<?xml version="1.0"?> <!--*-nxml-*--> <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> <!-- This file is part of systemd. systemd is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. --> <busconfig> <policy user="root"> <allow own="org.freedesktop.machine1"/> <allow send_destination="org.freedesktop.machine1"/> <allow receive_sender="org.freedesktop.machine1"/> </policy> <policy context="default"> <deny send_destination="org.freedesktop.machine1"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.DBus.Introspectable"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.DBus.Peer"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.DBus.Properties" send_member="Get"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.DBus.Properties" send_member="GetAll"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="ListMachines"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="ListImages"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="GetMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="GetMachineByPID"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="GetImage"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="GetMachineAddresses"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="GetMachineOSRelease"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="OpenMachineLogin"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="OpenMachineShell"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="TerminateMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="KillMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="BindMountMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="CopyFromMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="CopyToMachine"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="RemoveImage"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="RenameImage"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="CloneImage"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="MarkImageReadOnly"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="SetPoolLimit"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="SetImageLimit"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="CleanPool"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="MapFromMachineUser"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="MapToMachineUser"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="MapFromMachineGroup"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Manager" send_member="MapToMachineGroup"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="GetAddresses"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="GetOSRelease"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="OpenLogin"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="OpenShell"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="Terminate"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="Kill"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="BindMount"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="CopyFrom"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Machine" send_member="CopyTo"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Image" send_member="Remove"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Image" send_member="Rename"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Image" send_member="Clone"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Image" send_member="SetLimit"/> <allow send_destination="org.freedesktop.machine1" send_interface="org.freedesktop.machine1.Image" send_member="MarkReadOnly"/> <allow receive_sender="org.freedesktop.machine1"/> </policy> </busconfig>