gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/builtin/packagekit_control.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2019 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin 21 22 const packageKitControlSummary = `allows control of the PackageKit service` 23 24 const packageKitControlBaseDeclarationPlugs = ` 25 packagekit-control: 26 allow-installation: false 27 deny-auto-connection: true 28 ` 29 30 const packageKitControlBaseDeclarationSlots = ` 31 packagekit-control: 32 allow-installation: 33 slot-snap-type: 34 - core 35 deny-auto-connection: true 36 ` 37 38 const packageKitControlConnectedPlugAppArmor = ` 39 # Description: Allow access to PackageKit service which gives 40 # privileged access to native package management on the system 41 42 #include <abstractions/dbus-strict> 43 44 # Allow communication with the main PackageKit end point. 45 dbus (receive, send) 46 bus=system 47 path=/org/freedesktop/PackageKit 48 interface=org.freedesktop.PackageKit 49 peer=(label=unconfined), 50 dbus (receive, send) 51 bus=system 52 path=/org/freedesktop/PackageKit 53 interface=org.freedesktop.PackageKit.Offline 54 peer=(label=unconfined), 55 dbus (send) 56 bus=system 57 path=/org/freedesktop/PackageKit 58 interface=org.freedesktop.DBus.Properties 59 member=Get{,All} 60 peer=(label=unconfined), 61 dbus (receive) 62 bus=system 63 path=/org/freedesktop/PackageKit 64 interface=org.freedesktop.DBus.Properties 65 member=PropertiesChanged 66 peer=(label=unconfined), 67 dbus (send) 68 bus=system 69 path=/org/freedesktop/PackageKit 70 interface=org.freedesktop.DBus.Introspectable 71 member=Introspect 72 peer=(label=unconfined), 73 74 # Allow communication with PackageKit transactions. Transactions are 75 # exported with random object paths that currently take the form 76 # "/{number}_{hexstring}". If PackageKit (or a reimplementation of 77 # packagekitd) changes this, then these rules will need to change too. 78 dbus (receive, send) 79 bus=system 80 path=/[0-9]*_[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] 81 interface=org.freedesktop.PackageKit.Transaction 82 peer=(label=unconfined), 83 dbus (send) 84 bus=system 85 path=/[0-9]*_[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] 86 interface=org.freedesktop.DBus.Properties 87 member=Get{,All} 88 peer=(label=unconfined), 89 dbus (receive) 90 bus=system 91 path=/[0-9]*_[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] 92 interface=org.freedesktop.DBus.Properties 93 member=PropertiesChanged 94 peer=(label=unconfined), 95 dbus (send) 96 bus=system 97 path=/[0-9]*_[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] 98 interface=org.freedesktop.DBus.Introspectable 99 member=Introspect 100 peer=(label=unconfined), 101 ` 102 103 func init() { 104 registerIface(&commonInterface{ 105 name: "packagekit-control", 106 summary: packageKitControlSummary, 107 implicitOnClassic: true, 108 baseDeclarationPlugs: packageKitControlBaseDeclarationPlugs, 109 baseDeclarationSlots: packageKitControlBaseDeclarationSlots, 110 connectedPlugAppArmor: packageKitControlConnectedPlugAppArmor, 111 }) 112 }