Re: The logic behind user/system settings

From: Dan Williams <dcbw redhat com>
To: Andrey Borzenkov <arvidjaar gmail com>
Cc: networkmanager-list gnome org
Subject: Re: The logic behind user/system settings
Date: Thu, 11 Mar 2010 15:51:33 -0800

On Wed, 2010-03-10 at 07:04 +0300, Andrey Borzenkov wrote:
> On Wednesday 10 of March 2010 04:12:19 Dan Williams wrote:
> > As you've discovered, there are user-specific settings (which are
> > only available when that user is logged in) and system-wide settings
> > (which are available to all users *and* before any user has logged
> > in).  The problem you're hitting is when there aren't any settings
> > at all, like right after an install.
> > 
> > So NetworkManager creates an internal "Auto XXXX" connection that at
> > least allows your system to get online if there are any
> > DHCP-configured ethernet devices on the system.  This is a
> > "system-wide" connection and should be available at boot and before
> > login.
> > 
> 
> Are they created by NM service or nm-connection-editor/nm-applet? Should 
> they be present even if other, explicitly defined connections exist?

It is created by NM itself.  It's present only if no other /system/
connections are defined that apply to that device.  THe problem is that
at boot time, of course the user settings service/applet isn't started
yet, thus NM has no idea if any other connections exist for that device.

But it's not nice to interrupt connectivity by switching from that
connection to some user-scope connection when the user logs in.

*But*, if you delete the "Auto" connection in the connection editor, it
won't come back; NM will write a key
to /etc/NetworkManager/nm-system-settings.conf
or /etc/NetworkManager/NetworkManager.conf for the device and will not
create the "Auto" connection for that device again.

> > The problem with that is that often writing to privileged locations
> > requires some permissions, so NetworkManager will ensure that the
> > caller is authenticated via PolicyKit before they can change a
> > connection to be "system-wide".  That's configurable too, so as a
> > distro maintainer you could turn that authentication off via the
> > file in the policy/ directory in the source.
> > 
> 
> Is it also run-time settable?

Yes, you edit privileged files via PolicyKit mechanisms (either the
permissions file
in /usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy or via PolicyKit overrides in /var/lib/polkit-1/localauthority).  NM will automagically find the change.

Dan

Follow-Ups:
- Re: The logic behind user/system settings
  - From: Andrey Borzenkov

References:
- The logic behind user/system settings
  - From: =?UTF-8?B?T3phbiDDh2HEn2xheWFu?=
- Re: The logic behind user/system settings
  - From: Dan Williams
- Re: The logic behind user/system settings
  - From: Andrey Borzenkov

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]