Re: NM7 preventing scan

[Dan Williams <dcbw redhat com>]

On Tue, 2008-06-17 at 23:53 +0530, Jack Nicol wrote:
> Hi,
> 
> I want to prevent my Network Manager to scan ad-hoc networks. Applet 

I assume this is for security reasons or something?  We should probably
create a GConf key that can be locked down by a system administrator to
block access to adhoc networks.  That would be a patch I'd accept, if
anyone wants to submit it :)

> should not list down any such network and it should also not

src/applet-device-wifi.c, add_one_ap_menu_item():

	/* Don't add BSSs that hide their SSID */
	ssid = nm_access_point_get_ssid (ap);
	if (!ssid || nm_utils_is_empty_ssid (ssid->data, ssid->len))
		return;

+	/* Ignore Ad-Hoc BSSs */
+	if (nm_ap_get_mode (ap) == NM_802_11_MODE_ADHOC)
+		return;
+
	strength = nm_access_point_get_strength (ap);

will make the applet ignore Ad-Hoc APs in the menu.

In src/applet.c, nma_menu_show_cb():

	if (n_wireless > 0 && nm_client_wireless_get_enabled (applet->nm_client)) {
		/* Add the "Other wireless network..." entry */
		nma_menu_add_separator_item (menu);
		nma_menu_add_other_network_item (menu, applet);
-		nma_menu_add_create_network_item (menu, applet);
	}

will remove the "Create new wireless network" item from the menu.

>  automatically connected by Network Manager. Please advise what code 

NM will never connect automatically to a network unless that connection
has the 'autoconnect' property marked TRUE.  That option can be set by
the applet when the user chooses a network from the menu.  Since the
patch above removes adhoc networks from them menu, that shouldn't be an
issue for you.

This is all applet side, it would not prevent adding an adhoc connection
to GConf manually and then using dbus-send to make NetworkManager
connect to that connection.  The solution here is to use PolicyKit and
define a PolicyKit privilege for connecting to adhoc networks that a
sysadmin could revoke.

Dan