8 files changed, 17 insertions, 17 deletions

diff --git a/libnm-glib/nm-client.c b/libnm-glib/nm-client.c
index bbc0c91f6a..34e98aa97e 100644
--- a/libnm-glib/nm-client.c
+++ b/libnm-glib/nm-client.c
@@ -335,7 +335,7 @@ register_for_property_changed (NMClient *client)
 #define NM_AUTH_PERMISSION_NETWORK_CONTROL            "org.freedesktop.NetworkManager.network-control"
 #define NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED       "org.freedesktop.NetworkManager.wifi.share.protected"
 #define NM_AUTH_PERMISSION_WIFI_SHARE_OPEN            "org.freedesktop.NetworkManager.wifi.share.open"
-#define NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY "org.freedesktop.NetworkManager.settings.modify"
+#define NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM     "org.freedesktop.NetworkManager.settings.modify.system"
 #define NM_AUTH_PERMISSION_SETTINGS_HOSTNAME_MODIFY   "org.freedesktop.NetworkManager.settings.hostname.modify"
 
 static NMClientPermission
@@ -357,8 +357,8 @@ nm_permission_to_client (const char *nm)
 		return NM_CLIENT_PERMISSION_WIFI_SHARE_PROTECTED;
 	else if (!strcmp (nm, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN))
 		return NM_CLIENT_PERMISSION_WIFI_SHARE_OPEN;
-	else if (!strcmp (nm, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY))
-		return NM_CLIENT_PERMISSION_SETTINGS_CONNECTION_MODIFY;
+	else if (!strcmp (nm, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM))
+		return NM_CLIENT_PERMISSION_SETTINGS_MODIFY_SYSTEM;
 	else if (!strcmp (nm, NM_AUTH_PERMISSION_SETTINGS_HOSTNAME_MODIFY))
 		return NM_CLIENT_PERMISSION_SETTINGS_HOSTNAME_MODIFY;
 
diff --git a/libnm-glib/nm-client.h b/libnm-glib/nm-client.h
index bdc5ab81fb..b0b59930f1 100644
--- a/libnm-glib/nm-client.h
+++ b/libnm-glib/nm-client.h
@@ -62,7 +62,7 @@ typedef enum {
 	NM_CLIENT_PERMISSION_NETWORK_CONTROL = 5,
 	NM_CLIENT_PERMISSION_WIFI_SHARE_PROTECTED = 6,
 	NM_CLIENT_PERMISSION_WIFI_SHARE_OPEN = 7,
-	NM_CLIENT_PERMISSION_SETTINGS_CONNECTION_MODIFY = 8,
+	NM_CLIENT_PERMISSION_SETTINGS_MODIFY_SYSTEM = 8,
 	NM_CLIENT_PERMISSION_SETTINGS_HOSTNAME_MODIFY = 9,
 	NM_CLIENT_PERMISSION_ENABLE_DISABLE_WIMAX = 10,
 
diff --git a/policy/org.freedesktop.NetworkManager.policy.in b/policy/org.freedesktop.NetworkManager.policy.in
index acdee8829c..7cc72c2ce4 100644
--- a/policy/org.freedesktop.NetworkManager.policy.in
+++ b/policy/org.freedesktop.NetworkManager.policy.in
@@ -81,12 +81,12 @@
     </defaults>
   </action>
 
-  <action id="org.freedesktop.NetworkManager.settings.modify">
-    <_description>Modify system connections</_description>
-    <_message>System policy prevents modification of system settings</_message>
+  <action id="org.freedesktop.NetworkManager.settings.modify.system">
+    <_description>Modify network connections for all users</_description>
+    <_message>System policy prevents modification of network settings for all users</_message>
     <defaults>
       <allow_inactive>no</allow_inactive>
-      <allow_active>auth_admin_keep</allow_active>
+      <allow_active>yes</allow_active>
     </defaults>
   </action>
 
diff --git a/src/nm-manager-auth.h b/src/nm-manager-auth.h
index 15b8cde138..f5f6c2cb8d 100644
--- a/src/nm-manager-auth.h
+++ b/src/nm-manager-auth.h
@@ -37,7 +37,7 @@
 #define NM_AUTH_PERMISSION_NETWORK_CONTROL            "org.freedesktop.NetworkManager.network-control"
 #define NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED       "org.freedesktop.NetworkManager.wifi.share.protected"
 #define NM_AUTH_PERMISSION_WIFI_SHARE_OPEN            "org.freedesktop.NetworkManager.wifi.share.open"
-#define NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY "org.freedesktop.NetworkManager.settings.modify"
+#define NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM     "org.freedesktop.NetworkManager.settings.modify.system"
 #define NM_AUTH_PERMISSION_SETTINGS_HOSTNAME_MODIFY   "org.freedesktop.NetworkManager.settings.hostname.modify"
 
 
diff --git a/src/nm-manager.c b/src/nm-manager.c
index a7adb13ade..65ba95fb74 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -2730,7 +2730,7 @@ get_permissions_done_cb (NMAuthChain *chain,
 		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_NETWORK_CONTROL);
 		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED);
 		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN);
-		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY);
+		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM);
 		get_perm_add_result (chain, results, NM_AUTH_PERMISSION_SETTINGS_HOSTNAME_MODIFY);
 		dbus_g_method_return (context, results);
 		g_hash_table_destroy (results);
@@ -2761,7 +2761,7 @@ impl_manager_get_permissions (NMManager *self,
 	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, FALSE);
 	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED, FALSE);
 	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN, FALSE);
-	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY, FALSE);
+	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM, FALSE);
 	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_HOSTNAME_MODIFY, FALSE);
 }
 
diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c
index fc4c7e6a5a..d094c4ffc6 100644
--- a/src/settings/nm-agent-manager.c
+++ b/src/settings/nm-agent-manager.c
@@ -778,7 +778,7 @@ get_agent_modify_auth_cb (NMAuthChain *chain,
 		 * to it.  If it didn't, we still ask it for secrets, but we don't send
 		 * any system secrets.
 		 */
-		result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY);
+		result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM);
 		if (result == NM_AUTH_CALL_RESULT_YES)
 			req->current_has_modify = TRUE;
 
@@ -813,7 +813,7 @@ get_next_cb (Request *req)
 		                                            get_agent_modify_auth_cb,
 		                                            req);
 		g_assert (req->chain);
-		nm_auth_chain_add_call (req->chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY, TRUE);
+		nm_auth_chain_add_call (req->chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM, TRUE);
 	} else {
 		nm_log_dbg (LOGD_AGENTS, "(%p/%s) requesting user-owned secrets from agent %s",
 			        req, req->setting_name, agent_dbus_owner);
diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c
index eaafcfe88f..b8afed23ab 100644
--- a/src/settings/nm-settings-connection.c
+++ b/src/settings/nm-settings-connection.c
@@ -723,7 +723,7 @@ pk_auth_cb (NMAuthChain *chain,
 		                     "Error checking authorization: %s",
 		                     chain_error->message ? chain_error->message : "(unknown)");
 	} else {
-		result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY);
+		result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM);
 
 		/* Caller didn't successfully authenticate */
 		if (result != NM_AUTH_CALL_RESULT_YES) {
@@ -787,7 +787,7 @@ auth_start (NMSettingsConnection *self,
 		info->sender_uid = sender_uid;
 		nm_auth_chain_set_data (chain, "pk-auth-info", info, g_free);
 
-		nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY, TRUE);
+		nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM, TRUE);
 		priv->pending_auths = g_slist_append (priv->pending_auths, chain);
 	} else {
 		/* Don't need polkit auth, automatic success */
diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c
index 7276094fa4..3c1d97275b 100644
--- a/src/settings/nm-settings.c
+++ b/src/settings/nm-settings.c
@@ -815,7 +815,7 @@ pk_add_cb (NMAuthChain *chain,
 		goto done;
 	}
 
-	result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY);
+	result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM);
 
 	/* Caller didn't successfully authenticate */
 	if (result != NM_AUTH_CALL_RESULT_YES) {
@@ -925,7 +925,7 @@ nm_settings_add_connection (NMSettings *self,
 	chain = nm_auth_chain_new (priv->authority, context, NULL, pk_add_cb, self);
 	g_assert (chain);
 	priv->auths = g_slist_append (priv->auths, chain);
-	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_CONNECTION_MODIFY, TRUE);
+	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM, TRUE);
 	nm_auth_chain_set_data (chain, "connection", g_object_ref (connection), g_object_unref);
 	nm_auth_chain_set_data (chain, "callback", callback, NULL);
 	nm_auth_chain_set_data (chain, "callback-data", user_data, NULL);