[Bug 1045972] Re: Administrator password for WLAN-connections?
Hi together, I am extremely happy about the discussion started here. I have the exact same topic as the thread-starter: I am "admin", my kids, wife and grandparents are the users I do not want to grant sudo rights. Xubuntu, 12.04, five laptops and one workstation. I am missing some sort of graphical interface for what you call policykit so dummy’s like me (I'm chemist, not software specialist) are able to handle the rights. If there would be something you could walk through, set the most common things like you think they are needed or correct them after first troubles to what is appropriate for your needs the "standard" user could handle the system much easier and safety is respected. Anyhow. Thanks for the help with the network-problem I also had on the laptop of one of "my" users and it seems to work fine. Kind regards soar-high -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1045972] Re: Administrator password for WLAN-connections?
Hallo Mathieu, Yes, I understand your opinion, it makes sence in enterprice environments. But in the situation, when outdoor staffs have to connect their company laptops from outside the company, the IT-administrators have to set up your special file into //var/lib/polkit-1/localauthority/50-local.d/. /Do they all know this? A lot of private users choose Linux, because they want a relatively secure system. Do they like the solution to use sudo, when they are logged in as normal users (to surf the internet)? And what about the families with one administrator and kids and grandparents? On private computers (people are the only users of their system), it's recommended everybody to use at least two separate logins, independent from the respective operating system. One login for admin purpose only, the other for daily work as a normal user without admin rights. And many programmers suggest never (!) to type the admin password, when a normal user is logged in. We cannot imagine all security vulnerabilities in this context. Think about temporary keyloggers, realized f.i. by JavaScript + XSS, or by Flash Player content. For better clarity and comfort, please, could you integrate the assignment of the permission „create network connections“ into the admin application „users and groups“? Optimally subdivided into cable, WLAN, Bluetooth, GSM and so on. Formerly group dip? Best regards, J. R. B. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1045972] Re: Administrator password for WLAN-connections?
Any name is fine for that file, it would be a new one (must finish in .pkla, though), that adds configuration. We're not going to change upstream behavior for this. On most desktop/laptop installs, this makes sense because people are the only users of their system, and as such have access to the "administrator" password, which is their login password since the authentication is similar to what sudo does. In other cases, it still makes sense because the administrator creates network connections to be used and users normally shouldn't have to change them or create new ones (the enterprise scenario). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1045972] Re: Administrator password for WLAN-connections?
Hallo Mathieu, thanks for your answer. Is there really no way back to designe the nm-manager, that users can create new WLAN-connections only for themselves (not system-wide) by default? I think, this would be much easier for many Ubuntu-users, who are not IT-insiders. And a question: 1. Which file should be changed / what should be the name of the new file in /var/lib/polkit-1/localauthority/50-local.d/? Best regards, J. R. B. Am 12.09.2012 04:22, schrieb Mathieu Trudel-Lapierre: > This is because the "Available to all users" checkbox needs to be > unticked when the connection is created. Once it's already there; you > will need administrative access to change it since opening up the dialog > could allow you to see the WLAN password. > > As an alternative; edit the connection as the user that created it (the > administrator user), or ask an administrator to toggle the setting. > > If you mean creating a new wireless network from the menu items when you > click nm-applet; then this policy has always been in place: to create > system-wide (available to all users) connections, you need administrator > rights. > > What changed is that connections are available to all users by default, > because we create them in a different manner which is much easier to > maintain and above all, allows the connections to be saved (backed up) > and restored. This is not going to change. > > If you need to have access to create such connections, you may wish to either > give yourself administrator access if this is your machine and a conscious > decision, or ask the administrator to adjust the policykit policies on the > affected system. The policy to change would be: > "org.freedesktop.NetworkManager.settings.modify.system" > (which means Modify network connections for all users) > > It can be changed by adding a file to > /var/lib/polkit-1/localauthority/50-local.d/ with contents such as: > > [Changing system-wide NetworkManager connections] > Identity=unix-user:myusername > Action=org.freedesktop.NetworkManager.settings.modify.system > ResultActive=yes > > See also > /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla. > > Thanks! > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1045972] Re: Administrator password for WLAN-connections?
This is because the "Available to all users" checkbox needs to be unticked when the connection is created. Once it's already there; you will need administrative access to change it since opening up the dialog could allow you to see the WLAN password. As an alternative; edit the connection as the user that created it (the administrator user), or ask an administrator to toggle the setting. If you mean creating a new wireless network from the menu items when you click nm-applet; then this policy has always been in place: to create system-wide (available to all users) connections, you need administrator rights. What changed is that connections are available to all users by default, because we create them in a different manner which is much easier to maintain and above all, allows the connections to be saved (backed up) and restored. This is not going to change. If you need to have access to create such connections, you may wish to either give yourself administrator access if this is your machine and a conscious decision, or ask the administrator to adjust the policykit policies on the affected system. The policy to change would be: "org.freedesktop.NetworkManager.settings.modify.system" (which means Modify network connections for all users) It can be changed by adding a file to /var/lib/polkit-1/localauthority/50-local.d/ with contents such as: [Changing system-wide NetworkManager connections] Identity=unix-user:myusername Action=org.freedesktop.NetworkManager.settings.modify.system ResultActive=yes See also /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1045972] Re: Administrator password for WLAN-connections?
Hallo Mathieu, thanks for your answer. But you could not convince me, because I cannot reach this option to uncheck "Available to all users", because the question for admin password comes before. Did you really check this problem with a newly set 12.04 with a second user (without admin rights)? Maybe I am totally studip, but please explain me step by step, how to uncheck "Available to all users" as a second user without admin rights. And please consider, that exactly the same pocedure was without any problems in 10.04: Set up a new Ubuntu, make an second user, and he can connest to a WLAN without any troubles. Best greetings, J. R. B. Am 04.09.2012 21:21, schrieb Mathieu Trudel-Lapierre: > Users can uncheck "Available to all users" at the bottom of the dialog > if they do not have sufficient rights for system-wide connections. > Otherwise, you may wish to adjust PolicyKit rules if you have modified > them. > > By default on install, users are already allowed to create connections > without any issues. > > ** Changed in: network-manager (Ubuntu) > Status: New => Invalid > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1045972] Re: Administrator password for WLAN-connections?
Users can uncheck "Available to all users" at the bottom of the dialog if they do not have sufficient rights for system-wide connections. Otherwise, you may wish to adjust PolicyKit rules if you have modified them. By default on install, users are already allowed to create connections without any issues. ** Changed in: network-manager (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1045972 Title: Administrator password for WLAN-connections? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1045972/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs