MercurialSymaptic / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw
| help
os/ossrv/ofdbus/dbus/data/system.conf
changeset 0 bde4ae8d615e
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/os/ossrv/ofdbus/dbus/data/system.conf	Fri Jun 15 03:10:57 2012 +0200
     1.3 @@ -0,0 +1,105 @@
     1.4 +<!-- This configuration file controls the systemwide message bus.
     1.5 +     Add a system-local.conf and edit that rather than changing this 
     1.6 +     file directly. -->
     1.7 +
     1.8 +<!-- Note that there are any number of ways you can hose yourself
     1.9 +     security-wise by screwing up this file; in particular, you
    1.10 +     probably don't want to listen on any more addresses, add any more
    1.11 +     auth mechanisms, run as a different user, etc. -->
    1.12 +
    1.13 +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
    1.14 + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
    1.15 +<busconfig>
    1.16 +
    1.17 +  <!-- Our well-known bus type, do not change this -->
    1.18 +  <type>system</type>
    1.19 +
    1.20 +  <!-- Run as special user -->
    1.21 +  <!-- commented in SYMBIAN -->
    1.22 +  <!-- user>messagebus</user -->
    1.23 +
    1.24 +  <!-- Fork into daemon mode -->
    1.25 +  <!-- Linux -->
    1.26 +  <!-- fork/ -->
    1.27 +  <!-- SYMBIAN no fork -->
    1.28 +
    1.29 +  <!-- Write a pid file -->
    1.30 +  <!-- Linux -->
    1.31 +  <!-- pidfile>/usr/local/var/run/dbus/pid</pidfile -->
    1.32 +  <!-- SYMBIAN hope that pidfile is not needed, but uncomment below if we need it -->
    1.33 +  <!-- pidfile>/epoc32/data/dbus/pid</pidfile -->
    1.34 +
    1.35 +  <!-- Only allow socket-credentials-based authentication -->
    1.36 +  <auth>SYMBIAN_DBUS_PLATFORM_SECURITY</auth>
    1.37 +
    1.38 +  <!-- Only listen on a local socket. (abstract=/path/to/socket 
    1.39 +       means use abstract namespace, don't really create filesystem 
    1.40 +       file; only Linux supports this. Use path=/whatever on other 
    1.41 +       systems.) -->
    1.42 +  <!-- Linux -->
    1.43 +  <!-- listen>unix:path=/usr/local/var/run/dbus/system_bus_socket</listen -->
    1.44 +  <!-- SYMBIAN -->
    1.45 +  <listen>tcp:host=localhost,port=12434</listen>
    1.46 +  
    1.47 +     <!--  *********************  -->
    1.48 +		 <!-- limits as set in the config-parser.c -->
    1.49 +     <!--  parser->limits.max_incoming_bytes = 1024 * 1024 * 63;= 66060288 -->
    1.50 +     <!--  parser->limits.max_outgoing_bytes = 1024 * 1024 * 63;= 66060288-->
    1.51 +     <!--  parser->limits.max_message_size = 1024 * 1024 * 32;= 33554432-->
    1.52 +     <!--  parser->limits.activation_timeout = 250000;-->
    1.53 +     <!--  parser->limits.auth_timeout = 300000;-->
    1.54 +     <!--  parser->limits.max_incomplete_connections = 32;-->
    1.55 +     <!--  parser->limits.max_connections_per_user = 128;-->
    1.56 +     <!--  parser->limits.max_completed_connections = 1024;-->
    1.57 +     <!--  parser->limits.max_pending_activations = 256;-->
    1.58 +     <!--  parser->limits.max_services_per_connection = 256;-->
    1.59 +     <!--  parser->limits.max_match_rules_per_connection = 512;-->
    1.60 +     <!--  parser->limits.reply_timeout = 5 * 60 * 1000; = 300000-->
    1.61 +     <!--  parser->limits.max_replies_per_connection = 32;-->
    1.62 +     <!--  *********************  -->
    1.63 +     
    1.64 +        <limit name="max_incoming_bytes">66060288</limit>      
    1.65 +      <limit name="max_outgoing_bytes">66060288</limit>
    1.66 +      <limit name="max_message_size">33554432</limit>
    1.67 +      <limit name="service_start_timeout">250000</limit>
    1.68 +      <limit name="auth_timeout">300000</limit>  
    1.69 +      <limit name="max_completed_connections">1024</limit>
    1.70 +      <limit name="max_incomplete_connections">32</limit>
    1.71 +      <limit name="max_connections_per_user">128</limit>
    1.72 +      <limit name="max_pending_service_starts">256</limit>
    1.73 +      <limit name="max_names_per_connection">256</limit>
    1.74 +      <limit name="max_match_rules_per_connection">512</limit>
    1.75 +      <limit name="max_replies_per_connection">32</limit>
    1.76 +      <limit name="reply_timeout">300000</limit>
    1.77 +
    1.78 +
    1.79 +	 <standard_session_servicedirs />
    1.80 +  <policy context="default">
    1.81 +    <!-- Deny everything then punch holes -->
    1.82 +    <allow send_interface="*"/>
    1.83 +    <allow receive_interface="*"/>
    1.84 +    <allow own="*"/>
    1.85 +    <!-- But allow all users to connect -->
    1.86 +    <allow user="*"/>
    1.87 +    <!-- Allow anyone to talk to the message bus -->
    1.88 +    <!-- FIXME I think currently these allow rules are always implicit 
    1.89 +         even if they aren't in here -->
    1.90 +    <allow send_destination="org.freedesktop.DBus"/>
    1.91 +    <allow receive_sender="org.freedesktop.DBus"/>
    1.92 +    <!-- valid replies are always allowed -->
    1.93 +    <allow send_requested_reply="true"/>
    1.94 +    <allow receive_requested_reply="true"/>
    1.95 +  </policy>
    1.96 +
    1.97 +  <!-- Config files are placed here that among other things, punch 
    1.98 +       holes in the above policy for specific services. -->
    1.99 +  <!-- In symbian nuw includedir is same than dbus data dir -->
   1.100 +  <!-- includedir>system.d</includedir -->
   1.101 + 
   1.102 +  <!-- This is included last so local configuration can override what's 
   1.103 +       in this standard file -->
   1.104 +  <!-- include ignore_missing="yes">system-local.conf include -->
   1.105 +
   1.106 +  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
   1.107 +
   1.108 +</busconfig>
Symaptic