DBus.Error.AccessDenied:拒绝。基于 TCP 的 DBUS
DBus.Error.AccessDenied: Rejected. DBUS over TCP
在以下 Whosebug 答案的帮助下 here and 我能够通过 TCP/IP 远程成功连接到系统 DBUS。
并使用 D-FEET 我能够验证连接。
如上图所示,我可以访问远程总线,并且可以成功调用 org.freedesktop.hostname1对象及其接口。
但是在尝试访问 com.aldogroup.Calculator 时,我抛出了以下异常
这个AccessDenied在访问其他服务时也会出现org.bluez(我没能找到模式)
更新
我的system.conf文件
<busconfig>
<listen>tcp:host=0.0.0.0,port=55557,family=ipv4</listen>
<listen>unix:tmpdir=/tmp</listen>
<auth>ANONYMOUS</auth>
<allow_anonymous/>
<apparmor mode="disabled"/>
<policy user="root">
<allow own="com.aldogroup.Calculator"/>
<allow send_destination="com.aldogroup.Calculator"/>
<allow send_interface="com.aldogroup.Calculator"/>
<allow send_type="method_call"/>
</policy>
</busconfig>
DBUS busctl 输出
root@aldogroup-dart-6ul-1b6be6:~# busctl introspect com.aldogroup.Calculator /com/aldogroup/Calculator
NAME TYPE SIGNATURE RESULT/VALUE FLAGS
com.aldogroup.Calculator interface - - -
.Divide method xx x -
.Multiply method xx x -
org.freedesktop.DBus.Introspectable interface - - -
.Introspect method - s -
org.freedesktop.DBus.Peer interface - - -
.GetMachineId method - s -
.Ping method - - -
org.freedesktop.DBus.Properties interface - - -
.Get method ss v -
.GetAll method s a{sv} -
.Set method ssv - -
.PropertiesChanged signal sa{sv}as - -
此致,
西蒙
我通过在 /etc/dbus-1/system.d/
中创建一个 .conf 文件来修复它
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="com.aldogroup.Calculator"/>
<allow send_destination="com.aldogroup.Calculator"/>
<allow send_interface="com.aldogroup.Calculator.Divide"/>
<allow send_interface="com.aldogroup.Calculator.Multiply"/>
</policy>
<policy at_console="true">
<allow send_destination="com.aldogroup.Calculator"/>
</policy>
<policy context="default">
<allow send_destination="com.aldogroup.Calculator"/>
</policy>
</busconfig>
不确定为什么 system.conf 中指定的政策没有完成这项工作。
已接受答案中的解决方案对我来说不太适用。相反,我使用了以下内容:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="pi">
<allow eavesdrop="true" />
<allow eavesdrop="true" send_destination="*" />
<allow own="com.example.calculator" />
</policy>
</busconfig>
完成后,运行:
sudo systemctl restart dbus
在以下 Whosebug 答案的帮助下 here and
如上图所示,我可以访问远程总线,并且可以成功调用 org.freedesktop.hostname1对象及其接口。
但是在尝试访问 com.aldogroup.Calculator 时,我抛出了以下异常
这个AccessDenied在访问其他服务时也会出现org.bluez(我没能找到模式)
更新
我的system.conf文件
<busconfig>
<listen>tcp:host=0.0.0.0,port=55557,family=ipv4</listen>
<listen>unix:tmpdir=/tmp</listen>
<auth>ANONYMOUS</auth>
<allow_anonymous/>
<apparmor mode="disabled"/>
<policy user="root">
<allow own="com.aldogroup.Calculator"/>
<allow send_destination="com.aldogroup.Calculator"/>
<allow send_interface="com.aldogroup.Calculator"/>
<allow send_type="method_call"/>
</policy>
</busconfig>
DBUS busctl 输出
root@aldogroup-dart-6ul-1b6be6:~# busctl introspect com.aldogroup.Calculator /com/aldogroup/Calculator
NAME TYPE SIGNATURE RESULT/VALUE FLAGS
com.aldogroup.Calculator interface - - -
.Divide method xx x -
.Multiply method xx x -
org.freedesktop.DBus.Introspectable interface - - -
.Introspect method - s -
org.freedesktop.DBus.Peer interface - - -
.GetMachineId method - s -
.Ping method - - -
org.freedesktop.DBus.Properties interface - - -
.Get method ss v -
.GetAll method s a{sv} -
.Set method ssv - -
.PropertiesChanged signal sa{sv}as - -
此致,
西蒙
我通过在 /etc/dbus-1/system.d/
中创建一个 .conf 文件来修复它<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="com.aldogroup.Calculator"/>
<allow send_destination="com.aldogroup.Calculator"/>
<allow send_interface="com.aldogroup.Calculator.Divide"/>
<allow send_interface="com.aldogroup.Calculator.Multiply"/>
</policy>
<policy at_console="true">
<allow send_destination="com.aldogroup.Calculator"/>
</policy>
<policy context="default">
<allow send_destination="com.aldogroup.Calculator"/>
</policy>
</busconfig>
不确定为什么 system.conf 中指定的政策没有完成这项工作。
已接受答案中的解决方案对我来说不太适用。相反,我使用了以下内容:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="pi">
<allow eavesdrop="true" />
<allow eavesdrop="true" send_destination="*" />
<allow own="com.example.calculator" />
</policy>
</busconfig>
完成后,运行:
sudo systemctl restart dbus