fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-30 23:40:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/NetworkManager.conf
Dan Williams 770548ac04 dbus: ensure NM can talk to newly installed VPN plugins (fdo #39463) 
When new services are installed and the daemon reloads bus policy
(like when installing new VPN plugins with rpm or dpkg) it appears
the rules don't get loaded into NetworkManager's policy space.
Thus any D-Bus message NM sends to the newly installed VPN plugin
gets denied until a restart of NM or the machine.  Work around
this dbus bug by letting NM talk to all known VPN services in the
NM policy file which will always exist when NM is around.
2011-08-19 16:55:16 -05:00

121 lines
5.9 KiB
Text
Raw Blame History

<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.PPP"/>
<allow send_interface="org.freedesktop.NetworkManager.SecretAgent"/>
<!-- Allow NM to talk to known VPN plugins; due to a bug in
the D-Bus daemon, when a plugin is installed and the user
immediately tries to use it, the VPN plugin's rules aren't
always loaded into dbus-daemon. Those rules allow NM to
talk to the plugin. Oops. Work around that by explicitly
allowing NM to talk to VPN plugins here.
-->
<allow send_destination="org.freedesktop.NetworkManager.openconnect"/>
<allow send_destination="org.freedesktop.NetworkManager.openswan"/>
<allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
<allow send_destination="org.freedesktop.NetworkManager.pptp"/>
<allow send_destination="org.freedesktop.NetworkManager.vpnc"/>
</policy>
<policy at_console="true">
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Introspectable"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Properties"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Serial"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AgentManager"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="Sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="wake"/>
</policy>
<policy context="default">
<deny own="org.freedesktop.NetworkManager"/>
<deny send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Settings"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AgentManager"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="Sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="wake"/>
</policy>
<limit name="max_replies_per_connection">512</limit>
</busconfig>
Reference in a new issue View git blame Copy permalink