Re: nmtui "Could not activate connection: Insufficient privileges."

From: Thomas Haller <thaller redhat com>
To: Bob Ham <rah settrans net>, networkmanager-list gnome org
Subject: Re: nmtui "Could not activate connection: Insufficient privileges."
Date: Fri, 10 Jan 2020 18:27:28 +0100

Hi



On Wed, 2020-01-08 at 18:42 +0000, Bob Ham wrote:

I'm logged in over the network to a Debian machine, trying to run
nmtui
as my user to connect to a wireless network.  Unfortunately, I get
errors regarding privileges.

Firstly nmtui told me "Could not activate connection: Not authorized
to
control networking."  I added my user to the netdev group (and logged
out/logged in) but it didn't make a difference.


Just to confirm, it does work if you try it as root, right?


Also, obviously the profile in question does not have
"connection.permissions" restricted to another user. Otherwise, you
could even see the profile...

I created a file,
/etc/polkit-1/localauthority/50-local.d/90-nm-netdev.pkla, with this
content:

[Network Manager authorisation]
Identity=unix-group:netdev
Action=org.freedesktop.NetworkManager.*;org.freedesktop.NetworkManage
r.settings.modify.system
ResultAny=yes
ResultInactive=yes
ResultActive=yes

and the operation still fails but the error message changed to "Could
not activate connection: Insufficient privileges."

Running `nmcli general permission' as my user gives:

PERMISSION                                                        VAL
UE
org.freedesktop.NetworkManager.enable-disable-network             yes
org.freedesktop.NetworkManager.enable-disable-wifi                yes
org.freedesktop.NetworkManager.enable-disable-wwan                yes
org.freedesktop.NetworkManager.enable-disable-wimax               yes
org.freedesktop.NetworkManager.sleep-wake                         yes
org.freedesktop.NetworkManager.network-control                    yes
org.freedesktop.NetworkManager.wifi.share.protected               yes
org.freedesktop.NetworkManager.wifi.share.open                    yes
org.freedesktop.NetworkManager.settings.modify.system             no
org.freedesktop.NetworkManager.settings.modify.own                yes
org.freedesktop.NetworkManager.settings.modify.hostname           yes
org.freedesktop.NetworkManager.settings.modify.global-dns         yes
org.freedesktop.NetworkManager.reload                             yes
org.freedesktop.NetworkManager.checkpoint-rollback                yes
org.freedesktop.NetworkManager.enable-disable-statistics          yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check  yes


if you enable level=TRACE logging, NM should log something like

  <trace> [1578676939.6824] auth: call[19370]: 
CheckAuthorization(org.freedesktop.NetworkManager.network-control), subject=unix-process[pid=1353025, 
uid=1000, start=16774342]
  <trace> [1578676939.6994] auth: call[19370]: completed: authorized=1, challenge=0

does it? What does it say?


Can anyone tell me what I have to do to authorise nmtui to make wifi
connections?


I don't know, it sounds right.

What version of NM is this?


best,
Thomas

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: nmtui "Could not activate connection: Insufficient privileges."
  - From: Bob Ham

References:
- nmtui "Could not activate connection: Insufficient privileges."
  - From: Bob Ham

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]