summaryrefslogtreecommitdiff
path: root/source/a/dbus/dbus-1.2.x-allow_root_globally.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/a/dbus/dbus-1.2.x-allow_root_globally.diff')
-rw-r--r--source/a/dbus/dbus-1.2.x-allow_root_globally.diff22
1 files changed, 22 insertions, 0 deletions
diff --git a/source/a/dbus/dbus-1.2.x-allow_root_globally.diff b/source/a/dbus/dbus-1.2.x-allow_root_globally.diff
new file mode 100644
index 00000000..913a9d2b
--- /dev/null
+++ b/source/a/dbus/dbus-1.2.x-allow_root_globally.diff
@@ -0,0 +1,22 @@
+Allow root to do anything via dbus method calls, since users expect root
+ to be, well, root. This removes the insanity of adding root to all sorts
+ of system groups in /etc/group. --rworkman 20091031
+
+diff -Nur dbus-1.2.16.orig/bus/system.conf.in dbus-1.2.16/bus/system.conf.in
+--- dbus-1.2.16.orig/bus/system.conf.in 2009-07-13 05:14:40.000000000 -0500
++++ dbus-1.2.16/bus/system.conf.in 2009-10-31 00:47:34.338981143 -0500
+@@ -70,6 +70,14 @@
+ send_member="UpdateActivationEnvironment"/>
+ </policy>
+
++ <!-- Allow root to do anything over the messagebus.
++ Don't whine about "security" - anyone with root privileges
++ can edit this file anyway, so -ENOHOLE here. -->
++ <policy user="root">
++ <allow send_destination="*"/>
++ <allow send_interface="*"/>
++ </policy>
++
+ <!-- Config files are placed here that among other things, punch
+ holes in the above policy for specific services. -->
+ <includedir>system.d</includedir>