dbus: install D-Bus policy file by default

diff --git a/Makefile.am b/Makefile.am
index ec90ebad56fec2c97cdb4aaf8eab027f8413b431..dca7bc946c30eee846ff45154cf0f01a85dde836 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -18,6 +18,7 @@
 ACLOCAL_AMFLAGS = -I m4
 
 pkgsysconfdir=$(sysconfdir)/systemd
+dbuspolicydir=$(sysconfdir)/dbus-1/system.d
 
 AM_CPPFLAGS = \
         -include $(top_builddir)/config.h \
@@ -45,6 +46,12 @@ noinst_PROGRAMS = \
        test-engine \
        test-job-type
 
+dbuspolicy_DATA = \
+       org.freedesktop.systemd1.conf
+
+EXTRA_DIST = \
+       org.freedesktop.systemd1.conf
+
 BASIC_SOURCES= \
         util.c \
         util.h \

diff --git a/org.freedesktop.systemd1.conf b/org.freedesktop.systemd1.conf
new file mode 100644 (file)
index 0000000..4ebc8ab
--- /dev/null
+++ b/org.freedesktop.systemd1.conf
@@ -0,0 +1,78 @@
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+        "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+  This file is part of systemd.
+
+  Copyright 2010 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<busconfig>
+
+        <policy user="root">
+                <allow own="org.freedesktop.systemd1"/>
+
+                <allow send_destination="org.freedesktop.systemd1"/>
+                <allow receive_sender="org.freedesktop.systemd1"/>
+        </policy>
+
+        <policy context="default">
+                <deny send_destination="org.freedesktop.systemd1"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.DBus.Introspectable"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.DBus.Properties"
+                       send_member="Get"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.DBus.Properties"
+                       send_member="GetAll"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="GetUnit"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="GetJob"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="ListUnits"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="ListJobs"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="Subscribe"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="Unsubscribe"/>
+
+                <allow send_destination="org.freedesktop.systemd1"
+                       send_interface="org.freedesktop.systemd1"
+                       send_member="Dump"/>
+
+                <allow receive_sender="org.freedesktop.systemd1"/>
+        </policy>
+
+</busconfig>