Subversion Repositories configs

<!DOCTYPE busconfig PUBLIC

 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"

 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

<busconfig>

    <policy user="root">

        <allow own="org.freedesktop.NetworkManager"/>

        <allow send_destination="org.freedesktop.NetworkManager"/>

        <allow send_destination="org.freedesktop.NetworkManager"

               send_interface="org.freedesktop.NetworkManager.PPP"/>

        <allow send_interface="org.freedesktop.NetworkManager.SecretAgent"/>

        <!-- These are there because some broken policies do

             <deny send_interface="..." /> (see dbus-daemon(8) for details).

             This seems to override that for the known VPN plugins.

          -->

        <allow send_destination="org.freedesktop.NetworkManager.openconnect"/>

        <allow send_destination="org.freedesktop.NetworkManager.openswan"/>

        <allow send_destination="org.freedesktop.NetworkManager.openvpn"/>

        <allow send_destination="org.freedesktop.NetworkManager.pptp"/>

        <allow send_destination="org.freedesktop.NetworkManager.vpnc"/>

        <allow send_destination="org.freedesktop.NetworkManager.ssh"/>

        <allow send_destination="org.freedesktop.NetworkManager.iodine"/>

        <allow send_destination="org.freedesktop.NetworkManager.l2tp"/>

        <allow send_destination="org.freedesktop.NetworkManager.libreswan"/>

        <allow send_destination="org.freedesktop.NetworkManager.fortisslvpn"/>

        <allow send_destination="org.freedesktop.NetworkManager.strongswan"/>

        <allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>

        <allow send_destination="org.fedoraproject.FirewallD1"/>

        <!-- Allow the custom name for the dnsmasq instance spawned by NM

             from the dns dnsmasq plugin to own its dbus name, and for

             messages to be sent to it.

         -->

        <allow own="org.freedesktop.NetworkManager.dnsmasq"/>

        <allow send_destination="org.freedesktop.NetworkManager.dnsmasq"/>

    </policy>

    <policy context="default">

        <deny own="org.freedesktop.NetworkManager"/>

        <deny send_destination="org.freedesktop.NetworkManager"/>

        <!-- Basic D-Bus API stuff -->

        <allow send_destination="org.freedesktop.NetworkManager"

               send_interface="org.freedesktop.DBus.Introspectable"/>

        <allow send_destination="org.freedesktop.NetworkManager"

               send_interface="org.freedesktop.DBus.Properties"/>

        <allow send_destination="org.freedesktop.NetworkManager"

               send_interface="org.freedesktop.DBus.ObjectManager"/>

        <!-- Devices (read-only properties, no methods) -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.AccessPoint"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Adsl"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Bluetooth"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Bond"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Bridge"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Generic"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Gre"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Infiniband"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Macvlan"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Modem"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.OlpcMesh"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Team"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Tun"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Veth"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Vlan"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Wired"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.WiMax.Nsp"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.WifiP2PPeer"/>

        <!-- Devices (read-only, no security required) -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.WiMax"/>

        <!-- Devices (read/write, secured with PolicyKit) -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device.WifiP2P"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Device"/>

        <!-- Core stuff (read-only properties, no methods) -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Connection.Active"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.DHCP6Config"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.IP4Config"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.IP6Config"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>

        <!-- Core stuff (read/write, secured with PolicyKit) -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Settings"/>

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Settings.Connection"/>

        <!-- Agents; secured with PolicyKit.  Any process can talk to

             the AgentManager API, but only NetworkManager can talk

             to the agents themselves. -->

        <allow send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.AgentManager"/>

        <!-- Root-only functions -->

        <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager"          send_member="SetLogging"/>

        <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager"          send_member="Sleep"/>

        <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Settings" send_member="LoadConnections"/>

        <deny send_destination="org.freedesktop.NetworkManager" send_interface="org.freedesktop.NetworkManager.Settings" send_member="ReloadConnections"/>

        <deny own="org.freedesktop.NetworkManager.dnsmasq"/>

        <deny send_destination="org.freedesktop.NetworkManager.dnsmasq"/>

    </policy>

    <limit name="max_replies_per_connection">1024</limit>

    <limit name="max_match_rules_per_connection">2048</limit>

</busconfig>