Recent fix of the DBUS default policy for system bus: https://bugs.freedesktop.org/show_bug.cgi?id=18229 https://bugzilla.redhat.com/show_bug.cgi?id=469151 seems to uncover a bug in the system-config-services default DBUS policy. The policy allows anyone to send messages to the org.fedoraproject.Config.Services interface. However, few more interfaces are implemented and required by s-c-services: .ServiceHerder, .Service, .SysVService, .ChkconfigService. If messages using those interfaces are supposed to be accepted, they need to be allowed by the policy. Alternatively, if all interfaces implemented by the s-c-services are expected to get dbus messages from anyone (and rely on PolicyKit to do the real authorization), you can use following intead: <!-- Only root can own the service --> <policy user="root"> <allow own="org.fedoraproject.Config.Services"/> </policy> <!-- Allow anyone to invoke all methods --> <policy context="default"> <allow send_destination="org.fedoraproject.Config.Services"/> </policy> As mentioned in e.g.: https://bugzilla.redhat.com/show_bug.cgi?id=475111#c1 this problem prevent s-c-services from starting on systems with updated dbus.
Besides this problem, there's also an issue with PolicyKit policy that breaks s-c-services, see bug #475200.
system-config-services-0.99.28-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/system-config-services-0.99.28-2.fc10
doesn't fix the issue quite yet :-(, now i get: Traceback (most recent call last): File "/usr/bin/system-config-services", line 945, in <module> GUI (use_dbus = use_dbus).run () File "/usr/bin/system-config-services", line 900, in __init__ self.serviceherders.append (cls (bus = self._bus)) File "/usr/lib/python2.5/site-packages/scservices/dbus/proxy/serviceherders.py", line 53, in __init__ for service_name in self.list_services (): File "/usr/lib/python2.5/site-packages/slip/dbus/polkit.py", line 48, in enable_proxy_wrapper return func (*p, **k) File "/usr/lib/python2.5/site-packages/scservices/dbus/proxy/serviceherders.py", line 66, in list_services return self.dbus_object.list_services (dbus_interface = "org.fedoraproject.Config.Services.ServiceHerder") File "/usr/lib/python2.5/site-packages/dbus/proxies.py", line 68, in __call__ return self._proxy_method(*args, **keywords) File "/usr/lib/python2.5/site-packages/dbus/proxies.py", line 140, in __call__ **keywords) File "/usr/lib/python2.5/site-packages/dbus/connection.py", line 630, in call_blocking message, timeout) dbus.exceptions.DBusException: org.freedesktop.DBus.Error.AccessDenied: A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface "org.freedesktop.PolicyKit" member "IsSystemBusNameAuthorized" error name "(unset)" destination ":1.39")
(In reply to comment #3) > doesn't fix the issue quite yet :-(, now i get: You need this as well: https://bugzilla.redhat.com/show_bug.cgi?id=475200#c7
ah thanks, system-config-services works with those packages :-)
wait, actually it does not. starting system-config-services results in a window showing no services at all in the list and "no services selected" in the right panel. leaving the first instance opened and starting a new one gives me the services list as expected.
system-config-services-0.99.28-2.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update system-config-services'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2008-11098
Bah, the mechanism also needs permissions to send signals: <allow send_type="signal" send_interface="org.fedoraproject.Config.Services.ServiceHerder" send_member="notify"/>
that line in /etc/dbus-1/system.conf (if it's supposed to be placed in there) fixed it :-)
(In reply to comment #9) > that line in /etc/dbus-1/system.conf (if it's supposed to be placed in there) > fixed it :-) I'd rather put it in /etc/dbus-1/system.d/org.fedoraproject.Config.Services.conf or wait for system-config-services-0.99.28-3.fc10 to be pushed.
true, that can save much hassle. thanks for the advice :-)
system-config-services-0.99.28-3.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update system-config-services'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2008-11098
*** Bug 475939 has been marked as a duplicate of this bug. ***
*** Bug 475162 has been marked as a duplicate of this bug. ***
system-config-services-0.99.28-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
*** Bug 476425 has been marked as a duplicate of this bug. ***
Could not launch system-config-services until updating PolicyKit using the test repository: su -c 'yum --enablerepo=updates-testing update PolicyKit' Fortunately, it is now fixed.