From 3609f6d186844f0ffbde6233ffa5df7819ef5d70 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Tue, 15 Mar 2011 14:16:18 +0000 Subject: [PATCH 3/6] bus_context_check_security_policy: syslog if we hit the outgoing quota In practice, nothing copes with missing broadcast signals, so the least we can do is make the failure mode visible. --- bus/bus.c | 23 +++++++++++++---------- 1 files changed, 13 insertions(+), 10 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index 1532bbb..1167596 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1319,6 +1319,7 @@ nonnull (const char *maybe_null, */ static void complain_about_message (BusContext *context, + const char *error_name, const char *complaint, int matched_rules, DBusMessage *message, @@ -1352,7 +1353,7 @@ complain_about_message (BusContext *context, else proposed_recipient_loginfo = "bus"; - dbus_set_error (&stack_error, DBUS_ERROR_ACCESS_DENIED, + dbus_set_error (&stack_error, error_name, "%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) " "interface=\"%s\" member=\"%s\" error name=\"%s\" " "requested_reply=\"%d\" destination=\"%s\" (%s)", @@ -1455,7 +1456,7 @@ bus_context_check_security_policy (BusContext *context, { if (error != NULL && !dbus_error_is_set (error)) { - complain_about_message (context, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, "An SELinux policy prevents this sender from sending this " "message to this recipient", 0, message, sender, proposed_recipient, FALSE, @@ -1576,7 +1577,8 @@ bus_context_check_security_policy (BusContext *context, const char *msg = "Rejected send message, %d matched rules; " "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))"; - complain_about_message (context, "Rejected send message", toggles, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, + "Rejected send message", toggles, message, sender, proposed_recipient, requested_reply, (addressed_recipient == proposed_recipient), error); _dbus_verbose ("security policy disallowing message due to sender policy\n"); @@ -1587,7 +1589,8 @@ bus_context_check_security_policy (BusContext *context, { /* We want to drop this message, and are only not doing so for backwards * compatibility. */ - complain_about_message (context, "Would reject message", toggles, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, + "Would reject message", toggles, message, sender, proposed_recipient, requested_reply, TRUE, NULL); } @@ -1600,7 +1603,8 @@ bus_context_check_security_policy (BusContext *context, addressed_recipient, proposed_recipient, message, &toggles)) { - complain_about_message (context, "Rejected receive message", toggles, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, + "Rejected receive message", toggles, message, sender, proposed_recipient, requested_reply, (addressed_recipient == proposed_recipient), NULL); _dbus_verbose ("security policy disallowing message due to recipient policy\n"); @@ -1612,11 +1616,10 @@ bus_context_check_security_policy (BusContext *context, ((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) || (dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds))) { - dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, - "The destination service \"%s\" has a full message queue", - dest ? dest : (proposed_recipient ? - bus_connection_get_name (proposed_recipient) : - DBUS_SERVICE_DBUS)); + complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, + "Rejected: destination has a full message queue", + 0, message, sender, proposed_recipient, requested_reply, TRUE, + error); _dbus_verbose ("security policy disallowing message due to full message queue\n"); return FALSE; } -- 1.7.4.1