summaryrefslogtreecommitdiff
path: root/src/org.freedesktop.NetworkManager.conf
diff options
context:
space:
mode:
authorThomas Haller <thaller@redhat.com>2017-04-21 11:56:28 +0200
committerThomas Haller <thaller@redhat.com>2017-04-21 13:41:21 +0200
commitff5b7275a7584fcdabe4327f1a061c5610cf89dd (patch)
treee8353044215913e738e1a41ec716c6375f8cb192 /src/org.freedesktop.NetworkManager.conf
parentebb3830e57ddb87e72699ed83df2765836228775 (diff)
downloadNetworkManager-ff5b7275a7584fcdabe4327f1a061c5610cf89dd.tar.gz
dbus: allow firewalld to communicate with NetworkManager
Usually, this "<allow send_destination="..."/>" part is shipped by firewalld's D-Bus policy. However, if firewalld is initially not installed with NetworkManager already running, dbus-daemon seems to cache the missing permission for the D-Bus connection. As a result, when installing and starting firewalld, NetworkManager requests fail until restart: firewall: [0x7f4b83643890,change:"eth1"]: complete: request failed (Rejected send message, 1 matched rules; type="method_call", sender=":1.3" (uid=0 pid=715 comm="/usr/sbin/NetworkManager --no-daemon ") interface="org.fedoraproject.FirewallD1.zone" member="changeZone" error name="(unset)" requested_reply="0" destination=":1.25" (uid=0 pid=1243 comm="/usr/bin/python -Es /usr/sbin/firewalld --nofork -")) https://bugzilla.redhat.com/show_bug.cgi?id=1436770 (cherry picked from commit cc1d409ba886e8e7c33f845790cfc700fcd2d854)
Diffstat (limited to 'src/org.freedesktop.NetworkManager.conf')
-rw-r--r--src/org.freedesktop.NetworkManager.conf2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf
index e4d1b78ba6..6be1feb68e 100644
--- a/src/org.freedesktop.NetworkManager.conf
+++ b/src/org.freedesktop.NetworkManager.conf
@@ -27,6 +27,8 @@
<allow send_destination="org.freedesktop.NetworkManager.strongswan"/>
<allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>
+ <allow send_destination="org.fedoraproject.FirewallD1"/>
+
<!-- Allow the custom name for the dnsmasq instance spawned by NM
from the dns dnsmasq plugin to own it's dbus name, and for
messages to be sent to it.
View Lorry Controller Status