Re: VPN Plugin Desktop Notifications

Hi Thomas,

Thanks for confirming, the API on offer is as I had thought so glad I hadn't missed anything.

What I would ideally like to be able to do is to: (1) notify the user of various connection failure conditions; and potentially (2) pre-warn them of expected future failures.

Example messages for the above might be:
(1) Why the login failed e.g. certificate has expired, password is incorrect, connection attempt from disallowed IP address, connected attempted at disallowed time of day, some aspect of the current system configuration is disallowed, etc
(2) User warnings e.g. certificate will expire within 30 days, password is about to expire, etc

So far as I see in the docs [1], there are limited failure reasons for VPN plugins: NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED, NM_VPN_PLUGIN_FAILURE_CONNECT_FAILED and NM_VPN_PLUGIN_FAILURE_BAD_IP_CONFIG and even when/if these are emitted the user doesn't receive any direct feedback as to why the connection attempt failed.

It may be the above is intentional by design of course, which is what I wanted to check.  If so, I don't think there's anything stopping me linking against libnotify and notifying the user directly from the VPN plugn.

Thanks again,


From: Thomas Haller
Sent: Wednesday, November 25, 2020 08:30
To: Graham White; networkmanager-list gnome org
Subject: Re: VPN Plugin Desktop Notifications

On Tue, 2020-11-24 at 09:30 +0000, Graham White via networkmanager-list
> From the point of view of a VPN plugin, what's the best way to
> communicate status/log information with the user on their desktop?
> My scenario is for the NetworkManager-anyconnect VPN plugin, should
> the connection fail for some reason, it would be nice to give the
> user a bit more information as to why the connection attempt didn't
> work.  I'm thinking that integrating with the desktop notification
> system is possibly the right way to go here but wanted to check if
> there's a best practise or any advice you can give?


The plugin can only use the D-Bus VPN Plugin API ([1]) to notify
NetworkManager about events. And NetworkManager can only use
NetworkManager's D-Bus API ([3]) to notify clients about events.

In particular, NetworkManager's D-Bus API does not have an event like:
"StatusMessageSignal" where it would just broadcast some messages. It
commonly works by exposing the current state in form of D-Bus objects,
and emitting PropertiesChanged signals when something changes. Such
"one-shot-notification" API does currently not exist. Maybe it could be
added, but it's not entirely clear how that would be useful.

That's why the device has a "State" and a "StateReason" property. You
might say, that the "StateReason" is more an ad-hoc information
associated with the last state change. So, even the "StateReason" is
expressed in form of a property, and not via a "StateChanged(reason)"
signal -- although, such a redundant signal exists as well.


If the current API does not allow what you want, it should be added.
But note NetworkManager's model of having (potentially) unlimited D-Bus
clients may not work so well with a one-shot-notification API. So,
maybe such status information should also become a property (like
"StateReason"). As it makes sense...


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]