From db0825a110b24b755d3dab5df4381959b693ba9e Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Mon, 23 Feb 2026 17:21:55 +0100 Subject: [PATCH] settings: accept not-saved secrets from agents without modify-system The "modify.system" polkit permission allows a user to modify settings for connection profiles that belong to all users. For this reason, when an agent returns system secrets (i.e. secrets that are going to be stored to disk), NetworkManager checks that the agent has the modify.system permission. If a secret has the AGENT_OWNED flag, it's stored in the agent itself. If the secret has the NOT_SAVED flag, it will be asked to users at the beginning of every connection attempt. In both those cases the profile is not modified and there is no need for the modify.system permission. Fix the check to also consider the NOT_SAVED flag. --- src/core/settings/nm-settings-connection.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/settings/nm-settings-connection.c b/src/core/settings/nm-settings-connection.c index d5611e7640..7ed3712b47 100644 --- a/src/core/settings/nm-settings-connection.c +++ b/src/core/settings/nm-settings-connection.c @@ -781,7 +781,8 @@ validate_secret_flags(NMConnection *connection, GVariant *secrets, ForEachSecret static gboolean secret_is_system_owned(NMSettingSecretFlags flags, gpointer user_data) { - return !NM_FLAGS_HAS(flags, NM_SETTING_SECRET_FLAG_AGENT_OWNED); + return !NM_FLAGS_ANY(flags, + NM_SETTING_SECRET_FLAG_AGENT_OWNED | NM_SETTING_SECRET_FLAG_NOT_SAVED); } static void