projects / mirror_qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 586ca6ba MAL |
1 | #!/bin/sh |
| 2 | ||
| 3 | # dbus-daemon wrapper script for dbus-vmstate testing | |
| 4 | # | |
| 5 | # This script allows to tweak the dbus-daemon policy during the test | |
| 6 | # to test different configurations. | |
| 7 | # | |
| 8 | # This program is free software; you can redistribute it and/or modify | |
| 9 | # it under the terms of the GNU General Public License as published by | |
| 10 | # the Free Software Foundation; either version 2 of the License, or | |
| 11 | # (at your option) any later version. | |
| 12 | # | |
| 13 | # This program is distributed in the hope that it will be useful, | |
| 14 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 15 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 16 | # GNU General Public License for more details. | |
| 17 | # | |
| 18 | # You should have received a copy of the GNU General Public License | |
| 19 | # along with this program; if not, see <http://www.gnu.org/licenses/>. | |
| 20 | # | |
| 21 | # Copyright (C) 2019 Red Hat, Inc. | |
| 22 | ||
| 23 | write_config() | |
| 24 | { | |
| 25 | CONF="$1" | |
| 26 | cat > "$CONF" <<EOF | |
| 27 | <busconfig> | |
| 28 | <type>session</type> | |
| 29 | <listen>unix:tmpdir=$DBUS_VMSTATE_TEST_TMPDIR</listen> | |
| 30 | ||
| 31 | <policy context="default"> | |
| 32 | <!-- Holes must be punched in service configuration files for | |
| 33 | name ownership and sending method calls --> | |
| 34 | <deny own="*"/> | |
| 35 | <deny send_type="method_call"/> | |
| 36 | ||
| 37 | <!-- Signals and reply messages (method returns, errors) are allowed | |
| 38 | by default --> | |
| 39 | <allow send_type="signal"/> | |
| 40 | <allow send_requested_reply="true" send_type="method_return"/> | |
| 41 | <allow send_requested_reply="true" send_type="error"/> | |
| 42 | ||
| 43 | <!-- All messages may be received by default --> | |
| 44 | <allow receive_type="method_call"/> | |
| 45 | <allow receive_type="method_return"/> | |
| 46 | <allow receive_type="error"/> | |
| 47 | <allow receive_type="signal"/> | |
| 48 | ||
| 49 | <!-- Allow anyone to talk to the message bus --> | |
| 50 | <allow send_destination="org.freedesktop.DBus" | |
| 51 | send_interface="org.freedesktop.DBus" /> | |
| 52 | <allow send_destination="org.freedesktop.DBus" | |
| 53 | send_interface="org.freedesktop.DBus.Introspectable"/> | |
| 54 | <allow send_destination="org.freedesktop.DBus" | |
| 55 | send_interface="org.freedesktop.DBus.Properties"/> | |
| 56 | <!-- But disallow some specific bus services --> | |
| 57 | <deny send_destination="org.freedesktop.DBus" | |
| 58 | send_interface="org.freedesktop.DBus" | |
| 59 | send_member="UpdateActivationEnvironment"/> | |
| 60 | <deny send_destination="org.freedesktop.DBus" | |
| 61 | send_interface="org.freedesktop.DBus.Debug.Stats"/> | |
| 62 | <deny send_destination="org.freedesktop.DBus" | |
| 63 | send_interface="org.freedesktop.systemd1.Activator"/> | |
| 64 | ||
| 65 | <allow own="org.qemu.VMState1"/> | |
| 66 | <allow send_destination="org.qemu.VMState1"/> | |
| 67 | <allow receive_sender="org.qemu.VMState1"/> | |
| 68 | ||
| 69 | </policy> | |
| 70 | ||
| 71 | <include if_selinux_enabled="yes" | |
| 72 | selinux_root_relative="yes">contexts/dbus_contexts</include> | |
| 73 | ||
| 74 | </busconfig> | |
| 75 | EOF | |
| 76 | } | |
| 77 | ||
| 78 | ARGS= | |
| 79 | for arg in "$@" | |
| 80 | do | |
| 81 | case $arg in | |
| 82 | --config-file=*) | |
| 83 | CONF="${arg#*=}" | |
| 84 | write_config "$CONF" | |
| 85 | ARGS="$ARGS $1" | |
| 86 | shift | |
| 87 | ;; | |
| 88 | *) | |
| 89 | ARGS="$ARGS $1" | |
| 90 | shift | |
| 91 | ;; | |
| 92 | esac | |
| 93 | done | |
| 94 | ||
| 95 | exec dbus-daemon $ARGS |