When MCP elicitation is unavailable (most clients), fall back to
org.freedesktop.Notifications with Approve/Deny action buttons.
Opt-in via MCDBUS_NOTIFY_CONFIRM=1. Silence (timeout) is denial.
Fixes signal race where NotificationClosed stomped ActionInvoked
result in the same event loop iteration.
ctx.elicit() throws an exception (not CancelledElicitation) when the
MCP client doesn't implement the elicitation/create JSON-RPC method.
Wrap the call in try/except to treat protocol-level rejection the
same as CancelledElicitation. Found during live testing with Claude
Code CLI which doesn't support MCP elicitation yet.
Three-pillar fix from Hamilton review:
Code quality — validate_signature() for D-Bus spec compliance,
MCDBUS_TIMEOUT env var, replace 13 error-as-success returns with
ToolError, monotonic clock deadline on tree walks, sanitize D-Bus
error messages, fix resource connection leak via module-level
BusManager, hasattr guards in conftest.
Elicitation — ctx.elicit() confirmation for system bus call_method
and all set_property calls, graceful degradation when client lacks
elicitation support, MCDBUS_REQUIRE_ELICITATION for hard-fail mode.
Permission docs — four-layer guide (systemd sandboxing, dbus-broker
policy, polkit rules, xdg-dbus-proxy) with ready-to-deploy example
configs validated against xmllint, bash -n, and systemd-analyze.
