Quais configurações ou privilégios o usuário precisa para usar o NetworkManager.Settings.Connection

0

Eu tentei chamar o método GetSettings do objeto D-Bus org.freedesktop.NetworkManager.Settings.Connection pelo caminho /org/freedesktop/NetworkManager/Settings/2 (o número de configurações, por exemplo) no aplicativo Qt. Então, quando eu tentei executar este aplicativo como usuário com

$ id
uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),27(sudo),30(dip),
46(plugdev),113(lpadmin),129(sambashare)

funcionou bem sem erros, mas quando eu iniciei o aplicativo como gred lightdm (usuário lightdm inicia o processo) ele registrou o erro:

org.freedesktop.NetworkManager.Settings.PermissionDenied uid 108 has no permission
to perform this operation

Eu tentei fazer isso com org.freedesktop.NetworkManager.conf abaixo:

<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
        <policy user="root">
                <allow own="org.freedesktop.NetworkManager"/>
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.PPP"/>

                <allow send_interface="org.freedesktop.NetworkManager.SecretAgent"/>
                <!-- These are there because some broken policies do
                <deny send_interface="..." /> (see dbus-daemon(8) for details).
                This seems to override that for the known VPN plugins.
                  -->
                <allow send_destination="org.freedesktop.NetworkManager.openconnect"/>
                <allow send_destination="org.freedesktop.NetworkManager.openswan"/>
                <allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
                <allow send_destination="org.freedesktop.NetworkManager.pptp"/>
                <allow send_destination="org.freedesktop.NetworkManager.vpnc"/>
                <allow send_destination="org.freedesktop.NetworkManager.ssh"/>
                <allow send_destination="org.freedesktop.NetworkManager.iodine"/>
                <allow send_destination="org.freedesktop.NetworkManager.l2tp"/>
                <allow send_destination="org.freedesktop.NetworkManager.libreswan"/>
                <allow send_destination="org.freedesktop.NetworkManager.fortisslvpn"/>
                <allow send_destination="org.freedesktop.NetworkManager.strongswan"/>
                <allow send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>

                <!-- Allow the custom name for the dnsmasq instance spawned by NM
                     from the dns dnsmasq plugin to own it's dbus name, and for
                     messages to be sent to it.
                 -->
                <allow own="org.freedesktop.NetworkManager.dnsmasq"/>
                <allow send_destination="org.freedesktop.NetworkManager.dnsmasq"/>
        </policy>
        <policy user="whoopsie">
                <allow send_destination="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.DBus.Introspectable"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.DBus.Properties"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Connection.Active"/>

                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device"/>
        </policy>
        <policy context="default">
                <deny own="org.freedesktop.NetworkManager"/>

                <deny send_destination="org.freedesktop.NetworkManager"/>

           <!-- Basic D-Bus API stuff -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.DBus.Introspectable"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.DBus.Properties"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.DBus.ObjectManager"/>

           <!-- Devices (read-only properties, no methods) -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Adsl"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Bond"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Bridge"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Bluetooth"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Generic"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Gre"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Infiniband"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Macvlan"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Modem"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.OlpcMesh"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Team"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Tun"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Veth"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Vlan"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.WiMax.Nsp"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.AccessPoint"/>

           <!-- Devices (read-only, no security required) -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.WiMax"/>

           <!-- Devices (read/write, secured with PolicyKit) -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Device"/>

           <!-- Core stuff (read-only properties, no methods) -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.DHCP6Config"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.IP4Config"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.IP6Config"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>

           <!-- Core stuff (read/write, secured with PolicyKit) -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Settings"/>
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.Settings.Connection"/>

          <!-- Agents; secured with PolicyKit.  Any process can talk to
                the AgentManager API, but only NetworkManager can talk
                to the agents themselves. -->
                <allow send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager.AgentManager"/>

           <!-- Root-only functions -->
                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager"
                      send_member="SetLogging"/>
                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager"
                      send_member="Sleep"/>
                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager.Settings"
                      send_member="LoadConnections"/>
                <deny send_destination="org.freedesktop.NetworkManager"
                      send_interface="org.freedesktop.NetworkManager.Settings"
                      send_member="ReloadConnections"/>

                <deny own="org.freedesktop.NetworkManager.dnsmasq"/>
                <deny send_destination="org.freedesktop.NetworkManager.dnsmasq"/>
        </policy>

   <limit name="max_replies_per_connection">1024</limit>
   <limit name="max_match_rules_per_connection">2048</limit>
</busconfig>

Você poderia me ajudar a fazer isso funcionar?

    
por Elijah 08.11.2017 / 18:41

0 respostas

Tags