Thanks for the feedback Jamie! A couple of comments in return...
1. NetworkManager polkit allows full access to sudo: I assume you meant that the decision was taken *before* we had proper polkit support on the phone? 2. urfkill polkit - allows active seat to call Block: The policy also allows BlockIdx ( ie. by index, whereas Block is by type ), and FlightMode by the active seat. How is this more permissive than needed? I'm not familiar enough with polkit to grok how this could be made more restrictive? 3. Regarding your proposed solution, why is polkit necessary when all non-system processes that run as 'phablet' are confined ( ie. can't make raw DBus calls anyways )? 4. Do you really think that adding polkit support to wpa_supplicant for a single DBus method is more work than creating a new proxy service? Also, I assume the proxy service would handle the polkit logic, and then fwd the call(s)? - -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpasupplicant in Ubuntu. https://bugs.launchpad.net/bugs/1426923 Title: Allow ubuntu-system-settings to set a device's firmware through the private Connectivity API Status in indicator-network package in Ubuntu: New Status in wpasupplicant package in Ubuntu: Invalid Bug description: Background: To do Wi-Fi hotspots on krillin, we need to poke wifi by doing a call to wpa_supplicant's (undocumented/local) SetInterfaceFirmware method. See [1] for details. Rationale: Ubuntu System Settings needs to do the same things as aforementioned script, but via dbus [2], as phablet/current non-privileged user and unconfined. What happens: If phablet runs [2], this error message [3] is produced, which I interpret to be equivalent with "you're not welcome here". What should happen instead: Ubuntu System Settings should be able to make a call to the Connectivity API, like Jamie suggests, SetAP(), SetSTA(), SetP2P(). [1] http://bazaar.launchpad.net/~mathieu-tl/+junk/touch-hotspot/view/head:/hotspot.py [2] gdbus call --system -d fi.w1.wpa_supplicant1 -o /fi/w1/wpa_supplicant1 -m fi.w1.wpa_supplicant1.SetInterfaceFirmware / ap [3] http://pastebin.ubuntu.com/10489519/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-network/+bug/1426923/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp