fix avahi_netlink_new to allow multiple netlinks per process

[catta] / avahi-daemon / avahi-dbus.conf.in

diff --git a/avahi-daemon/avahi-dbus.conf.in b/avahi-daemon/avahi-dbus.conf.in
index 485c03e1c1ef0e89819aedcebed706710ee88ff8..1df0cc47815422ffe4304adefcb2a20538a3983f 100644 (file)
--- a/avahi-daemon/avahi-dbus.conf.in
+++ b/avahi-daemon/avahi-dbus.conf.in
@@ -1,6 +1,6 @@
 <!DOCTYPE busconfig PUBLIC
- "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+          "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+          "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
 
   <!-- Only root or user @AVAHI_USER@ can own the Avahi service -->
@@ -11,14 +11,22 @@
     <allow own="org.freedesktop.Avahi"/>
   </policy>
 
-  <!-- Allow anyone to invoke methods on the Manager and Device interfaces -->
+  <!-- Allow anyone to invoke methods on Avahi server, except SetHostName -->
   <policy context="default">
-    <allow send_interface="org.freedesktop.Avahi"/>
+    <allow send_destination="org.freedesktop.Avahi"/>
+    <allow receive_sender="org.freedesktop.Avahi"/>
 
-    <allow receive_interface="org.freedesktop.Avahi"
-           receive_sender="org.freedesktop.Avahi"/>
+    <deny send_destination="org.freedesktop.Avahi"
+          send_interface="org.freedesktop.Avahi.Server" send_member="SetHostName"/>
   </policy>
 
-  <limit name="max_match_rules_per_connection">512</limit>
-
+  <!-- Allow everything, including access to SetHostName to users of the group "@AVAHI_PRIV_ACCESS_GROUP@" -->
+  <policy group="@AVAHI_PRIV_ACCESS_GROUP@">
+    <allow send_destination="org.freedesktop.Avahi"/>
+    <allow receive_sender="org.freedesktop.Avahi"/>
+  </policy>
+  <policy user="root">
+    <allow send_destination="org.freedesktop.Avahi"/>
+    <allow receive_sender="org.freedesktop.Avahi"/>
+  </policy>
 </busconfig>