Re: [systemd-devel] D-feet displays an error message when using sd-bus
Thank you very much Mantas, it works like a charm. I modified my configuration file and it looks like that now: ``` http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd;> ``` Regards Yves Le mar. 19 oct. 2021 à 17:55, Mantas Mikulėnas a écrit : > On Tue, Oct 19, 2021, 18:29 yves baumes wrote: > >> Hello, >> >> First I am not sure it is the correct place to ask questions about lib >> sd-bus. Is it? Here is my issues: >> >> I am trying to use the lib sd-bus, following this blog post: >> http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html . >> >> I am able to launch my own service on the *user* bus. >> When I launch it on the *system* bus, problems appear. >> First I had a permission denied issue, and to correct it I had to create >> a configuration file in /etc/dbus-1/system.d/net.poettering.Calculator.conf >> . As stated in >> https://stackoverflow.com/questions/32828468/sd-bus-api-sd-bus-request-name-returns-permission-denied >> . >> Thus the executable launches perfectly (no more 'permission denied' >> errors). >> > > This is normal as the system bus is "deny everything by default", to make > sure unprivileged users can't impersonate a service. > > >> Now I am trying to inspect the service with D-feet. The service is well >> listed on the left pane: net.poettering.Calculator, but when I click on it, >> I get an error window stating : >> 'net.poettering.Calculator: g-dbus-error-quark: >> GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Rejected send message, >> 1 matched rules; type="method_call", sender=":-1.1996" (uid=1000 >> pid=3110822 comm="/usr/bin/python3 /usr/bin/d-feet" label"unconfined") >> interface="org.freedesktop.DBus.Introspectable" member="Introspect" error >> name ="(unset)" requested_reply="0" destination=net.poettering.Calculator" >> (uid=0 pid=3110595 comm="./-bus-service" label="unconfined")(9)' . >> > > This also means you need to allow things in the dbus-daemon policy. Not > only does the service need permissions to claim a name, but everyone also > needs permissions to send it messages (and receive replies). > > In many cases you can copy a basic policy that just allows everything from > any UID to your service (possibly still limited by interface), like how > UDisks2.conf does it. >
Re: [systemd-devel] D-feet displays an error message when using sd-bus
On Tue, Oct 19, 2021, 18:29 yves baumes wrote: > Hello, > > First I am not sure it is the correct place to ask questions about lib > sd-bus. Is it? Here is my issues: > > I am trying to use the lib sd-bus, following this blog post: > http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html . > > I am able to launch my own service on the *user* bus. > When I launch it on the *system* bus, problems appear. > First I had a permission denied issue, and to correct it I had to create a > configuration file in /etc/dbus-1/system.d/net.poettering.Calculator.conf . > As stated in > https://stackoverflow.com/questions/32828468/sd-bus-api-sd-bus-request-name-returns-permission-denied > . > Thus the executable launches perfectly (no more 'permission denied' > errors). > This is normal as the system bus is "deny everything by default", to make sure unprivileged users can't impersonate a service. > Now I am trying to inspect the service with D-feet. The service is well > listed on the left pane: net.poettering.Calculator, but when I click on it, > I get an error window stating : > 'net.poettering.Calculator: g-dbus-error-quark: > GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Rejected send message, > 1 matched rules; type="method_call", sender=":-1.1996" (uid=1000 > pid=3110822 comm="/usr/bin/python3 /usr/bin/d-feet" label"unconfined") > interface="org.freedesktop.DBus.Introspectable" member="Introspect" error > name ="(unset)" requested_reply="0" destination=net.poettering.Calculator" > (uid=0 pid=3110595 comm="./-bus-service" label="unconfined")(9)' . > This also means you need to allow things in the dbus-daemon policy. Not only does the service need permissions to claim a name, but everyone also needs permissions to send it messages (and receive replies). In many cases you can copy a basic policy that just allows everything from any UID to your service (possibly still limited by interface), like how UDisks2.conf does it.
[systemd-devel] D-feet displays an error message when using sd-bus
Hello, First I am not sure it is the correct place to ask questions about lib sd-bus. Is it? Here is my issues: I am trying to use the lib sd-bus, following this blog post: http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html . I am able to launch my own service on the *user* bus. When I launch it on the *system* bus, problems appear. First I had a permission denied issue, and to correct it I had to create a configuration file in /etc/dbus-1/system.d/net.poettering.Calculator.conf . As stated in https://stackoverflow.com/questions/32828468/sd-bus-api-sd-bus-request-name-returns-permission-denied . Thus the executable launches perfectly (no more 'permission denied' errors). Now I am trying to inspect the service with D-feet. The service is well listed on the left pane: net.poettering.Calculator, but when I click on it, I get an error window stating : 'net.poettering.Calculator: g-dbus-error-quark: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 1 matched rules; type="method_call", sender=":-1.1996" (uid=1000 pid=3110822 comm="/usr/bin/python3 /usr/bin/d-feet" label"unconfined") interface="org.freedesktop.DBus.Introspectable" member="Introspect" error name ="(unset)" requested_reply="0" destination=net.poettering.Calculator" (uid=0 pid=3110595 comm="./-bus-service" label="unconfined")(9)' . When I close this error window, I then get no information in the right pane. I am not sure I understand the reported error. What is it about? Does someone have some clues about that? How can I remove this error? Regards Yves
