Adding debian version 256.4-1.debian/256.4-1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 23 insertions, 0 deletions

diff --git a/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf b/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf
new file mode 100644
index 0000000..10eea7b
--- /dev/null
+++ b/debian/extra/dbus-1/system.d/systemd-localed-read-only.conf
@@ -0,0 +1,23 @@
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+        "https://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+On Debian and derivatives keymap/locales/etc are not set via localed,
+but from legacy and incompatible components. But we still need to
+enable localed so that GNOME can query it. Ensure not even root can
+use it to modify the settings.
+-->
+
+<busconfig>
+        <policy user="root">
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetLocale"/>
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetVConsoleKeyboard"/>
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetX11Keyboard"/>
+        </policy>
+        <policy context="default">
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetLocale"/>
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetVConsoleKeyboard"/>
+                <deny send_destination="org.freedesktop.locale1" send_interface="org.freedesktop.locale1" send_member="SetX11Keyboard"/>
+        </policy>
+</busconfig>