summaryrefslogtreecommitdiffstats
path: root/etc/dbus-1
diff options
context:
space:
mode:
Diffstat (limited to 'etc/dbus-1')
-rw-r--r--etc/dbus-1/system.d/meson.build23
-rw-r--r--etc/dbus-1/system.d/org.nvmexpress.stac.in.conf37
-rw-r--r--etc/dbus-1/system.d/org.nvmexpress.staf.in.conf37
3 files changed, 97 insertions, 0 deletions
diff --git a/etc/dbus-1/system.d/meson.build b/etc/dbus-1/system.d/meson.build
new file mode 100644
index 0000000..b9bc858
--- /dev/null
+++ b/etc/dbus-1/system.d/meson.build
@@ -0,0 +1,23 @@
+# Copyright (c) 2021, Dell Inc. or its subsidiaries. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+# See the LICENSE file for details.
+#
+# This file is part of NVMe STorage Appliance Services (nvme-stas).
+#
+# Authors: Martin Belanger <Martin.Belanger@dell.com>
+#
+dbus_conf_dir = datadir / 'dbus-1' / 'system.d'
+
+configure_file(
+ input: 'org.nvmexpress.staf.in.conf',
+ output: 'org.nvmexpress.staf.conf',
+ configuration: conf,
+ install_dir: dbus_conf_dir,
+)
+
+configure_file(
+ input: 'org.nvmexpress.stac.in.conf',
+ output: 'org.nvmexpress.stac.conf',
+ configuration: conf,
+ install_dir: dbus_conf_dir,
+)
diff --git a/etc/dbus-1/system.d/org.nvmexpress.stac.in.conf b/etc/dbus-1/system.d/org.nvmexpress.stac.in.conf
new file mode 100644
index 0000000..56b4228
--- /dev/null
+++ b/etc/dbus-1/system.d/org.nvmexpress.stac.in.conf
@@ -0,0 +1,37 @@
+<!--
+ Copyright (c) 2021, Dell Inc. or its subsidiaries. All rights reserved.
+ SPDX-License-Identifier: Apache-2.0
+ See the LICENSE file for details.
+
+ This file is part of NVMe STorage Appliance Services (nvme-stas).
+
+ Authors: Martin Belanger <Martin.Belanger@dell.com>
+-->
+
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <!-- Only allow root to own the bus. -->
+ <policy user="root">
+ <allow own_prefix="@STACD_DBUS_NAME@"/>
+ </policy>
+
+ <!-- Allow anyone to invoke most methods on the bus, but deny setting properties. -->
+ <policy context="default">
+ <allow send_destination="@STACD_DBUS_NAME@"/>
+
+ <deny send_destination="@STACD_DBUS_NAME@"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Set"
+ send_type="method_call"/>
+ </policy>
+
+ <!-- Allow root to invoke everything on the bus. -->
+ <policy user="root">
+ <allow send_destination="@STACD_DBUS_NAME@"/>
+ </policy>
+
+</busconfig>
+
diff --git a/etc/dbus-1/system.d/org.nvmexpress.staf.in.conf b/etc/dbus-1/system.d/org.nvmexpress.staf.in.conf
new file mode 100644
index 0000000..a04877a
--- /dev/null
+++ b/etc/dbus-1/system.d/org.nvmexpress.staf.in.conf
@@ -0,0 +1,37 @@
+<!--
+ Copyright (c) 2021, Dell Inc. or its subsidiaries. All rights reserved.
+ SPDX-License-Identifier: Apache-2.0
+ See the LICENSE file for details.
+
+ This file is part of NVMe STorage Appliance Services (nvme-stas).
+
+ Authors: Martin Belanger <Martin.Belanger@dell.com>
+-->
+
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <!-- Only allow root to own the bus. -->
+ <policy user="root">
+ <allow own_prefix="@STAFD_DBUS_NAME@"/>
+ </policy>
+
+ <!-- Allow anyone to invoke most methods on the bus, but deny setting properties. -->
+ <policy context="default">
+ <allow send_destination="@STAFD_DBUS_NAME@"/>
+
+ <deny send_destination="@STAFD_DBUS_NAME@"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Set"
+ send_type="method_call"/>
+ </policy>
+
+ <!-- Allow root to invoke everything on the bus. -->
+ <policy user="root">
+ <allow send_destination="@STAFD_DBUS_NAME@"/>
+ </policy>
+
+</busconfig>
+