| 1 | <!-- This configuration file controls the per-user-login-session message bus. |
|---|
| 2 | Add a session-local.conf and edit that rather than changing this |
|---|
| 3 | file directly. --> |
|---|
| 4 | |
|---|
| 5 | <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" |
|---|
| 6 | "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> |
|---|
| 7 | <busconfig> |
|---|
| 8 | <!-- Our well-known bus type, don't change this --> |
|---|
| 9 | <type>session</type> |
|---|
| 10 | |
|---|
| 11 | <!-- If we fork, keep the user's original umask to avoid affecting |
|---|
| 12 | the behavior of child processes. --> |
|---|
| 13 | <keep_umask/> |
|---|
| 14 | |
|---|
| 15 | <listen>unix:tmpdir=/tmp</listen> |
|---|
| 16 | |
|---|
| 17 | <standard_session_servicedirs /> |
|---|
| 18 | |
|---|
| 19 | <policy context="default"> |
|---|
| 20 | <!-- Allow everything to be sent --> |
|---|
| 21 | <allow send_destination="*" eavesdrop="true"/> |
|---|
| 22 | <!-- Allow everything to be received --> |
|---|
| 23 | <allow eavesdrop="true"/> |
|---|
| 24 | <!-- Allow anyone to own anything --> |
|---|
| 25 | <allow own="*"/> |
|---|
| 26 | </policy> |
|---|
| 27 | |
|---|
| 28 | <!-- Config files are placed here that among other things, |
|---|
| 29 | further restrict the above policy for specific services. --> |
|---|
| 30 | <includedir>session.d</includedir> |
|---|
| 31 | |
|---|
| 32 | <!-- This is included last so local configuration can override what's |
|---|
| 33 | in this standard file --> |
|---|
| 34 | <include ignore_missing="yes">session-local.conf</include> |
|---|
| 35 | |
|---|
| 36 | <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include> |
|---|
| 37 | |
|---|
| 38 | <!-- For the session bus, override the default relatively-low limits |
|---|
| 39 | with essentially infinite limits, since the bus is just running |
|---|
| 40 | as the user anyway, using up bus resources is not something we need |
|---|
| 41 | to worry about. In some cases, we do set the limits lower than |
|---|
| 42 | "all available memory" if exceeding the limit is almost certainly a bug, |
|---|
| 43 | having the bus enforce a limit is nicer than a huge memory leak. But the |
|---|
| 44 | intent is that these limits should never be hit. --> |
|---|
| 45 | |
|---|
| 46 | <!-- the memory limits are 1G instead of say 4G because they can't exceed 32-bit signed int max --> |
|---|
| 47 | <limit name="max_incoming_bytes">1000000000</limit> |
|---|
| 48 | <limit name="max_outgoing_bytes">1000000000</limit> |
|---|
| 49 | <limit name="max_message_size">1000000000</limit> |
|---|
| 50 | <limit name="service_start_timeout">120000</limit> |
|---|
| 51 | <limit name="auth_timeout">240000</limit> |
|---|
| 52 | <limit name="max_completed_connections">100000</limit> |
|---|
| 53 | <limit name="max_incomplete_connections">10000</limit> |
|---|
| 54 | <limit name="max_connections_per_user">100000</limit> |
|---|
| 55 | <limit name="max_pending_service_starts">10000</limit> |
|---|
| 56 | <limit name="max_names_per_connection">50000</limit> |
|---|
| 57 | <limit name="max_match_rules_per_connection">50000</limit> |
|---|
| 58 | <limit name="max_replies_per_connection">50000</limit> |
|---|
| 59 | <limit name="reply_timeout">300000</limit> |
|---|
| 60 | |
|---|
| 61 | </busconfig> |
|---|
