GetConnectionCredentials method was added to dbus-1 specification
more than one year ago. This method should return [...] as many
credentials as possible for the process connected to the server,
but at this moment only UnixUserID, LinuxSecurityLabel and
ProcessID are defined by the specification. We should add support
for next credentials after extending dbus-1 spec.
diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c
index 3c613e4..e63a95d 100644
--- a/src/bus-proxyd/driver.c
+++ b/src/bus-proxyd/driver.c
@@ -49,9 +49,6 @@ static int get_creds_by_name(sd_bus *bus, const char *name,
uint64_t mask, sd_bu
if (r 0)
return r;
-if ((c-mask mask) != mask)
-return -ENOTSUP;
-
*_creds = c;
c = NULL;
@@ -109,6 +106,10 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b,
sd_bus_message *m, SharedPoli
method name=\RemoveMatch\\n
arg type=\s\ direction=\in\/\n
/method\n
+ method name=\GetConnectionCredentials\\n
+ arg type=\s\ direction=\in\/\n
+ arg type=\a{sv}\ direction=\out\/\n
+ /method\n
method
name=\GetConnectionSELinuxSecurityContext\\n
arg type=\s\ direction=\in\/\n
arg type=\ay\ direction=\out\/\n
@@ -212,6 +213,72 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b,
sd_bus_message *m, SharedPoli
return synthetic_reply_method_return(m, NULL);
+} else if (sd_bus_message_is_method_call(m, org.freedesktop.DBus,
GetConnectionCredentials)) {
+_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+_cleanup_bus_error_free_ sd_bus_error error =
SD_BUS_ERROR_NULL;
+
+if (!sd_bus_message_has_signature(m, s))
+return synthetic_reply_method_error(m,
SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, Invalid parameters));
+
+r = get_creds_by_message(a, m,
SD_BUS_CREDS_PID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SELINUX_CONTEXT, creds,
error);
+if (r 0)
+return synthetic_reply_method_errno(m, r, error);
+
+r = sd_bus_message_new_method_return(m, reply);
+if (r 0)
+return synthetic_reply_method_errno(m, r, NULL);
+
+r = sd_bus_message_open_container(reply, 'a', {sv});
+if (r 0)
+return synthetic_reply_method_errno(m, r, NULL);
+
+/* Due to i.e. namespace translations some data might be
missing */
+
+if (creds-mask SD_BUS_CREDS_PID) {
+r = sd_bus_message_append(reply, {sv}, ProcessID,
u, (uint32_t) creds-pid);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+}
+
+if (creds-mask SD_BUS_CREDS_EUID) {
+r = sd_bus_message_append(reply, {sv}, UnixUserID,
u, (uint32_t) creds-euid);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+}
+
+if (creds-mask SD_BUS_CREDS_SELINUX_CONTEXT) {
+r = sd_bus_message_open_container(reply, 'e', sv);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+
+r = sd_bus_message_append(reply, s,
LinuxSecurityLabel);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+
+r = sd_bus_message_open_container(reply, 'v', ay);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+
+r = sd_bus_message_append_array(reply, 'y',
creds-label, strlen(creds-label));
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+
+r = sd_bus_message_close_container(reply);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+
+r = sd_bus_message_close_container(reply);
+if (r 0)
+return synthetic_reply_method_errno(m, r,
NULL);
+}
+
+r = sd_bus_message_close_container(reply);
+if (r 0)
+return synthetic_reply_method_errno(m, r, NULL);
+
+return synthetic_driver_send(m-bus, reply);
+
} else if (sd_bus_message_is_method_call(m,