ofdbus/dbus/data/system.conf
author srilekhas <srilekhas@symbian.org>
Mon, 23 Aug 2010 14:43:58 +0100
branchRCL_3
changeset 55 9b31f530ce17
parent 0 e4d67989cc36
permissions -rw-r--r--
Merge RCL_3 fixes with latest delivery.

<!-- This configuration file controls the systemwide message bus.
     Add a system-local.conf and edit that rather than changing this 
     file directly. -->

<!-- Note that there are any number of ways you can hose yourself
     security-wise by screwing up this file; in particular, you
     probably don't want to listen on any more addresses, add any more
     auth mechanisms, run as a different user, etc. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- Our well-known bus type, do not change this -->
  <type>system</type>

  <!-- Run as special user -->
  <!-- commented in SYMBIAN -->
  <!-- user>messagebus</user -->

  <!-- Fork into daemon mode -->
  <!-- Linux -->
  <!-- fork/ -->
  <!-- SYMBIAN no fork -->

  <!-- Write a pid file -->
  <!-- Linux -->
  <!-- pidfile>/usr/local/var/run/dbus/pid</pidfile -->
  <!-- SYMBIAN hope that pidfile is not needed, but uncomment below if we need it -->
  <!-- pidfile>/epoc32/data/dbus/pid</pidfile -->

  <!-- Only allow socket-credentials-based authentication -->
  <auth>SYMBIAN_DBUS_PLATFORM_SECURITY</auth>

  <!-- Only listen on a local socket. (abstract=/path/to/socket 
       means use abstract namespace, don't really create filesystem 
       file; only Linux supports this. Use path=/whatever on other 
       systems.) -->
  <!-- Linux -->
  <!-- listen>unix:path=/usr/local/var/run/dbus/system_bus_socket</listen -->
  <!-- SYMBIAN -->
  <listen>tcp:host=localhost,port=12434</listen>
  
     <!--  *********************  -->
		 <!-- limits as set in the config-parser.c -->
     <!--  parser->limits.max_incoming_bytes = 1024 * 1024 * 63;= 66060288 -->
     <!--  parser->limits.max_outgoing_bytes = 1024 * 1024 * 63;= 66060288-->
     <!--  parser->limits.max_message_size = 1024 * 1024 * 32;= 33554432-->
     <!--  parser->limits.activation_timeout = 250000;-->
     <!--  parser->limits.auth_timeout = 300000;-->
     <!--  parser->limits.max_incomplete_connections = 32;-->
     <!--  parser->limits.max_connections_per_user = 128;-->
     <!--  parser->limits.max_completed_connections = 1024;-->
     <!--  parser->limits.max_pending_activations = 256;-->
     <!--  parser->limits.max_services_per_connection = 256;-->
     <!--  parser->limits.max_match_rules_per_connection = 512;-->
     <!--  parser->limits.reply_timeout = 5 * 60 * 1000; = 300000-->
     <!--  parser->limits.max_replies_per_connection = 32;-->
     <!--  *********************  -->
     
        <limit name="max_incoming_bytes">66060288</limit>      
      <limit name="max_outgoing_bytes">66060288</limit>
      <limit name="max_message_size">33554432</limit>
      <limit name="service_start_timeout">250000</limit>
      <limit name="auth_timeout">300000</limit>  
      <limit name="max_completed_connections">1024</limit>
      <limit name="max_incomplete_connections">32</limit>
      <limit name="max_connections_per_user">128</limit>
      <limit name="max_pending_service_starts">256</limit>
      <limit name="max_names_per_connection">256</limit>
      <limit name="max_match_rules_per_connection">512</limit>
      <limit name="max_replies_per_connection">32</limit>
      <limit name="reply_timeout">300000</limit>


	 <standard_session_servicedirs />
  <policy context="default">
    <!-- Deny everything then punch holes -->
    <allow send_interface="*"/>
    <allow receive_interface="*"/>
    <allow own="*"/>
    <!-- But allow all users to connect -->
    <allow user="*"/>
    <!-- Allow anyone to talk to the message bus -->
    <!-- FIXME I think currently these allow rules are always implicit 
         even if they aren't in here -->
    <allow send_destination="org.freedesktop.DBus"/>
    <allow receive_sender="org.freedesktop.DBus"/>
    <!-- valid replies are always allowed -->
    <allow send_requested_reply="true"/>
    <allow receive_requested_reply="true"/>
  </policy>

  <!-- Config files are placed here that among other things, punch 
       holes in the above policy for specific services. -->
  <!-- In symbian nuw includedir is same than dbus data dir -->
  <!-- includedir>system.d</includedir -->
 
  <!-- This is included last so local configuration can override what's 
       in this standard file -->
  <!-- include ignore_missing="yes">system-local.conf include -->

  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>

</busconfig>