class Gio::DebugControllerDBus
- Gio::DebugControllerDBus
- GObject::Object
- Reference
- Object
Overview
#GDebugControllerDBus is an implementation of #GDebugController which exposes debug settings as a D-Bus object.
It is a #GInitable object, and will register an object at
/org/gtk/Debugging on the bus given as
#GDebugControllerDBus:connection once it’s initialized. The object will be
unregistered when the last reference to the #GDebugControllerDBus is dropped.
This D-Bus object can be used by remote processes to enable or disable debug
output in this process. Remote processes calling
org.gtk.Debugging.SetDebugEnabled() will affect the value of
#GDebugController:debug-enabled and, by default, g_log_get_debug_enabled().
default.
By default, all processes will be able to call SetDebugEnabled(). If this
process is privileged, or might expose sensitive information in its debug
output, you may want to restrict the ability to enable debug output to
privileged users or processes.
One option is to install a D-Bus security policy which restricts access to
SetDebugEnabled(), installing something like the following in
$datadir/dbus-1/system.d/:
|[
This will prevent the SetDebugEnabled() method from being called by all
except root. It will not prevent the DebugEnabled property from being read,
as it’s accessed through the org.freedesktop.DBus.Properties interface.
Another option is to use polkit to allow or deny requests on a case-by-case basis, allowing for the possibility of dynamic authorisation. To do this, connect to the #GDebugControllerDBus::authorize signal and query polkit in it: |[ g_autoptr(GError) child_error = NULL; g_autoptr(GDBusConnection) connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, NULL); gulong debug_controller_authorize_id = 0;
// Set up the debug controller. debug_controller = G_DEBUG_CONTROLLER (g_debug_controller_dbus_new (priv->connection, NULL, &child_error)); if (debug_controller == NULL) { g_error ("Could not register debug controller on bus: %s"), child_error->message); }
debug_controller_authorize_id = g_signal_connect (debug_controller, "authorize", G_CALLBACK (debug_controller_authorize_cb), self);
static gboolean debug_controller_authorize_cb (GDebugControllerDBus *debug_controller, GDBusMethodInvocation *invocation, gpointer user_data) { g_autoptr(PolkitAuthority) authority = NULL; g_autoptr(PolkitSubject) subject = NULL; g_autoptr(PolkitAuthorizationResult) auth_result = NULL; g_autoptr(GError) local_error = NULL; GDBusMessage *message; GDBusMessageFlags message_flags; PolkitCheckAuthorizationFlags flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE;
message = g_dbus_method_invocation_get_message (invocation);
message_flags = g_dbus_message_get_flags (message);
authority = polkit_authority_get_sync (NULL, &local_error);
if (authority == NULL)
{
g_warning ("Failed to get polkit authority: %s", local_error->message);
return FALSE;
}
if (message_flags & G_DBUS_MESSAGE_FLAGS_ALLOW_INTERACTIVE_AUTHORIZATION)
flags |= POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION;
subject = polkit_system_bus_name_new (g_dbus_method_invocation_get_sender (invocation));
auth_result = polkit_authority_check_authorization_sync (authority,
subject,
"com.example.MyService.set-debug-enabled",
NULL,
flags,
NULL,
&local_error);
if (auth_result == NULL)
{
g_warning ("Failed to get check polkit authorization: %s", local_error->message);
return FALSE;
}
return polkit_authorization_result_get_is_authorized (auth_result);} ]|
Included Modules
Defined in:
lib/gi-crystal/src/auto/gio-2.0/debug_controller_d_bus.crConstructors
-
.new(connection : Gio::DBusConnection, cancellable : Gio::Cancellable?) : self?
Create a new #GDebugControllerDBus and synchronously initialize it.
-
.new
Initialize a new
DebugControllerDBus. - .new(*, connection : Gio::DBusConnection? = nil, debug_enabled : Bool? = nil)
Class Method Summary
-
.g_type : UInt64
Returns the type id (GType) registered in GLib type system.
Instance Method Summary
- #authorize_signal
- #connection : Gio::DBusConnection?
- #connection=(value : Gio::DBusConnection?) : Gio::DBusConnection?
-
#stop : Nil
Stop the debug controller, unregistering its object from the bus.
Instance methods inherited from module Gio::Initable
init(cancellable : Gio::Cancellable?) : Bool
init,
newv(object_type : UInt64, parameters : Enumerable(GObject::Parameter), cancellable : Gio::Cancellable?) : GObject::Object
newv,
to_unsafe
to_unsafe
Class methods inherited from module Gio::Initable
g_type : UInt64
g_type
Instance methods inherited from module Gio::DebugController
debug_enabled : Bool
debug_enabled,
debug_enabled=(debug_enabled : Bool) : Nil
debug_enabled=,
debug_enabled? : Bool
debug_enabled?,
to_unsafe
to_unsafe
Class methods inherited from module Gio::DebugController
g_type : UInt64
g_type
Instance methods inherited from class GObject::Object
bind_property(source_property : String, target : GObject::Object, target_property : String, flags : GObject::BindingFlags) : GObject::Binding
bind_property,
bind_property_full(source_property : String, target : GObject::Object, target_property : String, flags : GObject::BindingFlags, transform_to : GObject::Closure, transform_from : GObject::Closure) : GObject::Binding
bind_property_full,
data(key : String) : Pointer(Void)?
data,
finalize
finalize,
freeze_notify : Nil
freeze_notify,
getv(names : Enumerable(String), values : Enumerable(_)) : Nil
getv,
notify(property_name : String) : Nil
notify,
notify_by_pspec(pspec : GObject::ParamSpec) : Nil
notify_by_pspec,
notify_signal
notify_signal,
property(property_name : String, value : _) : Nil
property,
qdata(quark : UInt32) : Pointer(Void)?
qdata,
ref_count : UInt32
ref_count,
run_dispose : Nil
run_dispose,
set_data(key : String, data : Pointer(Void)?) : Nil
set_data,
set_property(property_name : String, value : _) : Nil
set_property,
steal_data(key : String) : Pointer(Void)?
steal_data,
steal_qdata(quark : UInt32) : Pointer(Void)?
steal_qdata,
thaw_notify : Nil
thaw_notify,
to_unsafe : Pointer(Void)
to_unsafe,
watch_closure(closure : GObject::Closure) : Nil
watch_closure
Constructor methods inherited from class GObject::Object
cast(obj : GObject::Object) : self
cast,
cast?(obj : GObject::Object) : self?
cast?,
new(pointer : Pointer(Void), transfer : GICrystal::Transfer)new new, newv(object_type : UInt64, parameters : Enumerable(GObject::Parameter)) : self newv
Class methods inherited from class GObject::Object
compat_control(what : UInt64, data : Pointer(Void)?) : UInt64
compat_control,
g_type : UInt64
g_type,
interface_find_property(g_iface : GObject::TypeInterface, property_name : String) : GObject::ParamSpec
interface_find_property,
interface_list_properties(g_iface : GObject::TypeInterface) : Enumerable(GObject::ParamSpec)
interface_list_properties
Constructor Detail
Create a new #GDebugControllerDBus and synchronously initialize it.
Initializing the object will export the debug object on @connection. The object will remain registered until the last reference to the #GDebugControllerDBus is dropped.
Initialization may fail if registering the object on @connection fails.
Class Method Detail
Instance Method Detail
Stop the debug controller, unregistering its object from the bus.
Any pending method calls to the object will complete successfully, but new ones will return an error. This method will block until all pending #GDebugControllerDBus::authorize signals have been handled. This is expected to not take long, as it will just be waiting for threads to join. If any #GDebugControllerDBus::authorize signal handlers are still executing in other threads, this will block until after they have returned.
This method will be called automatically when the final reference to the #GDebugControllerDBus is dropped. You may want to call it explicitly to know when the controller has been fully removed from the bus, or to break reference count cycles.
Calling this method from within a #GDebugControllerDBus::authorize signal handler will cause a deadlock and must not be done.