ND-Bus: Overall design

Glossary

The following terms are defined within the ND-Bus specification:

Domain: Abstraction for operating system context.
User: Abstraction for what a user is in Unix.
Service group: Abstraction for what session bus, system bus and similar are in D-Bus.
Service: Abstraction for what a process is in Unix.
Instance identifiers: Each service group has a name that specifies what this group is good for. There might be multiple service groups for the same purpose, so they both have the same name. These instances can be identified/differentiated by their instance identifers. It's the same with services. For example if a user runs 3 gnome sessions in parallel, they all can have the service group name "gnome_session", but their instance identifiers are 0,1 and 2.
Instance contingent: The number of instances of a particular service group can be restricted. The total amount is called instance contingent. When the maximum number of registered service group instances has been reached we say the instance contingent is exhausted. The same applies to services.
Service group master service: The service that created a service group.
Service identification: Uniquely identifies a service by the set of its corresponding domain, user, service group and service.
Node tree: Structured view on the nodes of a service.
Node: Abstract container for interfaces and nodes.
Interface: Abstraction for what objects are in object oriented programming.
Method: Function within an interface. Functions have input and output parameters. Methods are called by remote services and executed by its interface.
Signal: Special function within an interface. Signals have output parameters only. Signals are emitted by its containing interface. Remote services can register to a particular signal to receive it.

Hierarchy

The term service is of central relevance within the ND-Bus terminology. A service is something that does something, provides some functionality to something else and may make use of the functionality of something else.

ND-Bus is about connecting services.

Todays operating systems encapsulate certain functionality within applications. The term service is more abstract. ND-Bus does not know about applications. So it depends on the implementation what part of computer software offers a ND-Bus service. Normally it is an application that will provide exactely one service, but of course is also possible that an application or that something else, e.g. a simple microcontroller firmware without an OS or the kernel of an OS, offers one or more services.

In ND-Bus services are hierarchically organized. On top is a mesh of domains. Domain is an abstraction for an organizational unit. With nowadays computers a domain normally includes exactely one operating system instance. Within a domain the next organizational unit are the users. Users can be anything, normally they are the people who use the OS (Unix/Windows user). On the next level there are the servicegroups that bundle services on arbitrary criterions. E.g. all services that belong to a particular desktop session are grouped together or all services that belong to the OS kernel. The next level are the services themselves. So: every service belongs to exactely one domain, exectely one user and exectely one servicegroup. If multiple servicegroups bundle the same kind of services those servicegroups can have same name, but they can still be differentiated by their unique instance identifiers. This is analogous with service that provide the same functionality.

Hierarchy (loose notation)

Every service within ND-Bus can play exactely one role. An ordinary service (e.g. mediaplayer, terminal emulator, webbrowser) has the role customer. But within every domain there must be exectely one service in the role of the agent. This one mainly acts as a broker to help the customers to connect to each other. One can see if a service is agent or customer by its name: An agent is always service "org.ndbus.agent" (with instance identifier 0) within user "ndbus" and servicegroup "ndbus" (with instance identifier 0).

Example domain (loose notation)

Like already stated, service provide functionality. This includes methods, signals and data represented as files. All these are again hierarchically organized within a service. This hierarchy is a tree. Within the tree there are containers called nodes. A node can again contain nodes and other things: files and interfaces. An interface is an abstraction similar to objects in object-oriented programming languages. Interfaces can contain methods and signals.

Valid names

The various names in ND-Bus have some restrictions:

All names have a maximum length of 255 characters
All names are case sensitive
Names for domain, user, servicegroup, service, file and interface must exactely match:
([A-Za-z_]+[A-Za-z0-9_]*)(\.([A-Za-z_]+[A-Za-z0-9_]*))*
Names for nodes, methods and signals must exactely match: [A-Za-z_]+[A-Za-z0-9_]*
Exception: The root node of the tree has the fixed name "/".
Parameter names of methods and signals must exactely match: [A-Za-z_]+[A-Za-z0-9_]*

Types

In various places the ND-Bus specification refers to particular data types, e.g. in the context of message formats. Especially can methods and signals only use a limited set of specific types as parameters. It is not possible to use other types than listed below, but with List<Variant> and Map<String, Variant> one can construct arbitrarily complex data structures of the given types.

Conventinal name	Description

Entities

All the things named before, means: domains, users, servicegroups, services, nodes, files, interfaces, methods and signals, are generally refered to as "entities" to make it easier to talk about them.

An entity is described by a combination of a classifier, name and parameters. The combination is the signature of the entity. The signature is a STRING formated as: <classifer>;<name>(;<parameter>)*. The number and format of the parameters and depend on the classifier. Every kind of entity has a unique classifier.

Valid classifiers

Classifiers are of type UINT8 and must be given in their decimal representations with no leading zeros.

Conventional name	Decimal value
DOMAIN	0
USER	1
SERVICEGROUP	2
SERVICE	3
NODE	4
FILE	5
INTERFACE	6
METHOD	7
SIGNAL	8

Valid entity parameters

As stated before, entity signatures may include zero or more parameters. The number of parameters is fixed for a given classifier.

Domain

No parameters.

User

No parameters.

Servicegroup

Has its instance identifer as parameter. It is of type UINT32 and must be given in its decimal representation with no leading zeros. In some context the the parameter may be left blank (empty string).

Service

Node

Has its path as parameter. Thus parameter must be a valid path, means left blank (empty string) when node is "/" or otherwise exactely match: /|(/<name>)+, where <name> is a valid node name, but not "/".

File

No parameters.

Interface

No parameters.

Method

Has 2 parameters:

Parameter 0: List of the input parameters of the method
Parameter 1: List of the output parameters of the method

Both parameters use the same format: (<type>=<param>)+(,<type>=<param>)*, where <type> is a valid type name and <param> is a valid method parameter name. A parameter can be left blank (empty string) to indicate an empty parameter list.

Signal

Has as parameter the list of the output parameters of the signal. The parameters uses the format: (<type>=<param>)+(,<type>=<param>)*, where <type> is a valid type name and <param> is a valid method parameter name. The parameter can be left blank (empty string) to indicate an empty parameter list.

Entity identifiers

The combination of domain, user, servicegroup and service uniquely identifies a service within ND-Bus. Nodes, files, interfaces, methods and signals are parts of a particular service and thus are organized in a tree structure. A particular entitiy can be refered to either by its complete identifier or by its short identifier which omits domain, user, servicegroup and service. Which identifier can be used depends on the context. Such an identifier is a sequence of ":"-separeted signatures defining the position of an entity within a ND-Bus system, starting from the domain.

Examples for complete identifiers:
Node: 0;local.alice:1;peter:2;kdesession;0:3;org.kde.amarok,0:4;control;/app/main
Root node: 0;local.alice:1;peter:2;kdesession;0:3;org.kde.amarok,0:4;/;
Method: 0;local.bob:1;peter:2;kde;0:3;org.app,0:4;/;:6;org.nice:7;doIt;;
Service: 0;local.bob:1;peter:2;terminal;0:3;cc.funny.tool;1337
Domain: 0;org.ndbus

Same examples for short identifiers:
Node: 4;control;/app/main
Root node: 4;/;
Method: 7;doIt;;
Service: not applicable
Domain: not applicable

Transport

Services talk to each other via sockets. The ND-Bus specification describes 3 different kinds of sockets that services may use as transport mechanism:

Local sockets: Can only be used for local connections. Implemented on top of Unix domain sockets. Fast and secure, recommanded for local connections. Exeption: On Windows it's fast, too, but insecure, because there it is implemented on top of Named Pipes. If you don't trust your Windows installation (and programs and users) then don't use local sockets.
TCP sockets: On systems that don't support local sockets one can use TCP sockets for the local connections. It is also possible to use TCP sockets for the remote connections. TCP sockets are slower than local sockets and insecure. So in general it is not recommanded to use them without reasons.
TLS sockets: This is recommanded for remote connections. It is much slower than TCP sockets but secure.

Message format

All ND-Bus communication is point-to-point so there is no need for addressing information within messages. The message is the smallest logical entity within the protocol. Every message belongs to a single transmission. Within each transmission each message has a unique message sequence number (MSN). Within each connection each transmission has a unique transmission sequence number (TSN). The message size (MS) indicated the number of bytes of the whole encoded message (including the size information itself). MS, TSN, MSN and MT form the message header (MH). All contents of a message must be encoded in the ND-Bus DataStream format.

Field index	Type	Description
0	`UINT32`	Message size
1	`UINT32`	Transmission sequence number
2	`UINT32`	Message sequence number
3	`UINT32`	Message type

The MH may be followed by the payload of the message. If a message contains any payload and how it is formatted depends on the message type (MT):

Conventional name	Decimal value	Description
`ERROR`	0	Error reply
`METHOD`	1	Method call
`METHOD_RETURN`	2	Method reply with returned data
`FILE`	3	File request
`FILE_PART`	4	Reply to file request with part of file
`FILE_ACK`	5	Reception of file part acknowleged (if part left: ready for next)
`AUTH`	6	Authentication request for previously requested action
`AUTH_RETURN`	7	Authentication reply
`SIGNAL_SUBSCRIBE`	8	Signal subscription request
`SIGNAL_ACK`	9	Signal subscription reply
`SIGNAL`	10	Signal emission

Format of ERROR message payload

Field index	Type	Description
0	`UINT32`	Error code (depends on context)
1	`STRING`	Error message (depends on context)

Format of METHOD message payload

Field index	Type	Description
0	`STRING`	Node
1	`STRING`	Interface
2	`STRING`	Method
3	`VARIANTLIST`	Input

Format of METHOD_RETURN message payload

Field index	Type	Description
0	`VARIANTLIST`	Output

Format of FILE message payload

Field index	Type	Description
0	`STRING`	Node
1	`STRING`	File

Format of FILE_PART message payload

Field index	Type	Description
0	`UINT32`	Parts left (last part: 0)
1	`BYTEARRAY`	Part of file

Format of FILE_ACK message payload

This message type contains no payload.

Format of AUTH message payload

Field index	Type	Description
0	`BYTEARRAY`	Chunck as challenge for authentication procedure

Format of AUTH_RETURN message payload

Field index	Type	Description
0	`BYTEARRAY`	Returned chunck of authentication procedure

Format of SIGNAL_SUBSCRIBE message payload

Field index	Type	Description
0	`STRING`	Node
1	`STRING`	Interface
2	`STRING`	Signal

Format of SIGNAL_ACK message payload

This message type contains no payload.

Format of SIGNAL message payload

Field index	Type	Description
0	`STRING`	Node
1	`STRING`	Interface
2	`STRING`	Signal
3	`VARIANTLIST`	Output

Connecting daemon to daemon

Daemon A of local.alice wants to connect to daemon B of local.bob.

A looks up the information to connect to B
A establishes network connection to B
A calls /:org.ndbus:hello on B
A calls /:org.ndbus:authenticate on B
A calls /:org.ndbus.daemon.daemons:connectDomains on B
A and B are now connected.

Connecting daemon to daemon

Connecting service to domain

Process P wants to connect to daemon A of local.alice A and become a service.

P looks up the information to connect to A
P establishes network connection to A
P calls /:org.ndbus:hello on A
P calls /:org.ndbus:authenticate on A
P calls /:org.ndbus.daemon.services:joinDomain on A
P calls /:org.ndbus.daemon.services:joinUser on A
P calls /:org.ndbus.daemon.services:joinServiceGroup on A
P calls /:org.ndbus.daemon.services:addService on A
P and A are now connected, P is service in desired servicegroup. P can now go on and adds its nodes, interfaces etc.

Connecting service to daemon

Connecting service to domain

Service A at daemon DA on local.alice wants to connect to service B at daemon DB on local.bob.

A calls /:org.ndbus.daemon.services:broker on DA (and thus asks for e.g. domain="local.bob", user="system",servicegroup="system",service="org.kernel.acpi")
DA looks up A, checks its policy and may deny the request
DA calls /:org.ndbus.daemon.daemons:broker on DB
B checks its policy and may deny the request
DB return session_cookie(X,Y) S to DA
DA returns S to A
A establishes network connection to B
A calls /:org.ndbus:hello on B (and thus identifies itself e.g. as domain="local.alice", user="barne",servicegroup="kdesession,0",service="cc.chubbyblackcat.funnyremotetool")
A calls /:org.ndbus.authenticate on B
B calls /:org.ndbus.daemon.services:broker on DB
DB returns S to B
B uses S to authenticate itself against A
A calls /:org.ndbus.service.services:connectServices on B (as this commands needs authentication, on success A and B now both are authenticated against each other (using S).
X and Y are now connected

Connecting service to service