118c2aff7Sartem<!DOCTYPE busconfig PUBLIC 218c2aff7Sartem "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" 318c2aff7Sartem "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> 418c2aff7Sartem<busconfig> 518c2aff7Sartem 618c2aff7Sartem <!-- This configuration file specifies the required security policies 718c2aff7Sartem for the HAL to work. --> 818c2aff7Sartem 918c2aff7Sartem <!-- Only root or user @HAL_USER@ can own the HAL service --> 1018c2aff7Sartem <policy user="@HAL_USER@"> 1118c2aff7Sartem <allow own="org.freedesktop.Hal"/> 1218c2aff7Sartem </policy> 1318c2aff7Sartem <policy user="root"> 1418c2aff7Sartem <allow own="org.freedesktop.Hal"/> 1518c2aff7Sartem </policy> 1618c2aff7Sartem 1718c2aff7Sartem <policy context="default"> 1832207438SArtem Kachitchkine <!-- Allow anyone to invoke methods on the Manager and Device interfaces --> 1932207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Manager" 2032207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 2132207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device" 2232207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 2332207438SArtem Kachitchkine <allow send_interface="org.freedesktop.DBus.Introspectable" 2432207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 2518c2aff7Sartem 2632207438SArtem Kachitchkine <!-- These interfaces use RBAC, should not block access at DBus level --> 2732207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement" 2832207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 2932207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.VideoAdapterPM" 3032207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 3132207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel" 3232207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 3332207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.CPUFreq" 3432207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 35*18c4e255SLin Guo - Sun Microsystems <allow send_interface="org.freedesktop.Hal.Device.NetworkDiscovery" 36*18c4e255SLin Guo - Sun Microsystems send_destination="org.freedesktop.Hal"/> 3718c2aff7Sartem </policy> 3818c2aff7Sartem 3918c2aff7Sartem <!-- Default policy for the exported interfaces --> 4018c2aff7Sartem <policy context="default"> 4132207438SArtem Kachitchkine <deny send_interface="org.freedesktop.Hal.Device.Volume" 4232207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 4332207438SArtem Kachitchkine <deny send_interface="org.freedesktop.Hal.Device.Storage" 4432207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 4518c2aff7Sartem </policy> 4618c2aff7Sartem 4732207438SArtem Kachitchkine <!-- This will not work if logindevperm is not enabled --> 4818c2aff7Sartem <policy at_console="true"> 4932207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.Volume" 5032207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 5132207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.Storage" 5232207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 5318c2aff7Sartem </policy> 5418c2aff7Sartem 5518c2aff7Sartem <!-- You can change this to a more suitable user, or make per-group --> 5618c2aff7Sartem <policy user="0"> 5732207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.Volume" 5832207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 5932207438SArtem Kachitchkine <allow send_interface="org.freedesktop.Hal.Device.Storage" 6032207438SArtem Kachitchkine send_destination="org.freedesktop.Hal"/> 6118c2aff7Sartem </policy> 6218c2aff7Sartem 6318c2aff7Sartem</busconfig> 64