Re: D-BUS versus GDOMAP (WINDOWS users please note)

[Richard Frith-Macdonald]

On 31 Aug 2004, at 08:04, Rogelio Serrano wrote:

> I think DO is more like the libdbus layer not the message bus layer.
Yes, the encoding and transport part of DO (eg NSPortCoder and 
NSSocketPort) is conceptually similar to libdbus,
While the nameserver part of DO is (very roughly) comparable to message 
bus, it's actually quite different.

> Im not really interested in using it. We can instead create something 
> similar to the dbus daemon.

Where I work, we have *long* had a daemon process on each machine which 
we used to launch and shut down processes to provide services.  It's a 
very useful facility, and is the main strongpoint I see for the dbus 
daemon.  In OpenStep/GNUstep the NSWorkspace class and services system 
should provide similar functionality, but at present only do so for the 
local host.
It would be good if GNUstep provided a daemon which could implement 
autolaunch of service providing applications remotely in some secure 
way.  Using the dbus daemon for this might be quite simple ... but then 
we would need to link with that extra external library.  I'd be in 
favour of that if d-bus was a standard part of all major linux 
distributions and easily available for  other unix implementations and 
ms-windows, but I don't see that being the case any time soon - so your 
idea of writing a lightweight implementation sounds better to me right 
now.

> Can DO use unix domain sockets?

Yes ... but only on unix.  I'd like to see an equivalent for windows.

> Im more intereseted in using the message bus daemon idea to emulate 
> mac os x boot services. And on demand startup of system services. So I 
> can simplify my init.app. its a mess now with boot script tracking and 
> dependency tracking and system shutdown.

That sounds like a good idea.   The main issue (after implementing 
basic functionality to start/stop services by name of course), is how 
to combine ease of use with security.  While dbus provides a specific 
security protocol to authorise connections via a variety of mechanisms, 
this really rather misses the point.  Passing authentication tokens and 
encrypting stuff is fairly straightforward (the GNUstep DO system can 
already do it) ... what's important is working out how to easily 
configure the processes to have the correct security tokens and enforce 
the security policies.  We don't have any way to do that now, and d-bus 
wouldn't help.

IMO what would be good would be to write a proxy class to handle 
security issues over DO (a server would only vend these proxies rather 
than vending objects directly), and write easy to use gui and command 
line tools for configuring policy and security tokens for applications. 
 The NSConnection class could then be trivially modified to check that, 
when setting a root object for the connection, the object was an 
instance of the security proxy class.