Summary: | sys-apps/dbus-1.15.2: socket in /tmp instead of /run/dbus | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Holger Hoffstätte <holger> |
Component: | Current packages | Assignee: | Freedesktop bugs <freedesktop-bugs> |
Status: | RESOLVED WORKSFORME | ||
Severity: | normal | CC: | sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.debian.org/78791 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 875518 |
Description
Holger Hoffstätte
2022-10-06 14:19:39 UTC
This might also affect the recently added 1.14.4 but I haven't checked. Yeah, it's: • On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie) I guess. https://gitlab.freedesktop.org/dbus/dbus/-/commit/f01382ae310c7d63790c07ed280f575d91ea57b8 https://gitlab.freedesktop.org/dbus/dbus/-/commit/4033dc57869b9e517e9fc01b338d26e0faed61c1 See also this tmpreaper bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=78791. The system bus continues to live at /run/dbus/system_bus_socket. Session buses never created sockets in /run/dbus. Per the notes in comment 2, they used to be "abstract", meaning they had no presence in the filesystem at all. Now they live in /tmp instead. This is an intentional change by dbus upstream. You will need to fix whatever cleanup scripts you use to not remove the sockets from /tmp. |