<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- This configuration file specifies the required security policies
for the HAL to work. -->
<!-- Only root or user haldaemon can own the HAL service -->
<policy user="haldaemon">
<allow own="org.freedesktop.Hal"/>
</policy>
<policy user="root">
<allow own="org.freedesktop.Hal"/>
</policy>
<!-- Allow anyone to invoke methods on the Manager and Device interfaces -->
<policy context="default">
<allow send_interface="org.freedesktop.DBus.Introspectable"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Manager"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device"
send_destination="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Manager"
receive_sender="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Device"
receive_sender="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"
send_destination="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
         receive_sender="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Device.LaptopPanel"
         receive_sender="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Device.Volume"
         receive_sender="org.freedesktop.Hal"/>
<allow receive_interface="org.freedesktop.Hal.Device.Volume.Crypto"
         receive_sender="org.freedesktop.Hal"/>
</policy>
<!-- Default policy for the exported interfaces; if PolicyKit is not used
for access control you will need to modify this -->
<policy context="default">
<deny send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
send_destination="org.freedesktop.Hal"/>
<deny send_interface="org.freedesktop.Hal.Device.VideoAdapterPM"
send_destination="org.freedesktop.Hal"/>
<deny send_interface="org.freedesktop.Hal.Device.LaptopPanel"
send_destination="org.freedesktop.Hal"/>
<deny send_interface="org.freedesktop.Hal.Device.Volume"
send_destination="org.freedesktop.Hal"/>
<deny send_interface="org.freedesktop.Hal.Device.Volume.Crypto"
send_destination="org.freedesktop.Hal"/>
</policy>
<!-- This will not work if consolekit is not enabled -->
<policy at_console="true">
<allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.VideoAdapterPM"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.CPUFreq"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.WakeOnLan"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.DockStation"
send_destination="org.freedesktop.Hal"/>
</policy>
<!-- Debian groups policies -->
<policy group="powerdev">
<allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.VideoAdapterPM"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.CPUFreq"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.WakeOnLan"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.DockStation"
send_destination="org.freedesktop.Hal"/>
</policy>
<policy group="plugdev">
<allow send_interface="org.freedesktop.Hal.Device.Volume"
send_destination="org.freedesktop.Hal"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"
send_destination="org.freedesktop.Hal"/>
</policy>
<!-- Allow root to call any method, for instance:
* NetworkManager access to KillSwitch interface
* powersaved access to CPUFreq interface
-->
<policy user="root">
<allow send_destination="org.freedesktop.Hal"/>
</policy>
</busconfig>