Re: ['N-M is not allowed to own the service "org.freedesktop.NetworkManager"']

From: ddreamer ms93 url com tw
To: networkmanager-list gnome org
Subject: Re: ['N-M is not allowed to own the service "org.freedesktop.NetworkManager"']
Date: Fri, 2 Jul 2010 14:21:41 +0800 (CST)

From: Daniel Gnoutcheff <daniel gnoutcheff name>
To: networkmanager-list gnome org
Subject: Re: ['N-M is not allowed to own the service "org.freedesktop.NetworkManager"']
Date: Wed, 16 Jun 2010 13:56:06 -0400

>On 06/16/2010 01:01 PM, ddreamer ms93 url com tw wrote:

>> Hi, Dear:

>> 

>> I am using Ubuntu 10.04 with regular update. There is a red exclamation

>> mark at the right lower corner of the nm-applet icon. Of course, there

>> was no signal level. Clicking it results in the message of

>> "NetworkManager is not running".

>> 

>> Looking up daemon.log, I found the following message:

>> NetworkManager: <WARN>  nm_dbus_manager_start_service(): Could not

>> acquire the NetworkManager service.#012  Error: 'Connection ":1.216" is

>> not allowed to own the service "org.freedesktop.NetworkManager" due to

>> security policies in the configuration file'

>> NetworkManager: <WARN>  main(): Failed to start the dbus service.

>

>Yep, that certainly would cause problems, and it's not altogether

>surprising that this would happen. The DBus system daemon has a very

>strong security policy, and daemons like NetworkManager need to setup

>specific security exceptions in order to work. Normally, this is

>something that distributions take care of, but here it seems to have

>broken somehow.

>

>More specifcally, NetworkManager needs to be able to claim the bus name

>"org.freedesktop.NetworkManager" on the DBus system bus. By default, no

>application is allowed to claim any bus names, so we need to configure

>DBus to allow N-M to claim that name.

>

>On Ubuntu, the file

>  /etc/dbus-1/system.d/NetworkManager.conf

>is supposed to take care of that. What does that file contain on your

>system?



Sorry for replying late. Somehow, I didn't receive the messages. I found

messages following my original one only after I viewed the archive by topic.

I have replaced three "deny" by "allow", which were marked at the end of the

line as "#deny". Supposedly, strings following "#" will be ignored as
remark.

Here is the file content of NetworkManager.conf:



<!DOCTYPE busconfig PUBLIC

"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"

"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

<busconfig>

<policy user="root">

<allow own="org.freedesktop.NetworkManager"/>

<allow own="org.freedesktop.NetworkManagerSystemSettings"/>



<allow send_destination="org.freedesktop.NetworkManager"/>

<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.PPP"/>

</policy>

<policy user="haldaemon">

<allow send_destination="org.freedesktop.NetworkManager"/>

<allow send_interface="org.freedesktop.NetworkManager"/>

</policy>

<policy at_console="true">

<allow send_destination="org.freedesktop.NetworkManager"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.DBus.Introspectable"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.DBus.Properties"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.AccessPoint"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Connection.Active"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device.Wired"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device.Serial"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.Device"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.IP4Config"/>



<allow send_destination="org.freedesktop.NetworkManager"

send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>

</policy>

<policy context="default">

<allow own="org.freedesktop.NetworkManager"/>    #deny

<allow own="org.freedesktop.NetworkManagerSystemSettings"/>    #deny



<allow send_destination="org.freedesktop.NetworkManager"/>    #deny

<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>



<!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets

interface is secured via PolicyKit.

-->

</policy>



<limit name="max_replies_per_connection">512</limit>

</busconfig>

Follow-Ups:
- Re: ['N-M is not allowed to own the service "org.freedesktop.NetworkManager"']
  - From: Daniel Gnoutcheff

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]