Thanks for the feedback Jamie!

A couple of comments in return...

1. NetworkManager polkit allows full access to sudo: I assume you meant
that the decision was taken *before* we had proper polkit support on the
phone?

2. urfkill polkit - allows active seat to call Block:  The policy also
allows BlockIdx ( ie. by index, whereas Block is by type ), and
FlightMode by the active seat.  How is this more permissive than needed?
I'm not familiar enough with polkit to grok how this could be made more
restrictive?

3. Regarding your proposed solution, why is polkit necessary when all
non-system processes that run as 'phablet' are confined ( ie. can't make
raw DBus calls anyways )?

4. Do you really think that adding polkit support to wpa_supplicant for
a single DBus method is more work than creating a new proxy service?
Also, I assume the proxy service would handle the polkit logic, and then
fwd the call(s)?

-

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to wpasupplicant in Ubuntu.
https://bugs.launchpad.net/bugs/1426923

Title:
  Allow ubuntu-system-settings to set a device's firmware through the
  private Connectivity API

Status in indicator-network package in Ubuntu:
  New
Status in wpasupplicant package in Ubuntu:
  Invalid

Bug description:
  Background:
  To do Wi-Fi hotspots on krillin, we need to poke wifi by doing a call to 
wpa_supplicant's (undocumented/local) SetInterfaceFirmware method. See [1] for 
details.

  Rationale:
  Ubuntu System Settings needs to do the same things as aforementioned script, 
but via dbus [2], as phablet/current non-privileged user and unconfined.

  What happens:
  If phablet runs [2], this error message [3] is produced, which I interpret to 
be equivalent with "you're not welcome here".

  What should happen instead:
  Ubuntu System Settings should be able to make a call to the Connectivity API, 
like Jamie suggests, SetAP(), SetSTA(), SetP2P().

  [1] 
http://bazaar.launchpad.net/~mathieu-tl/+junk/touch-hotspot/view/head:/hotspot.py
  [2] gdbus call --system -d fi.w1.wpa_supplicant1 -o /fi/w1/wpa_supplicant1 -m 
fi.w1.wpa_supplicant1.SetInterfaceFirmware / ap
  [3] http://pastebin.ubuntu.com/10489519/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/indicator-network/+bug/1426923/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to