IFP: Connect to the system bus

Related:
https://fedorahosted.org/sssd/ticket/2072

Adds the possibility for the InfoPipe responder to connect to the system bus.
At the moment, only a dummy method "Ping" is provided. The method only
accepts a single string parameter that has to be 'ping'.

1 files changed, 22 insertions, 0 deletions

diff --git a/src/responder/ifp/org.freedesktop.sssd.infopipe.conf b/src/responder/ifp/org.freedesktop.sssd.infopipe.conf
new file mode 100644
index 000000000..fea847cee
--- /dev/null
+++ b/src/responder/ifp/org.freedesktop.sssd.infopipe.conf
@@ -0,0 +1,22 @@
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+  <!-- This configuration file specifies the required security policies
+       for the SSSD InfoPipe to work. -->
+
+  <!-- Only root can own (provide) the SSSD service -->
+  <policy user="root">
+    <allow own="org.freedesktop.sssd.infopipe"/>
+  </policy>
+
+  <!-- Allow all methods on the interface -->
+  <!-- Right now, this will be handled by a limited ACL
+       within the InfoPipe Daemon. -->
+  <policy context="default">
+    <allow send_interface="org.freedesktop.sssd.infopipe"/>
+  </policy>
+
+</busconfig>