File: net.openvpn.v3.devposture.conf.in

package info (click to toggle)
openvpn3-client 24.1%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 19,384 kB
  • sloc: cpp: 180,128; python: 11,591; ansic: 1,878; sh: 1,767; java: 402; lisp: 81; makefile: 44
file content (77 lines) | stat: -rw-r--r-- 2,843 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
  <policy context="default">
    <allow send_destination="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_interface="org.freedesktop.DBus.Introspectable"
           send_type="method_call"
           send_member="Introspect"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_interface="org.freedesktop.DBus.Properties"
           send_type="method_call"
           send_member="Get"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_interface="org.freedesktop.DBus.Peer"
           send_type="method_call"
           send_member="Ping"/>

    <!--
         Only the "@OPENVPN_USERNAME@" user is allowed to
         receive signals from net.openvpn.v3.devposture interfaces.
    -->
    <deny receive_interface="net.openvpn.v3.devposture"
          receive_type="signal"/>
  </policy>

  <policy user="@OPENVPN_USERNAME@">
    <!--                                -->
    <!--  net.openvpn.v3.devposture     -->
    <!--                                -->
    <allow own="net.openvpn.v3.devposture"/>

    <allow receive_interface="net.openvpn.v3.devposture"
           receive_type="signal"
           receive_member="Log"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_interface="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_type="method_call"
           send_member="GetRegisteredModules"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_interface="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_type="method_call"
           send_member="ProtocolLookup"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_interface="net.openvpn.v3.devposture"
           send_path="/net/openvpn/v3/devposture"
           send_type="method_call"
           send_member="RunChecks"/>

    <allow send_destination="net.openvpn.v3.devposture"
           send_interface="org.freedesktop.DBus.Peer"
           send_path="/net/openvpn/v3/devposture"
           send_type="method_call"
           send_member="Ping"/>

    <!--
         This method is provided by each device posture check module,
         which is why there is no send_path defined; each module has
         their own path"
    -->
    <allow send_destination="net.openvpn.v3.devposture"
           send_interface="net.openvpn.v3.devicecheck"
           send_type="method_call"
           send_member="Run"/>
  </policy>
</busconfig>