systemd/src/machine/org.freedesktop.machine1.conf

<?xml version="1.0"?> <!--*-nxml-*-->
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
        "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

<!--
  This file is part of systemd.

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.
-->

<busconfig>

        <policy user="root">
                <allow own="org.freedesktop.machine1"/>
                <allow send_destination="org.freedesktop.machine1"/>
                <allow receive_sender="org.freedesktop.machine1"/>
        </policy>

        <policy context="default">
                <deny send_destination="org.freedesktop.machine1"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Introspectable"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Peer"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Properties"
                       send_member="Get"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.DBus.Properties"
                       send_member="GetAll"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="ListMachines"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="ListImages"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachine"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineByPID"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetImage"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineAddresses"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="GetMachineOSRelease"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Manager"
                       send_member="OpenMachineLogin"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="GetAddresses"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="GetOSRelease"/>

                <allow send_destination="org.freedesktop.machine1"
                       send_interface="org.freedesktop.machine1.Machine"
                       send_member="OpenLogin"/>

                <allow receive_sender="org.freedesktop.machine1"/>
        </policy>

</busconfig>