPSTART (upstart_pid);
11180
11181 /*******************************************************************/
11182
11183 TEST_DBUS_END (dbus_pid);
11184}
11185
11186void
11124test_quiesce (void)11187test_quiesce (void)
11125{11188{
11126 char confdir[PATH_MAX];11189 char confdir[PATH_MAX];
@@ -16684,6 +16747,7 @@
16684 test_reexec ();16747 test_reexec ();
16685 test_list_sessions ();16748 test_list_sessions ();
16686 test_quiesce ();16749 test_quiesce ();
16750 test_no_dbus ();
1668716751
16688 if (in_chroot () && !dbus_configured ()) {16752 if (in_chroot () && !dbus_configured ()) {
16689 fprintf(stderr, "\n\n"16753 fprintf(stderr, "\n\n"

Subscribers

People subscribed via source and target branches