qemu

FORK: QEMU emulator
git clone https://git.neptards.moe/neptards/qemu.git
Log | Files | Refs | Submodules | LICENSE

dbus-vmstate-daemon.sh (3058B)

      1 #!/bin/sh
      2 
      3 # dbus-daemon wrapper script for dbus-vmstate testing
      4 #
      5 # This script allows to tweak the dbus-daemon policy during the test
      6 # to test different configurations.
      7 #
      8 # This program is free software; you can redistribute it and/or modify
      9 # it under the terms of the GNU General Public License as published by
     10 # the Free Software Foundation; either version 2 of the License, or
     11 # (at your option) any later version.
     12 #
     13 # This program is distributed in the hope that it will be useful,
     14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
     15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
     16 # GNU General Public License for more details.
     17 #
     18 # You should have received a copy of the GNU General Public License
     19 # along with this program; if not, see <http://www.gnu.org/licenses/>.
     20 #
     21 # Copyright (C) 2019 Red Hat, Inc.
     22 
     23 write_config()
     24 {
     25     CONF="$1"
     26     cat > "$CONF" <<EOF
     27 <busconfig>
     28   <type>session</type>
     29   <listen>unix:tmpdir=$DBUS_VMSTATE_TEST_TMPDIR</listen>
     30 
     31   <policy context="default">
     32      <!-- Holes must be punched in service configuration files for
     33           name ownership and sending method calls -->
     34      <deny own="*"/>
     35      <deny send_type="method_call"/>
     36 
     37      <!-- Signals and reply messages (method returns, errors) are allowed
     38           by default -->
     39      <allow send_type="signal"/>
     40      <allow send_requested_reply="true" send_type="method_return"/>
     41      <allow send_requested_reply="true" send_type="error"/>
     42 
     43      <!-- All messages may be received by default -->
     44      <allow receive_type="method_call"/>
     45      <allow receive_type="method_return"/>
     46      <allow receive_type="error"/>
     47      <allow receive_type="signal"/>
     48 
     49      <!-- Allow anyone to talk to the message bus -->
     50      <allow send_destination="org.freedesktop.DBus"
     51             send_interface="org.freedesktop.DBus" />
     52      <allow send_destination="org.freedesktop.DBus"
     53             send_interface="org.freedesktop.DBus.Introspectable"/>
     54      <allow send_destination="org.freedesktop.DBus"
     55             send_interface="org.freedesktop.DBus.Properties"/>
     56      <!-- But disallow some specific bus services -->
     57      <deny send_destination="org.freedesktop.DBus"
     58            send_interface="org.freedesktop.DBus"
     59            send_member="UpdateActivationEnvironment"/>
     60      <deny send_destination="org.freedesktop.DBus"
     61            send_interface="org.freedesktop.DBus.Debug.Stats"/>
     62      <deny send_destination="org.freedesktop.DBus"
     63            send_interface="org.freedesktop.systemd1.Activator"/>
     64 
     65      <allow own="org.qemu.VMState1"/>
     66      <allow send_destination="org.qemu.VMState1"/>
     67      <allow receive_sender="org.qemu.VMState1"/>
     68 
     69   </policy>
     70 
     71   <include if_selinux_enabled="yes"
     72    selinux_root_relative="yes">contexts/dbus_contexts</include>
     73 
     74 </busconfig>
     75 EOF
     76 }
     77 
     78 ARGS=
     79 for arg in "$@"
     80 do
     81     case $arg in
     82         --config-file=*)
     83           CONF="${arg#*=}"
     84           write_config "$CONF"
     85           ARGS="$ARGS $1"
     86           shift
     87         ;;
     88         *)
     89           ARGS="$ARGS $1"
     90           shift
     91         ;;
     92     esac
     93 done
     94 
     95 exec dbus-daemon $ARGS