diff options
| author | Danny Kukawka <danny.kukawka@web.de> | 2009-01-28 13:45:39 +0100 |
|---|---|---|
| committer | Danny Kukawka <danny.kukawka@web.de> | 2009-01-28 13:45:39 +0100 |
| commit | 59d66b8ebcef20f3a48ca6744cc5ee6f5b0c212f (patch) | |
| tree | dd60c08290791fc313f784e5034a90add11558d0 /doc | |
| parent | 0d6eaa5ab4bdbaa73b20db0e9c200af39c00b2ee (diff) | |
add current default policies for device access to spec
Added current default policies for device access, for active
and inactive users, to the list of existing policies in the spec.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/spec/hal-spec-access-control.xml | 53 |
1 files changed, 48 insertions, 5 deletions
diff --git a/doc/spec/hal-spec-access-control.xml b/doc/spec/hal-spec-access-control.xml index ae68f31c..b33bd189 100644 --- a/doc/spec/hal-spec-access-control.xml +++ b/doc/spec/hal-spec-access-control.xml @@ -58,7 +58,8 @@ <para> This is a list of the device file policies/rules delivered with the HAL package to manage ACL's as defined via <literal> - access_control.type</literal>. + access_control.type</literal> and the current default Policykit + policies for inactive and active users. </para> <informaltable> <tgroup cols="2"> @@ -66,6 +67,8 @@ <row> <entry>Type</entry> <entry>Description</entry> + <entry>allow_inactive</entry> + <entry>allow_active</entry> </row> </thead> <tbody> @@ -74,120 +77,160 @@ <literal>audio-player</literal> </entry> <entry>Directly access audio players.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>camera</literal> </entry> <entry>Directly access digital cameras.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>cdrom</literal> </entry> <entry>Directly access optical drives.</entry> + <entry>yes</entry> + <entry>yes</entry> </row> <row> <entry> <literal>dvb</literal> </entry> <entry>Directly access DVB devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>fingerprint-reader</literal> </entry> <entry>Directly access to fingerprint reader devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>floppy</literal> </entry> <entry>Directly access Floppy devices.</entry> + <entry>yes</entry> + <entry>yes</entry> </row> <row> <entry> - <literal>ieee1394-iidc</literal> + <literal>ieee1394-avc</literal> </entry> - <entry>Directly access Firewire IIDC devices.</entry> + <entry>Directly access Firewire AVC devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> - <literal>ieee1394-avc</literal> + <literal>ieee1394-iidc</literal> </entry> - <entry>Directly access Firewire AVC devices.</entry> + <entry>Directly access Firewire IIDC devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>joystick</literal> </entry> <entry>Directly access Joystick devices.</entry> + <entry>yes</entry> + <entry>yes</entry> </row> <row> <entry> <literal>modem</literal> </entry> <entry>Directly access serial modem devices.</entry> + <entry>auth_admin_keep_always</entry> + <entry>auth_admin_keep_always</entry> </row> <row> <entry> <literal>mouse</literal> </entry> <entry>Directly access Mouse (input) devices</entry> + <entry>yes</entry> + <entry>yes</entry> </row> <row> <entry> <literal>obex</literal> </entry> <entry>Directly access OBEX devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>pda</literal> </entry> <entry>Directly access PDA devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>ppdev</literal> </entry> <entry>Directly access parallel port devices.</entry> + <entry>auth_admin_keep_always</entry> + <entry>auth_admin_keep_always</entry> </row> <row> <entry> <literal>printer</literal> </entry> <entry>Directly access printer devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>removable-block</literal> </entry> <entry>Directly access removable block devices.</entry> + <entry>no</entry> + <entry>no</entry> </row> <row> <entry> <literal>scanner</literal> </entry> <entry>Directly access scanners.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>sound</literal> </entry> <entry>Directly access sound devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> <row> <entry> <literal>video</literal> </entry> <entry>Directly access Video devices.</entry> + <entry>yes</entry> + <entry>yes</entry> </row> <row> <entry> <literal>video4linux</literal> </entry> <entry>Directly access video capture devices.</entry> + <entry>no</entry> + <entry>yes</entry> </row> </tbody> </tgroup> |