Closed mrc0mmand closed 3 months ago
Thanks for this @mrc0mmand !
Do you have any idea if the remaining failure is a regression (I assume so, but have not tested this manually in a very long time)?
@smcv do you happen to know if this is expected?
dbus-daemon 1.14.10 should be able to implement UnixGroupIDs
if the stars align appropriately: it needs to have been compiled with a new enough glibc and run on a new enough kernel, and the getsockopt
needs to not be prevented (for example by SELinux or whatever). It includes the same bug fix for a valid-but-empty supplementary group list as 1.15.8.
The fact that you're also not seeing a LinuxSecurityLabel
in your GetConnectionCredentials
call suggests that either this is not an apples-to-apples comparison, or something else is going wrong, because LinuxSecurityLabel
should have been available on systems with SELinux for a long time.
Thanks for this @mrc0mmand !
Do you have any idea if the remaining failure is a regression (I assume so, but have not tested this manually in a very long time)?
I did some more testing and can reproduce it even with dbus-daemon-1.15.8-1.fc41.x86_64 (after building it locally, with SELinux in permissive mode):
# busctl call org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus GetConnectionCredentials s org.freedesktop.DBus
a{sv} 3 "ProcessID" u 601 "UnixUserID" u 81 "ProcessFD" h 4
But the same stuff happens on Arch Linux, again after switching from dbus-broker to dbus-daemon (here the lack of LinuxSecurityLabel
is expected, since Arch doesn't do SELinux by default):
# pacman -Q dbus-daemon-units
dbus-daemon-units 1.14.10-2
# busctl call org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus GetConnectionCredentials s org.freedesktop.DBus
a{sv} 2 "ProcessID" u 370 "UnixUserID" u 81
With dbus-broker I get:
# pacman -Q dbus-broker-units
dbus-broker-units 35-2
# busctl call org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus GetConnectionCredentials s org.freedesktop.DBus
a{sv} 4 "UnixUserID" u 0 "ProcessID" u 375 "UnixGroupIDs" au 1 0 "ProcessFD" h 4
This gets rid of two meson deprecation warnings and also makes most (*) of the reference tests work with newer dbus-daemon (F39 and Rawhide), that started using path-based sockets instead of abstract ones.
(*)
The last test fails in this test case: https://github.com/bus1/dbus-broker/blob/db8f3cacd5b72d8e32d627cbe06d09546d1ecf65/test/dbus/test-driver.c#L1742-L1754
because there's no
UnixGroupIDs
sent back. I can reproduce this on latest Fedora Rawhide if I switch from dbus-broker to dbus-daemon and issue the D-Bus call directly:Doing the same with dbus-broker seems to return "expected" results:
I'm not sure if this is a bug or not (or at least I couldn't find anything obvious in dbus-daemon's release notes, apart from maybe this bugfix that's in v1.15.8).