UpstartClient: Start the Kerberos dameon

Adds the ability to start the Kerberos dameon. Since most users probably won't use Kerberos, the daemon is not started by default, but on demand. BUG=chromium:933798 Change-Id: Iccb1f3228c154ae2e6d9b7e9db5fa419b74b2653 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1524288Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org> Commit-Queue: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#644394}

UpstartClient: Start the Kerberos dameon
Adds the ability to start the Kerberos dameon. Since most users probably won't use Kerberos, the daemon is not started by default, but on demand. BUG=chromium:933798 Change-Id: Iccb1f3228c154ae2e6d9b7e9db5fa419b74b2653 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1524288Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org> Commit-Queue: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#644394}
95ed1c72 · Lutz Justen · Commit Bot · 851bbc2e · 95ed1c72 · 95ed1c72
Commit 95ed1c72 authored Mar 26, 2019 by Lutz Justen Committed by Commit Bot Mar 26, 2019
7 changed files
--- a/chromeos/dbus/BUILD.gn
+++ b/chromeos/dbus/BUILD.gn
@@ -35,6 +35,10 @@ component("dbus") {
    # extracted. https://crbug.com/647367.
    "//chromeos/dbus/cryptohome",
    "//chromeos/dbus/cryptohome:cryptohome_proto",
+
+    # TODO(stevenjb): Remove once upstart gets its own BUILD.gn file.
+    # https://crbug.com/647367.
+    "//chromeos/dbus/kerberos",
    "//components/account_id",
    "//components/device_event_log",
    "//components/policy:cloud_policy_proto_generated_compile",

--- a/chromeos/dbus/kerberos/fake_kerberos_client.cc
+++ b/chromeos/dbus/kerberos/fake_kerberos_client.cc
@@ -9,18 +9,22 @@
 #include "base/bind.h"
 #include "base/location.h"
 #include "base/threading/thread_task_runner_handle.h"
+#include "base/time/time.h"
 #include "third_party/cros_system_api/dbus/kerberos/dbus-constants.h"

 namespace chromeos {
 namespace {

+// Fake delay for any asynchronous operation.
+const auto kTaskDelay = base::TimeDelta::FromMilliseconds(500);
+
 // Posts |callback| on the current thread's task runner, passing it the
 // |response| message.
 template <class TProto>
 void PostProtoResponse(base::OnceCallback<void(const TProto&)> callback,
                       const TProto& response) {
-  base::ThreadTaskRunnerHandle::Get()->PostTask(
-      FROM_HERE, base::BindOnce(std::move(callback), response));
+  base::ThreadTaskRunnerHandle::Get()->PostDelayedTask(
+      FROM_HERE, base::BindOnce(std::move(callback), response), kTaskDelay);
 }

 // Similar to PostProtoResponse(), but posts |callback| with a proto containing
@@ -41,6 +45,11 @@ FakeKerberosClient::~FakeKerberosClient() = default;

 void FakeKerberosClient::AddAccount(const kerberos::AddAccountRequest& request,
                                    AddAccountCallback callback) {
+  if (!started_) {
+    PostResponse(std::move(callback), kerberos::ERROR_DBUS_FAILURE);
+    return;
+  }
+
  if (accounts_.find(request.principal_name()) != accounts_.end()) {
    PostResponse(std::move(callback), kerberos::ERROR_DUPLICATE_PRINCIPAL_NAME);
    return;
@@ -53,6 +62,11 @@ void FakeKerberosClient::AddAccount(const kerberos::AddAccountRequest& request,
 void FakeKerberosClient::RemoveAccount(
    const kerberos::RemoveAccountRequest& request,
    RemoveAccountCallback callback) {
+  if (!started_) {
+    PostResponse(std::move(callback), kerberos::ERROR_DBUS_FAILURE);
+    return;
+  }
+
  kerberos::ErrorType error = accounts_.erase(request.principal_name()) == 0
                                  ? kerberos::ERROR_UNKNOWN_PRINCIPAL_NAME
                                  : kerberos::ERROR_NONE;
@@ -61,6 +75,11 @@ void FakeKerberosClient::RemoveAccount(

 void FakeKerberosClient::SetConfig(const kerberos::SetConfigRequest& request,
                                   SetConfigCallback callback) {
+  if (!started_) {
+    PostResponse(std::move(callback), kerberos::ERROR_DBUS_FAILURE);
+    return;
+  }
+
  base::Optional<AccountData> data = GetAccountData(request.principal_name());
  if (!data) {
    PostResponse(std::move(callback), kerberos::ERROR_UNKNOWN_PRINCIPAL_NAME);
@@ -75,6 +94,11 @@ void FakeKerberosClient::AcquireKerberosTgt(
    const kerberos::AcquireKerberosTgtRequest& request,
    int password_fd,
    AcquireKerberosTgtCallback callback) {
+  if (!started_) {
+    PostResponse(std::move(callback), kerberos::ERROR_DBUS_FAILURE);
+    return;
+  }
+
  base::Optional<AccountData> data = GetAccountData(request.principal_name());
  if (!data) {
    PostResponse(std::move(callback), kerberos::ERROR_UNKNOWN_PRINCIPAL_NAME);
@@ -89,6 +113,11 @@ void FakeKerberosClient::AcquireKerberosTgt(
 void FakeKerberosClient::GetKerberosFiles(
    const kerberos::GetKerberosFilesRequest& request,
    GetKerberosFilesCallback callback) {
+  if (!started_) {
+    PostResponse(std::move(callback), kerberos::ERROR_DBUS_FAILURE);
+    return;
+  }
+
  base::Optional<AccountData> data = GetAccountData(request.principal_name());
  if (!data) {
    PostResponse(std::move(callback), kerberos::ERROR_UNKNOWN_PRINCIPAL_NAME);

--- a/chromeos/dbus/kerberos/fake_kerberos_client.h
+++ b/chromeos/dbus/kerberos/fake_kerberos_client.h
@@ -59,6 +59,7 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) FakeKerberosClient
  using AccountsMap = std::unordered_map<std::string, AccountData>;
  AccountsMap accounts_;

+  // Whether the service has started by UpstartClient.
  bool started_ = false;

  KerberosFilesChangedCallback kerberos_files_changed_callback_;

--- a/chromeos/dbus/upstart/fake_upstart_client.cc
+++ b/chromeos/dbus/upstart/fake_upstart_client.cc
@@ -9,6 +9,8 @@
 #include "chromeos/dbus/auth_policy/fake_auth_policy_client.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/dbus/fake_media_analytics_client.h"
+#include "chromeos/dbus/kerberos/fake_kerberos_client.h"
+#include "chromeos/dbus/kerberos/kerberos_client.h"

 namespace chromeos {

@@ -55,6 +57,12 @@ void FakeUpstartClient::RestartAuthPolicyService() {
  FakeAuthPolicyClient::Get()->SetStarted(true);
 }

+void FakeUpstartClient::StartKerberosService(VoidDBusMethodCallback callback) {
+  KerberosClient::Get()->GetTestInterface()->set_started(true);
+  base::ThreadTaskRunnerHandle::Get()->PostTask(
+      FROM_HERE, base::BindOnce(std::move(callback), true));
+}
+
 void FakeUpstartClient::StartMediaAnalytics(
    const std::vector<std::string>& /* upstart_env */,
    VoidDBusMethodCallback callback) {

--- a/chromeos/dbus/upstart/fake_upstart_client.h
+++ b/chromeos/dbus/upstart/fake_upstart_client.h
@@ -27,6 +27,7 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) FakeUpstartClient : public UpstartClient {
               VoidDBusMethodCallback callback) override;
  void StartAuthPolicyService() override;
  void RestartAuthPolicyService() override;
+  void StartKerberosService(VoidDBusMethodCallback callback) override;
  void StartMediaAnalytics(const std::vector<std::string>& upstart_env,
                           VoidDBusMethodCallback callback) override;
  void RestartMediaAnalytics(VoidDBusMethodCallback callback) override;

--- a/chromeos/dbus/upstart/upstart_client.cc
+++ b/chromeos/dbus/upstart/upstart_client.cc
@@ -23,6 +23,7 @@ constexpr char kStopMethod[] = "Stop";

 constexpr char kUpstartJobsPath[] = "/com/ubuntu/Upstart/jobs/";
 constexpr char kAuthPolicyJob[] = "authpolicyd";
+constexpr char kKerberosJob[] = "kerberosd";
 constexpr char kMediaAnalyticsJob[] = "rtanalytics";
 // "wilco_5fdtc_5fdispatcher" below refers to the "wilco_dtc_dispatcher" upstart
 // job. Upstart escapes characters that aren't valid in D-Bus object paths
@@ -60,6 +61,10 @@ class UpstartClientImpl : public UpstartClient {
                  EmptyVoidDBusMethodCallback());
  }

+  void StartKerberosService(VoidDBusMethodCallback callback) override {
+    StartJob(kKerberosJob, {}, std::move(callback));
+  }
+
  void StartMediaAnalytics(const std::vector<std::string>& upstart_env,
                           VoidDBusMethodCallback callback) override {
    StartJob(kMediaAnalyticsJob, upstart_env, std::move(callback));

--- a/chromeos/dbus/upstart/upstart_client.h
+++ b/chromeos/dbus/upstart/upstart_client.h
@@ -59,6 +59,9 @@ class COMPONENT_EXPORT(CHROMEOS_DBUS) UpstartClient {
  // Restarts authpolicyd.
  virtual void RestartAuthPolicyService() = 0;

+  // Starts kerberosd.
+  virtual void StartKerberosService(VoidDBusMethodCallback callback) = 0;
+
  // Starts the media analytics process.
  // |upstart_env|: List of upstart environment variables to be passed to the
  // upstart service.