diff options
author | 2019-04-09 18:20:38 +0200 | |
---|---|---|
committer | 2019-04-09 18:24:36 +0200 | |
commit | 99cef05b4c32c401868c7f487784130e607ca74c (patch) | |
tree | 21c978e2209cddafd44e8b850eaa53dde7ed7553 /meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch | |
parent | 0f1670b4b635d54c744a3e697be169957f321808 (diff) | |
parent | ffa9f4476251778974c77e35d924c20b29bf2792 (diff) |
Merge remote-tracking branch 'origin/sandbox/sdesneux/thud-upgrade'
Update the core distro to YP 2.6 'thud'.
Bug-AGL: SPEC-1837
Change-Id: I5a753503c4ca15bcb0d4f0f30c4a91e7d50ab024
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Diffstat (limited to 'meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch')
-rw-r--r-- | meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch index d30b2dbf8..6cc7c19c4 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch @@ -26,14 +26,14 @@ Change-Id: Ifb4a160bf6e0638404e0295a2e4fa3077efd881c Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com> Cherry picked from e8610297cf7031e94eb314a2e8c11246f4405403 by Jose Bollo + +Updated for dbus 1.12.10 by Scott Murray. + Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - bus/session.conf.in | 32 ++++++++++++++++++++++++++------ - bus/system.conf.in | 19 +++++++++++++++---- - 2 files changed, 41 insertions(+), 10 deletions(-) +Signed-off-by: Scott Murray <scott.murray@konsulko.com> diff --git a/bus/session.conf.in b/bus/session.conf.in -index affa7f1d..157dfb4d 100644 +index affa7f1..157dfb4 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in @@ -27,12 +27,32 @@ @@ -76,10 +76,10 @@ index affa7f1d..157dfb4d 100644 <!-- Include legacy configuration location --> diff --git a/bus/system.conf.in b/bus/system.conf.in -index 014f67ee..ebbd468a 100644 +index f139b55..19d0c04 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in -@@ -50,23 +50,34 @@ +@@ -50,17 +50,20 @@ <deny own="*"/> <deny send_type="method_call"/> @@ -104,9 +104,10 @@ index 014f67ee..ebbd468a 100644 <!-- Allow anyone to talk to the message bus --> <allow send_destination="org.freedesktop.DBus" - send_interface="org.freedesktop.DBus" /> - <allow send_destination="org.freedesktop.DBus" +@@ -69,6 +72,14 @@ send_interface="org.freedesktop.DBus.Introspectable"/> + <allow send_destination="org.freedesktop.DBus" + send_interface="org.freedesktop.DBus.Properties"/> + <!-- If there is a need specific bus services could be protected by Cynara as well. + However, this can lead to deadlock during the boot process when such check is made and + Cynara is not yet activated (systemd calls protected method synchronously, @@ -118,6 +119,3 @@ index 014f67ee..ebbd468a 100644 <!-- But disallow some specific bus services --> <deny send_destination="org.freedesktop.DBus" send_interface="org.freedesktop.DBus" --- -2.14.3 - |