cf30a8c1ed
Let's rework the D-Bus APIs GetImageOSRelease() to use the new internal metadata API, to query what it needs to know. Augment it with GetImageHostname(), GetImageMachineID(), GetImageMachineInfo(), that expose the other new APIS.
239 lines
11 KiB
XML
239 lines
11 KiB
XML
<?xml version="1.0"?> <!--*-nxml-*-->
|
|
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
|
|
|
|
<!--
|
|
This file is part of systemd.
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
(at your option) any later version.
|
|
-->
|
|
|
|
<busconfig>
|
|
|
|
<policy user="root">
|
|
<allow own="org.freedesktop.machine1"/>
|
|
<allow send_destination="org.freedesktop.machine1"/>
|
|
<allow receive_sender="org.freedesktop.machine1"/>
|
|
</policy>
|
|
|
|
<policy context="default">
|
|
<deny send_destination="org.freedesktop.machine1"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Introspectable"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Peer"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Properties"
|
|
send_member="Get"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.DBus.Properties"
|
|
send_member="GetAll"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="ListMachines"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="ListImages"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineByPID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineAddresses"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetMachineUIDShift"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="OpenMachineLogin"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="OpenMachineShell"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="TerminateMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="KillMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="BindMountMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CopyFromMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CopyToMachine"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="RemoveImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="RenameImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CloneImage"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MarkImageReadOnly"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="SetPoolLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="SetImageLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageHostname"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageMachineID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageMachineInfo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="GetImageOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="CleanPool"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapFromMachineUser"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapToMachineUser"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapFromMachineGroup"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Manager"
|
|
send_member="MapToMachineGroup"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetAddresses"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetOSRelease"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="GetUIDShift"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="OpenLogin"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="OpenShell"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="Terminate"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="Kill"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="BindMount"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="CopyFrom"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Machine"
|
|
send_member="CopyTo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Remove"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Rename"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="Clone"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="SetLimit"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="MarkReadOnly"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetHostname"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetMachineID"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetMachineInfo"/>
|
|
|
|
<allow send_destination="org.freedesktop.machine1"
|
|
send_interface="org.freedesktop.machine1.Image"
|
|
send_member="GetOSRelease"/>
|
|
|
|
<allow receive_sender="org.freedesktop.machine1"/>
|
|
</policy>
|
|
|
|
</busconfig>
|