Re: Disable autoconnect for new wifi connections by default

On Mon, 2017-01-30 at 23:17 +0100, Marcin Zajączkowski wrote:
On 2017-01-28 17:57, Thomas Haller wrote:
On Sat, 2017-01-28 at 17:29 +0100, Marcin Zajączkowski wrote:

I would like to disable autoconnect for new wifi connections by
I prefer to control when my device is connected to public/shared
which identity cannot be determined ultimately (aka fake networks
well known ssid).

I know I can do it manually via UI or nmcli, but I would prefer
configure it once (in the way as cloned-mac-address in global
configuration) and only enable autoconnect for well know (and
configured - with certificates) networks.

Two questions:
1. Is it currently possible? 'device' section doesn't seem to
that property.

It's not possible, only the properties mentioned in `man
NetworkManager.conf` support to have their default values

Note that these default-values are only a fallback setting.
That is, the connection is still fully determined by the client
(nmcli). But it may explicitly configure certain properties as
~unspecified~ to allow for a fallback.

In case of connection.autoconnect, it only allows for "yes" or
There is no space to express ~unspecified~.

That was something I had suspected. Would it be hard to allow
connection.autoconnect to be defined for the device to make it
to change the default value (here - do not autoconnect by default)
*new* networks (and their implicitly created connections)?

I realize it would not rather be a commonly used feature, but IMHO it
would be a good companion to already implemented MAC spoofing


as the existing "connection.autoconnect" property cannot be extended
without breaking backward compatibility, it would need a new option
"connection.autoconnect-new" with a tri-state and a default of ~unset~.
If the new property is explicitly set, it would over-rule the
deprecated property.
If it is left ~unset~, it would lookup global configuration, which may
over-rule the deprecated property.
Only when no global configuration is present, it would fallback to the

nmcli and the UIs could hide the fact that from the user. But on D-Bus
API and for libnm library it could not be hidden.

That is quite cumbersome to implement and document in the API, but


2. How can I read/list default configuration for new wifi
(e.g. wifi.cloned-mac-address - nmcli allows that only for
connections, not devices)?

nmcli still shows you the value ~unspecified~, and that correct.
value is only determined when needed -- which for example depends
on the device on which you activate the connection.

It's not possible to see via D-Bus (clients) which value the server
would use when needed.

  /usr/sbin/NetworkManager --print-config

Thanks. With that I can see global configuration of NM.


Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]