GNOME Bugzilla – Bug 689529
privacy: implement 'visible on the local network'
Last modified: 2021-06-09 16:25:47 UTC
The privacy panel design https://live.gnome.org/Design/SystemSettings/Privacy has a switch for 'visible on the local network'. That should probably control avahi somehow - research and implementation needed.
This may need avahi changes to expose a programmatic way to toggle the disable-publishing and/or disable-user-service-publishing config options. The design may also need to be modified to show a list of services that are advertised, and allow to turn them off individually, maybe. Or, if this is in the sharing panel, a cross-reference to there.
some musings about this: <stefw> i guess the first question to answer is where is it visible? <stefw> this seems to be a privacy setting, essentially a negation of something that's already exposed to the user. <hadess> stefw, services advertised through avahi, upnp <stefw> right, but that's just plain confusing if nothing is actually using those, and the user tries to turn that on to make their computer visible and work <hadess> i would have expect to see a list of services advertising on the network instead <hadess> with a global switch <stefw> yeah <stefw> i think that would do what is implied by this feature <stefw> (even though I think the feature is still confusing wrt to user expectations) <mclasen> hadess: makes sense to me - can we can that list from avahi ? <stefw> poettering would know if there's a way to configure disable-publishing dynamically (through dbus?), without diddling the config file. * stefw fires up d-feet <stefw> nothing there <hadess> mclasen, if we get the list from avahi, it's already too late, and it doesn't mean that the service is off, just not advertised <mclasen> there's also disable-user-service-publishing in the config file <stefw> mclasen, is there a clear distinction which of these affect computer/user ? <stefw> conceptually there is no difference for most users/computers <stefw> but in the implementation there is <stefw> mclasen, from a quick grep of the code there is no way to do disable-publishing without modifying the config file <stefw> worth patching avahi in my opinion <stefw> conceptually avahi does two things: discover and publish <mclasen> well, I guess I'll have another chat with mccann about what his intentions were, and then we can figure out what avahi changes we need <stefw> being able to toggle the latter on and off in a defined programable manner is worthwhile <mclasen> I agree <hadess> i think that being able to disable all avahi publishing is what's needed there <stefw> right, and that's possible through the config <hadess> even if it doesn't cover all the service advertising that can happen <stefw> hadess, but that switch needs to be accessible via dbus or somehow represented by a separate systemd service <stefw> mclasen, at the user expectations level, i think it's important to define the user question "what happens when i make my computer visible?" <stefw> or rather "why does nothing happen when i make my computer visible?" <stefw> perhaps doing avahi based file sharing somewhere obvious like nautilus would solve these questions in an elegant way. <hadess> stefw, privacy was designed, but not sharing yet... <stefw> yeah, makes sense <stefw> and given that the option is written in the positive (ie: it's not "Hide my computer from the local network") we really do need to think about what happens when it's turned on, rather than just turned off. <hadess> stefw, it should be written as "hide it" i would think <stefw> perhaps, but settings that are worded negatively are inherently very hard to make sense of with a toggle switch.
This is supposed to be a global switch that "hides" the machine from the network? How precisely is that supposed to work? a) If a some services is shared via g-u-s or suchlike and registers an Avahi service, should this new switch override that? That'd be quite annoying to the user. Whatever the user wants should take place. b) So, let's assume this new switch only is relevant if nothing is shared locally. In that case this new switch would only disable announcement of the local hostname via mDNS. There are options for this already, however there's no nice way to control them via D-Bus, but I could add that to Avahi. c) What about the firewall? maybe this is something to solve via the fw instead? And to clarify this: publishing a service without announcing the host doesn't work. The service is always part of the host and refers to it, hence announcing at least one service implies also announcing the host.
doesn't sound like we can get this sorted out for 3.8
Any news?
This also has implication to UPnP, specifically Rygel.
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new bug report at https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/ Thank you for your understanding and your help.