summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--avahi-daemon/avahi-dbus.conf.in16
-rw-r--r--configure.ac66
2 files changed, 47 insertions, 35 deletions
diff --git a/avahi-daemon/avahi-dbus.conf.in b/avahi-daemon/avahi-dbus.conf.in
index 416c8dc..c570754 100644
--- a/avahi-daemon/avahi-dbus.conf.in
+++ b/avahi-daemon/avahi-dbus.conf.in
@@ -11,15 +11,17 @@
<allow own="org.freedesktop.Avahi"/>
</policy>
- <!-- Allow anyone to invoke methods on the Manager and Device interfaces -->
+ <!-- Allow anyone to invoke methods on Avahi server, except SetHostName -->
<policy context="default">
- <allow send_interface="org.freedesktop.Avahi"/>
+ <allow send_destination="org.freedesktop.Avahi"/>
+ <allow receive_sender="org.freedesktop.Avahi"/>
- <allow receive_interface="org.freedesktop.Avahi"
- receive_sender="org.freedesktop.Avahi"/>
+ <deny send_interface="org.freedesktop.Avahi.Server" send_member="SetHostName"/>
</policy>
- <limit name="max_match_rules_per_connection">512</limit>
- <limit name="max_connections_per_user">20</limit>
-
+ <!-- Allow everything, including access to SetHostName to users of the group "netdev" -->
+ <policy group="@AVAHI_PRIV_ACCESS_GROUP@">
+ <allow send_destination="org.freedesktop.Avahi"/>
+ <allow receive_sender="org.freedesktop.Avahi"/>
+ </policy>
</busconfig>
diff --git a/configure.ac b/configure.ac
index deac981..ca6d431 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@
# USA.
AC_PREREQ(2.57)
-AC_INIT([avahi],[0.6.12],[avahi (at) lists (dot) freedesktop (dot) org])
+AC_INIT([avahi],[0.6.13],[avahi (at) lists (dot) freedesktop (dot) org])
AC_CONFIG_SRCDIR([avahi-core/server.c])
AC_CONFIG_HEADERS([config.h])
AM_INIT_AUTOMAKE([foreign 1.9 -Wall])
@@ -680,6 +680,15 @@ fi
AC_SUBST(AVAHI_GROUP)
AC_DEFINE_UNQUOTED(AVAHI_GROUP,"$AVAHI_GROUP", [Group for Avahi])
+AC_ARG_WITH(avahi_priv_access_group,AS_HELP_STRING([--with-avahi-priv-access-group=<group>],[Priviliged access group for Avahi clients (netdev)]))
+if test -z "$with_priv_access_group" ; then
+ AVAHI_PRIV_ACCESS_GROUP=netdev
+else
+ AVAHI_PRIV_ACCESS_GROUP=$with_priv_access_group
+fi
+AC_SUBST(AVAHI_PRIV_ACCESS_GROUP)
+AC_DEFINE_UNQUOTED(AVAHI_PRIV_ACCESS_GROUP,"$AVAHI_PRIV_ACCESS_GROUP", [Privileged access group for Avahi clients])
+
#
# Avahi runtime dir
#
@@ -842,33 +851,34 @@ AC_OUTPUT
echo "
---{ $PACKAGE_NAME $VERSION }---
- prefix: ${prefix}
- sysconfdir: ${sysconfdir}
- localstatedir: ${localstatedir}
- avahi socket: ${avahi_socket}
- dbus-1 system.d dir: ${DBUS_SYS_DIR}
- dbus-1 version: ${DBUS_VERSION}
- dbus-1 system socket ${DBUS_SYSTEM_BUS_DEFAULT_ADDRESS}
- compiler: ${CC}
- cflags: ${CFLAGS}
- Enable GLIB: ${HAVE_GLIB}
- Enable GTK: ${HAVE_GTK}
- Enable D-BUS: ${HAVE_DBUS}
- Enable Expat: ${HAVE_EXPAT}
- Enable GDBM: ${HAVE_GDBM}
- Enable DBM: ${HAVE_DBM}
- Enable libdaemon: ${HAVE_LIBDAEMON}
- Enable Python: ${HAVE_PYTHON}
- Enable pygtk: ${HAVE_PYGTK}
- Enable python-dbus: ${HAVE_PYTHON_DBUS}
- Enable QT3: ${HAVE_QT3}
- Enable QT4: ${HAVE_QT4}
- Enable Mono: ${HAVE_MONO}
- Enable Monodoc: ${HAVE_MONODOC}
- Distribution/OS: ${with_distro}
- User for Avahi: ${AVAHI_USER}
- Group for Avahi: ${AVAHI_GROUP}
- Enable chroot(): ${enable_chroot}
+ prefix: ${prefix}
+ sysconfdir: ${sysconfdir}
+ localstatedir: ${localstatedir}
+ avahi socket: ${avahi_socket}
+ dbus-1 system.d dir: ${DBUS_SYS_DIR}
+ dbus-1 version: ${DBUS_VERSION}
+ dbus-1 system socket: ${DBUS_SYSTEM_BUS_DEFAULT_ADDRESS}
+ C Compiler: ${CC}
+ CFLAGS: ${CFLAGS}
+ Enable GLIB: ${HAVE_GLIB}
+ Enable GTK: ${HAVE_GTK}
+ Enable D-BUS: ${HAVE_DBUS}
+ Enable Expat: ${HAVE_EXPAT}
+ Enable GDBM: ${HAVE_GDBM}
+ Enable DBM: ${HAVE_DBM}
+ Enable libdaemon: ${HAVE_LIBDAEMON}
+ Enable Python: ${HAVE_PYTHON}
+ Enable pygtk: ${HAVE_PYGTK}
+ Enable python-dbus: ${HAVE_PYTHON_DBUS}
+ Enable QT3: ${HAVE_QT3}
+ Enable QT4: ${HAVE_QT4}
+ Enable Mono: ${HAVE_MONO}
+ Enable Monodoc: ${HAVE_MONODOC}
+ Distribution/OS: ${with_distro}
+ User for Avahi daemon: ${AVAHI_USER}
+ Group for Avahi daemon: ${AVAHI_GROUP}
+ Priviliged Access Group for Avahi Clients: ${AVAHI_PRIV_ACCESS_GROUP}
+ Enable chroot(): ${enable_chroot}
"
BUILD_DAEMON="no (You need libdaemon and expat!)"