diff options
| author | Beniamino Galvani <bgalvani@redhat.com> | 2016-08-04 10:38:38 +0200 |
|---|---|---|
| committer | Beniamino Galvani <bgalvani@redhat.com> | 2016-08-12 15:40:30 +0200 |
| commit | 33fada20490db5a3f092c1f56647945fa164ae46 (patch) | |
| tree | 6fb8c00613912c4747fe57931fee44d7702004b0 | |
| parent | e96b081c59231662654b273d9a78cfdf72d04e44 (diff) | |
| download | NetworkManager-bg/dbus-policy-rh1362542.tar.gz | |
core: drop some rules from dbus policy filebg/dbus-policy-rh1362542
The rules on SetLogging(), LoadConnections() and ReloadConnections()
are not needed as NM itself already checks for root permissions.
The advantage is in more meaningful error messages to users. Before:
$ nmcli general logging level debug
Error: failed to set logging: Rejected send message, 4 matched rules;
type="method_call", sender=":1.233" (uid=1001 pid=27225 comm="nmcli
general logging level debug ")
interface="org.freedesktop.NetworkManager" member="SetLogging" error
name="(unset)" requested_reply="0" destination=":1.207" (uid=0
pid=25793 comm="/usr/sbin/NetworkManager --no-daemon ")
After:
$ nmcli general logging level debug
Error: failed to set logging: Permission denied
https://bugzilla.redhat.com/show_bug.cgi?id=1362542
| -rw-r--r-- | src/org.freedesktop.NetworkManager.conf | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf index d130f7e271..48931ccfa3 100644 --- a/src/org.freedesktop.NetworkManager.conf +++ b/src/org.freedesktop.NetworkManager.conf @@ -124,16 +124,7 @@ <!-- Root-only functions --> <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager" - send_member="SetLogging"/> - <deny send_destination="org.freedesktop.NetworkManager" - send_interface="org.freedesktop.NetworkManager" send_member="Sleep"/> - <deny send_destination="org.freedesktop.NetworkManager" - send_interface="org.freedesktop.NetworkManager.Settings" - send_member="LoadConnections"/> - <deny send_destination="org.freedesktop.NetworkManager" - send_interface="org.freedesktop.NetworkManager.Settings" - send_member="ReloadConnections"/> <deny own="org.freedesktop.NetworkManager.dnsmasq"/> <deny send_destination="org.freedesktop.NetworkManager.dnsmasq"/> |