[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bug#52904: nmtui - user authorisation
From: |
Josselin Poiret |
Subject: |
Re: bug#52904: nmtui - user authorisation |
Date: |
Sun, 02 Jan 2022 12:07:05 +0100 |
Hello again,
> Good morning Josselin, and Happy New Year!
>
> Many thanks for taking the time to explain this in detail for us. If I
> have properly understood your explanation, it suggests I am running
> network-manager from outside of the dbus session. If I look at the
> processes running on my system at this moment, the dbus-launch process
> has an id of 881, while the network-manager session has an id of 463,
> suggesting that it was started before dbus. My system configuration is
> relatively standard (if there is such a thing) - I don't do anything to
> change how dbus or network manager are launched, but rely on the
> defaults provided by the the desktop-service. Is there any way to ensure
> network-manager is launched inside the dbus session? I am using slim
> rather than gdm, and as a desktop manager I am using dwm (with some
> local changes).
>
> Regarding the wheel group - my user is in this group, but I don't get
> any request for a password - nmtui simply informs me that I don't have
> the necessary authorisation.
Some context is missing from the forwarded mail, so I have no idea what
script you're trying to run or how, unfortunately. Here is some more
information though:
* there are generally two (or more) dbus daemons running. One for the
system bus, launched through Shepherd (named `dbus-system`), and one for
each session, for the session bus, started either manually or often
through your DM (ie. GDM). elogind and NetworkManager both run on the
system bus.
* for Polkit to successfully reauthenticate you, it needs to have a
registered agent running. A Polkit agent is a program that registers
with Polkit via dbus, is associated with a session, and is used by
Polkit to prompt the user for a password. There are many, see [1]. You
can test whether the agent is properly set-up by simply running `pkexec
echo "Hello"`, pkexec being roughly the equivalent of `sudo`, but using
Polkit for permission checking.
[1] https://wiki.archlinux.org/title/Polkit#Authentication_agents
--
Josselin Poiret