sd-bus API, sd_bus_request_name returns Permission denied

Asked 28/9, 2015 at 17:17 Answered 10/2, 2023 at 9:57

bus APIs in systemd 221. When I request a name for an object in system bus it prints out an error saying "Permission denied". I am running the output file as root. The line "sd_bus_request_name(bus, "net.poettering.Calculator", 0)" throws an error : "Failed to acquire servie name..: Permission denied"

I think root should have a permission to acquire a name for an object. Does any one know how to solve this?

thank you in advance.

Here is the example code from http://0pointer.net/blog/the-new-sd-bus-api-of-systemd.html :

int main(int argc, char *argv[]) {
sd_bus_slot *slot = NULL;
sd_bus *bus = NULL;
int r;

r = sd_bus_default_system(&bus);
if (r < 0) {
    fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
    goto finish;
}

/* Install the object */
r = sd_bus_add_object_vtable(bus,
                             &slot,
                             "/net/poettering/Calculator",
                             "net.poettering.Calculator",   /* interface name                             */calculator_vtable,
                             NULL);
if (r < 0) {
    fprintf(stderr, "Failed to issue method call: %s\n", strerror(-r));
    goto finish;
}

/* Take a well-known service name so that clients can find us */
r = sd_bus_request_name(bus, "net.poettering.Calculator", 0);
if (r < 0) {
    fprintf(stderr, "Failed to acquire service name: %s\n", strerror(-r));
    goto finish;
}

Moravian answered 28/9, 2015 at 17:17 Comment(2)

Obligatory: which linux (RHEL vs ubuntu vs fedora vs... as well as kernel version) are you running, and did you try turning selinux to permissive (as selinux is one way that root will get denied) – Acquainted 28/9, 2015 at 17:21

The example code is running in oracle linux 7.1 . I heard oracle linux was branched out from Centos and Redhat. Kernel version is 3.8.13. Also SELINUX was disabled. – Moravian 28/9, 2015 at 18:4

Typical default D-Bus configuration does not allow to register services except explicitly allowed. You need to allow root to register your service. Create /etc/dbus-1/system.d/net.poettering.Calculator.conf:

<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
  <policy user="root">
    <allow own="net.poettering.Calculator"/>
  </policy>
</busconfig>

Read man dbus-daemon for details.

Hemicycle answered 22/6, 2016 at 13:42 Comment(0)

I don't know if this could be useful, but I found a workaround, not the most recommended because you allow the user to create dbus objects in the system bus without having them listed or having a specific configuration file for them.

You need to edit the file in /usr/share/dbus-1/system.conf with sudo.
Edit the contents of the lines below the Holes must be punched... phrase.

<!-- Holes must be punched in service configuration files for name ownership and sending method calls --

<deny own="*"/

<deny send_type="method_call"/>

Change the deny to allow.

With those changes the sd_bus_request_name returns Permission denied error was solved at least in my case.

Polash answered 10/2, 2023 at 9:57 Comment(0)

-3

int main(int argc, char *argv[])
{
    sd_bus_slot *slot = NULL;
    sd_bus *bus = NULL;
    int r;
    r = sd_bus_default_system(&bus);
    if (r < 0) 
    {
        fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
        goto finish;
    }
}

Mennonite answered 22/1, 2016 at 12:13 Comment(0)

Recommended topics

Hot tags