fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-11 09:50:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src
History
Dan Williams 7e0f94f0f5 dbus: kill at_console usage in permissions (bgo #707983) (rh #979416) 
at_console permissions as implemented by D-Bus have some problems:

1) it is now fully redundant with PolicyKit and session tracking via
systemd/ConsoleKit

2) it uses a different mechanism than PolicyKit or systemd to determine
sessions and whether the user is on local or not (pam_console)

3) it was never widely implemented across so removing it
harmonizes D-Bus permissions on all supported distros

To that end, remove the at_console section of the D-Bus permissions,
and rely on session-tracking and PolicyKit to ensure operations are
locked down.

No changes are being made to PolicyKit or session-tracking, so any
operations denied by those mechanisms are still denied, and no
permissions are being relaxed.  Instead, this should allow remote
users who log in via remote desktop or SSH to inspect network state,
change connection parameters, and start/stop interfaces.  Obviously
if you are remote, you should not touch the interface which your
connection is using, but that concern shouldn't prevent all the other
nice stuff that you can do with NM.

https://bugzilla.gnome.org/show_bug.cgi?id=707983
https://bugzilla.redhat.com/show_bug.cgi?id=979416
2014-01-23 16:48:19 -06:00
..
bluez-manager core: remove useless NMSettings::connections-loaded signal 2014-01-23 15:14:49 -05:00
config coverity: fix various warnings detected with Coverity 2013-11-13 15:29:24 +01:00
devices core: allow custom IP address ranges for Shared connections (bgo #675973) 2014-01-23 16:21:01 -06:00
dhcp-manager dhcp: don't add an IPv6 address if one wasn't given (rh #1048046) 2014-01-23 12:16:02 -06:00
dns-manager build: add --with-dnsmasq, to specify dnsmasq path 2014-01-03 14:51:16 -05:00
dnsmasq-manager core: allow custom IP address ranges for Shared connections (bgo #675973) 2014-01-23 16:21:01 -06:00
firewall-manager core: convert the DBus manager to a single-ref object 2013-05-20 16:38:33 -03:00
logging logging: fix "nmcli gen log level FOO" 2014-01-22 09:48:42 -05:00
modem-manager coverity: fix various warnings detected with Coverity 2013-11-13 15:29:24 +01:00
platform platform: fix linux nm_platform_link_get_physical_port_id() (rh #804527) 2014-01-22 13:20:18 -05:00
posix-signals core: use non-recursive build 2013-05-08 15:07:18 -04:00
ppp-manager logging: tweak logging-enabled functions 2013-12-20 09:57:13 -05:00
rdisc logging: ignore unrecognized domains on startup 2013-12-20 10:04:10 -05:00
settings settings: return error from GetConnectionByUuid() if caller not in ACL 2014-01-23 16:48:19 -06:00
supplicant-manager wifi: always assume can_scan_ssid and use ap_scan=1 for infra mode 2013-12-12 11:33:17 +01:00
tests core: add nm_utils_ascii_str_to_int64() function 2014-01-22 12:12:02 +01:00
vpn-manager core: fix master deactivation 2014-01-23 15:16:09 -05:00
wifi wifi: always assume can_scan_ssid and use ap_scan=1 for infra mode 2013-12-12 11:33:17 +01:00
main.c logging: ignore unrecognized domains on startup 2013-12-20 10:04:10 -05:00
Makefile.am core: allow custom IP address ranges for Shared connections (bgo #675973) 2014-01-23 16:21:01 -06:00
NetworkManagerUtils.c core: add nm_utils_ascii_str_to_int64() function 2014-01-22 12:12:02 +01:00
NetworkManagerUtils.h core: add nm_utils_ascii_str_to_int64() function 2014-01-22 12:12:02 +01:00
nm-activation-request.c core: add IP/DHCP config properties to o.fd.NM.Connection.Active 2013-12-19 11:49:50 -05:00
nm-activation-request.h core: allow active connection 'master' to be set after object creation 2013-10-31 14:15:08 -05:00
nm-active-connection.c core: fix master deactivation 2014-01-23 15:16:09 -05:00
nm-active-connection.h core: add IP/DHCP config properties to o.fd.NM.Connection.Active 2013-12-19 11:49:50 -05:00
nm-atm-manager.c trivial: whitespace fix 2013-11-07 21:32:08 +01:00
nm-atm-manager.h core: split NMAtmManager out of NMUdevManager 2013-06-05 17:49:25 -03:00
nm-auth-subject.c settings: prefer secret agents in the same process as the request 2013-12-03 16:41:00 -05:00
nm-auth-subject.h settings: prefer secret agents in the same process as the request 2013-12-03 16:41:00 -05:00
nm-connection-provider.c core: remove useless NMSettings::connections-loaded signal 2014-01-23 15:14:49 -05:00
nm-connection-provider.h core: remove useless NMSettings::connections-loaded signal 2014-01-23 15:14:49 -05:00
nm-connectivity.c trivial: nm_connectivity_check_async() returns void -> use g_return_if_fail() 2013-08-29 10:22:22 +02:00
nm-connectivity.h core: provide additional network connectivity information 2013-08-28 10:54:08 -04:00
nm-dbus-manager.c core: suppress logging warning when trying to create existing directory 2013-12-04 17:14:34 +01:00
nm-dbus-manager.h core: grab remote process id when authenticating D-Bus clients 2013-10-31 14:15:07 -05:00
nm-dcb.c core: add dcbtool manipulation logic 2013-10-31 13:29:22 -05:00
nm-dcb.h core: add dcbtool manipulation logic 2013-10-31 13:29:22 -05:00
nm-dhcp4-config.c core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
nm-dhcp4-config.h core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
nm-dhcp6-config.c core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
nm-dhcp6-config.h core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
nm-dispatcher.c coverity: fix various warnings detected with Coverity 2013-11-13 15:29:24 +01:00
nm-dispatcher.h core: add cancelation to dispatcher calls 2012-09-11 17:17:58 -05:00
nm-hostname-provider.c misc: license fixups 2010-01-21 15:11:50 -08:00
nm-hostname-provider.h misc: license fixups 2010-01-21 15:11:50 -08:00
nm-ip4-config.c core: add PropertiesChanged signals to IP4 and IP6 config objects 2014-01-23 16:48:04 -06:00
nm-ip4-config.h platform/core: add back support for PtP/peer addresses (rh #1018317) 2013-12-02 15:00:28 -05:00
nm-ip6-config.c core: add PropertiesChanged signals to IP4 and IP6 config objects 2014-01-23 16:48:04 -06:00
nm-ip6-config.h platform/core: add back support for PtP/peer addresses (rh #1018317) 2013-12-02 15:00:28 -05:00
nm-manager-auth.c core: fix crash in nm-manager-auth 2013-11-22 20:03:14 +01:00
nm-manager-auth.h core: remove unused auth chain creation functions 2013-10-31 14:15:08 -05:00
nm-manager.c core: enforce permissions for SetLogging 2014-01-23 16:48:19 -06:00
nm-manager.h core: move virtual device autoconnect tracking bits out of NMManager 2014-01-23 15:16:09 -05:00
nm-netlink-monitor.c netlink: enlarge netlink buffer to 128k 2013-05-27 17:50:15 +02:00
nm-netlink-monitor.h cleanup: remove obsolete link-related functions 2013-05-24 20:07:30 +02:00
nm-policy-hosts.c trivial: plug some memory leaks 2013-02-25 16:07:03 +01:00
nm-policy-hosts.h policy: stop touching /etc/hosts 2010-12-17 09:28:49 -06:00
nm-policy.c core: add some autoconnect debugging messages 2014-01-23 15:16:09 -05:00
nm-policy.h core: add NMManager:primary-connection and :activating-connection 2013-08-28 11:01:13 -04:00
nm-properties-changed-signal.c logging: tweak logging-enabled functions 2013-12-20 09:57:13 -05:00
nm-properties-changed-signal.h core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
nm-rfkill-manager.c core: split NMRfkillManager out of NMUdevManager 2013-06-05 17:49:24 -03:00
nm-rfkill-manager.h core: split NMRfkillManager out of NMUdevManager 2013-06-05 17:49:24 -03:00
nm-session-monitor-ck.c core: make NMSessionMonitor non-refcounted 2013-12-03 16:39:37 -05:00
nm-session-monitor-null.c core: make NMSessionMonitor non-refcounted 2013-12-03 16:39:37 -05:00
nm-session-monitor-systemd.c sessions: fix return value handling for sd_uid_get_sessions() (bgo #707983) 2014-01-23 16:48:19 -06:00
nm-session-monitor.h settings: clean up connection visibility and session change handling 2010-10-26 16:33:47 -05:00
nm-session-utils.c Use glib-mkenums to generate enum types 2012-02-15 11:42:15 -05:00
nm-session-utils.h Fix names of error enum values 2012-03-12 15:29:52 -04:00
nm-sleep-monitor-systemd.c sleep-monitor: add missing include 2013-09-13 09:05:07 -04:00
nm-sleep-monitor-upower.c core: convert the DBus manager to a single-ref object 2013-05-20 16:38:33 -03:00
nm-sleep-monitor.h core: factor out the upower suspend/resume code (bgo #677694) 2012-10-13 09:20:00 -05:00
nm-types.h core: add header for NM object types 2012-12-17 17:01:10 -06:00
nm-wifi-ap-utils.c coverity: fix various warnings detected with Coverity (fixup) 2013-11-13 18:43:18 +01:00
nm-wifi-ap-utils.h wifi: fix scanned signal strength calculation for WEXT-based drivers 2011-03-13 12:50:40 -05:00
nm-wifi-ap.c core: trivial change in nm_ap_set_ssid 2013-12-12 11:33:17 +01:00
nm-wifi-ap.h core: make nm-properties-changed-signal always export the right properties 2013-05-20 16:38:33 -03:00
org.freedesktop.NetworkManager.conf dbus: kill at_console usage in permissions (bgo #707983) (rh #979416) 2014-01-23 16:48:19 -06:00