ef8ff92e8a
This is the opposite of RegisterMachine: machined knows that the machine is "gone", but doesn't do anything on its own. We already had TerminateMachine, but that would stop the unit, which isn't always wanted.
243 lines
11 KiB
XML
243 lines
11 KiB
XML
<?xml version="1.0"?> <!--*-nxml-*-->
|
|
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
|
|
|
|
<!--
|
|
This file is part of systemd.
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
(at your option) any later version.
|
|
-->
|
|
|
|
<busconfig>
|
|
|
|
<policy user="root">
|
|
<allow own="org.freedesktop.machine1"/>
|
|
<allow send_destination="org.freedesktop.machine1"/>
|
|
<allow receive_sender="org.freedesktop.machine1"/>
|
|
</policy>
|
|
|
|
<policy context="default">
|
|
<deny send_destination="org.freedesktop.machine1"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Introspectable"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Peer"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Properties"
|
|
send_member="Get"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Properties"
|
|
send_member="GetAll"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="ListMachines"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="ListImages"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineByPID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineAddresses"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineUIDShift"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="OpenMachineLogin"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="OpenMachineShell"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="UnregisterMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="TerminateMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="KillMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="BindMountMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CopyFromMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CopyToMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="RemoveImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="RenameImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CloneImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MarkImageReadOnly"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="SetPoolLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="SetImageLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageHostname"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageMachineID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageMachineInfo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CleanPool"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapFromMachineUser"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapToMachineUser"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapFromMachineGroup"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapToMachineGroup"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetAddresses"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetUIDShift"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="OpenLogin"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="OpenShell"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="Terminate"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="Kill"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="BindMount"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="CopyFrom"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="CopyTo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Remove"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Rename"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Clone"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="SetLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="MarkReadOnly"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetHostname"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetMachineID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetMachineInfo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetOSRelease"/>
|
|
|
|
<allow receive_sender="org.freedesktop.machine1"/>
|
|
</policy>
|
|
|
|
</busconfig>
|