iwd/src/iwd-dbus.conf

<!-- This configuration file specifies the required security policies
     for Wireless daemon to work. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- ../system.conf have denied everything, so we just punch some holes -->

  <policy user="root">
    <allow own="net.connman.iwd"/>
    <allow send_destination="net.connman.iwd"/>
    <allow send_interface="net.connman.iwd.Agent"/>
  </policy>

  <policy group="wheel">
    <allow send_destination="net.connman.iwd"/>
    <allow send_interface="net.connman.iwd.Agent"/>
  </policy>

  <policy group="netdev">
    <allow send_destination="net.connman.iwd"/>
    <allow send_interface="net.connman.iwd.Agent"/>
  </policy>

  <policy context="default">
    <deny send_destination="net.connman.iwd"/>
  </policy>

</busconfig>