xref: /openbmc/qemu/tests/dbus-vmstate-daemon.sh (revision c00506aa) 
1#!/bin/sh
2
3# dbus-daemon wrapper script for dbus-vmstate testing
4#
5# This script allows to tweak the dbus-daemon policy during the test
6# to test different configurations.
7#
8# This program is free software; you can redistribute it and/or modify
9# it under the terms of the GNU General Public License as published by
10# the Free Software Foundation; either version 2 of the License, or
11# (at your option) any later version.
12#
13# This program is distributed in the hope that it will be useful,
14# but WITHOUT ANY WARRANTY; without even the implied warranty of
15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16# GNU General Public License for more details.
17#
18# You should have received a copy of the GNU General Public License
19# along with this program; if not, see <http://www.gnu.org/licenses/>.
20#
21# Copyright (C) 2019 Red Hat, Inc.
22
23write_config()
24{
25    CONF="$1"
26    cat > "$CONF" <<EOF
27<busconfig>
28  <type>session</type>
29  <listen>unix:tmpdir=$DBUS_VMSTATE_TEST_TMPDIR</listen>
30
31  <policy context="default">
32     <!-- Holes must be punched in service configuration files for
33          name ownership and sending method calls -->
34     <deny own="*"/>
35     <deny send_type="method_call"/>
36
37     <!-- Signals and reply messages (method returns, errors) are allowed
38          by default -->
39     <allow send_type="signal"/>
40     <allow send_requested_reply="true" send_type="method_return"/>
41     <allow send_requested_reply="true" send_type="error"/>
42
43     <!-- All messages may be received by default -->
44     <allow receive_type="method_call"/>
45     <allow receive_type="method_return"/>
46     <allow receive_type="error"/>
47     <allow receive_type="signal"/>
48
49     <!-- Allow anyone to talk to the message bus -->
50     <allow send_destination="org.freedesktop.DBus"
51            send_interface="org.freedesktop.DBus" />
52     <allow send_destination="org.freedesktop.DBus"
53            send_interface="org.freedesktop.DBus.Introspectable"/>
54     <allow send_destination="org.freedesktop.DBus"
55            send_interface="org.freedesktop.DBus.Properties"/>
56     <!-- But disallow some specific bus services -->
57     <deny send_destination="org.freedesktop.DBus"
58           send_interface="org.freedesktop.DBus"
59           send_member="UpdateActivationEnvironment"/>
60     <deny send_destination="org.freedesktop.DBus"
61           send_interface="org.freedesktop.DBus.Debug.Stats"/>
62     <deny send_destination="org.freedesktop.DBus"
63           send_interface="org.freedesktop.systemd1.Activator"/>
64
65     <allow own="org.qemu.VMState1"/>
66     <allow send_destination="org.qemu.VMState1"/>
67     <allow receive_sender="org.qemu.VMState1"/>
68
69  </policy>
70
71  <include if_selinux_enabled="yes"
72   selinux_root_relative="yes">contexts/dbus_contexts</include>
73
74</busconfig>
75EOF
76}
77
78ARGS=
79for arg in "$@"
80do
81    case $arg in
82        --config-file=*)
83          CONF="${arg#*=}"
84          write_config "$CONF"
85          ARGS="$ARGS $1"
86          shift
87        ;;
88        *)
89          ARGS="$ARGS $1"
90          shift
91        ;;
92    esac
93done
94
95exec dbus-daemon $ARGS
96