Attached patches fix DBus permissions for all NetworkManager pieces (NM, nm-applet, vpn plugins). For more information, see http://lists.freedesktop.org/archives/dbus/2009-January/010807.html
Tambet
diff --git a/callouts/nm-avahi-autoipd.conf b/callouts/nm-avahi-autoipd.conf index 97d9ff5..52e8ea0 100644 --- a/callouts/nm-avahi-autoipd.conf +++ b/callouts/nm-avahi-autoipd.conf @@ -2,13 +2,9 @@ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";> <busconfig> - <policy user="root"> - <allow own="org.freedesktop.nm_avahi_autoipd"/> - <allow send_interface="org.freedesktop.nm_avahi_autoipd"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.nm_avahi_autoipd"/> - <deny send_interface="org.freedesktop.nm_avahi_autoipd"/> - </policy> + <policy user="root"> + <allow own="org.freedesktop.nm_avahi_autoipd"/> + <allow send_destination="org.freedesktop.nm_avahi_autoipd"/> + </policy> </busconfig> diff --git a/callouts/nm-dhcp-client.conf b/callouts/nm-dhcp-client.conf index 515a110..cc7723a 100644 --- a/callouts/nm-dhcp-client.conf +++ b/callouts/nm-dhcp-client.conf @@ -2,13 +2,9 @@ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";> <busconfig> - <policy user="root"> - <allow own="org.freedesktop.nm_dhcp_client"/> - <allow send_interface="org.freedesktop.nm_dhcp_client"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.nm_dhcp_client"/> - <deny send_interface="org.freedesktop.nm_dhcp_client"/> - </policy> + <policy user="root"> + <allow own="org.freedesktop.nm_dhcp_client"/> + <allow send_destination="org.freedesktop.nm_dhcp_client"/> + </policy> </busconfig> diff --git a/callouts/nm-dispatcher.conf b/callouts/nm-dispatcher.conf index 32833a7..8dbc0b5 100644 --- a/callouts/nm-dispatcher.conf +++ b/callouts/nm-dispatcher.conf @@ -4,11 +4,7 @@ <busconfig> <policy user="root"> <allow own="org.freedesktop.nm_dispatcher"/> - <allow send_interface="org.freedesktop.nm_dispatcher"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.nm_dispatcher"/> - <deny send_interface="org.freedesktop.nm_dispatcher"/> + <allow send_destination="org.freedesktop.nm_dispatcher"/> </policy> </busconfig> diff --git a/src/NetworkManager.conf b/src/NetworkManager.conf index 01dfee2..5378e5d 100644 --- a/src/NetworkManager.conf +++ b/src/NetworkManager.conf @@ -2,29 +2,16 @@ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";> <busconfig> - <policy user="root"> - <allow own="org.freedesktop.NetworkManager"/> - <allow send_destination="org.freedesktop.NetworkManager"/> - <allow send_interface="org.freedesktop.NetworkManager"/> - + <policy at_console="true"> + <allow send_destination="org.freedesktop.NetworkManager"/> + </policy> + <policy user="root"> + <allow own="org.freedesktop.NetworkManager"/> <allow own="org.freedesktop.NetworkManager.PPP"/> - <allow send_destination="org.freedesktop.NetworkManager.PPP"/> - <allow send_interface="org.freedesktop.NetworkManager.PPP"/> - </policy> - <policy at_console="true"> - <allow send_destination="org.freedesktop.NetworkManager"/> - <allow send_interface="org.freedesktop.NetworkManager"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManager"/> - <deny send_destination="org.freedesktop.NetworkManager"/> - <deny send_interface="org.freedesktop.NetworkManager"/> - - <deny own="org.freedesktop.NetworkManager.PPP"/> - <deny send_destination="org.freedesktop.NetworkManager.PPP"/> - <deny send_interface="org.freedesktop.NetworkManager.PPP"/> - </policy> + <allow send_destination="org.freedesktop.NetworkManager.PPP"/> + send_interface="org.freedesktop.NetworkManager.PPP"/> + </policy> - <limit name="max_replies_per_connection">512</limit> + <limit name="max_replies_per_connection">512</limit> </busconfig> diff --git a/system-settings/src/nm-system-settings.conf b/system-settings/src/nm-system-settings.conf index 10184ba..6e95f3a 100644 --- a/system-settings/src/nm-system-settings.conf +++ b/system-settings/src/nm-system-settings.conf @@ -2,23 +2,17 @@ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";> <busconfig> - <policy user="root"> - <allow own="org.freedesktop.NetworkManagerSystemSettings"/> - - <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> - </policy> <policy context="default"> - <deny own="org.freedesktop.NetworkManagerSystemSettings"/> - <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings"/> - - <!-- Only root can get secrets --> - <deny send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> + <deny send_destination="org.freedesktop.NetworkManagerSystemSettings" + send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> + </policy> + <policy user="root"> + <allow own="org.freedesktop.NetworkManagerSystemSettings"/> + <allow send_destination="org.freedesktop.NetworkManagerSystemSettings" + send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> </policy> - <limit name="max_replies_per_connection">512</limit> + <limit name="max_replies_per_connection">512</limit> </busconfig>
diff --git a/nm-applet.conf b/nm-applet.conf index af7c642..2081ab0 100644 --- a/nm-applet.conf +++ b/nm-applet.conf @@ -2,31 +2,18 @@ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";> <busconfig> - <policy user="root"> - <allow own="org.freedesktop.NetworkManagerUserSettings"/> - + <policy context="default"> <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings"/> - - <!-- Only root can get secrets --> - <allow send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> + <deny send_destination="org.freedesktop.NetworkManagerUserSettings" + send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> </policy> <policy at_console="true"> <allow own="org.freedesktop.NetworkManagerUserSettings"/> - - <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings"/> - - <!-- Only root can get secrets --> - <deny send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManagerUserSettings"/> - - <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> - <allow send_interface="org.freedesktop.NetworkManagerSettings"/> - <!-- Only root can get secrets --> - <deny send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> + <policy user="root"> + <allow own="org.freedesktop.NetworkManagerUserSettings"/> + <allow send_destination="org.freedesktop.NetworkManagerUserSettings" + send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/> </policy> <limit name="max_replies_per_connection">512</limit>
diff --git a/nm-vpnc-service.conf b/nm-vpnc-service.conf index cd02870..4cee63e 100644 --- a/nm-vpnc-service.conf +++ b/nm-vpnc-service.conf @@ -5,12 +5,6 @@ <policy user="root"> <allow own="org.freedesktop.NetworkManager.vpnc"/> <allow send_destination="org.freedesktop.NetworkManager.vpnc"/> - <allow send_interface="org.freedesktop.NetworkManager.vpnc"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManager.vpnc"/> - <deny send_destination="org.freedesktop.NetworkManager.vpnc"/> - <deny send_interface="org.freedesktop.NetworkManager.vpnc"/> </policy> </busconfig>
diff --git a/nm-openvpn-service.conf b/nm-openvpn-service.conf index 62eaa8c..c6b5eb2 100644 --- a/nm-openvpn-service.conf +++ b/nm-openvpn-service.conf @@ -5,12 +5,6 @@ <policy user="root"> <allow own="org.freedesktop.NetworkManager.openvpn"/> <allow send_destination="org.freedesktop.NetworkManager.openvpn"/> - <allow send_interface="org.freedesktop.NetworkManager.openvpn"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManager.openvpn"/> - <deny send_destination="org.freedesktop.NetworkManager.openvpn"/> - <deny send_interface="org.freedesktop.NetworkManager.openvpn"/> </policy> </busconfig>
diff --git a/nm-pptp-service.conf b/nm-pptp-service.conf index aa5400d..b1b80d2 100644 --- a/nm-pptp-service.conf +++ b/nm-pptp-service.conf @@ -4,21 +4,9 @@ <busconfig> <policy user="root"> <allow own="org.freedesktop.NetworkManager.pptp"/> - <allow send_destination="org.freedesktop.NetworkManager.pptp"/> - <allow send_interface="org.freedesktop.NetworkManager.pptp"/> - <allow own="org.freedesktop.NetworkManager.pptp-ppp"/> + <allow send_destination="org.freedesktop.NetworkManager.pptp"/> <allow send_destination="org.freedesktop.NetworkManager.pptp-ppp"/> - <allow send_interface="org.freedesktop.NetworkManager.pptp-ppp"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManager.pptp"/> - <deny send_destination="org.freedesktop.NetworkManager.pptp"/> - <deny send_interface="org.freedesktop.NetworkManager.pptp"/> - - <deny own="org.freedesktop.NetworkManager.pptp-ppp"/> - <deny send_destination="org.freedesktop.NetworkManager.pptp-ppp"/> - <deny send_interface="org.freedesktop.NetworkManager.pptp-ppp"/> </policy> </busconfig>
diff --git a/nm-openconnect-service.conf b/nm-openconnect-service.conf index 2cc1c27..3d4841f 100644 --- a/nm-openconnect-service.conf +++ b/nm-openconnect-service.conf @@ -5,17 +5,10 @@ <policy user="root"> <allow own="org.freedesktop.NetworkManager.openconnect"/> <allow send_destination="org.freedesktop.NetworkManager.openconnect"/> - <allow send_interface="org.freedesktop.NetworkManager.openconnect"/> </policy> <policy user="nm-openconnect"> <allow own="org.freedesktop.NetworkManager.openconnect"/> <allow send_destination="org.freedesktop.NetworkManager.openconnect"/> - <allow send_interface="org.freedesktop.NetworkManager.openconnect"/> - </policy> - <policy context="default"> - <deny own="org.freedesktop.NetworkManager.openconnect"/> - <deny send_destination="org.freedesktop.NetworkManager.openconnect"/> - <deny send_interface="org.freedesktop.NetworkManager.openconnect"/> </policy> </busconfig>
_______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
