fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-08 17:40:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/org.freedesktop.NetworkManager.conf
Lubomir Rintel 604711488d libnm: avoid loosing signals 
D-Bus has an upper limit on number of Match rules and it's rather easy
to hit as the proxy likes to add one for each object. Let's remove the Match
rule the proxy added and ensure a less granular rule is present instead.

Ideally, we should be able to tell glib not to hook its rules.
Related: https://bugzilla.gnome.org/show_bug.cgi?id=758749

https://bugzilla.gnome.org/show_bug.cgi?id=758751
2015-12-01 14:51:13 +01:00

128 lines
8.1 KiB
Text
Raw Blame History

<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.PPP"/>
<allow send_interface="org.freedesktop.NetworkManager.SecretAgent"/>
<!-- These are there because some broken policies do
<allow send_interface="..." /> (see dbus-daemon(8) for details).
This seems to override that for the known VPN plugins.
-->
<allow send_destination="org.freedesktop.NetworkManager.openconnect"/>
<allow send_destination="org.freedesktop.NetworkManager.openswan"/>
<allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
<allow send_destination="org.freedesktop.NetworkManager.pptp"/>
<allow send_destination="org.freedesktop.NetworkManager.vpnc"/>
<allow send_destination="org.freedesktop.NetworkManager.ssh"/>
<allow send_destination="org.freedesktop.NetworkManager.iodine"/>
<allow send_destination="org.freedesktop.NetworkManager.l2tp"/>
<allow send_destination="org.freedesktop.NetworkManager.libreswan"/>
<allow send_destination="org.freedesktop.NetworkManager.fortisslvpn"/>
<allow send_destination="org.freedesktop.NetworkManager.strongswan"/>
<allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>
</policy>
<policy context="default">
<deny own="org.freedesktop.NetworkManager"/>
<deny send_destination="org.freedesktop.NetworkManager"/>
<!-- Basic D-Bus API stuff -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Introspectable"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Properties"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.ObjectManager"/>
<!-- Devices (read-only properties, no methods) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Adsl"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Bond"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Bridge"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Bluetooth"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Generic"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Gre"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Infiniband"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Macvlan"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Modem"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.OlpcMesh"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Team"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Tun"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Veth"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Vlan"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.WiMax.Nsp"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
<!-- Devices (read-only, no security required) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.WiMax"/>
<!-- Devices (read/write, secured with PolicyKit) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device"/>
<!-- Core stuff (read-only properties, no methods) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP6Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP6Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
<!-- Core stuff (read/write, secured with PolicyKit) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Settings"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Settings.Connection"/>
<!-- Agents; secured with PolicyKit. Any process can talk to
the AgentManager API, but only NetworkManager can talk
to the agents themselves. -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AgentManager"/>
<deny send_interface="org.freedesktop.NetworkManager.SecretAgent"/>
<!-- Root-only functions -->
<deny send_interface="org.freedesktop.NetworkManager" send_member="SetLogging"/>
<deny send_interface="org.freedesktop.NetworkManager" send_member="Sleep"/>
<deny send_interface="org.freedesktop.NetworkManager.Settings" send_member="LoadConnections"/>
<deny send_interface="org.freedesktop.NetworkManager.Settings" send_member="ReloadConnections"/>
</policy>
<limit name="max_replies_per_connection">1024</limit>
<limit name="max_match_rules_per_connection">2048</limit>
</busconfig>
Reference in a new issue View git blame Copy permalink