GNOME Bugzilla – Bug 768257
Wrong permissions in/etc/NetworkManager/system-connections/ ?
Last modified: 2016-07-01 13:33:17 UTC
Hi, I submitted this bug to Ubuntu bug tracker, launchpad: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1574020. After a lot of comments we have found out the problem why we could not use network-manager from lightdm was due to permissions. If I look at a file in /etc/NetworkManager/system-connections/ I will see something like: [Connection] id=corona uuid=4ce20be5-d5a0-41c5-820c-852136fade99 type=wifi permissions=user:modolo:; secondaries= Where it should be this, and then it works: [Connection] id=corona uuid=9bbd3c2b-295b-45e0-b1da-5c6b72e3734d type=wifi permissions= secondaries= If the wrong permissions are added: Apr 23 16:50:46 desktop NetworkManager[979]: nm_settings_connection_delete: assertion 'NM_IS_SETTINGS_CONNECTION (self)' failed Apr 23 16:50:46 desktop NetworkManager[979]: <info> [1461423046.1662] audit: op="connection-add-activate" pid=1275 uid=108 result="fail" reason="Insufficient privileges." Apr 23 16:50:46 desktop NetworkManager[979]: (NetworkManager:979): GLib-GObject-CRITICAL **: g_object_unref: assertion 'G_IS_OBJECT (object)' failed Is this an ubuntu-bug or something upstream? I hope you understand my question :)
In the short log-excerpt you see two assertions. Failing assertions are considered a bug. But in (upstream) NetworkManager I usually don't encounter assertion failures, so this should be checked by Ubuntu (or reproduced with an upstream build). Anyway, the assertion is probably not the issue. Also, if you do add-and-activate, the existing connections in /etc/NetworkManager/system-connections/ should not matter -- because you are about to create a new connection (and activate it). That doesn't look wrong. "Insufficient privileges" is a message coming when authentication via policy-kit fails. It means, your user is not allowed to perform the requested action. Hard do say, that depends on the policy-kit configuration (which depends on downstream) and on the setup of your user (modolo?). Could you please describe - what are you doing (clicking somewhere? Which version of the involved components?) - what do you want to achieve by doing that? - what do you see happening - describe why what you see happening is not what you wanted to achieve Thanks.
Hi Thomas. Thank you for responding so fast :) The problem is before logging in, you should be able to connect to a known wifi network (unknown will of course not work) - cable works just fine! - but this does not work. It does work after changing permissions in /etc/NetworkManager/system-connections/ for the specific network. My theory is that lightdm is probably running as user lightdm? and because of permissions=user:modolo:; lightdm can't access the network, only modolo can after logging in. Makes sense? When trying to connect to the know wifi this happens: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1574020/+attachment/4644286/+files/IMG_20160421_224655.jpg From what I can see I have: - network-mananger 1.2.0-0ubuntu0.16.04.2 - lightdm: 1.18.2-0ubuntu1 - what are you doing: Trying to connect to wifi, before loggin in. - what do you want to achieve by doing that? - Get internet ;) - what do you see happening - Insufficient privileges - describe why what you see happening is not what you wanted to achieve: It should just be able to connect by itself (happens after I edit the privileges of said file. Have I answered all your questions? feel free to ask if you need more info. I'm not native english, but will try to answer the best I can.
(In reply to Joakim Koed from comment #2) Hi, > The problem is before logging in, you should be able to connect to a known > wifi network (unknown will of course not work) - cable works just fine! - > but this does not work. It does work after changing permissions in > /etc/NetworkManager/system-connections/ for the specific network. My theory > is that lightdm is probably running as user lightdm? and because of > permissions=user:modolo:; lightdm can't access the network, only modolo can > after logging in. Makes sense? You are talking about "autoconnecting" the Wi-Fi. If you connection's permission are restricted to a certain user, then the connection can only autoconnect, if that user is logged in. If you want that connection to autoconnect before the user logging in, you must not restrict the permissions to a certain user. In nm-connection-editor this option is called "all users may connect to this network". Also, make sure that connection.autoconnect is also enabled (in nm-connection-editor, that is called "Automatically connect tot his network when it is available"). > When trying to connect to the know wifi this happens: > https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1574020/ > +attachment/4644286/+files/IMG_20160421_224655.jpg As which user are you logged in (name)? Does `nmcli connection show $CONNECTION_NAME` show you that the connection is restricted to different user? Is this a separate issue from the inability to autoconnect (before the user logs in)?
Hi again Sorry for not being clear, autoconnect is not working either, like it does AFTER changing/remove the permissions. I have not just discovered that changing "all users may connect to this network" does edit the permissions.. I guess maybe the problem is that in previous versions of ubuntu, this was marked as default. "Automatically connect tot his network when it is available" is marked by default. So that works just fine. We are getting closer. Now to the question: Should it mark/enable "all users may connect to this network" by default? It seems it did that in Ubuntu 15.10 but not in 16.04. So is that an ubuntu-thing or a new network manager feature/bug? Thank you again. I feel I have a good idea of what is going on now!
Sorry, small mistake, should be: I have not NOW* just discovered...
(In reply to Joakim Koed from comment #4) > Now to the question: Should it mark/enable "all users may connect to this > network" by default? It seems it did that in Ubuntu 15.10 but not in 16.04. > So is that an ubuntu-thing or a new network manager feature/bug? It depends on the UI you are using. If you use nm-applet and you click on a Wi-Fi device to connect it the first time (without already having created a connection for the Wi-Fi network), then it will set permissions to the current user [1] It does so, for a certain purpose. That doesn't mean, you cannot change it later (for example via nm-connection-editor). But yes, it also means the connection cannot autoconnect unless the user is logged in. [1] https://git.gnome.org/browse/network-manager-applet/commit/?id=0c92debe95f62a7f677e28eb8dee92728d702a0a
Ah I see. So it's a new feature/design by choice then. No problem.. Now I just feel silly I did not figure out to press on "Automatically connect to this network when it is available" before creating a bug post, both here and ubuntu :( oh well, seems many people could not figure it out either. Thank you for your time Thomas. I feel this is solved.
cool. No problem :)
@Thomas, did the default behaviour changed between n-m(-a) 1.0 and 1.2? If so do you know what was the rational? If no I guess we had an Ubuntu patch or a bug that made it work before...
sorry, it seems it did and that I didn't properly read the comments
reading again it looks like the current behaviour is confusing to users, the applet should perhaps explain better to user why then can't use the connection (like go in setting and check the option to share it for all users) or use polkit to let you auth with an user that has the correct rights