<?xml version="1.0"?> <!--*-nxml-*--> <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> <busconfig> <!-- This configuration file specifies the required security policies for the SSSD InfoPipe to work. --> <!-- Only root can own (provide) the SSSD service --> <policy user="root"> <allow own="org.freedesktop.sssd.infopipe"/> </policy> <!-- Allow all methods on the interface --> <!-- Right now, this will be handled by a limited ACL within the InfoPipe Daemon. --> <policy context="default"> <allow send_destination="org.freedesktop.sssd.infopipe" send_interface="org.freedesktop.DBus.Introspectable"/> <allow send_destination="org.freedesktop.sssd.infopipe" send_interface="org.freedesktop.DBus.Properties" send_member="GetAll"/> <allow send_destination="org.freedesktop.sssd.infopipe" send_interface="org.freedesktop.DBus.Properties" send_member="Get"/> <allow send_destination="org.freedesktop.sssd.infopipe" send_interface="org.freedesktop.DBus.Properties" send_member="Set"/> <allow send_interface="org.freedesktop.sssd.infopipe"/> <allow send_interface="org.freedesktop.sssd.infopipe.Users"/> <allow send_interface="org.freedesktop.sssd.infopipe.Users.User"/> <allow send_interface="org.freedesktop.sssd.infopipe.Groups"/> <allow send_interface="org.freedesktop.sssd.infopipe.Groups.Group"/> <allow send_interface="org.freedesktop.sssd.infopipe.Cache"/> <allow send_interface="org.freedesktop.sssd.infopipe.Cache.Object"/> </policy> <policy user="root"> <allow send_interface="org.freedesktop.sssd.infopipe.Components"/> </policy> </busconfig>