We have to see, we have to know...
Lately, I wanted debug a problem with NetworkManager. As this service communicates via DBUS I wanted to intercept all traffic on the bus to see what happens there.
But it appears that even root doesn't have the authority to sniff the DBUS by default. In my opinion, this is a very strange default setting and makes troubleshooting unneccesarily difficult. I understand that the system bus is well-protected, but there is no extra security in disallowing root this privilege.
I tried various "solutions" I found on google, but the only thing that worked for me is to completely disable the DBUS security policy (temporarily), replacing the
<policy> in /etc/dbus/system.conf with:
I also had to comment out the following, which loads a special permissions file for each installed application.
A system restart was needed after this, after which I was finally able to see everything on the system bus. Be very careful about making changes to the system bus, because the entire system is dependent on it these days (Keyboard and mouse did not work inside X anymore after making a wrong change).
After changing the security policy, you will see everything with the following command
Don't do this if more people can log in to your host (and access services bound on localhost), as they'll have a way to do bad stuff™. Don't forget to re-enable the security afterwards, it's there for good reason.