commit | 6dd1c2ad86507202dd55c533559e253f846e99c8 | [log] [tgz] |
---|---|---|
author | Anton D. Kachalov <gmouse@google.com> | Fri Apr 02 17:34:49 2021 +0200 |
committer | Anton D. Kachalov <gmouse@google.com> | Mon May 31 17:37:10 2021 +0200 |
tree | 2c038cffdcb00901d118697925c160fcd43b8f57 | |
parent | 811a29e1941db0157f49d2e05491be945f7b2f07 [diff] [blame] |
Supply service & busconfig ACLs from the repo. This change required as a part of privilege separation work: https://github.com/openbmc/openbmc/issues/3383 Dependant meta-phosphor change: https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/41430 Signed-off-by: Anton D. Kachalov <gmouse@google.com> Change-Id: Ic0b1b57f8a088defe096f1ab793efa1f015ca5be
diff --git a/dist/busconfig/phosphor-nslcd-authority-cert-config.conf b/dist/busconfig/phosphor-nslcd-authority-cert-config.conf new file mode 100644 index 0000000..7737ffc --- /dev/null +++ b/dist/busconfig/phosphor-nslcd-authority-cert-config.conf
@@ -0,0 +1,8 @@ +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + <policy user="root"> + <allow own="xyz.openbmc_project.Certs.Manager.Authority.Ldap"/> + <allow send_destination="xyz.openbmc_project.Certs.Manager.Authority.Ldap"/> + </policy> +</busconfig>