diff options
| author | Aleksander Morgado <aleksander@lanedo.com> | 2013-06-10 18:30:12 +0200 |
|---|---|---|
| committer | Aleksander Morgado <aleksander@lanedo.com> | 2013-06-13 09:21:52 +0200 |
| commit | 0c7265de29163ab9c9ba03257d393ce99bb47ff6 (patch) | |
| tree | 5107c5e10d6e7d1401e36c3f2568d4773d8df029 /data/org.freedesktop.ModemManager1.policy.in.in | |
| parent | dc815569148f9f697bdc827b419258bc3af1c0d6 (diff) | |
build: new strict & permissive polkit policies in '--with-polkit'
The '--with-polkit' configure switch now supports more options than just yes
or no:
* strict: Active user needs to explicitly authenticate when peforming an
operation defined in the Device.Control, Messaging, Location or Contacts
interfaces. Polkit policy is set to 'auth_self_keep'.
* permissive: Active user doesn't need to explicitly authenticate when
peforming an operation defined in the Device.Control, Messaging, Location or
Contacts interfaces. Polkit policy is set to 'yes'.
* none: don't use polkit.
If '--with-polkit' is not given, usage will be automatically decided based on
the presence of the Polkit headers in the system (if headers found, strict
policy will be applied, otherwise none).
Also:
* '--with-polkit' is equivalent to '--with-polkit=strict'
* '--with-polkit=yes' is equivalent to '--with-polkit=strict'
* '--with-polkit=no' is equivalent to '--with-polkit=none'
* '--without-polkit' is equivalent to '--with-polkit=none'
By default, ModemManager will always apply the strict policy, in order to
protect the user from unwanted operations in the modem (e.g. getting the PIN
locked forever after wrong PIN/PUK unlock attempts).
https://bugzilla.gnome.org/show_bug.cgi?id=701740
Diffstat (limited to 'data/org.freedesktop.ModemManager1.policy.in.in')
| -rw-r--r-- | data/org.freedesktop.ModemManager1.policy.in.in | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/data/org.freedesktop.ModemManager1.policy.in.in b/data/org.freedesktop.ModemManager1.policy.in.in new file mode 100644 index 00000000..7b3a22a3 --- /dev/null +++ b/data/org.freedesktop.ModemManager1.policy.in.in @@ -0,0 +1,75 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> + +<policyconfig> + + <vendor>ModemManager</vendor> + <vendor_url>http://www.freedesktop.org/wiki/ModemManager</vendor_url> + <icon_name>ModemManager</icon_name> + + <action id="org.freedesktop.ModemManager1.Control"> + <_description>Control the Modem Manager daemon</_description> + <_message>System policy prevents controlling the Modem Manager.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.Device.Control"> + <_description>Unlock and control a mobile broadband device</_description> + <_message>System policy prevents unlocking or controlling the mobile broadband device.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>@MM_DEFAULT_USER_POLICY@</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.Contacts"> + <_description>Add, modify, and delete mobile broadband contacts</_description> + <_message>System policy prevents adding, modifying, or deleting this device's contacts.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>@MM_DEFAULT_USER_POLICY@</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.Messaging"> + <_description>Send, save, modify, and delete text messages</_description> + <_message>System policy prevents sending or maniuplating this device's text messages.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>@MM_DEFAULT_USER_POLICY@</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.Location"> + <_description>Enable and view geographic location and positioning information</_description> + <_message>System policy prevents enabling or viewing geographic location information.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>@MM_DEFAULT_USER_POLICY@</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.USSD"> + <_description>Query and utilize network information and services</_description> + <_message>System policy prevents querying or utilizing network information and services.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager1.Firmware"> + <_description>Query and manage firmware on a mobile broadband device</_description> + <_message>System policy prevents querying or managing this device's firmware.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin</allow_active> + </defaults> + </action> + +</policyconfig> |