search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge commit 'b1e7e97d3b60469b243b3b2e22c7d8cbd11c7c90'
[unleashed.git] / usr / src / cmd / hal / hal.conf.in
blobb5595a7f56fe3fd4e4ba2a3324b6ba7738cf8c26
1 <!DOCTYPE busconfig PUBLIC
2  "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
3  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
4 <busconfig>
5
6   <!-- This configuration file specifies the required security policies
7        for the HAL to work. -->
8
9   <!-- Only root or user @HAL_USER@ can own the HAL service -->
10   <policy user="@HAL_USER@">
11     <allow own="org.freedesktop.Hal"/>
12   </policy>
13   <policy user="root">
14     <allow own="org.freedesktop.Hal"/>
15   </policy>
16
17   <policy context="default">
18     <!-- Allow anyone to invoke methods on the Manager and Device interfaces -->
19     <allow send_interface="org.freedesktop.Hal.Manager"
20            send_destination="org.freedesktop.Hal"/>
21     <allow send_interface="org.freedesktop.Hal.Device"
22            send_destination="org.freedesktop.Hal"/>
23     <allow send_interface="org.freedesktop.DBus.Introspectable"
24            send_destination="org.freedesktop.Hal"/>
25
26     <!-- These interfaces use RBAC, should not block access at DBus level -->
27     <allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
28            send_destination="org.freedesktop.Hal"/>
29     <allow send_interface="org.freedesktop.Hal.Device.VideoAdapterPM"
30            send_destination="org.freedesktop.Hal"/>
31     <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"
32            send_destination="org.freedesktop.Hal"/>
33     <allow send_interface="org.freedesktop.Hal.Device.CPUFreq"
34            send_destination="org.freedesktop.Hal"/>
35     <allow send_interface="org.freedesktop.Hal.Device.NetworkDiscovery"
36            send_destination="org.freedesktop.Hal"/>
37   </policy>
38
39   <!-- Default policy for the exported interfaces -->
40   <policy context="default">
41     <deny send_interface="org.freedesktop.Hal.Device.Volume"
42           send_destination="org.freedesktop.Hal"/>
43     <deny send_interface="org.freedesktop.Hal.Device.Storage"
44           send_destination="org.freedesktop.Hal"/>
45   </policy>
46
47   <!-- This will not work if logindevperm is not enabled -->
48   <policy at_console="true">
49     <allow send_interface="org.freedesktop.Hal.Device.Volume"
50            send_destination="org.freedesktop.Hal"/>
51     <allow send_interface="org.freedesktop.Hal.Device.Storage"
52            send_destination="org.freedesktop.Hal"/>
53   </policy>
54
55   <!-- You can change this to a more suitable user, or make per-group -->
56   <policy user="0">
57     <allow send_interface="org.freedesktop.Hal.Device.Volume"
58            send_destination="org.freedesktop.Hal"/>
59     <allow send_interface="org.freedesktop.Hal.Device.Storage"
60            send_destination="org.freedesktop.Hal"/>
61   </policy>
62
63 </busconfig>
Unleashed OS