We reached another milestone with kdbus today: with the exception of policy enforcement userspace is pretty much complete now. We can boot-up a system with a kdbus system bus now, and everything simply works. That was quite some work to get right, since we needed to provide quite a few compatibility bits and pieces for this. For example, while doing the switch from dbus1 to kdbus we also added GVariant as mandatory marshalling, which requires us to do remarshal messages when old clients are connected via the dbus1 protocol to kdbus. Then, we decided to deprecate NameLost/NameAcquired on kdbus, but we needed to synthesize them for old clients. The credentials logic needed support for doing things "on behalf" of other clients, thus being able to pretend to be somebody else. This is necessary since legacy clients connect to kdbus via a compatibility proxy, and we don't want that proxy service to show up as the name owner on the bus (which would be problematic, since PolicyKit and suchlike relies on the user credentials) but the actual client behind the proxy. We needed support for answering "bus driver" requests, even though modern clients would directly use ioctl()s for them. systemd needed to learn kdbus-style activation and get a generator to support old-style bus activation snippets. And so on, and so on. All that's done now, cleanly and even got a bit of testing because  +Kay Sievers and I work exclusively on kdbus machines now, and have said goodbye to old dbus-daemon!

The last bit to make this all work was a work-around I had to hack in for gdm to work. gdm does something that nobody should ever do: it has two services on the bus, and they call methods on each other, synchronously. Of course while waiting for a method call to finish the sides won't respond to the method calls of the other side, which results in a dead-lock if both do it at the same time. Now, this borkage never became apparent on dbus1 since bus policy actually disallowed the relevant requests to succeed. Since kdbus currently runs with a NULL policy however, those requests are queued to the other side and the whole thing deadlocks. Or in other words: on classic dbus1 the bus policy is the only thing that keeps gdm for deadlocking constantly.

Tracking this down was not fun I can tell you... I filed a bug about this programming fuckup in gdm:


And I also added a temporary hack to our bus proxy, to simply refuse the offending method calls too, until we add compat enforcement of the old XML policy to our bus proxy to make this unnecessary:


Anyway, long story short: if you want to run your system with only kdbus, it's a great time now, everything should just work. Of course, due to the NULL policy it will be horribly insecure but security is for pussies anyway, right?

To test this, just grab the newest systemd from git:

git clone git://anongit.freedesktop.org/systemd/systemd
cd systemd
./autogen.sh c && make -j 8 && sudo make install

And the newest kdbus from git:

git clone https://code.google.com/p/d-bus/ kdbus
cd kdbus
make -j 8 && sudo make install

Then, you can boot forth and back between kdbus and dbus-daemon as system bus simply by passing "kdbus" (or omitting it) as additional argument on the kernel comand line.

This has been tested on Fedora 20. It should work on other really recent distros too. Of course you should know what you do, this might likely break your system. And yeah, you need to install some deps to make systemd and kdbus build, but I am sure you'll figure those out, right?

+Ryan Lortie plans to port gdbus natively onto kdbus, which would bring us another big step ahead. Given the requirement for GVariant marshalling supporting the old libdbus directly on kdbus is not trivial, you'd have to write a second marshaller for this for libdbus. We'd certainly invite you to hack on this though! From our own perspective the compat proxy we now have is good enough for the old libdbus1 clients.

Consider this all a late christmas present from +Kay Sievers, +Daniel Mack and yours truly. Merry Christmas!
Shared publiclyView activity