summaryrefslogtreecommitdiff
path: root/source/a/dbus/dbus-1.2.x-allow_root_globally.diff
blob: 913a9d2b1e93ff7fa168bf6fc735d20f567cf4d5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Allow root to do anything via dbus method calls, since users expect root
  to be, well, root.  This removes the insanity of adding root to all sorts
  of system groups in /etc/group.    --rworkman  20091031

diff -Nur dbus-1.2.16.orig/bus/system.conf.in dbus-1.2.16/bus/system.conf.in
--- dbus-1.2.16.orig/bus/system.conf.in	2009-07-13 05:14:40.000000000 -0500
+++ dbus-1.2.16/bus/system.conf.in	2009-10-31 00:47:34.338981143 -0500
@@ -70,6 +70,14 @@
           send_member="UpdateActivationEnvironment"/>
   </policy>
 
+  <!-- Allow root to do anything over the messagebus.
+       Don't whine about "security" - anyone with root privileges
+       can edit this file anyway, so -ENOHOLE here. -->
+  <policy user="root">
+    <allow send_destination="*"/>
+    <allow send_interface="*"/>
+  </policy>
+  
   <!-- Config files are placed here that among other things, punch 
        holes in the above policy for specific services. -->
   <includedir>system.d</includedir>