<aegis>
 <provide>
  <dbus name="org.freedesktop.Tracker1" own="tracker" bus="session">
    <node name="/org/freedesktop/Tracker1/Resources">
       <interface name="org.freedesktop.Tracker1.Resources">
          <method name="SparqlQuery">
                <annotation name="com.maemo.Aegis" value="TrackerReadAccess" />
          </method>
          <method name="SparqlUpdate">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="SparqlUpdateBlank">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="BatchSparqlUpdate">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="BatchCommit">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="Load">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="Sync">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
       </interface>
    </node>
    <node name="/org/freedesktop/Tracker1/Steroids">
       <interface name="org.freedesktop.Tracker1.Steroids">
          <method name="Query">
                <annotation name="com.maemo.Aegis" value="TrackerReadAccess" />
          </method>
          <method name="Update">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="UpdateBlank">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="BatchUpdate">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="BatchUpdateBlank">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
          <method name="UpdateArray">
                <annotation name="com.maemo.Aegis" value="TrackerWriteAccess" />
          </method>
       </interface>
    </node>
  </dbus>

  <credential name="tracker-extract-access" />
  <dbus name="org.freedesktop.Tracker1.Extract" own="tracker" bus="session">
     <node name="/org/freedesktop/Tracker1/Extract">
       <interface name="org.freedesktop.Tracker1.Extract">
          <method name="GetPid">
                <annotation name="com.maemo.Aegis" value="tracker-extract-access" />
          </method>
          <method name="GetMetadata">
                <annotation name="com.maemo.Aegis" value="tracker-extract-access" />
          </method>
       </interface>
     </node>
  </dbus>

  <credential name="tracker-miner-fs-access" />
  <dbus name="org.freedesktop.Tracker1.Miner.Files" own="tracker" bus="session">
     <node name="/org/freedesktop/Tracker1/Miner/Files">
       <interface name="org.freedesktop.Tracker1.Miner">
          <method name="GetStatus">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
          <method name="GetProgress">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
          <method name="GetPauseDetails">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
          <method name="Pause">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
          <method name="Resume">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
          <method name="IgnoreNextUpdate">
                <annotation name="com.maemo.Aegis" value="tracker-miner-fs-access" />
          </method>
       </interface>
     </node>
  </dbus>
 </provide>

 <account>
  <user name="metadata-user" group="metadata-users"/>
 </account>

 <request>
  <credential name="TrackerReadAccess" />
  <credential name="TrackerWriteAccess" />
  <credential name="tracker-extract-access" />
  <credential name="tracker-miner-fs-access" />
  <credential name="UID::user" />
  <credential name="GID::metadata-users" />
  <for path="/usr/lib/tracker/tracker-store" />
 </request>

 <request>
  <credential name="TrackerReadAccess" />
  <credential name="TrackerWriteAccess" />
  <credential name="tracker-extract-access" />
  <credential name="tracker-miner-fs-access" />
  <credential name="UID::user" />
  <credential name="GID::users" />
  <credential name="GRP::metadata-users" />
  <for path="/usr/lib/tracker/tracker-miner-fs" />
  <for path="/usr/lib/tracker/tracker-extract" />
  <for path="/usr/lib/tracker/tracker-writeback" />
  <for path="/usr/bin/tracker-control" />
 </request>

 <request context="INSTALL">
   <credential name="GRP::metadata-users" />
   <credential name="CAP::setgid" />
   <credential name="CAP::setuid" />
   <credential name="CAP::chown" />
   <credential name="CAP::fowner" />
   <credential name="CAP::dac_override" />
 </request>
</aegis>
