No user other than Sabayon Admin can connect to WLAN

Issues Related to Networking (Wired and Wireless)

Moderator: Moderators

No user other than Sabayon Admin can connect to WLAN

Postby vaettchen » Fri Jan 01, 2010 22:38

Hi there!

Using latest Sabayon 5.1, I have the problem that only the user registered as Sabayon Admin (UID 1000) has access to knetworkmanager. It is knetworkmanager:
Code: Select all
hanna admin # pidof knetworkmanager
8820


No other user can start knetworkmanager, which means he or she cannot connect to the WLAN.
The other users are members of the sabayon-admin and netdev groups.

What am I missing?

Thanks,
Rainer
vaettchen
Simple Hen
 
Posts: 97
Joined: Sun Jan 21, 2007 8:47

Re: No user other than Sabayon Admin can connect to WLAN

Postby micia » Sat Jan 02, 2010 11:39

Hi!
Could you post your /etc/dbus-1/system.d/NetworkManager.conf
and your /etc/dbus-1/system.d/knetworkmanager.conf,
please?
micia
Sagely Hen
 
Posts: 2718
Joined: Wed Nov 26, 2008 16:41

Re: No user other than Sabayon Admin can connect to WLAN

Postby vaettchen » Sun Jan 03, 2010 11:13

Different machine but same problem. I "solved" the issue for the first machine by installing nm-applet and editing the network properties in the KDE System settings menu. No idea what exactly did the trick but for that machine it now works.

The problem can be reproduced, though: Same hardware, same procedure (new install of Sabayon 5.1, latest updates installed), again only the admin user can connect to the WLAN.

Here some files:

/etc/dbus-1/system.d/Networkmanager.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
        <policy user="root">
                <allow own="org.freedesktop.NetworkManager"/>
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.PPP"/>
        </policy>
        <policy at_console="true">
                <allow send_destination="org.freedesktop.NetworkManager"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.DBus.Introspectable"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.DBus.Properties"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.AccessPoint"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Connection.Active"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Wired"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Serial"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.IP4Config"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
        </policy>
        <policy group="plugdev">
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager.PPP"/>
        </policy>
        <policy context="default">
                <deny own="org.freedesktop.NetworkManager"/>
                <deny send_destination="org.freedesktop.NetworkManager"/>
        </policy>

        <limit name="max_replies_per_connection">512</limit>
</busconfig>


/etc/dbus-1/system.d/NetworkManager-kde4.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
        <policy user="root">
                <allow own="org.freedesktop.NetworkManagerUserSettings"/>

                <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/>
        </policy>
        <policy group="plugdev">
                <allow own="org.freedesktop.NetworkManagerUserSettings"/>

                <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/>

                <!-- Only root can get secrets -->
                <deny send_destination="org.freedesktop.NetworkManagerUserSettings"
                      send_interface="org.freedesktop.NetworkManagerSettings.Secrets"/>
        </policy>
        <policy context="default">
                <deny send_destination="org.freedesktop.NetworkManagerUserSettings"/>

                <allow send_destination="org.freedesktop.NetworkManagerUserSettings"
                       send_interface="org.freedesktop.DBus.Introspectable"/>
        </policy>

        <limit name="max_replies_per_connection">512</limit>
</busconfig>


/etc/dbus-1/system.d/knetworkmanager.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
   <policy user="root">
      <allow own="org.freedesktop.NetworkManagerInfo"/>

      <allow send_destination="org.freedesktop.NetworkManagerInfo"/>
                <allow send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
   <policy group="plugdev">
      <allow own="org.freedesktop.NetworkManagerInfo"/>

      <allow send_destination="org.freedesktop.NetworkManagerInfo"/>
                <allow send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
   <policy context="default">
      <deny own="org.freedesktop.NetworkManagerInfo"/>

      <deny send_destination="org.freedesktop.NetworkManagerInfo"/>
      <deny send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
</busconfig>


/etc/dbus-1/system.d/nm-system-settings.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
   <policy user="root">
      <allow own="org.freedesktop.NetworkManagerSystemSettings"/>

      <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
   </policy>
   <policy context="default">
      <deny own="org.freedesktop.NetworkManagerSystemSettings"/>

      <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>

      <!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
           interface is secured via PolicyKit.
        -->
   </policy>

        <limit name="max_replies_per_connection">512</limit>
</busconfig>


Does that ring a bell?

Thanks,
Rainer
vaettchen
Simple Hen
 
Posts: 97
Joined: Sun Jan 21, 2007 8:47

Re: No user other than Sabayon Admin can connect to WLAN

Postby micia » Sun Jan 03, 2010 11:44

Try to modify the files as follows (I don't know if it is just a workaround or a nice way to handle network policies):
/etc/dbus-1/system.d/Networkmanager.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
        <policy user="root">
                <allow own="org.freedesktop.NetworkManager"/>
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.PPP"/>
        </policy>
        <!-- allow the netdev group to connect -->
        <policy group="netdev">
                <allow own="org.freedesktop.NetworkManager"/>
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.PPP"/>
        </policy>
        <!-- netdev group edit end -->
        <policy at_console="true">
                <allow send_destination="org.freedesktop.NetworkManager"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.DBus.Introspectable"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.DBus.Properties"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.AccessPoint"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Connection.Active"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Wired"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Serial"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.Device"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.IP4Config"/>

      <allow send_destination="org.freedesktop.NetworkManager"
             send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
        </policy>
        <policy group="plugdev">
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager.PPP"/>
        </policy>
        <policy context="default">
                <deny own="org.freedesktop.NetworkManager"/>
                <deny send_destination="org.freedesktop.NetworkManager"/>
        </policy>

        <limit name="max_replies_per_connection">512</limit>
</busconfig>


/etc/dbus-1/system.d/knetworkmanager.conf
Code: Select all
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
   <policy user="root">
      <allow own="org.freedesktop.NetworkManagerInfo"/>

      <allow send_destination="org.freedesktop.NetworkManagerInfo"/>
                <allow send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
   <!-- allow the netdev group to connect -->
   <policy group="netdev">
      <allow own="org.freedesktop.NetworkManagerInfo"/>

      <allow send_destination="org.freedesktop.NetworkManagerInfo"/>
                <allow send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
   <!-- netdev group edit end -->
   <policy group="plugdev">
      <allow own="org.freedesktop.NetworkManagerInfo"/>

      <allow send_destination="org.freedesktop.NetworkManagerInfo"/>
                <allow send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
   <policy context="default">
      <deny own="org.freedesktop.NetworkManagerInfo"/>

      <deny send_destination="org.freedesktop.NetworkManagerInfo"/>
      <deny send_interface="org.freedesktop.NetworkManagerInfo"/>
   </policy>
</busconfig>


/etc/dbus-1/system.d/nm-system-settings.conf
Code: Select all
    <!DOCTYPE busconfig PUBLIC
    "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
    "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
    <busconfig>
       <policy user="root">
          <allow own="org.freedesktop.NetworkManagerSystemSettings"/>

          <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
       </policy>
       <!-- allow the netdev group to connect -->
       <policy group="netdev">
          <allow own="org.freedesktop.NetworkManagerSystemSettings"/>

          <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
       </policy>
       <!-- netdev group edit end -->
       <policy context="default">
          <deny own="org.freedesktop.NetworkManagerSystemSettings"/>

          <allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>

          <!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
               interface is secured via PolicyKit.
            -->
       </policy>

            <limit name="max_replies_per_connection">512</limit>
    </busconfig>


This will grant permissions for the netdev group, if your users belong to that group, they should be able to connect.
micia
Sagely Hen
 
Posts: 2718
Joined: Wed Nov 26, 2008 16:41


Return to Networking and Wireless

Who is online

Users browsing this forum: No registered users and 2 guests