src/bluetooth.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

<!-- This configuration file specifies the required security policies
     for Bluetooth core daemon to work. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- ../system.conf have denied everything, so we just punch some holes -->

  <policy user="root">
    <allow own="org.bluez"/>
    <allow send_destination="org.bluez"/>
    <allow own="org.projectx.bluetooth"/>
    <allow send_interface="org.projectx.bluetooth"/>
    <allow send_destination="org.projectx.bluetooth"/>
    <allow send_interface="org.projectx.bt_event"/>
    <allow send_destination="org.projectx.bt_event"/>
    <allow own="org.bluez.frwk_agent"/>
    <allow send_interface="org.bluez.frwk_agent"/>
    <allow send_destination="org.bluez.frwk_agent"/>
    <allow own="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_destination="org.bluez.Agent1"/>
    <allow own="org.bluez.Adapter1"/>
    <allow send_interface="org.bluez.Adapter1"/>
    <allow send_destination="org.bluez.Adapter1"/>
    <allow own="org.bluez.Manager"/>
    <allow send_interface="org.bluez.Manager"/>
    <allow send_destination="org.bluez.Manager"/>
    <allow own="org.bluez.Device1"/>
    <allow send_interface="org.bluez.Device1"/>
    <allow send_destination="org.bluez.Device1"/>
    <allow own="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_destination="org.bluez.MediaEndpoint1"/>
    <allow own="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.ThermometerWatcher1"/>
    <allow send_interface="org.bluez.AlertAgent1"/>
    <allow send_destination="org.bluez.MediaPlayer1"/>
    <allow own="org.bluez.MediaTransport1"/>
    <allow send_interface="org.bluez.MediaTransport1"/>
    <allow send_destination="org.bluez.MediaTransport1"/>
    <allow own="org.bluez.Profile1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_destination="org.bluez.Profile1"/>
    <allow send_interface="org.bluez.HeartRateWatcher1"/>
    <allow send_interface="org.bluez.CyclingSpeedWatcher1"/>
    <allow send_interface="org.bluez.GattCharacteristic1"/>
    <allow send_interface="org.bluez.GattDescriptor1"/>
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
    <allow send_interface="org.freedesktop.DBus.Properties"/>
  </policy>

  <policy at_console="true">
    <allow send_destination="org.bluez"/>
  </policy>

  <!-- allow users of bt_use group (Tizen BT group) to
       communicate with bluetoothd -->
  <policy group="bt_use">
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
    <allow send_destination="org.bluez"/>
    <allow send_interface="org.projectx.bluetooth"/>
    <allow send_destination="org.projectx.bluetooth"/>
    <allow send_interface="org.projectx.bt_event"/>
    <allow send_destination="org.projectx.bt_event"/>
    <allow send_interface="org.bluez.frwk_agent"/>
    <allow send_destination="org.bluez.frwk_agent"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_destination="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.Adapter1"/>
    <allow send_destination="org.bluez.Adapter1"/>
    <allow send_interface="org.bluez.Manager"/>
    <allow send_destination="org.bluez.Manager"/>
    <allow send_interface="org.bluez.Device1"/>
    <allow send_destination="org.bluez.Device1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_destination="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaTransport1"/>
    <allow send_destination="org.bluez.MediaTransport1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_destination="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_destination="org.bluez.Profile1"/>
  </policy>

  <!-- allow users of system group (Tizen BT group) to
       communicate with bluetoothd -->
  <policy group="users">
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
    <allow send_destination="org.bluez"/>
    <allow send_interface="org.projectx.bluetooth"/>
    <allow send_destination="org.projectx.bluetooth"/>
    <allow send_interface="org.projectx.bt_event"/>
    <allow send_destination="org.projectx.bt_event"/>
    <allow send_interface="org.bluez.frwk_agent"/>
    <allow send_destination="org.bluez.frwk_agent"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_destination="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.Adapter1"/>
    <allow send_destination="org.bluez.Adapter1"/>
    <allow send_interface="org.bluez.Manager"/>
    <allow send_destination="org.bluez.Manager"/>
    <allow send_interface="org.bluez.Device1"/>
    <allow send_destination="org.bluez.Device1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_destination="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaTransport1"/>
    <allow send_destination="org.bluez.MediaTransport1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_destination="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_destination="org.bluez.Profile1"/>
  </policy>

  <!-- allow users of lp group (printing subsystem) to
       communicate with bluetoothd -->
  <policy group="lp">
    <allow send_destination="org.bluez"/>
  </policy>

  <policy context="default">
    <deny send_interface="org.projectx.bluetooth"/>
    <deny send_destination="org.projectx.bluetooth"/>
    <deny send_interface="org.bluez.frwk_agent"/>
    <deny send_destination="org.bluez.frwk_agent"/>
    <deny send_interface="org.bluez.Agent1"/>
    <deny send_destination="org.bluez.Agent1"/>
    <deny send_interface="org.bluez.Adapter1"/>
    <deny send_destination="org.bluez.Adapter1"/>
    <deny send_interface="org.bluez.Manager"/>
    <deny send_destination="org.bluez.Manager"/>
    <deny send_interface="org.bluez.Device1"/>
    <deny send_destination="org.bluez.Device1"/>
    <deny send_interface="org.bluez.MediaEndpoint1"/>
    <deny send_destination="org.bluez.MediaEndpoint1"/>
    <deny send_interface="org.bluez.MediaTransport1"/>
    <deny send_destination="org.bluez.MediaTransport1"/>
    <deny send_interface="org.bluez.MediaPlayer1"/>
    <deny send_destination="org.bluez.MediaPlayer1"/>
    <deny send_interface="org.bluez.Profile1"/>
    <deny send_destination="org.bluez.Profile1"/>
  </policy>

</busconfig>