| View previous topic :: View next topic |
| Author |
Message |
BurningMemory
n00b
Joined: 17 Jan 2023
Posts: 28
|
 Posted: Tue Apr 16, 2024 3:59 am Post subject: nm-applet not authorized |
 |
|
Hello there.
Here's an example of the message networkmanager sends:
| Code: | | localhost NetworkManager[5739]: <info> [1713857929.6031] audit: op="device-disconnect" interface="enp10s0" ifindex=2 pid=11239 uid=1000 result="fail" reason="org.freedesktop.NetworkManager.network-control request failed: not authorized" |
I've already tried two policies for polkit, as I still suspect the problem is related to it:
| Code: | polkit.addRule(function(action, subject) {
var YES = polkit.Result.YES;
var permission = {
"org.freedesktop.NetworkManager.wifi.scan": YES,
"org.freedesktop.NetworkManager.sleep-wake": YES,
"org.freedesktop.NetworkManager.settings.modify.own": YES,
"org.freedesktop.NetworkManager.settings.modify.hostname": YES,
"org.freedesktop.NetworkManager.network-control": YES,
"org.freedesktop.NetworkManager.enable-disable-wifi": YES,
"org.freedesktop.NetworkManager.enable-disable-network": YES,
"org.freedesktop.NetworkManager.enable-disable-connectivity-check": YES,
};
if (subject.isInGroup("wheel")) {
return permission[action.id];
}
}); |
and
| Code: | polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("plugdev")) {
return polkit.Result.YES;
}
}); |
Yes, my user is indeed in the plugdev group. Both policies didn't solve the problem, so maybe
it's not related to polkit at all, although I do not see any more issues in any log file or dmesg even.
SELinux was in permissive mode when the tests were performed. Also, nmtui does not work too. |
|
| Back to top |
|
 |
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Apr 16, 2024 3:02 pm Post subject: |
|
|
The problem is not NM.The problem is nm-applet that should run with elevated permissions.
Try adding your user to "wheel" group because of
| Code: |
cat /etc/polkit-1/rules.d/55-allowing-all-actions.rules
polkit.addRule (function (action, subject)
{
if (subject.isInGroup ("wheel"))
{
return polkit.Result.YES;
}
});
|
Or run nm-applet with sudo or as root.
Same goes with nmtui and nmcli also.
_________________
 |
|
| Back to top |
|
|
BurningMemory
n00b
Joined: 17 Jan 2023
Posts: 28
|
| Posted: Wed Apr 17, 2024 4:11 am Post subject: |
|
|
| alamahant wrote: | The problem is not NM.The problem is nm-applet that should run with elevated permissions.
Try adding your user to "wheel" group because |
Thanks for the suggestions, though my user is already in the wheel group.
Also, I don't think running with elevated privs directly is a good idea. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
