diff options
| author | Stef Walter <stef@thewalter.net> | 2014-08-06 11:45:36 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2014-08-18 18:08:28 +0200 |
| commit | 283868e1dcd8ea7475850d9c6e7d4722c473dd50 (patch) | |
| tree | 6334ed9b79e0c3c6242acfc050c00da4284ed7d1 /src/core/org.freedesktop.systemd1.policy.in.in | |
| parent | f38857914ab5c9cc55aac05795e1886963a5fd04 (diff) | |
core: Verify systemd1 DBus method callers via polkit
DBus methods that retrieve information can be called by anyone.
DBus methods that modify state of units are verified via polkit
action: org.freedesktop.systemd1.manage-units
DBus methods that modify state of unit files are verified via polkit
action: org.freedesktop.systemd1.manage-unit-files
DBus methods that reload the entire daemon state are verified via polkit
action: org.freedesktop.systemd1.reload-daemon
DBus methods that modify job state are callable from the clients
that started the job.
root (ie: CAP_SYS_ADMIN) can continue to perform all calls, property
access etc. There are several DBus methods that can only be
called by root.
Open up the dbus1 policy for the above methods.
(Heavily modified by Lennart, making use of the new
bus_verify_polkit_async() version that doesn't force us to always
pass the original callback around. Also, interactive auhentication must
be opt-in, not unconditional, hence I turned this off.)
Diffstat (limited to 'src/core/org.freedesktop.systemd1.policy.in.in')
| -rw-r--r-- | src/core/org.freedesktop.systemd1.policy.in.in | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/src/core/org.freedesktop.systemd1.policy.in.in b/src/core/org.freedesktop.systemd1.policy.in.in index 51bdafac45..387677d396 100644 --- a/src/core/org.freedesktop.systemd1.policy.in.in +++ b/src/core/org.freedesktop.systemd1.policy.in.in @@ -38,4 +38,34 @@ <annotate key="org.freedesktop.policykit.exec.path">@bindir@/systemd-stdio-bridge</annotate> </action> + <action id="org.freedesktop.systemd1.manage-units"> + <_description>Manage system services or units</_description> + <_message>Authentication is required to manage system services or units.</_message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.systemd1.manage-unit-files"> + <_description>Manage system service or unit files</_description> + <_message>Authentication is required to manage system service or unit files.</_message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.systemd1.reload-daemon"> + <_description>Reload the systemd state</_description> + <_message>Authentication is required to reload the systemd state.</_message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + </policyconfig> |