Search code examples
pythonlinuxtcpdbus

DBus.Error.AccessDenied: Rejected. DBUS over TCP

With the help of the following Stackoverflow answers here and here I was able to successfully connect to the system DBUS remotely over TCP/IP. And using D-FEET I'm able to verify the connection. enter image description here

As can be seen by the above screenshot, i'm able to access the remote bus, and i'm able to successfully call the org.freedesktop.hostname1 object and its interfaces.

But while attemtping to access the com.aldogroup.Calculator, I get the following exception thrown enter image description here

This AccessDenied also occurs when accessing other services such as the org.bluez (I haven't been able to find a pattern)

UPDATE

My system.conf file

<busconfig>                                                                     
        <listen>tcp:host=0.0.0.0,port=55557,family=ipv4</listen>                
        <listen>unix:tmpdir=/tmp</listen>                       

        <auth>ANONYMOUS</auth>                                  
        <allow_anonymous/>               
        <apparmor mode="disabled"/>
        <policy user="root">       
                <allow own="com.aldogroup.Calculator"/>
                <allow send_destination="com.aldogroup.Calculator"/>
                <allow send_interface="com.aldogroup.Calculator"/>  
                <allow send_type="method_call"/>                    
        </policy>                                                   
</busconfig>

DBUS busctl output

root@aldogroup-dart-6ul-1b6be6:~# busctl introspect com.aldogroup.Calculator /com/aldogroup/Calculator
NAME                                TYPE      SIGNATURE RESULT/VALUE FLAGS
com.aldogroup.Calculator            interface -         -            -
.Divide                             method    xx        x            -
.Multiply                           method    xx        x            -
org.freedesktop.DBus.Introspectable interface -         -            -
.Introspect                         method    -         s            -
org.freedesktop.DBus.Peer           interface -         -            -
.GetMachineId                       method    -         s            -
.Ping                               method    -         -            -
org.freedesktop.DBus.Properties     interface -         -            -
.Get                                method    ss        v            -
.GetAll                             method    s         a{sv}        -
.Set                                method    ssv       -            -
.PropertiesChanged                  signal    sa{sv}as  -            -

Best regards,

Simon

Solution

  • I fixed it by creation a .conf file in /etc/dbus-1/system.d/

    <!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
    <policy user="root">
        <allow own="com.aldogroup.Calculator"/>
        <allow send_destination="com.aldogroup.Calculator"/>
        <allow send_interface="com.aldogroup.Calculator.Divide"/>
        <allow send_interface="com.aldogroup.Calculator.Multiply"/>
    </policy>
    <policy at_console="true">
        <allow send_destination="com.aldogroup.Calculator"/>
    </policy>
    <policy context="default">
        <allow send_destination="com.aldogroup.Calculator"/>
    </policy>
</busconfig>

    Not sure why the policies specified in system.conf didn't do the job.