7

bus APIs in systemd 221. When I request a name for an object in system bus it prints out an error saying "Permission denied". I am running the output file as root. The line "sd_bus_request_name(bus, "net.poettering.Calculator", 0)" throws an error : "Failed to acquire servie name..: Permission denied"

I think root should have a permission to acquire a name for an object. Does any one know how to solve this?

thank you in advance.

Here is the example code from http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html :

int main(int argc, char *argv[]) {
sd_bus_slot *slot = NULL;
sd_bus *bus = NULL;
int r;

r = sd_bus_default_system(&bus);
if (r < 0) {
    fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
    goto finish;
}

/* Install the object */
r = sd_bus_add_object_vtable(bus,
                             &slot,
                             "/net/poettering/Calculator",
                             "net.poettering.Calculator",   /* interface name                             */calculator_vtable,
                             NULL);
if (r < 0) {
    fprintf(stderr, "Failed to issue method call: %s\n", strerror(-r));
    goto finish;
}

/* Take a well-known service name so that clients can find us */
r = sd_bus_request_name(bus, "net.poettering.Calculator", 0);
if (r < 0) {
    fprintf(stderr, "Failed to acquire service name: %s\n", strerror(-r));
    goto finish;
}
portleJay
  • 71
  • 1
  • 2
  • Obligatory: which linux (RHEL vs ubuntu vs fedora vs... as well as kernel version) are you running, and did you try turning selinux to permissive (as selinux is one way that root will get denied) – Foon Sep 28 '15 at 17:21
  • The example code is running in oracle linux 7.1 . I heard oracle linux was branched out from Centos and Redhat. Kernel version is 3.8.13. Also SELINUX was disabled. – portleJay Sep 28 '15 at 18:04

3 Answers3

9

Typical default D-Bus configuration does not allow to register services except explicitly allowed. You need to allow root to register your service. Create /etc/dbus-1/system.d/net.poettering.Calculator.conf:

<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
  <policy user="root">
    <allow own="net.poettering.Calculator"/>
  </policy>
</busconfig>

Read man dbus-daemon for details.

Red User
  • 429
  • 3
  • 9
0

I don't know if this could be useful, but I found a workaround, not the most recommended because you allow the user to create dbus objects in the system bus without having them listed or having a specific configuration file for them.

  • You need to edit the file in /usr/share/dbus-1/system.conf with sudo.
  • Edit the contents of the lines below the Holes must be punched... phrase.

<!-- Holes must be punched in service configuration files for name ownership and sending method calls --

<deny own="*"/

<deny send_type="method_call"/>

  • Change the deny to allow.

With those changes the sd_bus_request_name returns Permission denied error was solved at least in my case.

Jose
  • 33
  • 9
-3
int main(int argc, char *argv[])
{
    sd_bus_slot *slot = NULL;
    sd_bus *bus = NULL;
    int r;
    r = sd_bus_default_system(&bus);
    if (r < 0) 
    {
        fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
        goto finish;
    }
}
Tunaki
  • 132,869
  • 46
  • 340
  • 423
Rational Technologies
  • 1
  • 1