kumquat-buildroot/package/dbus-broker/session.conf
Norbert Lange bd3cf3fb5b package/dbus-broker: new package
dbus-broker is an alternate implementation of a dbus daemon. It can be
used as a drop-in replacement for the system bus daemon, as well as the
session bus daemon.

dbus-broker is (basically, and as far as we're concerned in Buildroot)
split in two components:

  - the actual message bus daemon, that relays messages across clients

  - a launcher, which is responsible for setting various aspects of the
    bus, like setting the policy et al. and opening the socket(s) the
    message bus daemon will have to listen on...

The launcher can only be used in a systemd setup (it makes heavy use of
systemd facilities), while the message bus is generic. However, the
message bus daemon is useless without a launcher. There does not exist a
non-systemd launcher, which makes dbus-broker actually a systemd-only
package; this can be revisited when/if a non-systemd launcher appears.

Note, however, that libdbus is not provided by dbus-broker. People who
want to use dbus-broker as the bus daemon, and need libdbus, will have
to enable both.

If only original dbus is enabled, things stay as they are now. This is
for the moment still the default, though we should change that once
dbus-broker has proven to work.

If only dbus-broker is enabled, it installs the necessary socket
activation units and dbus configuration files. The daemon is not
launched at boot time; instead it is socket-activated when a client
connects to the bus the first time.

If both original dbus and dbus-broker are enabled, we have a conflict
with the configuration files, the socket activation file. Also, original
dbus activates the daemon as a service in multi-user.target.wants, so it
is not socket-activated and dbus-broker would never get the opportunity
to start.

Therefore, original dbus is updated to remove the conflicting files and
the activation of dbus-daemon. Since dbus-broker installs some of the
same file that original dbus removes, we have to add a dependency to
make sure that the ones installed by dbus-broker aren't removed.

If both are installed, it is still possible to revert back to using
original dbus as system bus:
      - at build-time: by calling systemctl enable/disable from a
        post-build script (preferred), or by providing drop-in units
        or presets in an overlay (less preferred) or custom skeleton
        (as a last resort),
      - at runtime (on a RW filesystem): by calling systemctl
        enable/disable

Note about the user: the path to the system bus socket is a so-called
"well-known location": it is expected to be there, by spec. Moving it
elsewhere is going to break existing programs. So, the user running the
system bus daemon must be able to create that socket.

As we may have two packages providing a system bus daemon, they have to
be both able to create the socket, and thus must both be able to write
in the directory containing the socket. And since they can be switched
at runtime, they must be running as the same user.

We can't just reference the original dbus user, so we duplicate the
entry. What is important, is that the user be named 'dbus', as that's
what we use in both cases.

If both original dbus and dbus-broker are selected, the dbus user is
included twice, but the specifications are identical so that's fine.
mkusers will create the user only once.

Finally, the licensing terms are pretty trivial for dbus-broker itself,
but it makes use of third-party code that it inherits as git submodules
(that are bundled in the release archive). Thus the licensing is a bit
convoluted... The third-party codes claim to be licensed as "Apache-2.0
and LGP-2.1+" in their AUTHORS files, but at the same time claim
"**Apache-2.0** OR **LGPL-2.1-or-later**" in their README files. The
individual source files (that are used) do not seem to have any
licensing header to clarify the situation. So we represent the situation
with "Apache-2.0 and/or LGPL-2.1+".

Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
  - don't select systemd; depend on it instead
  - only install config files and systemd units without original dbus
  - install a user to run the message bus as
  - fix licensing info
  - entirely reword and extend the commit log
  - add myself to DEVELOPERS as well
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout:
 - Use dbus-broker as system bus if both are selected.
 - Remove conflicting files from dbus installation.
 - Simplify symbolic link creation.
 - Add comment to remind update of session.conf and system.conf.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-28 00:48:53 +02:00

66 lines
2.8 KiB
Plaintext

<!-- This configuration file controls the per-user-login-session message bus.
Add a session-local.conf and edit that rather than changing this
file directly. -->
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Our well-known bus type, don't change this -->
<type>session</type>
<!-- If we fork, keep the user's original umask to avoid affecting
the behavior of child processes. -->
<keep_umask/>
<standard_session_servicedirs />
<policy context="default">
<!-- Allow everything to be sent -->
<allow send_destination="*" eavesdrop="true"/>
<!-- Allow everything to be received -->
<allow eavesdrop="true"/>
<!-- Allow anyone to own anything -->
<allow own="*"/>
</policy>
<!-- Config files are placed here that among other things,
further restrict the above policy for specific services. -->
<includedir>session.d</includedir>
<includedir>/etc/dbus-1/session.d</includedir>
<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">/etc/dbus-1/session-local.conf</include>
<include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
<!-- For the session bus, override the default relatively-low limits
with essentially infinite limits, since the bus is just running
as the user anyway, using up bus resources is not something we need
to worry about. In some cases, we do set the limits lower than
"all available memory" if exceeding the limit is almost certainly a bug,
having the bus enforce a limit is nicer than a huge memory leak. But the
intent is that these limits should never be hit. -->
<!-- the memory limits are 1G instead of say 4G because they can't exceed 32-bit signed int max -->
<limit name="max_incoming_bytes">1000000000</limit>
<limit name="max_incoming_unix_fds">250000000</limit>
<limit name="max_outgoing_bytes">1000000000</limit>
<limit name="max_outgoing_unix_fds">250000000</limit>
<limit name="max_message_size">1000000000</limit>
<!-- We do not override max_message_unix_fds here since the in-kernel
limit is also relatively low -->
<limit name="service_start_timeout">120000</limit>
<limit name="auth_timeout">240000</limit>
<limit name="pending_fd_timeout">150000</limit>
<limit name="max_completed_connections">100000</limit>
<limit name="max_incomplete_connections">10000</limit>
<limit name="max_connections_per_user">100000</limit>
<limit name="max_pending_service_starts">10000</limit>
<limit name="max_names_per_connection">50000</limit>
<limit name="max_match_rules_per_connection">50000</limit>
<limit name="max_replies_per_connection">50000</limit>
</busconfig>