Ubuntu
network-manager-openvpn package

constructor(): Connection ":1.63" is not allowed to own the service "org.freedesktop.NetworkManager.openvpn" due to security policies in the configuration file

Bug #624068 reported by Mathieu Carbou
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
network-manager-openvpn (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: network-manager-openvpn

Hi,

I think I really need your help: I just installed 2 days ago Ubuntu 10.04.1 LTS (x88) plus OpenVPN and Network Manager Gnome support (amongst with PPTP and CISCO) => network-manager-openvpn 0.8-0ubuntu3

I also had the 'No VPN secrets!' error (BUG https://bugs.launchpad.net/bugs/453807). So I've applied the modification to nm-openvpn-service.conf

        <policy user="at_console">
                <allow own="org.freedesktop.NetworkManager.openvpn"/>
                <allow send_destination="org.freedesktop.NetworkManager.openvpn"/>
        </policy>

But when I try to activate the OpenVPN connection, I have the following error:

Aug 24 22:53:26 box NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Aug 24 22:53:26 box NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 2285
Aug 24 22:53:26 box NetworkManager: <WARN> vpn_service_watch_cb(): VPN service 'org.freedesktop.NetworkManager.openvpn' exited with error: 1
Aug 24 22:53:26 box NetworkManager: <info> (eth0): writing resolv.conf to /sbin/resolvconf
Aug 24 22:53:26 box NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Aug 24 22:53:32 box NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' did not start in time, cancelling connections

The connection type is a really basic "Certificates TLS" with a private key requiring a password. I've tried to change

user="at_console"
to
at_console="true"

I've checked that the vpn settins in gconf-editor are there, and also the password in gnome keyring manager.

If I start NetworkManager manually, the error is more detailed:

NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 2217

** (process:2217): WARNING **: <WARN> constructor(): Connection ":1.63" is not allowed to own the service "org.freedesktop.NetworkManager.openvpn" due to security policies in the configuration file

NetworkManager: <WARN> vpn_service_watch_cb(): VPN service 'org.freedesktop.NetworkManager.openvpn' exited with error: 1
NetworkManager: <info> (eth0): writing resolv.conf to /sbin/resolvconf
NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' did not start in time, cancelling connections

By searching on Internet, I saw this bughttps://bugzilla.redhat.com/show_bug.cgi?id=554688 plus another post which I don't remember which suggested to replace all deny by allow in files NetworkManager.conf and in nm-*.conf.

Also I tried to execute:
/usr/lib/network-manager-openvpn/nm-openvpn-auth-dialog -n ovea -s org.freedesktop.NetworkManager.openvpn -u 0cc9a295-3e92-4cf0-bcbe-7c39315a0135 -r
so that to be sure my password is registered in Gnome Keyrings

But after trying all of this, I still have the same issue.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.