machined: actually open up methods to unprivileged clients on dbus1

author Lennart Poettering <lennart@poettering.net>

Tue, 24 Feb 2015 16:26:40 +0000 (17:26 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 24 Feb 2015 16:27:53 +0000 (17:27 +0100)
author Lennart Poettering <lennart@poettering.net>
Tue, 24 Feb 2015 16:26:40 +0000 (17:26 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 24 Feb 2015 16:27:53 +0000 (17:27 +0100)
diff --git a/src/machine/org.freedesktop.machine1.conf b/src/machine/org.freedesktop.machine1.conf

index 37f84bd6f37febff2b0318028faf86c02cf9a3f3..0e9993348833b0e8efd0176fd4ae714313294852 100644 (file)
--- a/src/machine/org.freedesktop.machine1.conf
+++ b/src/machine/org.freedesktop.machine1.conf
@@ -68,6 +68,42 @@
                         send_interface="org.freedesktop.machine1.Manager"
                         send_member="OpenMachineLogin"/>
  
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="TerminateMachine"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="KillMachine"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="BindMountMachine"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="CopyFromMachine"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="CopyToMachine"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="RemoveImage"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="RenameImage"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="CloneImage"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Manager"
+                       send_member="MarkImageReadOnly"/>
+
                  <allow send_destination="org.freedesktop.machine1"
                         send_interface="org.freedesktop.machine1.Machine"
                         send_member="GetAddresses"/>
@@ -80,6 +116,42 @@
                         send_interface="org.freedesktop.machine1.Machine"
                         send_member="OpenLogin"/>
  
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Machine"
+                       send_member="Terminate"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Machine"
+                       send_member="Kill"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Machine"
+                       send_member="BindMount"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Machine"
+                       send_member="CopyFrom"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Machine"
+                       send_member="CopyTo"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Image"
+                       send_member="Remove"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Image"
+                       send_member="Rename"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Image"
+                       send_member="Clone"/>
+
+                <allow send_destination="org.freedesktop.machine1"
+                       send_interface="org.freedesktop.machine1.Image"
+                       send_member="MarkReadOnly"/>
+
                  <allow receive_sender="org.freedesktop.machine1"/>
          </policy>
author	Lennart Poettering <lennart@poettering.net>
	Tue, 24 Feb 2015 16:26:40 +0000 (17:26 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 24 Feb 2015 16:27:53 +0000 (17:27 +0100)