<?xml version="1.0"?> <!--*-nxml-*-->
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
        "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

<!--
  This file is part of systemd.

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.
-->

<busconfig>

        <policy user="root">
                <allow own="org.freedesktop.machine1"/>
                <allow send_destination="org.freedesktop.machine1"/>
                <allow receive_sender="org.freedesktop.machine1"/>
        </policy>

        <policy context="default">
                <deny send_destination="org.freedesktop.machine1"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Introspectable"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Peer"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Properties"
                       send_member="Get"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Properties"
                       send_member="GetAll"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="ListMachines"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="ListImages"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineByPID"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetImage"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineAddresses"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineOSRelease"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="OpenMachineLogin"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="OpenMachineShell"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="TerminateMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="KillMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="BindMountMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="CopyFromMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="CopyToMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="RemoveImage"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="RenameImage"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="CloneImage"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="MarkImageReadOnly"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="SetPoolLimit"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="SetImageLimit"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="CleanPool"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="MapFromMachineUser"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="MapToMachineUser"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="MapFromMachineGroup"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="MapToMachineGroup"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="GetAddresses"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="GetOSRelease"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="OpenLogin"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="OpenShell"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="Terminate"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="Kill"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="BindMount"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="CopyFrom"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="CopyTo"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Image"
                       send_member="Remove"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Image"
                       send_member="Rename"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Image"
                       send_member="Clone"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Image"
                       send_member="SetLimit"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Image"
                       send_member="MarkReadOnly"/>

                <allow receive_sender="org.freedesktop.machine1"/>
        </policy>

</busconfig>