Package: cnetworkmanager Version: 0.21.1-1 Severity: important The rule I comment below : <policy at_console="true"> <allow own="org.freedesktop.NetworkManagerUserSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> <!-- Only root can get secrets --> <!-- <deny send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection.Secrets"/> --> </policy> is at_console thus overides the nm-applet.conf user="root" rule that allow the : <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection.Secrets"/>
ie: <policy user="root"> <allow own="org.freedesktop.NetworkManagerUserSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection"/> <!-- Only root can get secrets --> <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection.Secrets"/> </policy> In short as NetworkManager does not show the gerror from the: secrets_result function in src/nm-activation-request.c in NetworkManager the fact that this rule is denied is silently ignored. The symptom is dbus-monitor --system: signal sender=:1.569 -> dest=(null destination) serial=260008 path=/org/freedesktop/NetworkManager/Devices/1; interface=org.freedesktop.NetworkManager.Device; member=StateChanged uint32 5 uint32 4 uint32 0 signal sender=:1.569 -> dest=(null destination) serial=260009 path=/org/freedesktop/NetworkManager/Devices/1; interface=org.freedesktop.NetworkManager.Device; member=StateChanged uint32 6 uint32 5 uint32 0 signal sender=:1.569 -> dest=(null destination) serial=260013 path=/org/freedesktop/NetworkManager/Devices/1; interface=org.freedesktop.NetworkManager.Device.Wireless; member=PropertiesChanged array [ dict entry( string "State" variant uint32 6 ) ] signal sender=:1.569 -> dest=(null destination) serial=260014 path=/org/freedesktop/NetworkManager/Devices/1; interface=org.freedesktop.NetworkManager.Device; member=StateChanged uint32 9 uint32 6 uint32 7 signal sender=:1.569 -> dest=(null destination) serial=260017 path=/org/freedesktop/NetworkManager/Devices/1; interface=org.freedesktop.NetworkManager.Device.Wireless; member=PropertiesChanged array [ dict entry( string "State" variant uint32 9 ) ] ie that state change to 6 (AUTH needed) to 9 (failure) witrh reason 7 (no secrets provided). The nm-applet log is: ** (nm-applet:5476): WARNING **: Error in getting active connection 'Vpn' property: (19) Method "Get" with signature "ss" on interface "org.freedesktop.DBus.Properties" doesn't exist ** (nm-applet:5476): WARNING **: _nm_object_array_demarshal: couldn't create object for /org/freedesktop/NetworkManager/ActiveConnection/1 as due to the failure to get secret the (here I do not use vpn) the activeconnection is discarded and then later on when nm tries to check the Vpn property on the active connection this one is no more thus the error shown above. Thank you to either use policykit or enable the : <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection.Secrets"/> in the user="root" to fix this one. Maybe this bug should be cloned to ask for nm to log the dbus error in secrets_result function in src/nm-activation-request.c. Please do if you believe so too. Best regards, Alban -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.34-rc4-wleeepc (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages cnetworkmanager depends on: ii network-manager 0.8-1 network management framework daemo ii python 2.5.4-9 An interactive high-level object-o ii python-dbus 0.83.1-1 simple interprocess messaging syst ii python-support 1.0.7 automated rebuilding support for P cnetworkmanager recommends no packages. cnetworkmanager suggests no packages. -- Configuration Files: /etc/dbus-1/system.d/cnetworkmanager.conf changed: <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> <busconfig> <policy user="root"> <allow own="org.freedesktop.NetworkManagerUserSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> </policy> <policy at_console="true"> <allow own="org.freedesktop.NetworkManagerUserSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings"/> <!-- Only root can get secrets --> <!-- <deny send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.NetworkManagerSettings.Connection.Secrets"/> --> </policy> <policy context="default"> <deny send_destination="org.freedesktop.NetworkManagerUserSettings"/> <allow send_destination="org.freedesktop.NetworkManagerUserSettings" send_interface="org.freedesktop.DBus.Introspectable"/> </policy> <limit name="max_replies_per_connection">512</limit> </busconfig> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org