else/clan-sidebus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
D-Bus proxy-manager-thing sidecar for VMs
33 commits 3 branches 1 tag 111 KiB
Find a file
Val Packett 2626130659 Add Notification support
2026-02-06 05:05:07 -03:00
nixosModules move nixos module to external file 2026-01-16 15:34:17 +01:00
sidebus-agent Switch over to a reverse connection scheme (bridge to a guest bus) 2025-12-05 08:18:44 -03:00
sidebus-broker Add Notification support 2026-02-06 05:05:07 -03:00
sidebus-common When splicing, drop unix fds 2025-07-18 02:17:21 -03:00
.envrc Initial commit 2025-07-11 01:05:56 -03:00
.gitignore gitignore more stuff 2025-07-16 02:33:06 -03:00
Cargo.lock Unhardcode user IDs 2025-12-05 04:58:11 -03:00
Cargo.toml Add hosted bus module based on busd 2025-07-11 01:06:31 -03:00
CONTRIBUTING.md Initial commit 2025-07-11 01:05:56 -03:00
flake.lock drop rust-overlay, use rustc from nixpkgs 2026-01-16 15:31:56 +01:00
flake.nix move nixos module to external file 2026-01-16 15:34:17 +01:00
LICENSE.md Initial commit 2025-07-11 01:05:56 -03:00
README.md Switch over to a reverse connection scheme (bridge to a guest bus) 2025-12-05 08:18:44 -03:00

README.md

sidebus

(it.. runs as a "sidecar" to a VM.. but manages D-Bus.. get it?)

A cross-domain smart D-Bus proxying system that makes (some) XDG Desktop Portals work across virtual machines.

Design Overview

  • sidebus-broker host process:
    • to be launched alongside the VMM
    • hosts a "private" bus for VM-instance-specific daemons such as permission-store and document-portal
    • listens on vsock (or on a unix socket that muvm would proxy as vsock) and connects to the VM bus as a client when the agent connects
    • orchestrates the lifecycle of the aforementioned daemons + virtiofsd
      • (we are sharing the directory provided by the document-portal FUSE filesystem!)
    • provides portal front-end interfaces like org.freedesktop.portal.FileChooser on the VM bus
      • by proxying to the host session's xdg-desktop-portal!..
        • (not talking directly to impls: don't want to reimplement per-DE portal selection; also 1:1 mapping is nicer to code)
      • but with extra hooks like exposing files to the guest using our private (per-VM) document-portal!
  • sidebus-agent guest process:
    • connects to the broker over vsock and splices the connection into the VM (session) bus
    • can be spawned spawned on-demand by D-Bus
    • uses systemd credentials for config args like vsock port
      • (very convenient to pass via the VMM, e.g. qemu: -smbios type=11,value=io.systemd.credential:sidebus.port=1337)

Development Notes

  • the Nix flake provides paths to the daemons we run via environment variables.. conveniently, both in the release build and in the dev shell (so rust-analyzer doesn't complain)!
  • the --debug-access flag of sidebus-broker allows for testing on the host, without needing to connect over vsock, e.g.:
    • clear; rm /tmp/b/* ; mkdir -p /tmp/{b,r} ; RUST_LOG=debug cargo run --bin sidebus-broker -- --debug-access /tmp/b --vsock-port 1234 --runtime-dir /tmp/r
    • GTK_A11Y=none DBUS_SESSION_BUS_ADDRESS=unix:path=/tmp/b/vm.sock ashpd-demo

Acknowledgments

Spectrum's work on a similar system has been very helpful during the development process.