Hi, we've discussed this topic in the past and I thought I put the patches out there in the hope to get them merged upstream. To solve the user vs system vs PK prompts issues, we apply the following patch in Debian. I have similar patches for gnome-shell and gnome-control which have been posted to the bgo bug tracker [1]. We've been using those patches for a bit now and they will be in our next stable release and generally users seem to be happy with this. The main point is, that we *never* want to bother the user with PK prompts for trivial actions like creating a wifi connection. The patch description reads: For simple operations like creating a wireless connection, we never want to bother the user with PolicyKit prompts. On the other hand, granting every user the org.freedesktop.NetworkManager.settings.modify.system privilege (without authorization) might not be wanted in certain setups (like a shared laptop/computer use case). To address this we check in advance if the action would trigger a PolicyKit prompt and if that is the case fall back to user-owned connections where the secret is agent-owned. The logic is: - Bluetooth, CDMA and GSM connections: always user-owned - WEP/WPA connections: system-owned if user has the permissions, user-owned otherwise. - WiMax / Wired connections: always system-owned (with 802.1x passwords in the keyring). Distributions can still choose to override the PolicyKit configuration to grant all active users those provileges (currently used in Fedora), or make that based on group memberships (like Debian does). I've set Joss as Author since he has been doing most of the work on this patch. Cheers, Michael [1] https://bugzilla.gnome.org/show_bug.cgi?id=646187 -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
Attachment:
0001-Fall-back-to-user-owned-connections-if-user-lacks-pe.patch
Description: Text Data
Attachment:
signature.asc
Description: OpenPGP digital signature