diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 05:31:45 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 05:31:45 +0000 |
| commit | 74aa0bc6779af38018a03fd2cf4419fe85917904 (patch) | |
| tree | 9cb0681aac9a94a49c153d5823e7a55d1513d91f /src/responder/ifp/org.freedesktop.sssd.infopipe.conf | |
| parent | Initial commit. (diff) | |
| download | sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.tar.xz sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.zip | |
Adding upstream version 2.9.4.upstream/2.9.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/responder/ifp/org.freedesktop.sssd.infopipe.conf')
| -rw-r--r-- | src/responder/ifp/org.freedesktop.sssd.infopipe.conf | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/src/responder/ifp/org.freedesktop.sssd.infopipe.conf b/src/responder/ifp/org.freedesktop.sssd.infopipe.conf new file mode 100644 index 0000000..4437fb3 --- /dev/null +++ b/src/responder/ifp/org.freedesktop.sssd.infopipe.conf @@ -0,0 +1,47 @@ +<?xml version="1.0"?> <!--*-nxml-*--> +<!DOCTYPE busconfig PUBLIC + "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + + <!-- This configuration file specifies the required security policies + for the SSSD InfoPipe to work. --> + + <!-- Only root can own (provide) the SSSD service --> + <policy user="root"> + <allow own="org.freedesktop.sssd.infopipe"/> + </policy> + + <!-- Allow all methods on the interface --> + <!-- Right now, this will be handled by a limited ACL + within the InfoPipe Daemon. --> + <policy context="default"> + <allow send_destination="org.freedesktop.sssd.infopipe" + send_interface="org.freedesktop.DBus.Introspectable"/> + + <allow send_destination="org.freedesktop.sssd.infopipe" + send_interface="org.freedesktop.DBus.Properties" + send_member="GetAll"/> + <allow send_destination="org.freedesktop.sssd.infopipe" + send_interface="org.freedesktop.DBus.Properties" + send_member="Get"/> + <allow send_destination="org.freedesktop.sssd.infopipe" + send_interface="org.freedesktop.DBus.Properties" + send_member="Set"/> + + <allow send_interface="org.freedesktop.sssd.infopipe"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Domains"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Domains.Domain"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Users"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Users.User"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Groups"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Groups.Group"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Cache"/> + <allow send_interface="org.freedesktop.sssd.infopipe.Cache.Object"/> + </policy> + + <policy user="root"> + <allow send_interface="org.freedesktop.sssd.infopipe.Components"/> + </policy> + +</busconfig> |