diff options
| author | Danny Kukawka <danny.kukawka@web.de> | 2009-03-02 19:43:29 +0100 |
|---|---|---|
| committer | Danny Kukawka <danny.kukawka@web.de> | 2009-03-02 19:43:29 +0100 |
| commit | 7123ef9a78c8c6b504e6ba98218fc556641a458c (patch) | |
| tree | 78a2eb17ad04b67871616cf8a70105788101a3dc | |
| parent | 0f2d03c492f32428e8ca3a72ce52ecf2fcdfa780 (diff) | |
define ACL and device-access policy for smart_card_reader
Defined ACL and device-access policy for smart_card_reader. Added
information to the spec.
| -rw-r--r-- | doc/spec/hal-spec-access-control.xml | 8 | ||||
| -rw-r--r-- | fdi/policy/10osvendor/20-acl-management.fdi | 10 | ||||
| -rw-r--r-- | policy/org.freedesktop.hal.device-access.policy | 9 |
3 files changed, 27 insertions, 0 deletions
diff --git a/doc/spec/hal-spec-access-control.xml b/doc/spec/hal-spec-access-control.xml index b33bd189..1846d377 100644 --- a/doc/spec/hal-spec-access-control.xml +++ b/doc/spec/hal-spec-access-control.xml @@ -138,6 +138,14 @@ </row> <row> <entry> + <literal>smart-card-reader</literal> + </entry> + <entry>Directly access Smart Card Reader security devices.</entry> + <entry>no</entry> + <entry>yes</entry> + </row> + <row> + <entry> <literal>joystick</literal> </entry> <entry>Directly access Joystick devices.</entry> diff --git a/fdi/policy/10osvendor/20-acl-management.fdi b/fdi/policy/10osvendor/20-acl-management.fdi index 2884a12c..fc609ff5 100644 --- a/fdi/policy/10osvendor/20-acl-management.fdi +++ b/fdi/policy/10osvendor/20-acl-management.fdi @@ -73,6 +73,11 @@ <merge key="access_control.file" type="copy_property">usbraw.device</merge> <merge key="access_control.type" type="string">fingerprint-reader</merge> </match> + <match key="info.capabilities" sibling_contains="smart_card_reader"> + <addset key="info.capabilities" type="strlist">access_control</addset> + <merge key="access_control.file" type="copy_property">usbraw.device</merge> + <merge key="access_control.type" type="string">smart-card-reader</merge> + </match> </match> </match> @@ -104,6 +109,11 @@ <merge key="access_control.type" type="string">fingerprint-reader</merge> <merge key="access_control.file" type="copy_property">@info.parent:linux.device_file</merge> </match> + <match key="info.capabilities" contains="smart_card_reader"> + <addset key="info.capabilities" type="strlist">access_control</addset> + <merge key="access_control.type" type="string">smart-card-reader</merge> + <merge key="access_control.file" type="copy_property">@info.parent:linux.device_file</merge> + </match> </match> </match> diff --git a/policy/org.freedesktop.hal.device-access.policy b/policy/org.freedesktop.hal.device-access.policy index e083eb49..884fa57b 100644 --- a/policy/org.freedesktop.hal.device-access.policy +++ b/policy/org.freedesktop.hal.device-access.policy @@ -91,6 +91,15 @@ NOTE: Please keep the actions in alpabetical order </defaults> </action> + <action id="org.freedesktop.hal.device-access.smart-card-reader"> + <description>Directly access to Smart Card Reader security devices</description> + <message>System policy prevents access to Smart Card Reader security devices</message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + <action id="org.freedesktop.hal.device-access.joystick"> <description>Directly access Joystick devices</description> <message>System policy prevents access to Joystick devices</message> |