System D-Bus does not allow punching out ownership with conf files

Question

I am trying to create a daemon service that runs on the system bus where the permissions for sending and receiving from this service should be completely open to anybody. (Security is not a concern for this service). When I attempt to register the service using QtDbus (using the PyQt for it) I get this error: Connection ":1.0" is not allowed to own the service "org.dbus.arduino" due to security policies in the configuration file. This other stack overflow has the same error, but does not help at all in this situation for some reason. dbus_bus_request_name (): Connections are not allowed to own the service.

Normally you're supposed to leave the system.conf file in-tact and add your permissions "punch out" config file in the system.d directory. I have done this, but it does not seem to change anything, regardless with how open I make the permissions. In fact I'm almost positive it's not changing anything! Here is my conf file as it sits right this moment.

<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

<busconfig>
    <policy user="myUser">
        <allow own="*"/>
        <allow own="org.dbus.arduino"/>
        <allow send_type="method_call" log="true"/>
    </policy>                 
    <policy user="root">        
        <allow own="*"/>
        <allow own="org.dbus.arduino"/>
        <allow send_type="method_call" log="true"/>
    </policy>                         
    <policy context="default">            
    </policy>                                                     
</busconfig>                 

Even if I do this or things like it, it STILL doesn't work.

<busconfig>               
    <policy context="default">     
        <allow own="*"/>
        <allow own="org.dbus.arduino"/>
        <allow send_type="method_call" log="true"/>       
    </policy>                                                     
</busconfig>  

I even put the name of the file starting with a z so that it may be the very last one that is read in. Here is the system.conf file, note where I have commented out the "allow own" section. This is the ONLY way to get this to work (and the worst possible "fix").

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- Our well-known bus type, do not change this -->
  <type>system</type>

  <!-- Run as special user -->
  <user>messagebus</user>

  <!-- Fork into daemon mode -->
  <fork/>

  <!-- We use system service launching using a helper -->
  <standard_system_servicedirs/>

  <!-- This is a setuid helper that is used to launch system services -->
  <servicehelper>/lib/dbus-1/dbus-daemon-launch-helper</servicehelper>

  <!-- Write a pid file -->
  <pidfile>/var/run/dbus/pid</pidfile>

  <!-- Enable logging to syslog -->
  <syslog/>

  <!-- Only allow socket-credentials-based authentication -->
  <auth>EXTERNAL</auth>

  <!-- Only listen on a local socket. (abstract=/path/to/socket 
       means use abstract namespace, don't really create filesystem 
       file; only Linux supports this. Use path=/whatever on other 
       systems.) -->
  <listen>unix:path=/var/run/dbus/system_bus_socket</listen>

  <policy context="default">
    <!-- All users can connect to system bus -->
    <allow user="*"/>

    <!-- Holes must be punched in service configuration files for
         name ownership and sending method calls -->
    <deny own="*"/>
    <deny send_type="method_call" log="true"/>

    <!-- THIS IS THE ONLY WAY TO GET THIS TO WORK
    <allow own="*"/>
    <allow send_type="method_call" log="true"/>
    -->



    <!-- Signals and reply messages (method returns, errors) are allowed
         by default -->
    <allow send_type="signal"/>
    <allow send_requested_reply="true" send_type="method_return"/>
    <allow send_requested_reply="true" send_type="error"/>

    <!-- All messages may be received by default -->
    <allow receive_type="method_call"/>
    <allow receive_type="method_return"/>
    <allow receive_type="error"/>
    <allow receive_type="signal"/>

    <!-- Allow anyone to talk to the message bus -->
    <allow send_destination="org.freedesktop.DBus"/>
    <!-- But disallow some specific bus services -->
    <deny send_destination="org.freedesktop.DBus"
          send_interface="org.freedesktop.DBus"
          send_member="UpdateActivationEnvironment"/>

  </policy>

  <!-- Config files are placed here that among other things, punch 
       holes in the above policy for specific services. -->
  <includedir>system.d</includedir>

  <!-- This is included last so local configuration can override what's 
       in this standard file -->
  <include ignore_missing="yes">system-local.conf</include>

  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>

I absolutely have to use the System bus because I am deploying it on a Raspberry Pi without a GUI, (no x11, and no session bus). I was able to get the Raspberry Pi working only by completely allowing everything on the system bus (security is not nearly as big of a deal on this device). Obviously, there is no way I'm allowing that to occur on my development machine. As background I am using Opensuse 12.2 and the Raspberry Pi is Debian Squeeze. I cannot own the service with my user account, nor root, unless I completely open the permissions up, in that case it works just fine. I will also note that when I completely opened up the system bus, I still had to use root to send messages to the daemon (a terminate command). I'd like the solution to be able to be runnable via a particular user with root having access as well. I am also OK with the solution only allowing the same user and root to send messages to it.

Thanks for any help I'm sure it's a small issue!

Answer 1

I finally found the issue. When Dbus looks for configuration files for punching out permissions (like ownerships) the file not only must be in system.d/ but it must also end in .conf.

My configuration file "org.dbus.arduino" should have been "org.dbus.arduino.conf". I removed the code from system.conf. Confirmed I no longer had permissions, created a configuration file at "system.d/org.dbus.arduino.conf", I was granted permissions. I then attempted to rename the file to just "org.dbus.arduino" and confirmed the permissions were denied.

Answer 2

I did the same solution as the accepted answer but I also got it to work with this alternative.

I noticed that in my system.conf file, there is this note:

For local configuration changes, create a file system-local.conf or files matching system.d/*.conf in the same directory as this one, with a element containing configuration directives. These directives can override D-Bus or OS defaults.

Instead of putting a <name.of.my.dbus.service>.conf under system.d/, I was able to make it work by creating a system-local.conf in the same directory as the system.conf, with the contents like this:

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
  <policy context="default">
    <allow own="dbus.my.own.service"/>
  </policy>
</busconfig>