/etc/dbus-1/system.d
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> <busconfig> <policy context="default"> <!-- Allow everyone to talk to main service. We'll later add an agent to only share the location if user allows it. --> <allow send_destination="org.freedesktop.GeoClue2"/> </policy> <policy user="geoclue"> <!-- Only allow geoclue to own the name on the bus --> <allow own="org.freedesktop.GeoClue2"/> <!-- Also give geoclue access to wpa_supplicant API --> <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/> <allow send_destination="fi.w1.wpa_supplicant1" send_interface="org.freedesktop.DBus.Properties" send_member="Get"/> <allow send_destination="fi.w1.wpa_supplicant1" send_interface="org.freedesktop.DBus.Properties" send_member="GetAll"/> <allow send_destination="fi.w1.wpa_supplicant1" send_interface="org.freedesktop.DBus.Introspectable"/> <allow send_destination="fi.w1.wpa_supplicant1" send_interface="fi.w1.wpa_supplicant1.Interface" send_type="method_call" send_member="Scan"/> </policy> <policy user="root"> <!-- Allow root to own the name on the bus --> <allow own="org.freedesktop.GeoClue2"/> </policy> </busconfig>
.
Edit
..
Edit
cagefs-dbus-hardening.conf
Edit
org.freedesktop.Flatpak.SystemHelper.conf
Edit
org.freedesktop.GeoClue2.Agent.conf
Edit
org.freedesktop.GeoClue2.conf
Edit
org.freedesktop.PolicyKit1.conf
Edit
org.freedesktop.RealtimeKit1.conf
Edit
org.selinux.conf
Edit
teamd.conf
Edit