NetworkManager always check secret agent for modify access

Bug #1261648 reported by Roman Shipovskij on 2013-12-17
18
This bug affects 4 people
Affects Status Importance Assigned to Milestone
NetworkManager
Unknown
Unknown
network-manager (Ubuntu)
Undecided
Unassigned

Bug Description

NetworkManager always check secret agent for modify access even if secret flag is always-ask in get_next_cb (src/settings/nm-agent-manager.c), has_system_secrets always return TRUE because nm_connection_for_each_setting_value iterate by all possible settings which never used in this connection, as result we always have secret with flag NM_SETTING_SECRET_FLAG_NONE

Can someone help to resolve this problem?

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: network-manager 0.9.4.0-0ubuntu4.3
ProcVersionSignature: Ubuntu 3.2.0-57.87-generic-pae 3.2.52
Uname: Linux 3.2.0-57-generic-pae i686
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: i386
CRDA: Error: [Errno 2] No such file or directory
Date: Mon Dec 16 17:26:09 2013
IpRoute:
 default via 10.31.1.254 dev eth0 proto static
 10.0.0.0/8 via 10.31.1.1 dev eth0 proto static
 10.31.1.0/24 dev eth0 proto kernel scope link src 10.31.1.168 metric 1
 169.254.0.0/16 dev eth0 scope link metric 1000
IwConfig:
 lo no wireless extensions.

 eth0 no wireless extensions.
MarkForUpload: True
NetworkManager.state:
 [main]
 NetworkingEnabled=true
 WirelessEnabled=true
 WWANEnabled=true
 WimaxEnabled=true
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=uk_UA.UTF-8
 SHELL=/bin/bash
RfKill:

SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
WifiSyslog: Dec 16 09:16:57 TEH0-PL-02 kernel: [227092.135505] type=1400 audit(1387178217.405:29): apparmor="DENIED" operation="open" parent=1 profile="/usr/bin/evince" name="/etc/dconf/profile/user" pid=4828 comm="evince" requested_mask="r" denied_mask="r" fsuid=3513 ouid=0
modified.conffile..etc.NetworkManager.NetworkManager.conf: [modified]
mtime.conffile..etc.NetworkManager.NetworkManager.conf: 2013-02-21T10:28:09.991093
nmcli-dev:
 DEVICE TYPE STATE DBUS-PATH
 eth0 802-3-ethernet connected /org/freedesktop/NetworkManager/Devices/0
nmcli-nm:
 RUNNING VERSION STATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN
 running 0.9.4.0 connected enabled enabled enabled enabled disabled

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager (Ubuntu):
status: New → Confirmed

I found this http://gnome-networkmanager.2324886.n4.nabble.com/NM-0-9-asks-for-PK-auth-without-need-td11076.html
I compile NM with patch 0001-don-t-consider-not-needed-secrets-for-has_system_secr.diff as discribed on https://wiki.ubuntu.com/DebuggingNetworkManager

As I see in DEBUG log this patch skip all not needed secrets, but my problem still not completely resolved, we are using WPA2 Enterprise network (EAP-TTLS) and as I found EAP authentication has two variants of secrets: 'password' and 'password-raw' (https://developer.gnome.org/NetworkManager/0.9/ref-settings.html)

password-raw not used in graphical configurator but it is possible to set it and it flag only by editing config file or via API

I checked all possible combination and found that 'password-raw' used only if it's set in config file or if password-flag=NM_SETTING_SECRET_FLAG_NOT_REQUIRED

I think 'password-raw' flag should be considered with 'password' flag

Changed in network-manager (Ubuntu):
status: Confirmed → Triaged
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.