mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-10-06 16:21:50 +00:00
243af16c5b
Previously, Wi-Fi scans uses polkit action
"org.freedesktop.NetworkManager.network-control". This is introduced
in commit 5e3e19d0
. But in a system with restrict polkit rules, for
example "org.freedesktop.NetworkManager.network-control" was set as
auth_admin. When you open the network panel of GNOME Control Center, a
polkit dialog will keep showing up asking for admin password, as GNOME
Control Center scans the Wi-Fi list every 15 seconds.
Fix that by adding a new polkit action
"org.freedesktop.NetworkManager.wifi.scan" so that distributions can
add specific rule to allow Wi-Fi scans.
[thaller@redhat.com: fix macro in "shared/nm-common-macros.h"]
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/68
175 lines
6.8 KiB
XML
175 lines
6.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE policyconfig PUBLIC
|
|
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
|
|
|
|
<policyconfig>
|
|
|
|
<vendor>NetworkManager</vendor>
|
|
<vendor_url>http://www.gnome.org/projects/NetworkManager</vendor_url>
|
|
<icon_name>nm-icon</icon_name>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-network">
|
|
<_description>Enable or disable system networking</_description>
|
|
<_message>System policy prevents enabling or disabling system networking</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.reload">
|
|
<_description>Reload NetworkManager configuration</_description>
|
|
<_message>System policy prevents reloading NetworkManager</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.sleep-wake">
|
|
<_description>Put NetworkManager to sleep or wake it up (should only be used by system power management)</_description>
|
|
<_message>System policy prevents putting NetworkManager to sleep or waking it up</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>no</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-wifi">
|
|
<_description>Enable or disable Wi-Fi devices</_description>
|
|
<_message>System policy prevents enabling or disabling Wi-Fi devices</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-wwan">
|
|
<_description>Enable or disable mobile broadband devices</_description>
|
|
<_message>System policy prevents enabling or disabling mobile broadband devices</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-wimax">
|
|
<_description>Enable or disable WiMAX mobile broadband devices</_description>
|
|
<_message>System policy prevents enabling or disabling WiMAX mobile broadband devices</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.network-control">
|
|
<_description>Allow control of network connections</_description>
|
|
<_message>System policy prevents control of network connections</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>yes</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.wifi.scan">
|
|
<_description>Allow control of Wi-Fi scans</_description>
|
|
<_message>System policy prevents Wi-Fi scans</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>yes</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.wifi.share.protected">
|
|
<_description>Connection sharing via a protected Wi-Fi network</_description>
|
|
<_message>System policy prevents sharing connections via a protected Wi-Fi network</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.wifi.share.open">
|
|
<_description>Connection sharing via an open Wi-Fi network</_description>
|
|
<_message>System policy prevents sharing connections via an open Wi-Fi network</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.settings.modify.own">
|
|
<_description>Modify personal network connections</_description>
|
|
<_message>System policy prevents modification of personal network settings</_message>
|
|
<defaults>
|
|
<allow_any>auth_self_keep</allow_any>
|
|
<allow_inactive>yes</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.settings.modify.system">
|
|
<_description>Modify network connections for all users</_description>
|
|
<_message>System policy prevents modification of network settings for all users</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>@NM_MODIFY_SYSTEM_POLICY@</allow_inactive>
|
|
<allow_active>@NM_MODIFY_SYSTEM_POLICY@</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.settings.modify.hostname">
|
|
<_description>Modify persistent system hostname</_description>
|
|
<_message>System policy prevents modification of the persistent system hostname</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.settings.modify.global-dns">
|
|
<_description>Modify persistent global DNS configuration</_description>
|
|
<_message>System policy prevents modification of the persistent global DNS configuration</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.checkpoint-rollback">
|
|
<_description>Perform a checkpoint or rollback of interfaces configuration</_description>
|
|
<_message>System policy prevents the creation of a checkpoint or its rollback</_message>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-statistics">
|
|
<_description>Enable or disable device statistics</_description>
|
|
<_message>System policy prevents enabling or disabling device statistics</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.NetworkManager.enable-disable-connectivity-check">
|
|
<_description>Enable or disable connectivity checking</_description>
|
|
<_message>System policy prevents enabling or disabling connectivity checking</_message>
|
|
<defaults>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
</policyconfig>
|
|
|