diff options
author | Simon McVittie <smcv@collabora.com> | 2017-07-19 15:46:00 +0100 |
---|---|---|
committer | Simon McVittie <smcv@debian.org> | 2017-07-28 11:24:20 +0100 |
commit | c1348e23fee268184a1f351439e60455ff224416 (patch) | |
tree | 5fc7f1cf7191bdba0a8ce435edab511f489b19ce /doc | |
parent | bc9c63f8f1ad3904a64e91887e5f1486c6097648 (diff) | |
download | dbus-c1348e23fee268184a1f351439e60455ff224416.tar.gz dbus-c1348e23fee268184a1f351439e60455ff224416.tar.bz2 dbus-c1348e23fee268184a1f351439e60455ff224416.zip |
dbus-daemon(1): Actually document "own" rules
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Thiago Macieira <thiago@kde.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92853
Diffstat (limited to 'doc')
-rw-r--r-- | doc/dbus-daemon.1.xml.in | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in index 5f8dddd6..be4e1aa8 100644 --- a/doc/dbus-daemon.1.xml.in +++ b/doc/dbus-daemon.1.xml.in @@ -938,6 +938,17 @@ the character "*" can be substituted, meaning "any." Complex globs like "foo.bar.*" aren't allowed for now because they'd be work to implement and maybe encourage sloppy security anyway.</para> +<para> + Rules with the <literal>own</literal> or <literal>own_prefix</literal> + attribute are checked when a connection attempts to own a well-known bus + names. As a special case, <literal>own="*"</literal> matches any well-known + bus name. The well-known session bus normally allows any connection to + own any name, while the well-known system bus normally does not allow any + connection to own any name, except where allowed by further configuration. + System services that will own a name must install configuration that allows + them to do so, usually via rules of the form + <literal><policy user="some-system-user"><allow own="…"/></policy></literal>. +</para> <para><allow own_prefix="a.b"/> allows you to own the name "a.b" or any name whose first dot-separated elements are "a.b": in particular, |