[Pkg-utopia-maintainers] Bug#608301: Bug#608301: dbus calls for letting network-manager sleep and wake do no longer work
Martin Steigerwald
Martin at lichtvoll.de
Thu Dec 30 09:48:32 UTC 2010
Am Wednesday 29 December 2010 schrieben Sie:
> On 29.12.2010 20:15, Martin Steigerwald wrote:
> > Package: network-manager
> > Version: 0.8.2-3
> > Severity: important
> >
> > shambhala:~> dbus-send --print-reply --system
> > \
> >
> > --dest=org.freedesktop.NetworkManager \
> > /org/freedesktop/NetworkManager \
> > org.freedesktop.NetworkManager.wake
> >
> > Error org.freedesktop.DBus.Error.AccessDenied: Rejected send message,
> > 9 matched rules; type="method_call", sender=":1.369" (uid=0 pid=1467
> > comm="dbus-send) interface="org.freedesktop.NetworkManager"
> > member="wake" error name="(unset)" requested_reply=0
> > destination="org.freedesktop.NetworkManager" (uid=0 pid=1360
> > comm="/usr/sbin/NetworkManager))
> >
> > versus:
> >
> > shambhala:~#1> dbus-send --print-reply --system
> > \
> >
> > --dest=org.freedesktop.NetworkManager \
> > /org/freedesktop/NetworkManager \
> > org.freedesktop.NetworkManager.sleep
> >
> > method return sender=:1.352 -> dest=:1.358 reply_serial=2
> > shambhala:~> dbus-send --print-reply --system
This is a root prompt. It doesn't contain a username such as in:
martin at shambhala:~>
which is a user prompt.
> > \
> >
> > --dest=org.freedesktop.NetworkManager \
> > /org/freedesktop/NetworkManager \
> > org.freedesktop.NetworkManager.wake
> >
> > method return sender=:1.352 -> dest=:1.360 reply_serial=2
>
> This seems to be intentional:
> http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=NM_
> 0_8&id=878f6c4074acfdee42c320680f5529e01b909ba2
>
> running as root works fine here.
>
> If you want to change this configuration, see
>
> /etc/dbus-1/system.d/NetworkManager.conf.
But I am running as root!
Only thing I can think of is that dbus doesn't understand su - and still
thinks that I am the user. But then I think it is pretty dumb and that
deserves a bug report as well, cause even without the "-" for su I get
$USER set to "root" and of course the UID of the newly spawned shell is
"root":
shambhala:~> pstree -p | grep su
|-konsole(3114)-+-zsh(3122)---su(9947)---zsh(9955)-+-grep(9970)
`-wpa_supplicant(2129)
shambhala:~> ps aux | grep 9955 | grep -v grep
root 9955 0.2 0.1 7576 2620 pts/0 S 10:43 0:00 zsh
I am even using --print-reply, but as far as I understand the commit
message that doesn't matter.
I am attaching /etc/dbus-1/system.d/NetworkManager.conf.
I think it would be good to reopen the bug until its clear whether it lies
in dbus or network manager DBUS configuration but I leave that decision to
you cause I might not understanding correctly, how the authorization
system of DBUS works. From my current understanding its not working as
described in the commit message while with Network Manager 0.8.1-6 it
works tough.
Ciao,
--
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
-------------- next part --------------
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="org.freedesktop.NetworkManager"/>
<allow own="org.freedesktop.NetworkManagerSystemSettings"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.PPP"/>
</policy>
<policy group="netdev">
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Introspectable"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Properties"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Serial"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="Sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="wake"/>
</policy>
<policy at_console="true">
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Introspectable"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Properties"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Cdma"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Gsm"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Serial"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="Sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="wake"/>
</policy>
<policy context="default">
<deny own="org.freedesktop.NetworkManager"/>
<deny own="org.freedesktop.NetworkManagerSystemSettings"/>
<deny send_destination="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManagerSystemSettings"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="Sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="sleep"/>
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="wake"/>
<!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
interface is secured via PolicyKit.
-->
</policy>
<limit name="max_replies_per_connection">512</limit>
</busconfig>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20101230/d1bf8ca1/attachment-0001.pgp>
More information about the Pkg-utopia-maintainers
mailing list