rootdir/etc/dbus.conf - LeafOS-Project/android_system_core - Gitiles

 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>

   <!-- Our well-known bus type, do not change this -->
   <type>system</type>

   <!-- Fork into daemon mode -->
   <fork/>

   <!-- Only allow socket-credentials-based authentication -->
   <auth>EXTERNAL</auth>

   <!-- Only listen on a local socket. (abstract=/path/to/socket
        means use abstract namespace, don't really create filesystem
        file; only Linux supports this. Use path=/whatever on other
        systems.) -->
   <listen>unix:path=/dev/socket/dbus</listen>

   <policy context="default">
     <!-- Deny everything then punch holes -->
     <deny send_interface="*"/>
     <deny receive_interface="*"/>
     <deny own="*"/>
     <!-- But allow all users to connect -->
     <allow user="*"/>
     <!-- Allow anyone to talk to the message bus -->
     <!-- FIXME I think currently these allow rules are always implicit
          even if they aren't in here -->
     <allow send_destination="org.freedesktop.DBus"/>
     <allow receive_sender="org.freedesktop.DBus"/>
     <!-- valid replies are always allowed -->
     <allow send_requested_reply="true"/>
     <allow receive_requested_reply="true"/>
   </policy>


   <!-- Now punch holes for bluetooth -->

   <policy context="default">
     <allow own="*"/>
     <allow user="*"/>
     <allow send_destination="org.bluez.PasskeyAgent"/>
     <allow receive_sender="org.bluez.PasskeyAgent"/>
     <allow send_path="/org/bluez/PasskeyAgent"/>
   </policy>

   <policy user="root">
     <allow own="org.bluez"/>
   </policy>

   <policy at_console="true">
     <allow send_destination="org.bluez.Adapter"/>
     <allow receive_sender="org.bluez.Adapter"/>

     <allow send_path="/org/bluez/Adapter"/>

     <allow send_destination="org.bluez.Manager"/>
     <allow receive_sender="org.bluez.Manager"/>

     <allow send_path="/org/bluez/Manager"/>

     <allow send_destination="org.bluez.Security"/>
     <allow receive_sender="org.bluez.Security"/>
   </policy>

 </busconfig>
	<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
	"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
	<busconfig>

	<!-- Our well-known bus type, do not change this -->
	<type>system</type>

	<!-- Fork into daemon mode -->
	<fork/>

	<!-- Only allow socket-credentials-based authentication -->
	<auth>EXTERNAL</auth>

	<!-- Only listen on a local socket. (abstract=/path/to/socket
	means use abstract namespace, don't really create filesystem
	file; only Linux supports this. Use path=/whatever on other
	systems.) -->
	<listen>unix:path=/dev/socket/dbus</listen>

	<policy context="default">
	<!-- Deny everything then punch holes -->
	<deny send_interface="*"/>
	<deny receive_interface="*"/>
	<deny own="*"/>
	<!-- But allow all users to connect -->
	<allow user="*"/>
	<!-- Allow anyone to talk to the message bus -->
	<!-- FIXME I think currently these allow rules are always implicit
	even if they aren't in here -->
	<allow send_destination="org.freedesktop.DBus"/>
	<allow receive_sender="org.freedesktop.DBus"/>
	<!-- valid replies are always allowed -->
	<allow send_requested_reply="true"/>
	<allow receive_requested_reply="true"/>
	</policy>


	<!-- Now punch holes for bluetooth -->

	<policy context="default">
	<allow own="*"/>
	<allow user="*"/>
	<allow send_destination="org.bluez.PasskeyAgent"/>
	<allow receive_sender="org.bluez.PasskeyAgent"/>
	<allow send_path="/org/bluez/PasskeyAgent"/>
	</policy>

	<policy user="root">
	<allow own="org.bluez"/>
	</policy>

	<policy at_console="true">
	<allow send_destination="org.bluez.Adapter"/>
	<allow receive_sender="org.bluez.Adapter"/>

	<allow send_path="/org/bluez/Adapter"/>

	<allow send_destination="org.bluez.Manager"/>
	<allow receive_sender="org.bluez.Manager"/>

	<allow send_path="/org/bluez/Manager"/>

	<allow send_destination="org.bluez.Security"/>
	<allow receive_sender="org.bluez.Security"/>
	</policy>

	</busconfig>