1 files changed, 38 insertions, 0 deletions

diff --git a/community/connman/dbus-rules.patch b/community/connman/dbus-rules.patch
new file mode 100644
index 00000000000..4fcd5bde883
--- /dev/null
+++ b/community/connman/dbus-rules.patch
@@ -0,0 +1,38 @@
+From: Jakub Jirutka <jakub@jirutka.cz>
+Date: Sun, 26 Dec 2021 01:19:49 +0100
+Subject: [PATCH] Adjust DBus rules for Alpine
+
+- Allow users in group netdev to control ConnMan using connmanctl.
+- Allow running OpenVPN plugin under user 'openvpn' instead of root.
+
+--- a/src/connman-dbus.conf
++++ b/src/connman-dbus.conf
+@@ -8,6 +8,10 @@
+         <allow send_interface="net.connman.Counter"/>
+         <allow send_interface="net.connman.Notification"/>
+     </policy>
++    <!-- Allow users in group netdev to control ConnMan using connmanctl. -->
++    <policy group="netdev">
++        <allow send_destination="net.connman"/>
++    </policy>
+     <policy at_console="true">
+         <allow send_destination="net.connman"/>
+     </policy>
+--- a/vpn/vpn-dbus.conf
++++ b/vpn/vpn-dbus.conf
+@@ -6,6 +6,15 @@
+         <allow send_destination="net.connman.vpn"/>
+         <allow send_interface="net.connman.vpn.Agent"/>
+     </policy>
++    <!-- Allow OpenVPN plugin started under user 'openvpn' (by setting DACPrivileges)
++         to send notification to connman-vpnd. -->
++    <policy user="openvpn">
++        <allow send_destination="net.connman.vpn" send_interface="net.connman.Task"/>
++    </policy>
++    <!-- Allow users in group netdev to control ConnMan using connmanctl. -->
++    <policy group="netdev">
++        <allow send_destination="net.connman.vpn"/>
++    </policy>
+     <policy at_console="true">
+         <allow send_destination="net.connman.vpn"/>
+     </policy>