dbus: use name resolved by exec.Command
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
parent
85407dd3c0
commit
55a5b6f242
10
dbus/dbus.go
10
dbus/dbus.go
@ -9,12 +9,16 @@ import (
|
|||||||
"git.ophivana.moe/cat/fortify/helper"
|
"git.ophivana.moe/cat/fortify/helper"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// ProxyName is the file name or path to the proxy program.
|
||||||
|
// Overriding ProxyName will only affect Proxy instance created after the change.
|
||||||
|
var ProxyName = "xdg-dbus-proxy"
|
||||||
|
|
||||||
// Proxy holds references to a xdg-dbus-proxy process, and should never be copied.
|
// Proxy holds references to a xdg-dbus-proxy process, and should never be copied.
|
||||||
// Once sealed, configuration changes will no longer be possible and attempting to do so will result in a panic.
|
// Once sealed, configuration changes will no longer be possible and attempting to do so will result in a panic.
|
||||||
type Proxy struct {
|
type Proxy struct {
|
||||||
helper helper.Helper
|
helper helper.Helper
|
||||||
|
|
||||||
path string
|
name string
|
||||||
session [2]string
|
session [2]string
|
||||||
system [2]string
|
system [2]string
|
||||||
|
|
||||||
@ -75,6 +79,6 @@ func (p *Proxy) Seal(session, system *Config) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// New returns a reference to a new unsealed Proxy.
|
// New returns a reference to a new unsealed Proxy.
|
||||||
func New(binPath string, session, system [2]string) *Proxy {
|
func New(session, system [2]string) *Proxy {
|
||||||
return &Proxy{path: binPath, session: session, system: system}
|
return &Proxy{name: ProxyName, session: session, system: system}
|
||||||
}
|
}
|
||||||
|
@ -9,10 +9,6 @@ import (
|
|||||||
"git.ophivana.moe/cat/fortify/helper"
|
"git.ophivana.moe/cat/fortify/helper"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
|
||||||
binPath = "/usr/bin/bwrap"
|
|
||||||
)
|
|
||||||
|
|
||||||
func TestNew(t *testing.T) {
|
func TestNew(t *testing.T) {
|
||||||
for _, tc := range [][2][2]string{
|
for _, tc := range [][2][2]string{
|
||||||
{
|
{
|
||||||
@ -33,9 +29,9 @@ func TestNew(t *testing.T) {
|
|||||||
},
|
},
|
||||||
} {
|
} {
|
||||||
t.Run("create instance for "+tc[0][0]+" and "+tc[1][0], func(t *testing.T) {
|
t.Run("create instance for "+tc[0][0]+" and "+tc[1][0], func(t *testing.T) {
|
||||||
if got := dbus.New(binPath, tc[0], tc[1]); !got.CompareTestNew(binPath, tc[0], tc[1]) {
|
if got := dbus.New(tc[0], tc[1]); !got.CompareTestNew(tc[0], tc[1]) {
|
||||||
t.Errorf("New(%q, %q, %q) = %v",
|
t.Errorf("New(%q, %q) = %v",
|
||||||
binPath, tc[0], tc[1],
|
tc[0], tc[1],
|
||||||
got)
|
got)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
@ -52,12 +48,12 @@ func TestProxy_Seal(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
p := dbus.New(binPath, [2]string{}, [2]string{})
|
p := dbus.New([2]string{}, [2]string{})
|
||||||
_ = p.Seal(dbus.NewConfig("", true, false), nil)
|
_ = p.Seal(dbus.NewConfig("", true, false), nil)
|
||||||
_ = p.Seal(dbus.NewConfig("", true, false), nil)
|
_ = p.Seal(dbus.NewConfig("", true, false), nil)
|
||||||
})
|
})
|
||||||
|
|
||||||
ep := dbus.New(binPath, [2]string{}, [2]string{})
|
ep := dbus.New([2]string{}, [2]string{})
|
||||||
if err := ep.Seal(nil, nil); !errors.Is(err, dbus.ErrConfig) {
|
if err := ep.Seal(nil, nil); !errors.Is(err, dbus.ErrConfig) {
|
||||||
t.Errorf("Seal(nil, nil) error = %v, want %v",
|
t.Errorf("Seal(nil, nil) error = %v, want %v",
|
||||||
err, dbus.ErrConfig)
|
err, dbus.ErrConfig)
|
||||||
@ -65,7 +61,7 @@ func TestProxy_Seal(t *testing.T) {
|
|||||||
|
|
||||||
for id, tc := range testCasePairs() {
|
for id, tc := range testCasePairs() {
|
||||||
t.Run("create seal for "+id, func(t *testing.T) {
|
t.Run("create seal for "+id, func(t *testing.T) {
|
||||||
p := dbus.New(binPath, tc[0].bus, tc[1].bus)
|
p := dbus.New(tc[0].bus, tc[1].bus)
|
||||||
if err := p.Seal(tc[0].c, tc[1].c); (errors.Is(err, helper.ErrContainsNull)) != tc[0].wantErr {
|
if err := p.Seal(tc[0].c, tc[1].c); (errors.Is(err, helper.ErrContainsNull)) != tc[0].wantErr {
|
||||||
t.Errorf("Seal(%p, %p) error = %v, wantErr %v",
|
t.Errorf("Seal(%p, %p) error = %v, wantErr %v",
|
||||||
tc[0].c, tc[1].c,
|
tc[0].c, tc[1].c,
|
||||||
@ -119,7 +115,7 @@ func TestProxy_Start_Wait_Close_String(t *testing.T) {
|
|||||||
|
|
||||||
t.Run("proxy for "+id, func(t *testing.T) {
|
t.Run("proxy for "+id, func(t *testing.T) {
|
||||||
helper.InternalReplaceExecCommand(t)
|
helper.InternalReplaceExecCommand(t)
|
||||||
p := dbus.New(binPath, tc[0].bus, tc[1].bus)
|
p := dbus.New(tc[0].bus, tc[1].bus)
|
||||||
|
|
||||||
t.Run("unsealed behaviour of "+id, func(t *testing.T) {
|
t.Run("unsealed behaviour of "+id, func(t *testing.T) {
|
||||||
t.Run("unsealed string of "+id, func(t *testing.T) {
|
t.Run("unsealed string of "+id, func(t *testing.T) {
|
||||||
@ -164,7 +160,7 @@ func TestProxy_Start_Wait_Close_String(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
t.Run("started string of "+id, func(t *testing.T) {
|
t.Run("started string of "+id, func(t *testing.T) {
|
||||||
wantSubstr := binPath + " --args=3"
|
wantSubstr := dbus.ProxyName + " --args=3"
|
||||||
if got := p.String(); !strings.Contains(got, wantSubstr) {
|
if got := p.String(); !strings.Contains(got, wantSubstr) {
|
||||||
t.Errorf("String() = %v, want %v",
|
t.Errorf("String() = %v, want %v",
|
||||||
p.String(), wantSubstr)
|
p.String(), wantSubstr)
|
||||||
|
@ -3,8 +3,8 @@ package dbus
|
|||||||
import "io"
|
import "io"
|
||||||
|
|
||||||
// CompareTestNew provides TestNew with comparison access to unexported Proxy fields.
|
// CompareTestNew provides TestNew with comparison access to unexported Proxy fields.
|
||||||
func (p *Proxy) CompareTestNew(path string, session, system [2]string) bool {
|
func (p *Proxy) CompareTestNew(session, system [2]string) bool {
|
||||||
return path == p.path && session == p.session && system == p.system
|
return session == p.session && system == p.system
|
||||||
}
|
}
|
||||||
|
|
||||||
// AccessTestProxySeal provides TestProxy_Seal with access to unexported Proxy seal field.
|
// AccessTestProxySeal provides TestProxy_Seal with access to unexported Proxy seal field.
|
||||||
|
@ -18,7 +18,7 @@ func (p *Proxy) Start(ready chan error, output io.Writer) error {
|
|||||||
return errors.New("proxy not sealed")
|
return errors.New("proxy not sealed")
|
||||||
}
|
}
|
||||||
|
|
||||||
h := helper.New(p.seal, p.path,
|
h := helper.New(p.seal, p.name,
|
||||||
func(argsFD, statFD int) []string {
|
func(argsFD, statFD int) []string {
|
||||||
if statFD == -1 {
|
if statFD == -1 {
|
||||||
return []string{"--args=" + strconv.Itoa(argsFD)}
|
return []string{"--args=" + strconv.Itoa(argsFD)}
|
||||||
|
@ -4,7 +4,6 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
|
||||||
"path"
|
"path"
|
||||||
|
|
||||||
"git.ophivana.moe/cat/fortify/acl"
|
"git.ophivana.moe/cat/fortify/acl"
|
||||||
@ -16,13 +15,10 @@ import (
|
|||||||
const (
|
const (
|
||||||
dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
|
dbusSessionBusAddress = "DBUS_SESSION_BUS_ADDRESS"
|
||||||
dbusSystemBusAddress = "DBUS_SYSTEM_BUS_ADDRESS"
|
dbusSystemBusAddress = "DBUS_SYSTEM_BUS_ADDRESS"
|
||||||
|
|
||||||
xdgDBusProxy = "xdg-dbus-proxy"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
ErrDBusConfig = errors.New("dbus config not supplied")
|
ErrDBusConfig = errors.New("dbus config not supplied")
|
||||||
ErrDBusProxy = errors.New(xdgDBusProxy + " not found")
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
@ -68,13 +64,8 @@ func (seal *appSeal) shareDBus(config [2]*dbus.Config) error {
|
|||||||
systemBus[0] = addr
|
systemBus[0] = addr
|
||||||
}
|
}
|
||||||
|
|
||||||
// look up proxy program path for dbus.New
|
// create proxy instance
|
||||||
if b, err := exec.LookPath(xdgDBusProxy); err != nil {
|
seal.sys.dbus = dbus.New(sessionBus, systemBus)
|
||||||
return (*LookupDBusError)(wrapError(ErrDBusProxy, xdgDBusProxy, "not found"))
|
|
||||||
} else {
|
|
||||||
// create proxy instance
|
|
||||||
seal.sys.dbus = dbus.New(b, sessionBus, systemBus)
|
|
||||||
}
|
|
||||||
|
|
||||||
// seal dbus proxy
|
// seal dbus proxy
|
||||||
if err := seal.sys.dbus.Seal(config[0], config[1]); err != nil {
|
if err := seal.sys.dbus.Seal(config[0], config[1]); err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user