May I suggest another approach: make permissions same way as with cups printing: 'lp' group for those who are allowed to print, and 'lpadmin' group for those who are allowed to manage printers.
Analogous to that: there exists 'netdev' group to allow use and switch existing connection profiles. Add 'netadmin' group to allow managing system connections. A simple policy as described here https://wiki.archlinux.org/index.php/Network_manager#Can.27t_edit_connections_as_normal_user applied to new 'netadmin' group would increase manageability of the system. Regardless of group policy, new wireless connection profile should be created with user acl, without asking for privilege escalation. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
