[Ubuntu Wiki] Update of "DebuggingDBus" by grawity

Ubuntu Wiki noreply at ubuntu.com
Mon Apr 22 18:08:56 UTC 2013


Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Ubuntu Wiki" for change notification.

The "DebuggingDBus" page has been changed by grawity:
http://wiki.kubuntu.org/DebuggingDBus?action=diff&rev1=5&rev2=6

Comment:
Update for a stricter policy

  
  This is trickier, because D-Bus policy typically prevents anything but signals from being viewable by dbus-monitor.  But we can change that.
  
-  1. Make a backup of /etc/dbus-1/system.conf:
+  1. Create a file /etc/dbus-1/system.d/99-eavesdrop.conf, with these contents:
   {{{
+ <!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+ <busconfig>
+ 	<policy user="root">
- sudo cp /etc/dbus-1/system.conf /etc/dbus-1/system.conf~
-  }}}
-  1. Edit /etc/dbus-1/system.conf
-  {{{
- sudo editor /etc/dbus-1/system.conf
-  }}}
-  1. Find the <policy context="default"> section and replace it with the following block.  This block opens up the system bus to viewing by anyone.
- 
-  '''This is not a safe policy!  You should revert this change after you are done debugging.'''
-  {{{
-   <policy context="default">
-     <!-- Allow everything to be sent -->
-     <allow send_destination="*" eavesdrop="true"/>
-     <!-- Allow everything to be received -->
-     <allow eavesdrop="true"/>
+ 		<allow eavesdrop="true"/>
-     <!-- Allow anyone to own anything -->
-     <allow own="*"/>
-     <allow user="*"/>
+ 		<allow eavesdrop="true"
+ 		       send_type="method_call"
+ 		       send_destination="*"
+ 		       send_path="/org/freedesktop/DBus"
+ 		       send_interface="org.freedesktop.DBus"
+ 		       send_member="AddMatch"/>
-   </policy>
+ 	</policy>
+ </busconfig>
-  }}}
-  1. Then comment out or delete the nearby <includedir> line.  This line will include individual policies for specific services.  But we don't want those individual policies to further restrict the bus.  So we force our above lax policy by not including sub-policies.
-  {{{
- <!--  <includedir>system.d</includedir> -->
-  }}}
-  1. Reboot to get a fresh dbus daemon using this new policy.
-  {{{
- sudo reboot
   }}}
   1. Now run dbus-monitor as root.  You should be able to see all signals, method calls, and method replies.
   {{{
  sudo dbus-monitor --system
   }}}
-  1. When done debugging, remember to go back to your previous, secure policy:
+  1. When done debugging, it is wise to remove the policy snippet:
   {{{
+ sudo rm /etc/dbus-1/system.d/99-eavesdrop.conf
- sudo cp /etc/dbus-1/system.conf~ /etc/dbus-1/system.conf
- sudo reboot
   }}}
  
  = Filtering all the noise =
  
  If there is just too much information on the bus, pass a match rule like so:
  {{{
- dbus-monitor "type='signal',sender='org.gnome.TypingMonitor',interface='org.gnome.TypingMonitor'"
+ dbus-monitor "type=signal,sender='org.gnome.TypingMonitor',interface='org.gnome.TypingMonitor'"
  }}}
  
- Multiple rules can be specified.  If a message matches any of the rules, the message will be printed.  Like so:
+ Multiple rules can be specified.  If a message matches ''any'' of the rules, the message will be printed.  Like so:
  {{{
- dbus-monitor 'type=error' 'sender=org.freedesktop.SystemToolsBackends'
+ dbus-monitor "type=error" "sender=org.freedesktop.SystemToolsBackends"
+ }}}
+ {{{
+ dbus-monitor "type=method_call" "type=method_return" "type=error"
  }}}
  
  See the [[http://dbus.freedesktop.org/doc/dbus-specification.html|D-Bus documentation]] for more information on match rule syntax.



More information about the Ubuntu-bugsquad mailing list