| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Previously, Bustle read directly from dbus-monitor, parsed the pcap
stream, then reserialized it back to a file.
dbus-monitor → bustle → UI
↓
file
Instead, use tee between dbus-monitor and Bustle to write the raw pcap
stream to disk:
dbus-monitor → tee → bustle
↓
file
This makes the code in Bustle quite a bit simpler.
|
|
|
|
Not used on the Haskell side yet.
|
|
Previously, we sent SIGKILL directly to the child process. If we're
monitoring the system bus, the child process is owned by root, so the
parent process can't send it signals. In this case, we relied on the
child process dying with "Broken pipe" when it next tries to write to
stdout (which we close).
If you run `pkexec dbus-monitor --system` in a terminal, you are able to
press Ctrl-C to send SIGINT to that privileged child process. This is
because the signal is not sent directly. Instead, the terminal emulator
writes ^C to the child's controlling terminal; the kernel turns this
into SIGINT and send that to the child.
We can do the same thing here. Here are the steps:
* Create a pseudo-terminal (PTY) master/slave (not my terminology) pair
* Make this PTY the controlling terminal for the child process:
* Make the slave FD the stdin for the child
* In a GSubprocessLauncher child_setup function, which runs between
fork() and exec():
* Move the process to a new session with setsid(), removing any
existing controlling terminal
* Call ioctl(STDIN_FILENO, TIOCSCTTY, 0) to set the stdin FD as the
controlling terminal
* When it comes time to kill the child, write ^C into the master side of
the PTY
We continue to send SIGINT (rather than SIGKILL; it seems kinder) the
old-fashioned way (in case something goes wrong setting the controlling
terminal) and closing the pipe so that the child eventually dies with
EPIPE (in case the old-fashioned way fails too).
A potential fly in the works is that, in the Flatpak case, the immediate
child is a flatpak-spawn process; `pkexec dbus-monitor --system` is
actually launched from the session helper. Happily, the session helper
already calls setsid() + TIOCSCTTY if any of stdin/stdout/stderr on the
spawned process are TTYs
<https://github.com/flatpak/flatpak/blob/1.0.1/session-helper/flatpak-session-helper.c#L182-L202>
so we just skip the child_setup function in that case.
See https://blog.nelhage.com/2011/02/changing-ctty/ for some useful
background reading on controlling terminals.
|
|
|
|
This has been defined since libpcap 1.2.1 in 2010.
|
|
This will allow the viewer to hide this connection even once it stops
unconditionally hiding all messages to and from the bus daemon.
|
|
We can just hide the object struct definition.
|
|
|
|
Modern versions of D-Bus have a BecomeMonitor method which allows a
sufficiently-privileged user (ie root) to capture all messages on the
system bus. Modern versions of dbus-monitor use this method, and support
pcap output natively.
This allows us to use pkexec to escalate just the dbus-monitor process,
and so add a way to monitor the system bus from within the UI. We can
also use Flatpak's HostCommand method (via `flatpak-spawn --host`) to do
the same from within the Flatpak sandbox. It's not much extra effort to
support monitoring an arbitrary bus by address, so that's wired up too.
Bustle itself still connects to the bus you're monitoring to dump all
current names, so will still require full session and system bus access.
If this fails, it's not considered fatal.
We assume that dbus-monitor is present on the host, and recent enough to
support --pcap. We'll see if this assumption is true in practice!
|
|
|
|
|
|
This reverts commit aa52f3c269046cc01d8340789caa1ffec4e202e7.
libpcap upstream has addressed the issue this was working around, so now
we can record and read back the full contents of D-Bus messages.
https://github.com/the-tcpdump-group/libpcap/commit/2be9c29
https://github.com/the-tcpdump-group/libpcap/commit/1a6b088
https://bugs.freedesktop.org/show_bug.cgi?id=100220
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=100220
|
|
Back in 2011 I don't think the magic number had been specified.
Thanks to Jaap Keuter for the prompt.
|
|
|
|
I have literally no idea how recording more than once in a Bustle
session ever worked before. This would crash (another bug) because
setting up the monitor failed because ending the first recording closed
the shared connection returned by g_bus_get_sync(). By making a private
connection we can be sure of not trampling on anything else that might
happen to be using the shared bus in the Bustle process.
|
|
This reverts commit b5bdd77ff2c8532365806bdfae490b59295fd795.
|
|
This squashes deprecation warnings about the old thread API.
|
|
The latter is deprecated. This seems like an extremely worthwhile change
to have to make.
|
|
|
|
|
|
This is kind of a regression because we get all the internal guff too,
so the counter in the UI is wrong. But the loader needs all the
messages, even the internal ones, to track name changes.
We'll later update the recorder not to count messages that don't show
any output, and not to feed them to the renderer.
|
|
This lets us move verbose output for the command line tool into the
command line tool, and also lays the foundation for actual live logging.
|
|
This is a refcounted boxed type.
|
|
|
|
This is a clearer name, matches the Haskell binding better, and means we
don't include two different headers called pcap.h.
|
