Layer: services

Module: dbus

Tunables Interfaces Templates

Description:

Desktop messaging bus.

Tunables:

dbus_broker_run_transient_units

Default value

false

Description

Allow dbus-daemon system bus to to run systemd transient units. This is used by dbus-broker for dbus-activated services when the unit file for the service does not exist.

dbus_broker_system_bus

Default value

false

Description

Enable additional rules to support using dbus-broker as the dbus-daemon system bus.

dbus_pass_tuntap_fd

Default value

false

Description

Allow dbus-daemon system bus to access /dev/net/tun which is needed to pass tun/tap device file descriptors over D-Bus. This is needed by openvpn3-linux.

Return

Interfaces:

dbus_all_session_bus_client(
	
		domain
		
	)

Summary

Creating connections to all DBUS session busses.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_all_session_domain(
	
		domain
		
			,
		
		entry_point
		
	)

Summary

Allow a application domain to be started by the specified session bus.

Parameters

Parameter:	Description:
domain	Type to be used as a domain.
entry_point	Type of the program to be used as an entry point to this domain.

dbus_connect_all_session_bus(
	
		domain
		
	)

Summary

Acquire service on all DBUS session busses.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_connect_system_bus(
	
		domain
		
	)

Summary

Acquire service on the DBUS system bus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_dontaudit_system_bus_rw_tcp_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to read and write DBUS system bus TCP sockets.

Parameters

Parameter:	Description:
domain	Domain to not audit.

dbus_dontaudit_write_system_bus_runtime_named_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to write to system bus runtime named sockets.

Parameters

Parameter:	Description:
domain	Domain to not audit.

dbus_exec(
	
		domain
		
	)

Summary

Execute dbus in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_getattr_session_runtime_socket(
	
		domain
		
	)

Summary

Allow the specified domain to get the attributes of the session dbus sock file.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_list_system_bus_runtime(
	
		domain
		
	)

Summary

List system bus runtime directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_manage_lib_files(
	
		domain
		
	)

Summary

Create, read, write, and delete system dbus lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_read_config(
	
		domain
		
	)

Summary

Read dbus configuration content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_read_lib_files(
	
		domain
		
	)

Summary

Read system dbus lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_read_system_bus_runtime_files(
	
		domain
		
	)

Summary

Read system bus runtime files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_read_system_bus_runtime_named_sockets(
	
		domain
		
	)

Summary

Read system bus runtime named sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_relabel_lib_dirs(
	
		domain
		
	)

Summary

Relabel system dbus lib directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_send_all_session_bus(
	
		domain
		
	)

Summary

Send messages to all DBUS session busses.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_send_system_bus(
	
		domain
		
	)

Summary

Send messages to the DBUS system bus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_stub(
	
		domain
		
	)

Summary

DBUS stub interface. No access allowed.

Parameters

Parameter:	Description:
domain	Domain allowed access

dbus_system_bus_client(
	
		domain
		
	)

Summary

Template for creating connections to the system bus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_system_bus_unconfined(
	
		domain
		
	)

Summary

Unconfined access to DBUS system bus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_system_domain(
	
		domain
		
			,
		
		entry_point
		
	)

Summary

Create a domain for processes which can be started by the DBUS system bus.

Parameters

Parameter:	Description:
domain	Type to be used as a domain.
entry_point	Type of the program to be used as an entry point to this domain.

dbus_unconfined(
	
		domain
		
	)

Summary

Unconfined access to DBUS.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_use_system_bus_fds(
	
		domain
		
	)

Summary

Use and inherit DBUS system bus file descriptors.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_watch_system_bus_runtime_dirs(
	
		domain
		
	)

Summary

Watch system bus runtime directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_watch_system_bus_runtime_named_sockets(
	
		domain
		
	)

Summary

Watch system bus runtime named sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

dbus_write_session_runtime_socket(
	
		domain
		
	)

Summary

Allow the specified domain to write to the session dbus sock file.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return

Templates:

dbus_connect_spec_session_bus(
	
		role_prefix
		
			,
		
		domain
		
	)

Summary

Acquire service on specified DBUS session bus.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
domain	Domain allowed access.

dbus_role_template(
	
		role_prefix
		
			,
		
		role
		
			,
		
		domain
		
	)

Summary

Role access for dbus.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
role	Role allowed access
domain	User domain for the role

dbus_send_spec_session_bus(
	
		role_prefix
		
			,
		
		domain
		
	)

Summary

Send messages to specified DBUS session busses.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
domain	Domain allowed access.

dbus_spec_session_bus_client(
	
		role_prefix
		
			,
		
		domain
		
	)

Summary

Creating connections to specified DBUS session bus.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
domain	Domain allowed access.

dbus_spec_session_domain(
	
		role_prefix
		
			,
		
		domain
		
			,
		
		entry_point
		
	)

Summary

Allow a application domain to be started by the specified session bus.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
domain	Type to be used as a domain.
entry_point	Type of the program to be used as an entry point to this domain.

Return