diff options
author | Jiří Klimeš <jklimes@redhat.com> | 2015-04-27 16:53:43 +0200 |
---|---|---|
committer | Jiří Klimeš <jklimes@redhat.com> | 2015-05-28 13:14:43 +0200 |
commit | 0c92debe95f62a7f677e28eb8dee92728d702a0a (patch) | |
tree | 46b16c2f7201aee1b605d00d236ae7925cbc4646 | |
parent | 23b4b49c6e91140ec3014371b846a21c1eb09e79 (diff) | |
download | network-manager-applet-0c92debe95f62a7f677e28eb8dee92728d702a0a.tar.gz |
applet: make new auto connections only available for current user (rh #1176042)
When a user clicks a new Wi-Fi network in nm-applet, AddAndActivateConnection()
D-Bus method is called to create a new connection and activate it. The
connection is available to all users by default (no connection.permissions).
However, this causes troubles when polkit action for modifying system
connections [1] is set to require admin access. Then a normal user cannot
connect to a new network, because it would require admin password to save
the new connection and finish AddAndActivateConnection(). We solve that by
creating new connections as private to current user only.
[1] org.freedesktop.NetworkManager.settings.modify.system set to auth
(i.e. auth_admin, auth_admin_keep)
https://bugzilla.redhat.com/show_bug.cgi?id=1176042
-rw-r--r-- | src/applet-device-wifi.c | 7 | ||||
-rw-r--r-- | src/mobile-helpers.c | 3 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/applet-device-wifi.c b/src/applet-device-wifi.c index 8d5e6267..9b318729 100644 --- a/src/applet-device-wifi.c +++ b/src/applet-device-wifi.c @@ -394,6 +394,11 @@ _do_new_auto_connection (NMApplet *applet, connection = nm_simple_connection_new (); + /* Make the new connection available only for the current user */ + s_con = (NMSettingConnection *) nm_setting_connection_new (); + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + ssid = nm_access_point_get_ssid (ap); if ( (nm_access_point_get_mode (ap) == NM_802_11_MODE_INFRA) && (is_manufacturer_default_ssid (ssid) == TRUE)) { @@ -415,11 +420,9 @@ _do_new_auto_connection (NMApplet *applet, || (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) { /* Need a UUID for the "always ask" stuff in the Dialog of Doom */ - s_con = (NMSettingConnection *) nm_setting_connection_new (); uuid = nm_utils_uuid_generate (); g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL); g_free (uuid); - nm_connection_add_setting (connection, NM_SETTING (s_con)); if (!s_wifi) { s_wifi = (NMSettingWireless *) nm_setting_wireless_new (); diff --git a/src/mobile-helpers.c b/src/mobile-helpers.c index f957d731..d867b355 100644 --- a/src/mobile-helpers.c +++ b/src/mobile-helpers.c @@ -214,6 +214,9 @@ mobile_wizard_done (NMAMobileWizard *wizard, NM_SETTING_CONNECTION_AUTOCONNECT, FALSE, NM_SETTING_CONNECTION_UUID, uuid, NULL); + /* Make the new connection available only for the current user */ + nm_setting_connection_add_permission ((NMSettingConnection *) setting, + "user", g_get_user_name (), NULL); g_free (uuid); g_free (id); nm_connection_add_setting (connection, setting); |