dbus_skill
- Shell
25
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill martinholovsky/claude-skills-generator --skill dbus- SKILL.md19.7 KB
Overview
This skill is an expert D-Bus IPC assistant for Linux focused on secure, auditable inter-process communication. It emphasizes using the session bus by default, blocking high-risk system services, enforcing timeouts, and logging every operation. It is designed for safe method calls, signal handling, and controlled property access. High-risk operations require explicit elevated permissions and validation.
How this skill works
The skill validates target bus names, checks against a blocked-services list, and chooses the appropriate bus type (session or system) before creating proxies. It performs method calls with enforced timeouts and wraps results with audit logging and optional credential checks. Signal subscriptions are filtered and whitelisted, and property reads use batching and optional caching to reduce bus load. Privileged actions require an elevated permission tier and explicit validation.
When to use it
- Integrating user-level apps with desktop services (use session bus).
- Monitoring safe, whitelisted signals from desktop components.
- Reading or batching properties from services where freshness and performance matter.
- When you need to call D-Bus methods but must enforce timeouts and audit logs.
- Only use system bus operations when elevated permission is explicitly granted.
Best practices
- Prefer session bus and least-privilege access by default.
- Validate and sanitize bus names and object paths before use.
- Maintain a blocked-services and blocked-interfaces allowlist for high-risk targets.
- Reuse bus connections, batch property reads, and cache with TTL to reduce load.
- Enforce timeouts, audit all operations, and validate peer credentials for sensitive calls.
Example use cases
- A desktop notifier that reads ServerCapabilities from org.freedesktop.Notifications with caching and batching.
- A media controller that queries org.mpris.MediaPlayer2 properties and writes Volume when permitted.
- A secure signal monitor that only subscribes to approved signals and logs receipts for auditing.
- An automated task that calls a non-privileged service method with a strict timeout to avoid hangs.
- A diagnostic tool that fetches peer credentials for troubleshooting connection ownership and permissions.
FAQ
Use the session bus for user-level operations. Only use the system bus when the action requires system-level access and the caller has an elevated permission tier.
How do I avoid blocking privileged services?
Maintain a BLOCKED_SERVICES list and validate target names against it before any get_object or call_method operation; raise an explicit SecurityError for blocked targets.
How are timeouts handled for long-running calls?
Set a method call timeout on the client (default example: 30s). Catch D-Bus timeout errors and map them to a TimeoutError to ensure callers can handle retries or fallbacks.