Re: Blocking a user from activating Airplane mode

On Mon, 2013-09-16 at 12:06 -0500, Dan Williams wrote:
On Sun, 2013-09-15 at 19:36 +0100, Phil Reynolds wrote:
My partner sometimes uses my laptop, and on two occasions has somehow
activated Airplane mode - this of course drops the WLAN and WWAN
connections. I can't even get the WWAN to work again after this happens
without rebooting.

I am wondering if there is a way I can stop him activating Airplane
mode - it's not something he would ever need to activate anyway.

NetworkManager uses PolicyKit to protect various operations like this.
What you want to do is to ensure that the user cannot obtain these

Note that this obviously doesn't stop them from turning airplane mode on
if there's a hardware switch or a soft-key.  That's usually controlled
by BIOS and there's no good way to lock that down, unless BIOS provides

Also note that it only stops *NetworkManager* from touching the airplane
mode status; it won't stop other apps from doing so, if they also
provide the ability to turn airplane mode on/off by talking to the
kernel directly.



which you'd do by writing some PolicyKit rules to deny that user these
two permissons.  Rules are just files that get dropped
into /etc/polkit-1/rules.d and look like this:

polkit.addRule(function(action, subject) {
    if ( == "org.freedesktop.NetworkManager.enable-disable-wifi" || == "org.freedesktop.NetworkManager.enable-disable-wwan") {
        if (subject.isInGroup("wheel")) {
            return polkit.Result.YES;
        } else {
            return polkit.Result.NO;

(or something along those lines) which will deny this permission
completely to any user who is not in the Unix 'wheel' group.  There
should be a good bit of info out there on writing policykit rules.

Hope this helps,

networkmanager-list mailing list
networkmanager-list gnome org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]