[Pkg-utopia-maintainers] Bug#626180: Bug#626180: useless without ag_console policy
Michael Biebl
biebl at debian.org
Mon May 9 16:38:12 UTC 2011
Hi
Am 09.05.2011 18:28, schrieb Bdale Garbee:
> Package: network-manager-openvpn
> Version: 0.8.4-1
> Severity: important
>
> The content of /etc/dbus-1/system.d/nm-openvpn-service.conf as provided does not
> appear sufficient to allow the openvpn functionality in network manager to work
> in a useful way.
Could you elaborate on that, please.
What is your setup, what is the error message. See [1] for debugging tips.
Adding an 'at_console' policy seems to fix things for me:
>
> --- nm-openvpn-service.conf.orig 2011-05-09 09:47:31.484513417 -0600
> +++ nm-openvpn-service.conf 2011-05-09 09:53:55.314350004 -0600
> @@ -6,6 +6,10 @@
> <allow own="org.freedesktop.NetworkManager.openvpn"/>
> <allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
> </policy>
> + <policy user="at_console">
> + <allow own="org.freedesktop.NetworkManager.openvpn"/>
> + <allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
> + </policy>
> <policy context="default">
> <deny own="org.freedesktop.NetworkManager.openvpn"/>
> <deny send_destination="org.freedesktop.NetworkManager.openvpn"/>
>
> Could this be fixed in the default configuration, please?
This opens a security hole, so I'd rather not do that and first try to
understand what your actual problem is.
Only root should be able to own that bus name.
Michael
[1] http://live.gnome.org/NetworkManager/Debugging
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20110509/41e389c4/attachment.pgp>
More information about the Pkg-utopia-maintainers
mailing list