← Back to branch summary

~ubuntu-branches/debian/sid/hal/sid

« back to all changes in this revision

Viewing changes to fdi/policy/10osvendor/20-acl-management.fdi

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2007-10-23 12:33:58 UTC
  • Revision ID: james.westby@ubuntu.com-20071023123358-xaf8mjc5n84d5gtz
Tags: upstream-0.5.10
ImportĀ upstreamĀ versionĀ 0.5.10

Show diffs side-by-side

added added

removed removed

Lines of Context:
fdi/policy/10osvendor/20-acl-management.fdi
3
3
<deviceinfo version="0.2">
4
4
  <device>
5
5
 
 
6
    <!-- NOTE: if you add a new access.type value, remember to update privileges/hal-device-files.priv -->
6
7
 
7
8
    <!-- classification of devices where access can be controlled goes here -->
8
9
 
10
11
    <match key="info.capabilities" contains="alsa">
11
12
      <append key="info.capabilities" type="strlist">access_control</append>
12
13
      <merge key="access_control.file" type="copy_property">alsa.device_file</merge>
 
14
      <merge key="access_control.type" type="string">sound</merge>
13
15
    </match>
14
16
 
15
17
    <!-- sound card (OSS) -->
16
18
    <match key="info.capabilities" contains="oss">
17
19
      <append key="info.capabilities" type="strlist">access_control</append>
18
20
      <merge key="access_control.file" type="copy_property">oss.device_file</merge>
 
21
      <merge key="access_control.type" type="string">sound</merge>
19
22
    </match>
20
23
 
21
24
    <!-- video4linux devices -->
22
25
    <match key="info.capabilities" contains="video4linux">
23
26
      <append key="info.capabilities" type="strlist">access_control</append>
24
27
      <merge key="access_control.file" type="copy_property">video4linux.device</merge>
 
28
      <merge key="access_control.type" type="string">video4linux</merge>
25
29
    </match>
26
30
 
27
31
    <!-- optical drives -->
28
32
    <match key="info.capabilities" contains="storage.cdrom">
29
33
      <append key="info.capabilities" type="strlist">access_control</append>
30
34
      <merge key="access_control.file" type="copy_property">block.device</merge>
 
35
      <merge key="access_control.type" type="string">cdrom</merge>
31
36
    </match>
32
37
 
33
38
    <!-- DVB cards -->
34
39
    <match key="info.capabilities" contains="dvb">
35
40
      <append key="info.capabilities" type="strlist">access_control</append>
36
41
      <merge key="access_control.file" type="copy_property">dvb.device</merge>
 
42
      <merge key="access_control.type" type="string">dvb</merge>
37
43
    </match>
38
44
 
39
 
    <!-- usb cameras -->
 
45
    <!-- support for Linux USB stack where device node is on a child of the main USB device -->
40
46
    <match key="info.capabilities" contains="usbraw">
41
47
      <match key="info.capabilities" sibling_contains="camera">
42
48
        <append key="info.capabilities" type="strlist">access_control</append>
43
49
        <merge key="access_control.file" type="copy_property">usbraw.device</merge>
 
50
        <merge key="access_control.type" type="string">camera</merge>
44
51
      </match>
45
52
    </match>
46
 
 
47
 
    <!-- usb scanners -->
48
53
    <match key="info.capabilities" contains="usbraw">
49
54
      <match key="info.capabilities" sibling_contains="scanner">
50
55
        <append key="info.capabilities" type="strlist">access_control</append>
51
56
        <merge key="access_control.file" type="copy_property">usbraw.device</merge>
52
 
      </match>
53
 
    </match>
 
57
      <merge key="access_control.type" type="string">scanner</merge>
 
58
      </match>
 
59
    </match>
 
60
 
 
61
    <!-- support for Linux USB stack where linux.device_file is set (e.g. device node is on the main usb device) -->
 
62
    <match key="info.subsystem" string="usb">
 
63
      <match key="@info.parent:linux.device_file" exists="true">
 
64
        <match key="info.capabilities" contains="camera">
 
65
          <append key="info.capabilities" type="strlist">access_control</append>
 
66
          <merge key="access_control.type" type="string">camera</merge>
 
67
          <merge key="access_control.file" type="copy_property">@info.parent:linux.device_file</merge>
 
68
        </match>
 
69
        <match key="info.capabilities" contains="scanner">
 
70
          <append key="info.capabilities" type="strlist">access_control</append>
 
71
          <merge key="access_control.type" type="string">scanner</merge>
 
72
          <merge key="access_control.file" type="copy_property">@info.parent:linux.device_file</merge>
 
73
        </match>
 
74
      </match>
 
75
    </match>
 
76
 
54
77
 
55
78
    <!-- Firewire devices are mostly driven by userspace libraries -->
56
79
    <match key="info.capabilities" contains="ieee1394_unit.iidc">
57
80
      <append key="info.capabilities" type="strlist">access_control</append>
58
81
      <merge key="access_control.file" type="copy_property">@ieee1394_unit.originating_device:ieee1394.device</merge>
 
82
      <merge key="access_control.type" type="string">ieee1394-iidc</merge>
59
83
    </match>
60
84
    <match key="info.capabilities" contains="ieee1394_unit.avc">
61
85
      <append key="info.capabilities" type="strlist">access_control</append>
62
86
      <merge key="access_control.file" type="copy_property">@ieee1394_unit.originating_device:ieee1394.device</merge>
63
 
    </match>
64
 
 
65
 
    <!-- policy goes here - this can be amended by 3rd party packages,
66
 
         e.g.  the flumotion package may provide a fdi-file that
67
 
         appends the 'flumotion' user to access_control.grant_user for
68
 
         e.g. webcam's or audio devices - see RH bug #140853 for
69
 
         details. -->
70
 
 
71
 
    <!-- grant access to local session whether it's active or not -->
72
 
    <match key="info.capabilities" contains="access_control">
73
 
      <merge key="access_control.grant_local_session" type="bool">true</merge>
74
 
    </match>
75
 
 
 
87
      <merge key="access_control.type" type="string">ieee1394-avc</merge>
 
88
    </match>
76
89
 
77
90
    <!-- enforcement of policy goes here -->
78
91