summaryrefslogtreecommitdiff
path: root/etc/dbus-1/system.d/udev_sysbus_policy.conf
diff options
context:
space:
mode:
Diffstat (limited to 'etc/dbus-1/system.d/udev_sysbus_policy.conf')
-rw-r--r--etc/dbus-1/system.d/udev_sysbus_policy.conf23
1 files changed, 23 insertions, 0 deletions
diff --git a/etc/dbus-1/system.d/udev_sysbus_policy.conf b/etc/dbus-1/system.d/udev_sysbus_policy.conf
new file mode 100644
index 0000000000..b2660e65cf
--- /dev/null
+++ b/etc/dbus-1/system.d/udev_sysbus_policy.conf
@@ -0,0 +1,23 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <!-- This configuration file specifies the required security policies
+ for udev to work. -->
+
+ <!-- Only root can own the udev service and only root can use the
+ org.kernel.udev.NodeMonitor interface to send signals -->
+ <policy user="root">
+ <allow own="org.kernel.udev"/>
+
+ <allow send_interface="org.kernel.udev.NodeMonitor"/>
+ </policy>
+
+ <!-- Allow anyone to listen to the org.kernel.udev.NodeMonitor interface
+ for messages send from the owner of the org.kernel.udev service -->
+ <policy context="default">
+ <allow receive_interface="org.kernel.udev.NodeMonitor"/>
+ </policy>
+</busconfig>
+