From 7f5331b7b4f945204c6a7efe24dd8c131e132f1d Mon Sep 17 00:00:00 2001
From: David Herrmann <dh.herrmann@gmail.com>
Date: Tue, 15 Oct 2013 21:13:39 +0200
Subject: [PATCH] logind: allow unprivileged session-device access
The session-device/control API was introduced for unprivileged device
access from within a session. Add the required dbus policy to the default
logind policies.
Note: logind validates that only root and the user of a session can
use the API. Furthermore, only a single API user gets access at a time.
---
src/login/org.freedesktop.login1.conf | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/src/login/org.freedesktop.login1.conf b/src/login/org.freedesktop.login1.conf
index 0407609..04e735e 100644
--- a/src/login/org.freedesktop.login1.conf
+++ b/src/login/org.freedesktop.login1.conf
@@ -148,6 +148,26 @@
send_interface="org.freedesktop.login1.Session"
send_member="SetIdleHint"/>
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="PauseDeviceComplete"/>
+
<allow receive_sender="org.freedesktop.login1"/>
</policy>