]>
Commit | Line | Data |
---|---|---|
e24067c3 LP |
1 | <?xml version="1.0"?> <!--*-nxml-*--> |
2 | <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" | |
3 | "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> | |
4 | ||
5 | <!-- | |
d9215cd8 ZJS |
6 | SPDX-License-Identifier: LGPL-2.1+ |
7 | ||
e24067c3 LP |
8 | This file is part of systemd. |
9 | ||
e24067c3 | 10 | systemd is free software; you can redistribute it and/or modify it |
5430f7f2 LP |
11 | under the terms of the GNU Lesser General Public License as published by |
12 | the Free Software Foundation; either version 2.1 of the License, or | |
e24067c3 | 13 | (at your option) any later version. |
e24067c3 LP |
14 | --> |
15 | ||
16 | <busconfig> | |
17 | ||
18 | <policy user="root"> | |
19 | <allow own="org.freedesktop.systemd1"/> | |
20 | ||
af25ec12 | 21 | <!-- Root clients can do everything --> |
e24067c3 LP |
22 | <allow send_destination="org.freedesktop.systemd1"/> |
23 | <allow receive_sender="org.freedesktop.systemd1"/> | |
af25ec12 LP |
24 | |
25 | <!-- systemd may receive activator requests --> | |
26 | <allow receive_interface="org.freedesktop.systemd1.Activator" | |
27 | receive_member="ActivationRequest"/> | |
e24067c3 LP |
28 | </policy> |
29 | ||
30 | <policy context="default"> | |
31 | <deny send_destination="org.freedesktop.systemd1"/> | |
32 | ||
a6011d18 | 33 | <!-- Completely open to anyone: org.freedesktop.DBus.* interfaces --> |
283868e1 | 34 | |
e24067c3 LP |
35 | <allow send_destination="org.freedesktop.systemd1" |
36 | send_interface="org.freedesktop.DBus.Introspectable"/> | |
37 | ||
abc00c62 LP |
38 | <allow send_destination="org.freedesktop.systemd1" |
39 | send_interface="org.freedesktop.DBus.Peer"/> | |
40 | ||
e24067c3 LP |
41 | <allow send_destination="org.freedesktop.systemd1" |
42 | send_interface="org.freedesktop.DBus.Properties" | |
43 | send_member="Get"/> | |
44 | ||
45 | <allow send_destination="org.freedesktop.systemd1" | |
46 | send_interface="org.freedesktop.DBus.Properties" | |
47 | send_member="GetAll"/> | |
48 | ||
a6011d18 LP |
49 | <!-- Completely open to anyone: org.freedesktop.systemd1.Manager interface --> |
50 | ||
e24067c3 | 51 | <allow send_destination="org.freedesktop.systemd1" |
701cc384 | 52 | send_interface="org.freedesktop.systemd1.Manager" |
e24067c3 LP |
53 | send_member="GetUnit"/> |
54 | ||
598b557b LP |
55 | <allow send_destination="org.freedesktop.systemd1" |
56 | send_interface="org.freedesktop.systemd1.Manager" | |
57 | send_member="GetUnitByPID"/> | |
58 | ||
e677657e LP |
59 | <allow send_destination="org.freedesktop.systemd1" |
60 | send_interface="org.freedesktop.systemd1.Manager" | |
4b58153d LP |
61 | send_member="GetUnitByInvocationID"/> |
62 | ||
267dd427 LP |
63 | <allow send_destination="org.freedesktop.systemd1" |
64 | send_interface="org.freedesktop.systemd1.Manager" | |
65 | send_member="GetUnitByControlGroup"/> | |
66 | ||
4b58153d LP |
67 | <allow send_destination="org.freedesktop.systemd1" |
68 | send_interface="org.freedesktop.systemd1.Manager" | |
e677657e LP |
69 | send_member="LoadUnit"/> |
70 | ||
a6011d18 LP |
71 | <allow send_destination="org.freedesktop.systemd1" |
72 | send_interface="org.freedesktop.systemd1.Manager" | |
73 | send_member="GetUnitProcesses"/> | |
74 | ||
e24067c3 | 75 | <allow send_destination="org.freedesktop.systemd1" |
701cc384 | 76 | send_interface="org.freedesktop.systemd1.Manager" |
e24067c3 LP |
77 | send_member="GetJob"/> |
78 | ||
15ea79f8 LP |
79 | <allow send_destination="org.freedesktop.systemd1" |
80 | send_interface="org.freedesktop.systemd1.Manager" | |
81 | send_member="GetJobAfter"/> | |
82 | ||
83 | <allow send_destination="org.freedesktop.systemd1" | |
84 | send_interface="org.freedesktop.systemd1.Manager" | |
85 | send_member="GetJobBefore"/> | |
86 | ||
e24067c3 | 87 | <allow send_destination="org.freedesktop.systemd1" |
701cc384 | 88 | send_interface="org.freedesktop.systemd1.Manager" |
e24067c3 LP |
89 | send_member="ListUnits"/> |
90 | ||
cdc06ed7 DS |
91 | <allow send_destination="org.freedesktop.systemd1" |
92 | send_interface="org.freedesktop.systemd1.Manager" | |
93 | send_member="ListUnitsFiltered"/> | |
94 | ||
313fe66f | 95 | <allow send_destination="org.freedesktop.systemd1" |
96 | send_interface="org.freedesktop.systemd1.Manager" | |
97 | send_member="ListUnitsByPatterns"/> | |
98 | ||
729e3769 LP |
99 | <allow send_destination="org.freedesktop.systemd1" |
100 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 101 | send_member="ListUnitsByNames"/> |
729e3769 | 102 | |
313fe66f | 103 | <allow send_destination="org.freedesktop.systemd1" |
104 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 105 | send_member="ListJobs"/> |
313fe66f | 106 | |
729e3769 LP |
107 | <allow send_destination="org.freedesktop.systemd1" |
108 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 109 | send_member="Subscribe"/> |
729e3769 | 110 | |
291d565a LP |
111 | <allow send_destination="org.freedesktop.systemd1" |
112 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 113 | send_member="Unsubscribe"/> |
291d565a | 114 | |
3b3557c4 JS |
115 | <allow send_destination="org.freedesktop.systemd1" |
116 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 117 | send_member="Dump"/> |
3b3557c4 | 118 | |
e24067c3 | 119 | <allow send_destination="org.freedesktop.systemd1" |
c0a1bfac DT |
120 | send_interface="org.freedesktop.systemd1.Manager" |
121 | send_member="DumpByFileDescriptor"/> | |
122 | ||
123 | <allow send_destination="org.freedesktop.systemd1" | |
701cc384 | 124 | send_interface="org.freedesktop.systemd1.Manager" |
a6011d18 | 125 | send_member="ListUnitFiles"/> |
e24067c3 LP |
126 | |
127 | <allow send_destination="org.freedesktop.systemd1" | |
701cc384 | 128 | send_interface="org.freedesktop.systemd1.Manager" |
a6011d18 | 129 | send_member="ListUnitFilesByPatterns"/> |
e24067c3 LP |
130 | |
131 | <allow send_destination="org.freedesktop.systemd1" | |
701cc384 | 132 | send_interface="org.freedesktop.systemd1.Manager" |
a6011d18 | 133 | send_member="GetUnitFileState"/> |
e24067c3 LP |
134 | |
135 | <allow send_destination="org.freedesktop.systemd1" | |
701cc384 | 136 | send_interface="org.freedesktop.systemd1.Manager" |
a6011d18 | 137 | send_member="GetDefaultTarget"/> |
e24067c3 | 138 | |
99504dd4 VP |
139 | <allow send_destination="org.freedesktop.systemd1" |
140 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 141 | send_member="GetUnitFileLinks"/> |
99504dd4 | 142 | |
87da8a86 ZJS |
143 | <allow send_destination="org.freedesktop.systemd1" |
144 | send_interface="org.freedesktop.systemd1.Manager" | |
145 | send_member="LookupDynamicUserByName"/> | |
146 | ||
147 | <allow send_destination="org.freedesktop.systemd1" | |
148 | send_interface="org.freedesktop.systemd1.Manager" | |
149 | send_member="LookupDynamicUserByUID"/> | |
150 | ||
f9bfa696 YW |
151 | <allow send_destination="org.freedesktop.systemd1" |
152 | send_interface="org.freedesktop.systemd1.Manager" | |
153 | send_member="GetDynamicUsers"/> | |
154 | ||
a6011d18 LP |
155 | <!-- Completely open to anyone: org.freedesktop.systemd1.Unit interface --> |
156 | ||
157 | <allow send_destination="org.freedesktop.systemd1" | |
158 | send_interface="org.freedesktop.systemd1.Service" | |
159 | send_member="GetProcesses"/> | |
160 | ||
161 | <!-- Completely open to anyone: org.freedesktop.systemd1.Slice interface --> | |
162 | ||
163 | <allow send_destination="org.freedesktop.systemd1" | |
164 | send_interface="org.freedesktop.systemd1.Slice" | |
165 | send_member="GetProcesses"/> | |
166 | ||
167 | <!-- Completely open to anyone: org.freedesktop.systemd1.Scope interface --> | |
168 | ||
169 | <allow send_destination="org.freedesktop.systemd1" | |
170 | send_interface="org.freedesktop.systemd1.Scope" | |
171 | send_member="GetProcesses"/> | |
172 | ||
173 | <!-- Completely open to anyone: org.freedesktop.systemd1.Socket interface --> | |
174 | ||
175 | <allow send_destination="org.freedesktop.systemd1" | |
176 | send_interface="org.freedesktop.systemd1.Socket" | |
177 | send_member="GetProcesses"/> | |
178 | ||
179 | <!-- Completely open to anyone: org.freedesktop.systemd1.Mount interface --> | |
180 | ||
181 | <allow send_destination="org.freedesktop.systemd1" | |
182 | send_interface="org.freedesktop.systemd1.Mount" | |
183 | send_member="GetProcesses"/> | |
184 | ||
185 | <!-- Completely open to anyone: org.freedesktop.systemd1.Swap interface --> | |
186 | ||
187 | <allow send_destination="org.freedesktop.systemd1" | |
188 | send_interface="org.freedesktop.systemd1.Swap" | |
189 | send_member="GetProcesses"/> | |
190 | ||
191 | <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Manager interface --> | |
283868e1 SW |
192 | |
193 | <allow send_destination="org.freedesktop.systemd1" | |
194 | send_interface="org.freedesktop.systemd1.Manager" | |
195 | send_member="StartUnit"/> | |
196 | ||
197 | <allow send_destination="org.freedesktop.systemd1" | |
198 | send_interface="org.freedesktop.systemd1.Manager" | |
199 | send_member="StartUnitReplace"/> | |
200 | ||
201 | <allow send_destination="org.freedesktop.systemd1" | |
202 | send_interface="org.freedesktop.systemd1.Manager" | |
203 | send_member="StopUnit"/> | |
204 | ||
205 | <allow send_destination="org.freedesktop.systemd1" | |
206 | send_interface="org.freedesktop.systemd1.Manager" | |
207 | send_member="ReloadUnit"/> | |
208 | ||
209 | <allow send_destination="org.freedesktop.systemd1" | |
210 | send_interface="org.freedesktop.systemd1.Manager" | |
211 | send_member="RestartUnit"/> | |
212 | ||
213 | <allow send_destination="org.freedesktop.systemd1" | |
214 | send_interface="org.freedesktop.systemd1.Manager" | |
215 | send_member="TryRestartUnit"/> | |
216 | ||
217 | <allow send_destination="org.freedesktop.systemd1" | |
218 | send_interface="org.freedesktop.systemd1.Manager" | |
219 | send_member="ReloadOrRestartUnit"/> | |
220 | ||
221 | <allow send_destination="org.freedesktop.systemd1" | |
222 | send_interface="org.freedesktop.systemd1.Manager" | |
223 | send_member="ReloadOrTryRestartUnit"/> | |
224 | ||
225 | <allow send_destination="org.freedesktop.systemd1" | |
226 | send_interface="org.freedesktop.systemd1.Manager" | |
227 | send_member="KillUnit"/> | |
228 | ||
229 | <allow send_destination="org.freedesktop.systemd1" | |
230 | send_interface="org.freedesktop.systemd1.Manager" | |
231 | send_member="ResetFailedUnit"/> | |
232 | ||
233 | <allow send_destination="org.freedesktop.systemd1" | |
234 | send_interface="org.freedesktop.systemd1.Manager" | |
235 | send_member="SetUnitProperties"/> | |
236 | ||
6900c740 | 237 | <allow send_destination="org.freedesktop.systemd1" |
238 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 LP |
239 | send_member="RefUnit"/> |
240 | ||
241 | <allow send_destination="org.freedesktop.systemd1" | |
242 | send_interface="org.freedesktop.systemd1.Manager" | |
243 | send_member="UnrefUnit"/> | |
6900c740 | 244 | |
283868e1 SW |
245 | <allow send_destination="org.freedesktop.systemd1" |
246 | send_interface="org.freedesktop.systemd1.Manager" | |
247 | send_member="StartTransientUnit"/> | |
248 | ||
6592b975 LP |
249 | <allow send_destination="org.freedesktop.systemd1" |
250 | send_interface="org.freedesktop.systemd1.Manager" | |
251 | send_member="AttachProcessesToUnit"/> | |
252 | ||
283868e1 SW |
253 | <allow send_destination="org.freedesktop.systemd1" |
254 | send_interface="org.freedesktop.systemd1.Manager" | |
255 | send_member="CancelJob"/> | |
256 | ||
257 | <allow send_destination="org.freedesktop.systemd1" | |
258 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 259 | send_member="ClearJobs"/> |
283868e1 SW |
260 | |
261 | <allow send_destination="org.freedesktop.systemd1" | |
262 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 263 | send_member="ResetFailed"/> |
283868e1 | 264 | |
05a98afd LP |
265 | <allow send_destination="org.freedesktop.systemd1" |
266 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 267 | send_member="Reload"/> |
05a98afd LP |
268 | |
269 | <allow send_destination="org.freedesktop.systemd1" | |
270 | send_interface="org.freedesktop.systemd1.Manager" | |
a6011d18 | 271 | send_member="Reexecute"/> |
05a98afd | 272 | |
283868e1 SW |
273 | <allow send_destination="org.freedesktop.systemd1" |
274 | send_interface="org.freedesktop.systemd1.Manager" | |
275 | send_member="EnableUnitFiles"/> | |
276 | ||
277 | <allow send_destination="org.freedesktop.systemd1" | |
278 | send_interface="org.freedesktop.systemd1.Manager" | |
279 | send_member="DisableUnitFiles"/> | |
280 | ||
281 | <allow send_destination="org.freedesktop.systemd1" | |
282 | send_interface="org.freedesktop.systemd1.Manager" | |
283 | send_member="ReenableUnitFiles"/> | |
284 | ||
285 | <allow send_destination="org.freedesktop.systemd1" | |
286 | send_interface="org.freedesktop.systemd1.Manager" | |
287 | send_member="LinkUnitFiles"/> | |
288 | ||
289 | <allow send_destination="org.freedesktop.systemd1" | |
290 | send_interface="org.freedesktop.systemd1.Manager" | |
291 | send_member="PresetUnitFiles"/> | |
292 | ||
293 | <allow send_destination="org.freedesktop.systemd1" | |
294 | send_interface="org.freedesktop.systemd1.Manager" | |
295 | send_member="PresetUnitFilesWithMode"/> | |
296 | ||
297 | <allow send_destination="org.freedesktop.systemd1" | |
298 | send_interface="org.freedesktop.systemd1.Manager" | |
299 | send_member="MaskUnitFiles"/> | |
300 | ||
301 | <allow send_destination="org.freedesktop.systemd1" | |
302 | send_interface="org.freedesktop.systemd1.Manager" | |
303 | send_member="UnmaskUnitFiles"/> | |
304 | ||
a6011d18 LP |
305 | <allow send_destination="org.freedesktop.systemd1" |
306 | send_interface="org.freedesktop.systemd1.Manager" | |
307 | send_member="RevertUnitFiles"/> | |
308 | ||
283868e1 SW |
309 | <allow send_destination="org.freedesktop.systemd1" |
310 | send_interface="org.freedesktop.systemd1.Manager" | |
311 | send_member="SetDefaultTarget"/> | |
312 | ||
313 | <allow send_destination="org.freedesktop.systemd1" | |
314 | send_interface="org.freedesktop.systemd1.Manager" | |
315 | send_member="PresetAllUnitFiles"/> | |
316 | ||
e94937df LN |
317 | <allow send_destination="org.freedesktop.systemd1" |
318 | send_interface="org.freedesktop.systemd1.Manager" | |
319 | send_member="AddDependencyUnitFiles"/> | |
320 | ||
a6011d18 LP |
321 | <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Job interface --> |
322 | ||
283868e1 SW |
323 | <allow send_destination="org.freedesktop.systemd1" |
324 | send_interface="org.freedesktop.systemd1.Job" | |
325 | send_member="Cancel"/> | |
326 | ||
15ea79f8 LP |
327 | <allow send_destination="org.freedesktop.systemd1" |
328 | send_interface="org.freedesktop.systemd1.Job" | |
329 | send_member="GetAfter"/> | |
330 | ||
331 | <allow send_destination="org.freedesktop.systemd1" | |
332 | send_interface="org.freedesktop.systemd1.Job" | |
333 | send_member="GetBefore"/> | |
334 | ||
a6011d18 LP |
335 | <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Unit interface --> |
336 | ||
337 | <allow send_destination="org.freedesktop.systemd1" | |
338 | send_interface="org.freedesktop.systemd1.Unit" | |
339 | send_member="Start"/> | |
340 | ||
341 | <allow send_destination="org.freedesktop.systemd1" | |
342 | send_interface="org.freedesktop.systemd1.Unit" | |
343 | send_member="Stop"/> | |
344 | ||
345 | <allow send_destination="org.freedesktop.systemd1" | |
346 | send_interface="org.freedesktop.systemd1.Unit" | |
347 | send_member="Reload"/> | |
348 | ||
349 | <allow send_destination="org.freedesktop.systemd1" | |
350 | send_interface="org.freedesktop.systemd1.Unit" | |
351 | send_member="Restart"/> | |
352 | ||
353 | <allow send_destination="org.freedesktop.systemd1" | |
354 | send_interface="org.freedesktop.systemd1.Unit" | |
355 | send_member="TryRestart"/> | |
356 | ||
357 | <allow send_destination="org.freedesktop.systemd1" | |
358 | send_interface="org.freedesktop.systemd1.Unit" | |
359 | send_member="ReloadOrRestart"/> | |
360 | ||
361 | <allow send_destination="org.freedesktop.systemd1" | |
362 | send_interface="org.freedesktop.systemd1.Unit" | |
363 | send_member="ReloadOrTryRestart"/> | |
364 | ||
365 | <allow send_destination="org.freedesktop.systemd1" | |
366 | send_interface="org.freedesktop.systemd1.Unit" | |
367 | send_member="Kill"/> | |
368 | ||
369 | <allow send_destination="org.freedesktop.systemd1" | |
370 | send_interface="org.freedesktop.systemd1.Unit" | |
371 | send_member="ResetFailed"/> | |
372 | ||
373 | <allow send_destination="org.freedesktop.systemd1" | |
374 | send_interface="org.freedesktop.systemd1.Unit" | |
375 | send_member="SetProperties"/> | |
376 | ||
377 | <allow send_destination="org.freedesktop.systemd1" | |
378 | send_interface="org.freedesktop.systemd1.Unit" | |
379 | send_member="Ref"/> | |
380 | ||
381 | <allow send_destination="org.freedesktop.systemd1" | |
382 | send_interface="org.freedesktop.systemd1.Unit" | |
383 | send_member="Unref"/> | |
384 | ||
6592b975 LP |
385 | <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Service interface --> |
386 | ||
387 | <allow send_destination="org.freedesktop.systemd1" | |
388 | send_interface="org.freedesktop.systemd1.Service" | |
389 | send_member="AttachProcesses"/> | |
390 | ||
391 | <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Scope interface --> | |
392 | ||
393 | <allow send_destination="org.freedesktop.systemd1" | |
394 | send_interface="org.freedesktop.systemd1.Scope" | |
395 | send_member="AttachProcesses"/> | |
396 | ||
e24067c3 LP |
397 | <allow receive_sender="org.freedesktop.systemd1"/> |
398 | </policy> | |
399 | ||
400 | </busconfig> |