Página inicial Explorar Ajuda
Entrar
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
linux-devkit
/
sysroots
/
armv7ahf-neon-linux-gnueabi
/
usr
/
share
/
dbus-1
/
system.conf

system.conf 4.3 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 
  1. <!-- This configuration file controls the systemwide message bus.
    2. 

  2.      Add a system-local.conf and edit that rather than changing this 
    3. 

  3.      file directly. -->
    4. 

  4. 

  5. <!-- Note that there are any number of ways you can hose yourself
    6. 

  6.      security-wise by screwing up this file; in particular, you
    7. 

  7.      probably don't want to listen on any more addresses, add any more
    8. 

  8.      auth mechanisms, run as a different user, etc. -->
    9. 

  9. 

  10. <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
    11. 

  11.  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
    12. 

  12. <busconfig>
    13. 

  13. 

  14.   <!-- Our well-known bus type, do not change this -->
    15. 

  15.   <type>system</type>
    16. 

  16. 

  17.   <!-- Run as special user -->
    18. 

  18.   <user>messagebus</user>
    19. 

  19. 

  20.   <!-- Fork into daemon mode -->
    21. 

  21.   <fork/>
    22. 

  22. 

  23.   <!-- We use system service launching using a helper -->
    24. 

  24.   <standard_system_servicedirs/>
    25. 

  25. 

  26.   <!-- This is a setuid helper that is used to launch system services -->
    27. 

  27.   <servicehelper>/usr/libexec/dbus-daemon-launch-helper</servicehelper>
    28. 

  28. 

  29.   <!-- Write a pid file -->
    30. 

  30.   <pidfile>/var/run/messagebus.pid</pidfile>
    31. 

  31. 

  32.   <!-- Enable logging to syslog -->
    33. 

  33.   <syslog/>
    34. 

  34. 

  35.   <!-- Only allow socket-credentials-based authentication -->
    36. 

  36.   <auth>EXTERNAL</auth>
    37. 

  37. 

  38.   <!-- Only listen on a local socket. (abstract=/path/to/socket 
    39. 

  39.        means use abstract namespace, don't really create filesystem 
    40. 

  40.        file; only Linux supports this. Use path=/whatever on other 
    41. 

  41.        systems.) -->
    42. 

  42.   <listen>unix:path=/var/run/dbus/system_bus_socket</listen>
    43. 

  43. 

  44.   <policy context="default">
    45. 

  45.     <!-- All users can connect to system bus -->
    46. 

  46.     <allow user="*"/>
    47. 

  47. 

  48.     <!-- Holes must be punched in service configuration files for
    49. 

  49.          name ownership and sending method calls -->
    50. 

  50.     <deny own="*"/>
    51. 

  51.     <deny send_type="method_call"/>
    52. 

  52. 

  53.     <!-- Signals and reply messages (method returns, errors) are allowed
    54. 

  54.          by default -->
    55. 

  55.     <allow send_type="signal"/>
    56. 

  56.     <allow send_requested_reply="true" send_type="method_return"/>
    57. 

  57.     <allow send_requested_reply="true" send_type="error"/>
    58. 

  58. 

  59.     <!-- All messages may be received by default -->
    60. 

  60.     <allow receive_type="method_call"/>
    61. 

  61.     <allow receive_type="method_return"/>
    62. 

  62.     <allow receive_type="error"/>
    63. 

  63.     <allow receive_type="signal"/>
    64. 

  64. 

  65.     <!-- Allow anyone to talk to the message bus -->
    66. 

  66.     <allow send_destination="org.freedesktop.DBus"
    67. 

  67.            send_interface="org.freedesktop.DBus" />
    68. 

  68.     <allow send_destination="org.freedesktop.DBus"
    69. 

  69.            send_interface="org.freedesktop.DBus.Introspectable"/>
    70. 

  70.     <!-- But disallow some specific bus services -->
    71. 

  71.     <deny send_destination="org.freedesktop.DBus"
    72. 

  72.           send_interface="org.freedesktop.DBus"
    73. 

  73.           send_member="UpdateActivationEnvironment"/>
    74. 

  74.     <deny send_destination="org.freedesktop.DBus"
    75. 

  75.           send_interface="org.freedesktop.DBus.Debug.Stats"/>
    76. 

  76.     <deny send_destination="org.freedesktop.DBus"
    77. 

  77.           send_interface="org.freedesktop.systemd1.Activator"/>
    78. 

  78.   </policy>
    79. 

  79. 

  80.   <!-- Only systemd, which runs as root, may report activation failures. -->
    81. 

  81.   <policy user="root">
    82. 

  82.     <allow send_destination="org.freedesktop.DBus"
    83. 

  83.            send_interface="org.freedesktop.systemd1.Activator"/>
    84. 

  84.   </policy>
    85. 

  85. 

  86.   <!-- root may monitor the system bus. -->
    87. 

  87.   <policy user="root">
    88. 

  88.     <allow send_destination="org.freedesktop.DBus"
    89. 

  89.            send_interface="org.freedesktop.DBus.Monitoring"/>
    90. 

  90.   </policy>
    91. 

  91. 

  92.   <!-- If the Stats interface was enabled at compile-time, root may use it.
    93. 

  93.        Copy this into system.local.conf or system.d/*.conf if you want to
    94. 

  94.        enable other privileged users to view statistics and debug info -->
    95. 

  95.   <policy user="root">
    96. 

  96.     <allow send_destination="org.freedesktop.DBus"
    97. 

  97.            send_interface="org.freedesktop.DBus.Debug.Stats"/>
    98. 

  98.   </policy>
    99. 

  99. 

  100.   <!-- Include legacy configuration location -->
    101. 

  101.   <include ignore_missing="yes">/etc/dbus-1/system.conf</include>
    102. 

  102. 

  103.   <!-- Config files are placed here that among other things, punch 
    104. 

  104.        holes in the above policy for specific services. -->
    105. 

  105.   <includedir>system.d</includedir>
    106. 

  106. 

  107.   <includedir>/etc/dbus-1/system.d</includedir>
    108. 

  108. 

  109.   <!-- This is included last so local configuration can override what's 
    110. 

  110.        in this standard file -->
    111. 

  111.   <include ignore_missing="yes">/etc/dbus-1/system-local.conf</include>
    112. 

  112. 

  113.   <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
    114. 

  114. 

  115. </busconfig>
    116.