f51198129c
o Always use @PACKAGEKIT_USER@, never explicitly specify root. o DBUS denies requests by default anyway, no need to explicitly deny. o packagekitd and the DBUS backends both run as PACKAGEKIT_USER. If you want different users, you'll have to fix that.
21 lines
636 B
Plaintext
21 lines
636 B
Plaintext
<!DOCTYPE busconfig PUBLIC
|
|
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
|
|
<busconfig>
|
|
|
|
<!-- This configuration file specifies the required security policies
|
|
for the PackageKit to work. -->
|
|
|
|
<!-- Only user @PACKAGEKIT_USER@ can own the PackageKit service -->
|
|
<policy user="@PACKAGEKIT_USER@">
|
|
<allow own="org.freedesktop.PackageKit"/>
|
|
</policy>
|
|
|
|
<!-- Allow anyone to call into the service - we'll reject callers using PolicyKit -->
|
|
<policy context="default">
|
|
<allow send_interface="org.freedesktop.PackageKit"/>
|
|
</policy>
|
|
|
|
</busconfig>
|
|
|