diff options
| author | Simon McVittie <smcv@collabora.com> | 2021-12-10 14:31:45 +0000 |
|---|---|---|
| committer | Simon McVittie <smcv@collabora.com> | 2021-12-10 16:48:51 +0000 |
| commit | 9d60676ae08b5ff1153ca5cb2e42bb4d5ec563cf (patch) | |
| tree | 0c7ee3621e5e7b08ddb508595a6b3b8eadbf12e4 /bus | |
| parent | 67f1a01f7bbb813d1664bd9a01dc8af3c2b469ca (diff) | |
| download | dbus-9d60676ae08b5ff1153ca5cb2e42bb4d5ec563cf.tar.gz | |
Disable the Containers interface
We've had a request for a 1.14.x stable-branch, but the Containers
interface is only partially implemented, not yet described in the
D-Bus Specification, and not ready to be part of our API guarantees.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'bus')
| -rw-r--r-- | bus/containers.c | 2 | ||||
| -rw-r--r-- | bus/driver.c | 4 | ||||
| -rw-r--r-- | bus/session.conf.in | 6 | ||||
| -rw-r--r-- | bus/system.conf.in | 4 |
4 files changed, 6 insertions, 10 deletions
diff --git a/bus/containers.c b/bus/containers.c index 213ce3c9..8abeca1f 100644 --- a/bus/containers.c +++ b/bus/containers.c @@ -27,6 +27,8 @@ #ifdef DBUS_ENABLE_CONTAINERS +#error This feature is not ready for production use + #ifndef DBUS_UNIX # error DBUS_ENABLE_CONTAINERS requires DBUS_UNIX #endif diff --git a/bus/driver.c b/bus/driver.c index 6f5451a1..ef1b957f 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -1975,7 +1975,9 @@ bus_driver_fill_connection_credentials (DBusCredentials *credentials, dbus_pid_t pid = DBUS_PID_UNSET; const char *windows_sid = NULL; const char *linux_security_label = NULL; +#ifdef DBUS_ENABLE_CONTAINERS const char *path; +#endif if (credentials == NULL && conn != NULL) credentials = _dbus_connection_get_credentials (conn); @@ -2030,6 +2032,7 @@ bus_driver_fill_connection_credentials (DBusCredentials *credentials, return FALSE; } +#ifdef DBUS_ENABLE_CONTAINERS /* This has to come from the connection, not the credentials */ if (conn != NULL && bus_containers_connection_is_contained (conn, &path, NULL, NULL)) @@ -2039,6 +2042,7 @@ bus_driver_fill_connection_credentials (DBusCredentials *credentials, path)) return FALSE; } +#endif return TRUE; } diff --git a/bus/session.conf.in b/bus/session.conf.in index ace073c9..affa7f1d 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in @@ -76,11 +76,5 @@ <limit name="max_names_per_connection">50000</limit> <limit name="max_match_rules_per_connection">50000</limit> <limit name="max_replies_per_connection">50000</limit> - <limit name="max_containers">10000</limit> - <limit name="max_containers_per_user">10000</limit> - <limit name="max_container_metadata_bytes">1000000000</limit> - <!-- This is relatively low so that app-containers (which we do not fully - trust) do not cause DoS. --> - <limit name="max_connections_per_container">16</limit> </busconfig> diff --git a/bus/system.conf.in b/bus/system.conf.in index 7c79a1ae..d2f3244b 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in @@ -126,10 +126,6 @@ <!-- <limit name="max_names_per_connection">512</limit> --> <!-- <limit name="max_match_rules_per_connection">512</limit> --> <!-- <limit name="max_replies_per_connection">128</limit> --> - <!-- <limit name="max_containers">512</limit> --> - <!-- <limit name="max_containers_per_user">16</limit> --> - <!-- <limit name="max_container_metadata_bytes">4096</limit> --> - <!-- <limit name="max_connections_per_container">8</limit> --> <!-- Config files are placed here that among other things, punch holes in the above policy for specific services. --> |