SlideShare uma empresa Scribd logo

DBus PolicyKit and YaST

‱Transferir como ODP, PDF‱
‱
L
lslezak
Tecnologia
1 de 39
DBus, PolicyKit and YaST Ing. Ladislav SlezĂĄk <lslezak@novell.com> YaST Developer
DBus
© Novell, Inc. All rights reserved.3 DBus ‱ What is DBus? – Local interprocess communication (IPC) – Message based (sends messages, not streams) – Messages are transferred in binary form – Supports 1:1 and 1:N communication
© Novell, Inc. All rights reserved.4 DBus ‱ Why? – Unified communication for desktop replacing DCOP (KDE) and CORBA (GNOME) – For communication between desktop applications or between desktop applications and system daemons, for handling system events...
© Novell, Inc. All rights reserved.5 DBus Concepts ‱ Object oriented view – DBus services provides objects – But OOP is not required, service can be written in C ‱ Data types – Basic data types: integer, string, boolean... – Containers: array, hash, structure, variant > Containers can be recursive
© Novell, Inc. All rights reserved.6 DBus parts ‱ DBus daemon – Runs a bus, processes and routes the messages ‱ DBus library (libdbus) – Low-level C API ‱ Language bindings – High-level API for Python, Ruby, Qt, Glib 
 – Wrappers for low-level C calls – Conversion between native and DBus data types – May provide object proxy for mapping native objects (GObject, QObject,...) and signals to DBus objects and signals
© Novell, Inc. All rights reserved.7 DBus Terminology ‱ Bus – The place for transferring the messages – Multiple buses can run in parallel > System wide bus – single bus for system wide events and services, runs under a system user (non-root) > Session bus – one per user session, for desktop applications, created at login, runs with user privileges > Private bus – special separate bus can be started by applications
© Novell, Inc. All rights reserved.8 DBus Terminology ‱ Connection/Service name – Unique ID (:1.42, assigned by DBus) or well-known (org.freedesktop.PowerManagement, defined by service) ‱ Object path in object tree – /org/freedesktop/PowerManagement ‱ Interface name – Named group of methods and signals, org.freedesktop.PowerManagement ‱ Method name – Suspend
© Novell, Inc. All rights reserved.9 DBus Terminology Service org.freedesktop.PowerManagement Object /org/freedesktop/PowerManagement Bus Interface org.freedesktop.PowerManagement Method Suspend()
© Novell, Inc. All rights reserved.10 DBus Message ‱ Message types – Method call – Method reply – Error – Signal (1:N publish/subscribe communication) ‱ Header – Type, destination service, target object, method, sender, serial number, data type signature... ‱ Data – Arguments in binary form
© Novell, Inc. All rights reserved.11 Object Introspection ‱ Query available objects in a service ‱ Runtime object browsing ‱ Needed by language proxies and DBus browsers
© Novell, Inc. All rights reserved.12 Service Activation ‱ DBus service – can be provided by a running application – can start be started on demand > Started service can continue running, it can exit immediately or exit after a timeout
© Novell, Inc. All rights reserved.13 Access Control ‱ It's possible to allow or deny access to a specific object, interface, method, signal...
© Novell, Inc. All rights reserved.14 Python Example ‱ Method call example import dbus bus = dbus.SessionBus() obj = bus.get_object('org.freedesktop.PowerManagement', '/org/freedesktop/PowerManagement') iface = dbus.Interface(obj,'org.freedesktop.PowerManagement') result = iface.CanHibernate() print result
© Novell, Inc. All rights reserved.15 GUI Tools – qdbusviewer
© Novell, Inc. All rights reserved.16 GUI Tools – kdbus
© Novell, Inc. All rights reserved.17 Command line tools ‱ dbus-send – Sends a message ‱ dbus-monitor – Monitors activity on a bus ‱ qdbus – DBus browsing, sending messages
© Novell, Inc. All rights reserved.18 DBus Documentation ‱ Introduction to DBus – http://www.freedesktop.org/wiki/IntroductionToDBus ‱ DBus tutorial – http://dbus.freedesktop.org/doc/dbus-tutorial.html ‱ DBus FAQ – http://dbus.freedesktop.org/doc/dbus-faq.html ‱ Low-level C API – http://dbus.freedesktop.org/doc/dbus/api/html/group__DBus.html ‱ C example – http://dbus.freedesktop.org/doc/dbus/libdbus-tutorial.html
PolicyKit
© Novell, Inc. All rights reserved.20 PolicyKit ‱ Framework for central policy management of privileged operations – In contrast to /etc/sudoers, user group management... ‱ Extends DBus security model – more fine grained privileges – User can mount removable media, but cannot mount fixed media – User can shutdown the machine from a local session
© Novell, Inc. All rights reserved.21 PolicyKit Model ‱ Application is split to privileged and unprivileged part, each part runs in a different process – For security reasons the privileged part should be as small as possible – The privileged part is called “Mechanism” ‱ These parts communicate via IPC (DBus, pipes, ...)
© Novell, Inc. All rights reserved.22 PolicyKit Model http://hal.freedesktop.org/docs/PolicyKit/diagram-bus-model.png
© Novell, Inc. All rights reserved.23 Mechanism ‱ Runs as a privileged user ‱ Parts of mechanism – Decider part – checks whether the requester is allowed to call the action part – Action part – carries out the privileged action ‱ The action is performed only when the decider part says “Yes” Request Mechanism Allowed? Do Action Error
© Novell, Inc. All rights reserved.24 Input for Decision ‱ Subject – Attributes of the requester – UID, application, local or remote session, active session... ‱ Object – Removable device, Package, Power management... ‱ Action – What to do with the object – Mount the device, install the package, reboot the system... ‱ PolicyKit encodes object and action to single Action ID – e.g. org.freedesktop.hal.storage.mount-removable
© Novell, Inc. All rights reserved.25 Authorization Check ‱ Also the unprivileged part may check whether it can do the privileged operation – Disabled or locked options in UI
© Novell, Inc. All rights reserved.26 How to Obtain an Authorization ‱ User is allowed to do action – By default (defined in configuration file) – Under a special condition (e.g. active session) – Administrator grants the authorization to the user – Obtains the authorization via authentication
© Novell, Inc. All rights reserved.27 Authentication ‱ Authentication agent is a DBus service (org.freedesktop.PolicyKit.AuthenticationAgent)
© Novell, Inc. All rights reserved.28 Workflow ‱ HAL example ‱ Mount request sent http://hal.freedesktop.org/docs/PolicyKit/diagram-interaction.png ‱ Check the authorization
© Novell, Inc. All rights reserved.29 Workflow ‱ An exception is returned ‱ The user authenticates
© Novell, Inc. All rights reserved.30 Workflow ‱ A token is written to DB ‱ The second attept is OK
© Novell, Inc. All rights reserved.31 Command Line Tools ‱ polkit-auth – Manage authorizations – display, obtain, revoke... ‱ polkit-action – List actions, modify defaults ‱ polkit-policy-file-validate – A validation tool for .policy files, should be called from 'make check' ‱ polkit-policy-file-validate – Validates /etc/PolicyKit/PolicyKit.conf file
© Novell, Inc. All rights reserved.32 PolicyKit Documentation ‱ Design, API reference manual, tools... – http://hal.freedesktop.org/docs/PolicyKit/index.html – Package PolicyKit-doc
YaST DBus Service
© Novell, Inc. All rights reserved.34 YaST DBus Service ‱ Access the YaST functionality from other applications ‱ Needed for WebYaST Why DBus? ‱ Auto start (no running daemon) ‱ Starts YaST as root user (no SUID flag) Why PolicyKit? ‱ Admin tools available
© Novell, Inc. All rights reserved.35 YaST DBus Service ‱ Package yast2-dbus-server ‱ Service org.opensuse.YaST.modules running on the system bus ‱ Object /org/opensuse/YaST/modules/<module> ‱ Interface org.opensuse.YaST.Values ‱ The service is started automatically ‱ Shuts down after 2 minutes
© Novell, Inc. All rights reserved.36 Solved Problems ‱ PolicyKit action ID – Created from function name – Checked before function call ‱ Stateful YaST modules – Stateless wrappers (YaPI) – Lock(), Unlock() methods ‱ YaST module autoloading – No need to load all YaST modules ‱ YCP data types and special values – Additional interface ‱ Bugfixes in Ruby DBus bindings
Questions?
Thank you!
DBus PolicyKit and YaST

Recomendados

Using Novell Sentinel Log Manager to Monitor Novell Applications
Using Novell Sentinel Log Manager to Monitor Novell ApplicationsUsing Novell Sentinel Log Manager to Monitor Novell Applications
Using Novell Sentinel Log Manager to Monitor Novell ApplicationsNovell
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissionsWiliam Ferraciolli
 
IBM Spectrum Scale Authentication for File Access - Deep Dive
IBM Spectrum Scale Authentication for File Access - Deep DiveIBM Spectrum Scale Authentication for File Access - Deep Dive
IBM Spectrum Scale Authentication for File Access - Deep DiveShradha Nayak Thakare
 
IBM Spectrum Scale Authentication for Protocols
IBM Spectrum Scale Authentication for ProtocolsIBM Spectrum Scale Authentication for Protocols
IBM Spectrum Scale Authentication for ProtocolsSandeep Patil
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell
 
Novell Teaming: Automating Business Processes with Forms and Workflows
Novell Teaming: Automating Business Processes with Forms and WorkflowsNovell Teaming: Automating Business Processes with Forms and Workflows
Novell Teaming: Automating Business Processes with Forms and WorkflowsNovell
 
IBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingIBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingSmita Raut
 

Recomendados

Using Novell Sentinel Log Manager to Monitor Novell Applications
Using Novell Sentinel Log Manager to Monitor Novell ApplicationsUsing Novell Sentinel Log Manager to Monitor Novell Applications
Using Novell Sentinel Log Manager to Monitor Novell ApplicationsNovell
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissionsWiliam Ferraciolli
 
IBM Spectrum Scale Authentication for File Access - Deep Dive
IBM Spectrum Scale Authentication for File Access - Deep DiveIBM Spectrum Scale Authentication for File Access - Deep Dive
IBM Spectrum Scale Authentication for File Access - Deep DiveShradha Nayak Thakare
 
IBM Spectrum Scale Authentication for Protocols
IBM Spectrum Scale Authentication for ProtocolsIBM Spectrum Scale Authentication for Protocols
IBM Spectrum Scale Authentication for ProtocolsSandeep Patil
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell
 
Novell Teaming: Automating Business Processes with Forms and Workflows
Novell Teaming: Automating Business Processes with Forms and WorkflowsNovell Teaming: Automating Business Processes with Forms and Workflows
Novell Teaming: Automating Business Processes with Forms and WorkflowsNovell
 
IBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingIBM Spectrum scale object deep dive training
IBM Spectrum scale object deep dive trainingSmita Raut
 
Novell Open Enterprise Server Architecture
Novell Open Enterprise Server ArchitectureNovell Open Enterprise Server Architecture
Novell Open Enterprise Server ArchitectureNovell
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive Smita Raut
 
Cont0519
Cont0519Cont0519
Cont0519Samuel Dratwa
 
File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2Novell
 
Unit09
Unit09Unit09
Unit09Nurul Nadirah
 
Cloud storage solution technical requirement
Cloud storage solution technical requirementCloud storage solution technical requirement
Cloud storage solution technical requirementtaotao1240
 
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...DataWorks Summit
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...Novell
 
Big Data 2107 for Ribbon
Big Data 2107 for RibbonBig Data 2107 for Ribbon
Big Data 2107 for RibbonSamuel Dratwa
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
Novell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best PracticesNovell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best PracticesNovell
 
Cl309
Cl309Cl309
Cl309Juliette Ponnet
 
Application layer
Application layerApplication layer
Application layerNeha Kurale
 
SQL Queries on Smalltalk Objects
SQL Queries on Smalltalk ObjectsSQL Queries on Smalltalk Objects
SQL Queries on Smalltalk ObjectsESUG
 
Novell Open Enterprise Server for Beginners
Novell Open Enterprise Server for BeginnersNovell Open Enterprise Server for Beginners
Novell Open Enterprise Server for BeginnersNovell
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemHendrik van Run
 
Ch13 protection
Ch13 protectionCh13 protection
Ch13 protectionWelly Dian Astika
 
Cl116
Cl116Cl116
Cl116Juliette Ponnet
 
2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer Day2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer DayKimihiko Kitase
 
Cl219
Cl219Cl219
Cl219Juliette Ponnet
 
Android application development fundamentals
Android application development fundamentalsAndroid application development fundamentals
Android application development fundamentalsindiangarg
 
Files matter-fms
Files matter-fmsFiles matter-fms
Files matter-fmsFinceptum Oy
 

Mais conteĂșdo relacionado

Mais procurados

Novell Open Enterprise Server Architecture
Novell Open Enterprise Server ArchitectureNovell Open Enterprise Server Architecture
Novell Open Enterprise Server ArchitectureNovell
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive Smita Raut
 
File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2Novell
 
Cloud storage solution technical requirement
Cloud storage solution technical requirementCloud storage solution technical requirement
Cloud storage solution technical requirementtaotao1240
 
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...DataWorks Summit
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...Novell
 
Big Data 2107 for Ribbon
Big Data 2107 for RibbonBig Data 2107 for Ribbon
Big Data 2107 for RibbonSamuel Dratwa
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
Novell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best PracticesNovell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best PracticesNovell
 
Application layer
Application layerApplication layer
Application layerNeha Kurale
 
SQL Queries on Smalltalk Objects
SQL Queries on Smalltalk ObjectsSQL Queries on Smalltalk Objects
SQL Queries on Smalltalk ObjectsESUG
 
Novell Open Enterprise Server for Beginners
Novell Open Enterprise Server for BeginnersNovell Open Enterprise Server for Beginners
Novell Open Enterprise Server for BeginnersNovell
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemHendrik van Run
 
2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer Day2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer DayKimihiko Kitase
 

Mais procurados (20)

Novell Open Enterprise Server Architecture
Novell Open Enterprise Server ArchitectureNovell Open Enterprise Server Architecture
Novell Open Enterprise Server Architecture
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive
 
Cont0519
Cont0519Cont0519
Cont0519
 
File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2File Access in Novell Open Enterprise Server 2 SP2
File Access in Novell Open Enterprise Server 2 SP2
 
Unit09
Unit09Unit09
Unit09
 
Cloud storage solution technical requirement
Cloud storage solution technical requirementCloud storage solution technical requirement
Cloud storage solution technical requirement
 
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
NonStop Hadoop - Applying the PaxosFamily of Protocols to make Critical Hadoo...
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
 
Big Data 2107 for Ribbon
Big Data 2107 for RibbonBig Data 2107 for Ribbon
Big Data 2107 for Ribbon
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410
 
Novell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best PracticesNovell Identity Manager Tips, Tricks and Best Practices
Novell Identity Manager Tips, Tricks and Best Practices
 
Cl309
Cl309Cl309
Cl309
 
Application layer
Application layerApplication layer
Application layer
 
SQL Queries on Smalltalk Objects
SQL Queries on Smalltalk ObjectsSQL Queries on Smalltalk Objects
SQL Queries on Smalltalk Objects
 
Novell Open Enterprise Server for Beginners
Novell Open Enterprise Server for BeginnersNovell Open Enterprise Server for Beginners
Novell Open Enterprise Server for Beginners
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
 
Ch13 protection
Ch13 protectionCh13 protection
Ch13 protection
 
Cl116
Cl116Cl116
Cl116
 
2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer Day2 architectural at CloudStack Developer Day
2 architectural at CloudStack Developer Day
 
Cl219
Cl219Cl219
Cl219
 

Semelhante a DBus PolicyKit and YaST

Android application development fundamentals
Android application development fundamentalsAndroid application development fundamentals
Android application development fundamentalsindiangarg
 
Files matter-fms
Files matter-fmsFiles matter-fms
Files matter-fmsFinceptum Oy
 
Supporting Research through "Desktop as a Service" models of e-infrastructure...
Supporting Research through "Desktop as a Service" models of e-infrastructure...Supporting Research through "Desktop as a Service" models of e-infrastructure...
Supporting Research through "Desktop as a Service" models of e-infrastructure...David Wallom
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioAVEVA
 
Net essentials6e ch8
Net essentials6e ch8Net essentials6e ch8
Net essentials6e ch8APSU
 
Birmingham-20060705
Birmingham-20060705Birmingham-20060705
Birmingham-20060705Miguel Vidal
 
Processes and Threads in Windows Vista
Processes and Threads in Windows VistaProcesses and Threads in Windows Vista
Processes and Threads in Windows VistaTrinh Phuc Tho
 
BSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopBSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopAjay Choudhary
 
How to Build a Compute Cluster
How to Build a Compute ClusterHow to Build a Compute Cluster
How to Build a Compute ClusterRamsay Key
 
Rocking the enterprise with Ruby - RubyKaigi 2010
Rocking the enterprise with Ruby - RubyKaigi 2010Rocking the enterprise with Ruby - RubyKaigi 2010
Rocking the enterprise with Ruby - RubyKaigi 2010releasebeta
 
(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environment(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environmentBIOVIA
 
Distributed Operating System.pptx
Distributed Operating System.pptxDistributed Operating System.pptx
Distributed Operating System.pptxharpreetkaur1129
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014Hojoong Kim
 
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...moneyjh
 
Unit 4
Unit 4Unit 4
Unit 4pm_ghate
 

Semelhante a DBus PolicyKit and YaST (20)

Android application development fundamentals
Android application development fundamentalsAndroid application development fundamentals
Android application development fundamentals
 
Files matter-fms
Files matter-fmsFiles matter-fms
Files matter-fms
 
Synapseindia android apps overview
Synapseindia android apps overviewSynapseindia android apps overview
Synapseindia android apps overview
 
Supporting Research through "Desktop as a Service" models of e-infrastructure...
Supporting Research through "Desktop as a Service" models of e-infrastructure...Supporting Research through "Desktop as a Service" models of e-infrastructure...
Supporting Research through "Desktop as a Service" models of e-infrastructure...
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
Os file
Os fileOs file
Os file
 
Net essentials6e ch8
Net essentials6e ch8Net essentials6e ch8
Net essentials6e ch8
 
Birmingham-20060705
Birmingham-20060705Birmingham-20060705
Birmingham-20060705
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinal
 
Processes and Threads in Windows Vista
Processes and Threads in Windows VistaProcesses and Threads in Windows Vista
Processes and Threads in Windows Vista
 
TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.
 
BSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopBSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming Workshop
 
How to Build a Compute Cluster
How to Build a Compute ClusterHow to Build a Compute Cluster
How to Build a Compute Cluster
 
Rocking the enterprise with Ruby - RubyKaigi 2010
Rocking the enterprise with Ruby - RubyKaigi 2010Rocking the enterprise with Ruby - RubyKaigi 2010
Rocking the enterprise with Ruby - RubyKaigi 2010
 
(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environment(ATS6-PLAT07) Managing AEP in an enterprise environment
(ATS6-PLAT07) Managing AEP in an enterprise environment
 
Distributed Operating System.pptx
Distributed Operating System.pptxDistributed Operating System.pptx
Distributed Operating System.pptx
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014
 
Hpc 6 7
Hpc 6 7Hpc 6 7
Hpc 6 7
 
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...PEARC17: Live Integrated Visualization Environment: An Experiment in General...
PEARC17: Live Integrated Visualization Environment: An Experiment in General...
 
Unit 4
Unit 4Unit 4
Unit 4
 

Mais de lslezak

openSUSE Conference 2017 - YaST News
openSUSE Conference 2017 - YaST NewsopenSUSE Conference 2017 - YaST News
openSUSE Conference 2017 - YaST Newslslezak
 
openSUSE Conference 2017 - The Docker at Travis Presentation
openSUSE Conference 2017 - The Docker at Travis PresentationopenSUSE Conference 2017 - The Docker at Travis Presentation
openSUSE Conference 2017 - The Docker at Travis Presentationlslezak
 
openSUSE Conference 2017 - The Atom Presentation
openSUSE Conference 2017 - The Atom PresentationopenSUSE Conference 2017 - The Atom Presentation
openSUSE Conference 2017 - The Atom Presentationlslezak
 
Integrating the Ruby Debugger into YaST
Integrating the Ruby Debugger into YaSTIntegrating the Ruby Debugger into YaST
Integrating the Ruby Debugger into YaSTlslezak
 
YaST Debugging
YaST DebuggingYaST Debugging
YaST Debugginglslezak
 
WebYaST (openSUSE conference 2010)
WebYaST (openSUSE conference 2010)WebYaST (openSUSE conference 2010)
WebYaST (openSUSE conference 2010)lslezak
 
WebYaST presentation at LinuxTag 2010
WebYaST presentation at LinuxTag 2010WebYaST presentation at LinuxTag 2010
WebYaST presentation at LinuxTag 2010lslezak
 

Mais de lslezak (7)

openSUSE Conference 2017 - YaST News
openSUSE Conference 2017 - YaST NewsopenSUSE Conference 2017 - YaST News
openSUSE Conference 2017 - YaST News
 
openSUSE Conference 2017 - The Docker at Travis Presentation
openSUSE Conference 2017 - The Docker at Travis PresentationopenSUSE Conference 2017 - The Docker at Travis Presentation
openSUSE Conference 2017 - The Docker at Travis Presentation
 
openSUSE Conference 2017 - The Atom Presentation
openSUSE Conference 2017 - The Atom PresentationopenSUSE Conference 2017 - The Atom Presentation
openSUSE Conference 2017 - The Atom Presentation
 
Integrating the Ruby Debugger into YaST
Integrating the Ruby Debugger into YaSTIntegrating the Ruby Debugger into YaST
Integrating the Ruby Debugger into YaST
 
YaST Debugging
YaST DebuggingYaST Debugging
YaST Debugging
 
WebYaST (openSUSE conference 2010)
WebYaST (openSUSE conference 2010)WebYaST (openSUSE conference 2010)
WebYaST (openSUSE conference 2010)
 
WebYaST presentation at LinuxTag 2010
WebYaST presentation at LinuxTag 2010WebYaST presentation at LinuxTag 2010
WebYaST presentation at LinuxTag 2010
 

Último

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Último (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

DBus PolicyKit and YaST

  • 1. DBus, PolicyKit and YaST Ing. Ladislav SlezĂĄk <lslezak@novell.com> YaST Developer
  • 3. © Novell, Inc. All rights reserved.3 DBus ‱ What is DBus? – Local interprocess communication (IPC) – Message based (sends messages, not streams) – Messages are transferred in binary form – Supports 1:1 and 1:N communication
  • 4. © Novell, Inc. All rights reserved.4 DBus ‱ Why? – Unified communication for desktop replacing DCOP (KDE) and CORBA (GNOME) – For communication between desktop applications or between desktop applications and system daemons, for handling system events...
  • 5. © Novell, Inc. All rights reserved.5 DBus Concepts ‱ Object oriented view – DBus services provides objects – But OOP is not required, service can be written in C ‱ Data types – Basic data types: integer, string, boolean... – Containers: array, hash, structure, variant > Containers can be recursive
  • 6. © Novell, Inc. All rights reserved.6 DBus parts ‱ DBus daemon – Runs a bus, processes and routes the messages ‱ DBus library (libdbus) – Low-level C API ‱ Language bindings – High-level API for Python, Ruby, Qt, Glib 
 – Wrappers for low-level C calls – Conversion between native and DBus data types – May provide object proxy for mapping native objects (GObject, QObject,...) and signals to DBus objects and signals
  • 7. © Novell, Inc. All rights reserved.7 DBus Terminology ‱ Bus – The place for transferring the messages – Multiple buses can run in parallel > System wide bus – single bus for system wide events and services, runs under a system user (non-root) > Session bus – one per user session, for desktop applications, created at login, runs with user privileges > Private bus – special separate bus can be started by applications
  • 8. © Novell, Inc. All rights reserved.8 DBus Terminology ‱ Connection/Service name – Unique ID (:1.42, assigned by DBus) or well-known (org.freedesktop.PowerManagement, defined by service) ‱ Object path in object tree – /org/freedesktop/PowerManagement ‱ Interface name – Named group of methods and signals, org.freedesktop.PowerManagement ‱ Method name – Suspend
  • 9. © Novell, Inc. All rights reserved.9 DBus Terminology Service org.freedesktop.PowerManagement Object /org/freedesktop/PowerManagement Bus Interface org.freedesktop.PowerManagement Method Suspend()
  • 10. © Novell, Inc. All rights reserved.10 DBus Message ‱ Message types – Method call – Method reply – Error – Signal (1:N publish/subscribe communication) ‱ Header – Type, destination service, target object, method, sender, serial number, data type signature... ‱ Data – Arguments in binary form
  • 11. © Novell, Inc. All rights reserved.11 Object Introspection ‱ Query available objects in a service ‱ Runtime object browsing ‱ Needed by language proxies and DBus browsers
  • 12. © Novell, Inc. All rights reserved.12 Service Activation ‱ DBus service – can be provided by a running application – can start be started on demand > Started service can continue running, it can exit immediately or exit after a timeout
  • 13. © Novell, Inc. All rights reserved.13 Access Control ‱ It's possible to allow or deny access to a specific object, interface, method, signal...
  • 14. © Novell, Inc. All rights reserved.14 Python Example ‱ Method call example import dbus bus = dbus.SessionBus() obj = bus.get_object('org.freedesktop.PowerManagement', '/org/freedesktop/PowerManagement') iface = dbus.Interface(obj,'org.freedesktop.PowerManagement') result = iface.CanHibernate() print result
  • 15. © Novell, Inc. All rights reserved.15 GUI Tools – qdbusviewer
  • 16. © Novell, Inc. All rights reserved.16 GUI Tools – kdbus
  • 17. © Novell, Inc. All rights reserved.17 Command line tools ‱ dbus-send – Sends a message ‱ dbus-monitor – Monitors activity on a bus ‱ qdbus – DBus browsing, sending messages
  • 18. © Novell, Inc. All rights reserved.18 DBus Documentation ‱ Introduction to DBus – http://www.freedesktop.org/wiki/IntroductionToDBus ‱ DBus tutorial – http://dbus.freedesktop.org/doc/dbus-tutorial.html ‱ DBus FAQ – http://dbus.freedesktop.org/doc/dbus-faq.html ‱ Low-level C API – http://dbus.freedesktop.org/doc/dbus/api/html/group__DBus.html ‱ C example – http://dbus.freedesktop.org/doc/dbus/libdbus-tutorial.html
  • 20. © Novell, Inc. All rights reserved.20 PolicyKit ‱ Framework for central policy management of privileged operations – In contrast to /etc/sudoers, user group management... ‱ Extends DBus security model – more fine grained privileges – User can mount removable media, but cannot mount fixed media – User can shutdown the machine from a local session
  • 21. © Novell, Inc. All rights reserved.21 PolicyKit Model ‱ Application is split to privileged and unprivileged part, each part runs in a different process – For security reasons the privileged part should be as small as possible – The privileged part is called “Mechanism” ‱ These parts communicate via IPC (DBus, pipes, ...)
  • 22. © Novell, Inc. All rights reserved.22 PolicyKit Model http://hal.freedesktop.org/docs/PolicyKit/diagram-bus-model.png
  • 23. © Novell, Inc. All rights reserved.23 Mechanism ‱ Runs as a privileged user ‱ Parts of mechanism – Decider part – checks whether the requester is allowed to call the action part – Action part – carries out the privileged action ‱ The action is performed only when the decider part says “Yes” Request Mechanism Allowed? Do Action Error
  • 24. © Novell, Inc. All rights reserved.24 Input for Decision ‱ Subject – Attributes of the requester – UID, application, local or remote session, active session... ‱ Object – Removable device, Package, Power management... ‱ Action – What to do with the object – Mount the device, install the package, reboot the system... ‱ PolicyKit encodes object and action to single Action ID – e.g. org.freedesktop.hal.storage.mount-removable
  • 25. © Novell, Inc. All rights reserved.25 Authorization Check ‱ Also the unprivileged part may check whether it can do the privileged operation – Disabled or locked options in UI
  • 26. © Novell, Inc. All rights reserved.26 How to Obtain an Authorization ‱ User is allowed to do action – By default (defined in configuration file) – Under a special condition (e.g. active session) – Administrator grants the authorization to the user – Obtains the authorization via authentication
  • 27. © Novell, Inc. All rights reserved.27 Authentication ‱ Authentication agent is a DBus service (org.freedesktop.PolicyKit.AuthenticationAgent)
  • 28. © Novell, Inc. All rights reserved.28 Workflow ‱ HAL example ‱ Mount request sent http://hal.freedesktop.org/docs/PolicyKit/diagram-interaction.png ‱ Check the authorization
  • 29. © Novell, Inc. All rights reserved.29 Workflow ‱ An exception is returned ‱ The user authenticates
  • 30. © Novell, Inc. All rights reserved.30 Workflow ‱ A token is written to DB ‱ The second attept is OK
  • 31. © Novell, Inc. All rights reserved.31 Command Line Tools ‱ polkit-auth – Manage authorizations – display, obtain, revoke... ‱ polkit-action – List actions, modify defaults ‱ polkit-policy-file-validate – A validation tool for .policy files, should be called from 'make check' ‱ polkit-policy-file-validate – Validates /etc/PolicyKit/PolicyKit.conf file
  • 32. © Novell, Inc. All rights reserved.32 PolicyKit Documentation ‱ Design, API reference manual, tools... – http://hal.freedesktop.org/docs/PolicyKit/index.html – Package PolicyKit-doc
  • 34. © Novell, Inc. All rights reserved.34 YaST DBus Service ‱ Access the YaST functionality from other applications ‱ Needed for WebYaST Why DBus? ‱ Auto start (no running daemon) ‱ Starts YaST as root user (no SUID flag) Why PolicyKit? ‱ Admin tools available
  • 35. © Novell, Inc. All rights reserved.35 YaST DBus Service ‱ Package yast2-dbus-server ‱ Service org.opensuse.YaST.modules running on the system bus ‱ Object /org/opensuse/YaST/modules/<module> ‱ Interface org.opensuse.YaST.Values ‱ The service is started automatically ‱ Shuts down after 2 minutes
  • 36. © Novell, Inc. All rights reserved.36 Solved Problems ‱ PolicyKit action ID – Created from function name – Checked before function call ‱ Stateful YaST modules – Stateless wrappers (YaPI) – Lock(), Unlock() methods ‱ YaST module autoloading – No need to load all YaST modules ‱ YCP data types and special values – Additional interface ‱ Bugfixes in Ruby DBus bindings