docs: update access configuration doc
This commit is contained in:
George Kiagiadakis
@@ -3,56 +3,58 @@
|
|||||||
Access configuration
|
Access configuration
|
||||||
====================
|
====================
|
||||||
|
|
||||||
wireplumber.conf.d/access.conf
|
WirePlumber includes a "client access" policy which defines access control
|
||||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
rules for PipeWire clients.
|
||||||
|
|
||||||
Using a similar format as the :ref:`ALSA monitor <config_alsa>`, this
|
Rules
|
||||||
configuration file is charged to configure the client objects created by
|
-----
|
||||||
PipeWire.
|
|
||||||
|
|
||||||
* *Settings*
|
This policy can be configured with rules that can be used to match clients and
|
||||||
|
apply default permissions to them.
|
||||||
|
|
||||||
Example:
|
Example:
|
||||||
|
|
||||||
.. code-block::
|
.. code-block::
|
||||||
|
|
||||||
wireplumber.settings = {
|
access.rules = [
|
||||||
access-enable-flatpak-portal = true
|
{
|
||||||
}
|
matches = [
|
||||||
|
{
|
||||||
|
access = "flatpak"
|
||||||
|
media.category = "Manager"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
actions = {
|
||||||
|
update-props = {
|
||||||
|
access = "flatpak-manager"
|
||||||
|
default_permissions = "all",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
{
|
||||||
|
matches = [
|
||||||
|
{
|
||||||
|
access = "flatpak"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
actions = {
|
||||||
|
update-props = {
|
||||||
|
default_permissions = "rx"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
The above example sets to ``true`` the ``access-enable-flatpak-portal``
|
Possible permissions are any combination of:
|
||||||
property.
|
|
||||||
|
|
||||||
The list of valid properties are:
|
* ``r``: client is allowed to **read** objects, i.e. "see" them on the registry
|
||||||
|
and list their properties
|
||||||
.. code-block::
|
* ``w``: client is allowed to **write** objects, i.e. call methods that modify
|
||||||
|
their state
|
||||||
access-enable-flatpak-portal = true,
|
* ``x``: client is allowed to **execute** methods on objects; the ``w`` flag
|
||||||
|
must also be present to call methods that modify the object
|
||||||
Whether to enable the flatpak portal or not.
|
* ``m``: client is allowed to set **metadata** on objects
|
||||||
|
* ``l``: nodes of this client are allowed to **link** to other nodes that the
|
||||||
* *rules*
|
client can't "see" (i.e. the client doesn't have ``r`` permission on them)
|
||||||
|
|
||||||
Example::
|
|
||||||
|
|
||||||
access = [
|
|
||||||
{
|
|
||||||
matches = [
|
|
||||||
{
|
|
||||||
pipewire.access = "flatpak"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
actions = {
|
|
||||||
update-props = {
|
|
||||||
default_permissions = "rx"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
|
|
||||||
This grants read and execute permissions to all clients that have the
|
|
||||||
``pipewire.access`` property set to ``flatpak``.
|
|
||||||
|
|
||||||
Possible permissions are any combination of ``r``, ``w`` and ``x`` for read,
|
|
||||||
write and execute; or ``all`` for all kind of permissions.
|
|
||||||
|
|
||||||
|
The special value ``all`` is also supported and it is synonym for ``rwxm``
|
||||||
|
|||||||
Reference in New Issue
Block a user