-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- add script to monitor the dbus process (it is the linux OOM killer its most favorite target) - wait for dbus socket creation, so that after dbus start, the dbus can be used.. - drill a big hole in the dbus config for the bpp3
- Loading branch information
Showing
4 changed files
with
122 additions
and
32 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| FILESEXTRAPATHS_prepend := "${THISDIR}/files:" | ||
|
|
||
| SRC_URI += " \ | ||
| file://dbus-daemon-watch.sh \ | ||
| file://system.conf \ | ||
| " | ||
|
|
||
| RDEPENDS_${PN} = "inotify-tools" | ||
|
|
||
| do_install_append() { | ||
| install ${WORKDIR}/dbus-daemon-watch.sh ${D}${bindir}/dbus-daemon-watch.sh | ||
| } | ||
|
|
||
| do_install_append_bpp3() { | ||
| install -m 0644 ${WORKDIR}/system.conf ${D}${sysconfdir}/dbus-1/system.conf | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| #!/bin/sh | ||
|
|
||
| watch() { | ||
| dbus-daemon "$1" --nofork | ||
| logger -t dbus_watch -p user.error "the dbus process unexpectedly stopped ($?), you have 5 minutes to fix it.." | ||
| sleep 300 | ||
| logger -t dbus_watch -p user.info "initiating reboot due to dbus failure." | ||
| # In case the OOM killer killed dbus, simply rebooting may no longer | ||
| # work. Hence trigger a watchdog reset. | ||
| exec killall -STOP watchdog | ||
| } | ||
|
|
||
| watch "$@" & |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| <!-- This configuration file controls the systemwide message bus. | ||
| Add a system-local.conf and edit that rather than changing this | ||
| file directly. --> | ||
|
|
||
| <!-- Note that there are any number of ways you can hose yourself | ||
| security-wise by screwing up this file; in particular, you | ||
| probably don't want to listen on any more addresses, add any more | ||
| auth mechanisms, run as a different user, etc. --> | ||
|
|
||
| <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" | ||
| "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> | ||
| <busconfig> | ||
|
|
||
| <!-- Our well-known bus type, do not change this --> | ||
| <type>system</type> | ||
|
|
||
| <!-- Run as special user --> | ||
| <user>messagebus</user> | ||
|
|
||
| <!-- Fork into daemon mode --> | ||
| <fork/> | ||
|
|
||
| <!-- We use system service launching using a helper --> | ||
| <standard_system_servicedirs/> | ||
|
|
||
| <!-- This is a setuid helper that is used to launch system services --> | ||
| <servicehelper>/usr/libexec/dbus-daemon-launch-helper</servicehelper> | ||
|
|
||
| <!-- Write a pid file (must be the same as init script!) --> | ||
| <pidfile>/var/run/messagebus.pid</pidfile> | ||
|
|
||
| <!-- Enable logging to syslog --> | ||
| <syslog/> | ||
|
|
||
| <!-- Only listen on a local socket. (abstract=/path/to/socket | ||
| means use abstract namespace, don't really create filesystem | ||
| file; only Linux supports this. Use path=/whatever on other | ||
| systems.) --> | ||
| <listen>unix:path=/var/run/dbus/system_bus_socket</listen> | ||
|
|
||
| <policy context="default"> | ||
| <!-- All users can connect to system bus --> | ||
| <allow user="*"/> | ||
|
|
||
| <!-- Signals and reply messages (method returns, errors) are allowed | ||
| by default --> | ||
| <allow send_type="signal"/> | ||
| <allow send_requested_reply="true" send_type="method_return"/> | ||
| <allow send_requested_reply="true" send_type="error"/> | ||
| <allow send_interface="*"/> | ||
| <allow receive_interface="*"/> | ||
| <allow receive_sender="*"/> | ||
|
|
||
| <!-- All messages may be received by default --> | ||
| <allow receive_type="method_call"/> | ||
| <allow receive_type="method_return"/> | ||
| <allow receive_type="error"/> | ||
| <allow receive_type="signal"/> | ||
|
|
||
| <!-- Allow everything to be sent --> | ||
| <allow send_destination="*" eavesdrop="true"/> | ||
| <!-- Allow everything to be received --> | ||
| <allow eavesdrop="true"/> | ||
| <!-- Allow anyone to own anything --> | ||
| <allow own="*"/> | ||
|
|
||
| <!-- Allow anyone to talk to the message bus --> | ||
| <allow send_destination="org.freedesktop.DBus"/> | ||
| </policy> | ||
|
|
||
| <limit name="max_match_rules_per_connection">1024</limit> | ||
| </busconfig> |