Re: NetworkManager general permission issue



On Mon, 2017-03-27 at 13:54 +0000, Stéphane Boucher wrote:
I can’t grant modify.system privilege.

However, I don’t see any pkla file other than mine doing something
with NetworkManager.

Is there some place other than the pkla files I should look at for
NetworkManager

Maybe look in /etc/polkit-1/rules.d and /usr/share/polkit-1/rules.d
too?  Not all polkit files are .pkla, some are .rules.

You could also just grep /etc and /usr/share for "modify\.system" too
and see if you get any hits.

Dan

I’m on Ubuntu Mate 16.04.

Thanks.

$ nmcli g p
PERMISSION                                               VALUE
org.freedesktop.NetworkManager.enable-disable-network    yes
org.freedesktop.NetworkManager.enable-disable-wifi       yes
org.freedesktop.NetworkManager.enable-disable-wwan       yes
org.freedesktop.NetworkManager.enable-disable-wimax      yes
org.freedesktop.NetworkManager.sleep-wake                yes
org.freedesktop.NetworkManager.network-control           yes
org.freedesktop.NetworkManager.wifi.share.protected      yes
org.freedesktop.NetworkManager.wifi.share.open           yes
org.freedesktop.NetworkManager.settings.modify.system    no    <<<<<=
=========
org.freedesktop.NetworkManager.settings.modify.own       yes
org.freedesktop.NetworkManager.settings.modify.hostname  yes


# fgrep -re org.freedesktop.NetworkManager /etc/polkit-1/
/usr/lib/policykit-1/
/etc/polkit-1/localauthority/20-org.d/90-
dbox.pkla:Action=org.freedesktop.NetworkManager.*

# cat /etc/polkit-1/localauthority/20-org.d/90-dbox.pkla
[grant network privileges]
Identity=unix-group:dbox
Action=org.freedesktop.NetworkManager.*
ResultAny=yes
ResultInactive=yes
ResultActive=yes

STÉPHANE BOUCHER
Consultant software

D-BOX Technologies Inc. | A. 2172 de la Province, Longueuil, QC J4G
1R7 CANADA | T. 450-442-3003 | W. d-box.com<http://www.d-box.com>


AVIS : Ce courriel contient des renseignements confidentiels. Si vous
n'êtes pas le véritable destinataire, la diffusion ou l'usage de ce
courriel, des renseignements qu'il contient ou des documents qui lui
sont joints pourrait être illégal. Il est donc strictement interdit
de les diffuser ou de les utiliser. Si vous avez reçu ce courriel par
erreur, nous vous saurions gré d’en aviser l'expéditeur immédiatement
et de le supprimer sans le lire, l'imprimer, le sauvegarder ou le
diffuser. Nous vous remercions de votre aimable collaboration.

NOTICE: This e-mail contains confidential information. If you are not
the intended recipient, any disclosure or other use of this e-mail or
the information contained herein or attached hereto may be unlawful
and is strictly prohibited. If you have received this e-mail in
error, please notify the sender immediately and delete this e-mail
without reading, printing, copying or forwarding it to anyone. Thank
you for your kind cooperation.
_______________________________________________
networkmanager-list mailing list
networkmanager-list gnome org
https://mail.gnome.org/mailman/listinfo/networkmanager-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]