From b830a08076f3349c280b4d59e6e94a2669660d72 Mon Sep 17 00:00:00 2001 From: nalin Date: Feb 28 2006 06:50:52 +0000 Subject: * doc/oddjob.xml.in: make use of DocBook 4.4 vs. 4.3 a configurable option (4.4 is better, but not available on FC3). * configure.ac: add a --enable-compat-dtd to skip markup tags which aren't part of DocBook 4.3 --- diff --git a/ChangeLog b/ChangeLog index 2db0415..f202ad0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ -2006-02-27 nalin +2006-02-28 nalin tag 0.24-1 + * doc/oddjob.xml.in: make use of DocBook 4.4 vs. 4.3 a configurable + option (4.4 is better, but not available on FC3). + * configure.ac: add a --enable-compat-dtd to skip markup tags which + aren't part of DocBook 4.3 + +2006-02-27 nalin * src/oddjob_dbus.c(message_has_path): dbus_message_has_path was introduced in 0.34, not 0.30. * src/oddjob_dbus.c(oddjob_dbus_connection_close): dbus_connection_close diff --git a/configure.ac b/configure.ac index 4c00d9e..398bc6d 100644 --- a/configure.ac +++ b/configure.ac @@ -272,6 +272,25 @@ AM_CONDITIONAL(REFORMAT_XML_DOCS,test x$xml_docs = xyes) AC_PATH_PROGS(PATH_XMLTO,xmlto,:) AC_SUBST(PATH_XMLTO) +AC_ARG_ENABLE(compat-dtd, +AS_HELP_STRING(--enable-compat-dtd,[Use DocBook 4.3 instead of DocBook 4.4.]), +compat_dtd=$withval, +compat_dtd=no) +AC_MSG_CHECKING([which version of the DocBook DTD to use]) +if test x$compat_dtd = xyes ; then + DOCBOOK_PACKAGE_START= + DOCBOOK_PACKAGE_END= + DOCBOOK_VERSION=4.3 +else + DOCBOOK_PACKAGE_START="" + DOCBOOK_PACKAGE_END="" + DOCBOOK_VERSION=4.4 +fi +AC_MSG_RESULT([$DOCBOOK_VERSION]) +AC_SUBST(DOCBOOK_PACKAGE_START) +AC_SUBST(DOCBOOK_PACKAGE_END) +AC_SUBST(DOCBOOK_VERSION) + currentuser=`id -un` AC_SUBST(currentuser) currentgroup=`id -gn` diff --git a/doc/oddjob.html b/doc/oddjob.html index bb43bee..a4c1ab6 100644 --- a/doc/oddjob.html +++ b/doc/oddjob.html @@ -1,14 +1,17 @@ -oddjob: Threat or Menace?oddjob: Threat or + Menace?

oddjob: Threat or Menace?

Nalin Dahyabhai

Red Hat, Inc.

Copyright � 2005,2006 Red Hat, Inc.

Abstract

- The oddjob package provides a means for - unprivileged applications to invoke and take limited control of - privileged applications by issuing requests using the - D-BUS system message bus. -

Table of Contents

Background
oddjob
An Example
D-BUS Configuration
oddjobd Configuration
Configuring oddjobd
Implementation Limits

Background

+ ">

oddjob: Threat or + Menace?

Nalin Dahyabhai

Red Hat, Inc.

Copyright � 2005,2006 Red Hat, Inc.

Abstract

+ The oddjob package provides + a means for unprivileged applications to invoke and take limited + control of privileged applications by issuing requests using the + D-BUS system message bus. +

Table of Contents

Background
oddjob
An Example
D-BUS + Configuration
oddjobd Configuration
Configuring oddjobd
Implementation Limits

Background

In many applications, particularly those which perform some sort of administrative task, it becomes useful to separate the presentation (which needn't have any special privileges, and frequently shouldn't) @@ -39,8 +42,8 @@ properly to ensure that it is started and stopped at system boot and shutdown

  • an entire protocol for encoding communications between the client and server must be invented

    • - A third option has recently become available: the D-BUS system - message bus. The system message bus provides an interprocess + A third option has recently become available: the D-BUS + system message bus. The system message bus provides an interprocess communication mechanism to processes on the system. The bus carries three types of messages:

    • events, which are broadcast and @@ -51,23 +54,26 @@ Method call and response messages which are sent over the system message bus provide a loosely coupled object-oriented RPC mechanism.

      - The D-BUS libraries also provide a means of - encoding, transmitting, listening for, receiving, and parsing messages - which are sent over the bus. Using D-BUS as the - mechanism for a long-running process reduces the time required to - implement both a long-running server and its clients. Because the - implementation of the bus protocols is designed to be reused, it also - offers the opportunity to have one privileged process service a - potentially large number of clients. + The D-BUS libraries also + provide a means of encoding, transmitting, listening for, receiving, + and parsing messages which are sent over the bus. Using + D-BUS as the mechanism for + a long-running process reduces the time required to implement both a + long-running server and its clients. Because the implementation of the + bus protocols is designed to be reused, it also offers the opportunity + to have one privileged process service a potentially large number of + clients.

      - The oddjob package implements such a server. -

    oddjob

    - The server provided by oddjob, + The oddjob package + implements such a server. +

    oddjob

    + The server provided by + oddjob, oddjobd, provides services which appear to be indistinguishable from other services provided through - D-BUS, but in an unconventional manner. Before - continuing, it is instructive to look at how clients and servers - interact over the bus. + D-BUS, but in an + unconventional manner. Before continuing, it is instructive to look at + how clients and servers interact over the bus.

    The fundamental unit of communication over the system bus is the message. For practical purposes, a message is @@ -100,7 +106,7 @@ implemented on web servers using scripting engines and applications which are implemented using the Common Gateway Interface (CGI). -

    An Example

    +

    An Example

    Take for example, a service which is provided by the well-known address "com.example.system_manager". This management service controls multiple systems, each of which is represented as a different @@ -120,15 +126,16 @@ Using oddjobd, the entire implementation can be synthesized by providing the proper configuration files and shell scripts. -

    D-BUS Configuration

    - The D-BUS system bus enforces restrictions - on which applications can reserve well-known bus addresses. - It bases this restriction on the UID under which a client - process is executing when it requests the reservation. - Additionally, the system message bus can impose access - controls on the ability to send or receive messages to or from - a particular service/object/interface/method set using the - bus. This example allows processes running as +

    D-BUS + Configuration

    + The D-BUS system + bus enforces restrictions on which applications can reserve + well-known bus addresses. It bases this restriction on the UID + under which a client process is executing when it requests the + reservation. Additionally, the system message bus can impose + access controls on the ability to send or receive messages to + or from a particular service/object/interface/method set using + the bus. This example allows processes running as "root" to reserve the name "com.example.system_manager", and allows any user to call its reboot and @@ -163,7 +170,7 @@ </policy> </busconfig>

    -

    oddjobd Configuration

    +

    oddjobd Configuration

    The oddjobd daemon provides services which are implemented by external helper applications. The helpers are executed with superuser privileges, and receive their @@ -203,7 +210,7 @@ </object> </service> </oddjobconfig>

    -

    Configuring oddjobd

    +

    Configuring oddjobd

    The oddjobd configuration is normally read from /etc/oddjobd.conf, but in most deployments it will direct the daemon to read all of the configuration files from @@ -224,23 +231,24 @@ cause failure to read the named file to be treated as a non-fatal error.

    - A <service> element names a D-BUS - service address at which services defined within the scope of this - element will be provided by oddjobd. The service - address is given as the value of its "name" attribute, and it - may contain <object> elements, <allow> - elements, and <deny> elements. + A <service> element names a + D-BUS service address at + which services defined within the scope of this element will be + provided by oddjobd. The service address is given + as the value of its "name" attribute, and it may contain + <object> elements, <allow> elements, and + <deny> elements.

    Tip

    The service name should be unique to your application. The name "com.redhat.oddjob" is reserved.

    - An <object> element names a D-BUS - object path which provides one or more interfaces to client processes. - The object path is given as the value of its "name" - attribute, and it may contain <interface> elements. Its - name may include wildcards, in which case any request to an object - whose name matches the wildcard will be considered to match this - element. + An <object> element names a + D-BUS object path which + provides one or more interfaces to client processes. The object path + is given as the value of its "name" attribute, and it may + contain <interface> elements. Its name may include + wildcards, in which case any request to an object whose name matches + the wildcard will be considered to match this element.

    Caution

    If a single client request matches multiple different <object> elements, the behavior of oddjobd becomes undefined.

    The @@ -320,7 +328,7 @@ which would be allowed to call the method to a compromise of the superuser account. The oddjobd server performs no other authentication.

    -

    Implementation Limits

    +

    Implementation Limits

    The current implementation of oddjobd imposes some limitations on clients.

    • A client request can contain no more than 65535 diff --git a/doc/oddjob.xml.in b/doc/oddjob.xml.in index a45dc2d..8e42a71 100644 --- a/doc/oddjob.xml.in +++ b/doc/oddjob.xml.in @@ -1,9 +1,10 @@ - +

      - <package>oddjob</package>: Threat or Menace? + @DOCBOOK_PACKAGE_START@oddjob@DOCBOOK_PACKAGE_END@: Threat or + Menace? 2005,2006 Red Hat, Inc. @@ -16,10 +17,10 @@ - The oddjob package provides a means for - unprivileged applications to invoke and take limited control of - privileged applications by issuing requests using the - D-BUS system message bus. + The @DOCBOOK_PACKAGE_START@oddjob@DOCBOOK_PACKAGE_END@ package provides + a means for unprivileged applications to invoke and take limited + control of privileged applications by issuing requests using the + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ system message bus. @@ -68,8 +69,8 @@ A third option has recently become available: the D-BUS system - message bus. The system message bus provides an interprocess + pubwork="webpage">@DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ + system message bus. The system message bus provides an interprocess communication mechanism to processes on the system. The bus carries three types of messages: @@ -87,29 +88,32 @@ message bus provide a loosely coupled object-oriented RPC mechanism. - The D-BUS libraries also provide a means of - encoding, transmitting, listening for, receiving, and parsing messages - which are sent over the bus. Using D-BUS as the - mechanism for a long-running process reduces the time required to - implement both a long-running server and its clients. Because the - implementation of the bus protocols is designed to be reused, it also - offers the opportunity to have one privileged process service a - potentially large number of clients. + The @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ libraries also + provide a means of encoding, transmitting, listening for, receiving, + and parsing messages which are sent over the bus. Using + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ as the mechanism for + a long-running process reduces the time required to implement both a + long-running server and its clients. Because the implementation of the + bus protocols is designed to be reused, it also offers the opportunity + to have one privileged process service a potentially large number of + clients. - The oddjob package implements such a server. + The @DOCBOOK_PACKAGE_START@oddjob@DOCBOOK_PACKAGE_END@ package + implements such a server.
      oddjob - The server provided by oddjob, + The server provided by + @DOCBOOK_PACKAGE_START@oddjob@DOCBOOK_PACKAGE_END@, oddjobd, provides services which appear to be indistinguishable from other services provided through - D-BUS, but in an unconventional manner. Before - continuing, it is instructive to look at how clients and servers - interact over the bus. + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@, but in an + unconventional manner. Before continuing, it is instructive to look at + how clients and servers interact over the bus. The fundamental unit of communication over the system bus is the @@ -180,16 +184,17 @@ scripts.
      - <package>D-BUS</package> Configuration + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ + Configuration - The D-BUS system bus enforces restrictions - on which applications can reserve well-known bus addresses. - It bases this restriction on the UID under which a client - process is executing when it requests the reservation. - Additionally, the system message bus can impose access - controls on the ability to send or receive messages to or from - a particular service/object/interface/method set using the - bus. This example allows processes running as + The @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ system + bus enforces restrictions on which applications can reserve + well-known bus addresses. It bases this restriction on the UID + under which a client process is executing when it requests the + reservation. Additionally, the system message bus can impose + access controls on the ability to send or receive messages to + or from a particular service/object/interface/method set using + the bus. This example allows processes running as "root" to reserve the name "com.example.system_manager", and allows any user to call its reboot and @@ -299,24 +304,25 @@ error. - A ]]> element names a D-BUS - service address at which services defined within the scope of this - element will be provided by oddjobd. The service - address is given as the value of its "name" attribute, and it - may contain ]]> elements, ]]> - elements, and ]]> elements. + A ]]> element names a + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ service address at + which services defined within the scope of this element will be + provided by oddjobd. The service address is given + as the value of its "name" attribute, and it may contain + ]]> elements, ]]> elements, and + ]]> elements. TipThe service name should be unique to your application. The name "@NAMESPACE@.oddjob" is reserved. - An ]]> element names a D-BUS - object path which provides one or more interfaces to client processes. - The object path is given as the value of its "name" - attribute, and it may contain ]]> elements. Its - name may include wildcards, in which case any request to an object - whose name matches the wildcard will be considered to match this - element. + An ]]> element names a + @DOCBOOK_PACKAGE_START@D-BUS@DOCBOOK_PACKAGE_END@ object path which + provides one or more interfaces to client processes. The object path + is given as the value of its "name" attribute, and it may + contain ]]> elements. Its name may include + wildcards, in which case any request to an object whose name matches + the wildcard will be considered to match this element. CautionIf a single client request matches multiple different ]]> elements, the behavior of oddjobd becomes undefined. The diff --git a/oddjob.spec b/oddjob.spec index f9b6330..413dd83 100644 --- a/oddjob.spec +++ b/oddjob.spec @@ -10,7 +10,8 @@ Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: dbus-devel >= 0.22, libselinux-devel, libxml2-devel BuildRequires: pam-devel, python-devel -BuildRequires: cyrus-sasl-devel, krb5-devel, openldap-devel, xmlto +BuildRequires: cyrus-sasl-devel, krb5-devel, openldap-devel +BuildRequires: docbook-dtds, xmlto Requires(post): /sbin/service Requires(post): /sbin/chkconfig Requires(pre): /sbin/chkconfig @@ -60,7 +61,7 @@ sample_flag=--enable-sample --disable-static \ --with-selinux-acls=default \ --with-selinux-labels \ - --with-python --enable-xml-docs \ + --with-python --enable-xml-docs --enable-compat-dtd \ --libexecdir=%{_libdir} \ $sample_flag make %{_smp_mflags} @@ -141,10 +142,11 @@ fi %postun libs -p /sbin/ldconfig %changelog -* Mon Feb 27 2006 Nalin Dahyabhai 0.24-1 +* Tue Feb 28 2006 Nalin Dahyabhai 0.24-1 - update to 0.24, fixing some build errors against D-BUS 0.30-0.33 - require xmlto, because the generated HTML differs depending on whether or not we know how to enforce ACLs which include SELinux context info +- build with DocBook 4.3 * Mon Feb 27 2006 Nalin Dahyabhai 0.23-3 - rebuild