|
1 <!-- This configuration file controls the systemwide message bus. |
|
2 Add a system-local.conf and edit that rather than changing this |
|
3 file directly. --> |
|
4 |
|
5 <!-- Note that there are any number of ways you can hose yourself |
|
6 security-wise by screwing up this file; in particular, you |
|
7 probably don't want to listen on any more addresses, add any more |
|
8 auth mechanisms, run as a different user, etc. --> |
|
9 |
|
10 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" |
|
11 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> |
|
12 <busconfig> |
|
13 |
|
14 <!-- Our well-known bus type, do not change this --> |
|
15 <type>system</type> |
|
16 |
|
17 <!-- Run as special user --> |
|
18 <!-- commented in SYMBIAN --> |
|
19 <!-- user>messagebus</user --> |
|
20 |
|
21 <!-- Fork into daemon mode --> |
|
22 <!-- Linux --> |
|
23 <!-- fork/ --> |
|
24 <!-- SYMBIAN no fork --> |
|
25 |
|
26 <!-- Write a pid file --> |
|
27 <!-- Linux --> |
|
28 <!-- pidfile>/usr/local/var/run/dbus/pid</pidfile --> |
|
29 <!-- SYMBIAN hope that pidfile is not needed, but uncomment below if we need it --> |
|
30 <!-- pidfile>/epoc32/data/dbus/pid</pidfile --> |
|
31 |
|
32 <!-- Only allow socket-credentials-based authentication --> |
|
33 <auth>SYMBIAN_DBUS_PLATFORM_SECURITY</auth> |
|
34 |
|
35 <!-- Only listen on a local socket. (abstract=/path/to/socket |
|
36 means use abstract namespace, don't really create filesystem |
|
37 file; only Linux supports this. Use path=/whatever on other |
|
38 systems.) --> |
|
39 <!-- Linux --> |
|
40 <!-- listen>unix:path=/usr/local/var/run/dbus/system_bus_socket</listen --> |
|
41 <!-- SYMBIAN --> |
|
42 <listen>tcp:host=localhost,port=12434</listen> |
|
43 |
|
44 <!-- ********************* --> |
|
45 <!-- limits as set in the config-parser.c --> |
|
46 <!-- parser->limits.max_incoming_bytes = 1024 * 1024 * 63;= 66060288 --> |
|
47 <!-- parser->limits.max_outgoing_bytes = 1024 * 1024 * 63;= 66060288--> |
|
48 <!-- parser->limits.max_message_size = 1024 * 1024 * 32;= 33554432--> |
|
49 <!-- parser->limits.activation_timeout = 250000;--> |
|
50 <!-- parser->limits.auth_timeout = 300000;--> |
|
51 <!-- parser->limits.max_incomplete_connections = 32;--> |
|
52 <!-- parser->limits.max_connections_per_user = 128;--> |
|
53 <!-- parser->limits.max_completed_connections = 1024;--> |
|
54 <!-- parser->limits.max_pending_activations = 256;--> |
|
55 <!-- parser->limits.max_services_per_connection = 256;--> |
|
56 <!-- parser->limits.max_match_rules_per_connection = 512;--> |
|
57 <!-- parser->limits.reply_timeout = 5 * 60 * 1000; = 300000--> |
|
58 <!-- parser->limits.max_replies_per_connection = 32;--> |
|
59 <!-- ********************* --> |
|
60 |
|
61 <limit name="max_incoming_bytes">66060288</limit> |
|
62 <limit name="max_outgoing_bytes">66060288</limit> |
|
63 <limit name="max_message_size">33554432</limit> |
|
64 <limit name="service_start_timeout">250000</limit> |
|
65 <limit name="auth_timeout">300000</limit> |
|
66 <limit name="max_completed_connections">1024</limit> |
|
67 <limit name="max_incomplete_connections">32</limit> |
|
68 <limit name="max_connections_per_user">128</limit> |
|
69 <limit name="max_pending_service_starts">256</limit> |
|
70 <limit name="max_names_per_connection">256</limit> |
|
71 <limit name="max_match_rules_per_connection">512</limit> |
|
72 <limit name="max_replies_per_connection">32</limit> |
|
73 <limit name="reply_timeout">300000</limit> |
|
74 |
|
75 |
|
76 <standard_session_servicedirs /> |
|
77 <policy context="default"> |
|
78 <!-- Deny everything then punch holes --> |
|
79 <allow send_interface="*"/> |
|
80 <allow receive_interface="*"/> |
|
81 <allow own="*"/> |
|
82 <!-- But allow all users to connect --> |
|
83 <allow user="*"/> |
|
84 <!-- Allow anyone to talk to the message bus --> |
|
85 <!-- FIXME I think currently these allow rules are always implicit |
|
86 even if they aren't in here --> |
|
87 <allow send_destination="org.freedesktop.DBus"/> |
|
88 <allow receive_sender="org.freedesktop.DBus"/> |
|
89 <!-- valid replies are always allowed --> |
|
90 <allow send_requested_reply="true"/> |
|
91 <allow receive_requested_reply="true"/> |
|
92 </policy> |
|
93 |
|
94 <!-- Config files are placed here that among other things, punch |
|
95 holes in the above policy for specific services. --> |
|
96 <!-- In symbian nuw includedir is same than dbus data dir --> |
|
97 <!-- includedir>system.d</includedir --> |
|
98 |
|
99 <!-- This is included last so local configuration can override what's |
|
100 in this standard file --> |
|
101 <!-- include ignore_missing="yes">system-local.conf include --> |
|
102 |
|
103 <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include> |
|
104 |
|
105 </busconfig> |