diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-02-24 17:26:40 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-02-24 17:27:53 +0100 |
commit | 72c3897f77a7352618ea76b880a6764f52d6327b (patch) | |
tree | a23a1849fb2e935c7d816c0dfd6d6e15ab5a2996 | |
parent | 113b3fc1a8061f4a24dd0db74e9a3cd0083b2251 (diff) |
machined: actually open up methods to unprivileged clients on dbus1
Many of machined's operations are now opened up to unprivileged clients
via PolicyKit. Open up the dbus policy so that we can actually make
these calls.
kdbus doesn't reuqire this, hence this wasn't noticed before.
-rw-r--r-- | src/machine/org.freedesktop.machine1.conf | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/src/machine/org.freedesktop.machine1.conf b/src/machine/org.freedesktop.machine1.conf index 37f84bd6f3..0e99933488 100644 --- a/src/machine/org.freedesktop.machine1.conf +++ b/src/machine/org.freedesktop.machine1.conf @@ -69,6 +69,42 @@ send_member="OpenMachineLogin"/> <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="TerminateMachine"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="KillMachine"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="BindMountMachine"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="CopyFromMachine"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="CopyToMachine"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="RemoveImage"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="RenameImage"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="CloneImage"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Manager" + send_member="MarkImageReadOnly"/> + + <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="GetAddresses"/> @@ -80,6 +116,42 @@ send_interface="org.freedesktop.machine1.Machine" send_member="OpenLogin"/> + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Machine" + send_member="Terminate"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Machine" + send_member="Kill"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Machine" + send_member="BindMount"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Machine" + send_member="CopyFrom"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Machine" + send_member="CopyTo"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Image" + send_member="Remove"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Image" + send_member="Rename"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Image" + send_member="Clone"/> + + <allow send_destination="org.freedesktop.machine1" + send_interface="org.freedesktop.machine1.Image" + send_member="MarkReadOnly"/> + <allow receive_sender="org.freedesktop.machine1"/> </policy> |