Skip to content

Migrate from GetConnectionAppArmorSecurityContext to GetConnectionCredentials

Cosima Neidahl requested to merge OPNA2608/content-hub:drop/GetConnectionAppArmorSecurityContext into main

… and check for D-Bus mediation via AppArmor

See https://lists.ubuntu.com/archives/foundations-bugs/2015-August/250429.html for details.
Based on https://bazaar.launchpad.net/~online-accounts/ubuntu-system-settings-online-accounts/trunk/revision/397/online-accounts-service/utils.cpp

In addition to migrating to GetConnectionCredentials, added a check for AppArmor D-Bus feature which indicates D-Bus mediation support.
If AppArmor feature is not present, treat as unconfined.

Tested with content-hub-service and content-hub-send:

  • Without AA mediation (NixOS 23.11):

    /build/source/src/com/lomiri/content/detail/transfer.cpp 162 Charge void com::lomiri::content::detail::Transfer::Charge(const QVariantList&)
/build/source/src/com/lomiri/content/utils.cpp 257 aa_profile QString {anonymous}::aa_profile(QString, QString) ":1.99"
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile D-Bus has feature: "ActivatableServicesChanged"
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile D-Bus has feature: "HeaderFiltering"
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile D-Bus has feature: "SystemdActivation"
D-Bus mediation via AppArmor is not in use
/build/source/src/com/lomiri/content/detail/transfer.cpp 181 Charge void com::lomiri::content::detail::Transfer::Charge(const QVariantList&) PROFILE: ""

    (The profile here ends up being "" instead of "unconfined" because the function gets called without the second returnValueOnError argument, unlike every other call of aa_profile: https://gitlab.com/search?search=aa_profile&nav_source=navbar&project_id=21474333&group_id=4298794&search_code=true&repository_ref=a9932b8fef52d9d3bba7df72c986a42ef76c74e1 .
    Maybe a bug?)

  • With AA mediation (Ubuntu 22.04):

    /build/source/src/com/lomiri/content/detail/transfer.cpp 162 Charge void com::lomiri::content::detail::Transfer::Charge(const QVariantList&)
/build/source/src/com/lomiri/content/utils.cpp 257 aa_profile QString {anonymous}::aa_profile(QString, QString) ":1.149"
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile D-Bus has feature: "AppArmor"
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile D-Bus supports mediation via AppArmor
/build/source/src/com/lomiri/content/utils.cpp 275 aa_profile AppArmor Profile: "unconfined"
/build/source/src/com/lomiri/content/detail/transfer.cpp 181 Charge void com::lomiri::content::detail::Transfer::Charge(const QVariantList&) PROFILE: "unconfined"

The extra check for the AppArmor feature is necessary because org.freedesktop.DBus.GetConnectionCredentials' LinuxSecurityLabel is not AppArmor specific and contains non-AppArmor information without that feature. On my system without AA mediation, it returned "kernel".

Merge request reports