mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2026-01-11 21:30:20 +01:00
8310593ce4
Everyone uses pm-utils still for sleep/wake support, and that's traditionally how NM was put to sleep and woken up. But pm-utils uses dbus-send without --print-reply so dbus-send quits immediately after sending the message. That doesn't give NM enough time to get the senders UID and thus validate the request, so the request gets denied, and sometimes NM stays asleep after the machine is woken up. Instead, don't get the sender's UID and try to authorize it, but just let the request go through. Rely on D-Bus permissions to make sure that only root can call sleep/wake methods.
106 lines
5 KiB
Text
106 lines
5 KiB
Text
<!DOCTYPE busconfig PUBLIC
|
|
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
|
|
<busconfig>
|
|
<policy user="root">
|
|
<allow own="org.freedesktop.NetworkManager"/>
|
|
<allow own="org.freedesktop.NetworkManagerSystemSettings"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"/>
|
|
<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.PPP"/>
|
|
</policy>
|
|
<policy at_console="true">
|
|
<allow send_destination="org.freedesktop.NetworkManager"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.DBus.Introspectable"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.DBus.Properties"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device.Serial"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.Device"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
|
|
|
|
<allow send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="SetLogging"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="Sleep"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="sleep"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="wake"/>
|
|
</policy>
|
|
<policy context="default">
|
|
<deny own="org.freedesktop.NetworkManager"/>
|
|
<deny own="org.freedesktop.NetworkManagerSystemSettings"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"/>
|
|
<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="SetLogging"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="Sleep"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="sleep"/>
|
|
|
|
<deny send_destination="org.freedesktop.NetworkManager"
|
|
send_interface="org.freedesktop.NetworkManager"
|
|
send_member="wake"/>
|
|
|
|
<!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
|
|
interface is secured via PolicyKit.
|
|
-->
|
|
</policy>
|
|
|
|
<limit name="max_replies_per_connection">512</limit>
|
|
</busconfig>
|
|
|