Features/NetworkManagerSystemConnections

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Current status)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
 
<!-- The actual name of your feature page should look something like: Features/YourFeatureName.  This keeps all features in the same namespace -->
 
<!-- The actual name of your feature page should look something like: Features/YourFeatureName.  This keeps all features in the same namespace -->
  
Line 9: Line 8:
  
 
== Owner ==
 
== Owner ==
* Name: [[User:dcbw| Dan Williams]]
+
* Name: [[DanWilliams|Dan Williams]]
 
* email: dcbw@redhat.com
 
* email: dcbw@redhat.com
  
 
== Current status ==
 
== Current status ==
* Targeted release: [[Releases/11 | Fedora 11]]  
+
* Targeted release: [[Releases/12 | Fedora 12]]  
* Last updated: 2009-07-09
+
* Last updated: 2009-08-02
* Percentage of completion: 80%
+
* Percentage of completion: 100%
  
System connections work for wired and wireless, not for things like 3G (where is should be much less needed).
+
System connections work for wired and wireless.
 +
Support for other kinds of connections, such as 3G may be added at a later point.
  
 
== Detailed Description ==
 
== Detailed Description ==
 +
(quick background: user & system connections...  user connections are the ones stored in GConf and are private to the user.  For stuff like VPNs where you dont' want everyone to have access to some particular network resource if you fast-user-switch or whatever.  System connections are available to all users, *and* available before login and at boot time)
 +
 
NetworkManager has been able to read information about system-wide network connections from /etc/sysconfig for a while. This feature is about enabling full read-write support for system connections. The ability to create or modify new system connections will be controlled by PolicyKit policies.
 
NetworkManager has been able to read information about system-wide network connections from /etc/sysconfig for a while. This feature is about enabling full read-write support for system connections. The ability to create or modify new system connections will be controlled by PolicyKit policies.
  
 
Initially, only wired/wireless connections will be supported. Later on, vpn connections will follow.
 
Initially, only wired/wireless connections will be supported. Later on, vpn connections will follow.
  
For connections that require secrets, those will be stored in .keys files in /etc/sysconfig.
+
For connections that require secrets, those will be stored in keys files in /etc/sysconfig.
  
 
== Benefit to Fedora ==
 
== Benefit to Fedora ==
Line 36: Line 38:
 
== How To Test ==
 
== How To Test ==
  
# Connect to a network in your session
+
NM uses PolicyKit to provide fine-grained access control to specific features, and ensure that the system administrator can control what specific users can and cannot do.  Examples of "permissions" that NM defines are ones like allowing users to edit system-wide connections, or creating open adhoc networks, etc.
# Open the connection editor
+
 
# Check the "available to all users" checkbox (and the "connect automatically" one)
+
PolicyKit is a mechanism to require the user to personally authenticate themselves through a password or something else that ensures that the user is actually sitting in front of the computer and not some malicious program.  Think of PolicyKit like the PIN on your debit-card: it proves that you are who you say you are.
# Verify that the connection information is moved from your gconf database to /etc/sysconfig
+
 
# Reboot, and note that the connection is available before login
+
PolicyKit is used mainly in the connection editor.  When editing a "system-wide" connection, or attempting to convert a 'user' connection into a system-wide connection.  In these cases, if the administrator has allowed the user to authenticate themselves before editing the system connection, the user will be required to enter a password (usually the root password) before the operation succeeds.  The administrator can also block the user from doing so, in which case the connection manager will not allow the user to make changes to that connection.  You can test this by changing the file:
# Login, edit the connection again, and uncheck "available to all users"
+
 
# Verify that the connection information is moved back into your gconf database
+
/usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy
 +
 
 +
and looking for the lines of "allow_active" for each specific permission that NetworkManager defines.  A value of "auth_admin_keep" means that the user only has to authorize themselves once, and thereafter the authorization is cached and they are no longer asked for their password.  A value of "auth_admin" means they are asked for their password every time.  A value of "no" means they are denied that permission completely.
 +
 
 +
Test cases revolve around modifying that .policy file and ensuring that the connection editor behaves as expected; for example:
 +
 
 +
# change the org.freedesktop.network-manager-settings.system.modify permission to "auth_admin"
 +
# start the connection editor
 +
# attempt to edit "System eth0"
 +
# ensure that the editor asks for the root password
 +
# ensure that the resulting window allows you to edit the options
 +
# change some random option like "Connect automatically"
 +
# Hit Apply
 +
# double-click the "System eth0" connection again
 +
# ensure that the editor asks for the root password again (since we didn't use auth_admin_keep, it'll ask every time)
 +
# ensure that "Connect automatically" is still set the same way you did in step 6
 +
# hit Apply
 +
# change the org.freedesktop.network-manager-settings.system.modify permission to "no"
 +
# ensure that you cannot double-click the "system eth0" connection and that when that connection is selected, the "Edit" button is insensitive
 +
 
 +
To test setting a connection as "system wide" and thus exercising the config parsing and writing backends:
  
During all these steps, observe that the correct PolicyKit policy checks are done.
+
# ensure you have PolicyKit permission edit system connections by making sure the system.modify permission is "auth_admin" or "auth_admin_keep"
Modify the relevant policies and verify that nm-applet behaves accordingly.
+
# edit a non-system wired or wifi connection using nm-connection-editor
Repeat with different connection types.
+
# Check the "Available to all users" checkbox
 +
# hit the apply button
 +
# Look for a file named /etc/sysconfig/network-scripts/ifcfg-<name of connection you just edited>
 +
# ensure that the file's contents looks valid
 +
# if the connection required any passwords, look for the file /etc/sysconfig/network-scripts/keys-<name of connection>
 +
# ensure the passwords are correct
  
 
== User Experience ==
 
== User Experience ==

Latest revision as of 08:15, 23 September 2009


Contents

[edit] Network Manager System Connections

[edit] Summary

Add full support for system-wide connections to NetworkManager.

[edit] Owner

[edit] Current status

  • Targeted release: Fedora 12
  • Last updated: 2009-08-02
  • Percentage of completion: 100%

System connections work for wired and wireless. Support for other kinds of connections, such as 3G may be added at a later point.

[edit] Detailed Description

(quick background: user & system connections... user connections are the ones stored in GConf and are private to the user. For stuff like VPNs where you dont' want everyone to have access to some particular network resource if you fast-user-switch or whatever. System connections are available to all users, *and* available before login and at boot time)

NetworkManager has been able to read information about system-wide network connections from /etc/sysconfig for a while. This feature is about enabling full read-write support for system connections. The ability to create or modify new system connections will be controlled by PolicyKit policies.

Initially, only wired/wireless connections will be supported. Later on, vpn connections will follow.

For connections that require secrets, those will be stored in keys files in /etc/sysconfig.

[edit] Benefit to Fedora

Makes NetworkManager a fully featured replacement for the aging system-config-network tool (for 90% of all use cases, there's still some exotic stuff left, like bridging and bonding).

[edit] Scope

The feature requires changes in NetworkManager and nm-applet. To enable the same functionality in other frontend, they will need changes as well.

Part of this feature is defining suitable keys for network-related /etc/sysconfig files to hold all the information that NetworkManager has about a connection.

[edit] How To Test

NM uses PolicyKit to provide fine-grained access control to specific features, and ensure that the system administrator can control what specific users can and cannot do. Examples of "permissions" that NM defines are ones like allowing users to edit system-wide connections, or creating open adhoc networks, etc.

PolicyKit is a mechanism to require the user to personally authenticate themselves through a password or something else that ensures that the user is actually sitting in front of the computer and not some malicious program. Think of PolicyKit like the PIN on your debit-card: it proves that you are who you say you are.

PolicyKit is used mainly in the connection editor. When editing a "system-wide" connection, or attempting to convert a 'user' connection into a system-wide connection. In these cases, if the administrator has allowed the user to authenticate themselves before editing the system connection, the user will be required to enter a password (usually the root password) before the operation succeeds. The administrator can also block the user from doing so, in which case the connection manager will not allow the user to make changes to that connection. You can test this by changing the file:

/usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy

and looking for the lines of "allow_active" for each specific permission that NetworkManager defines. A value of "auth_admin_keep" means that the user only has to authorize themselves once, and thereafter the authorization is cached and they are no longer asked for their password. A value of "auth_admin" means they are asked for their password every time. A value of "no" means they are denied that permission completely.

Test cases revolve around modifying that .policy file and ensuring that the connection editor behaves as expected; for example:

  1. change the org.freedesktop.network-manager-settings.system.modify permission to "auth_admin"
  2. start the connection editor
  3. attempt to edit "System eth0"
  4. ensure that the editor asks for the root password
  5. ensure that the resulting window allows you to edit the options
  6. change some random option like "Connect automatically"
  7. Hit Apply
  8. double-click the "System eth0" connection again
  9. ensure that the editor asks for the root password again (since we didn't use auth_admin_keep, it'll ask every time)
  10. ensure that "Connect automatically" is still set the same way you did in step 6
  11. hit Apply
  12. change the org.freedesktop.network-manager-settings.system.modify permission to "no"
  13. ensure that you cannot double-click the "system eth0" connection and that when that connection is selected, the "Edit" button is insensitive

To test setting a connection as "system wide" and thus exercising the config parsing and writing backends:

  1. ensure you have PolicyKit permission edit system connections by making sure the system.modify permission is "auth_admin" or "auth_admin_keep"
  2. edit a non-system wired or wifi connection using nm-connection-editor
  3. Check the "Available to all users" checkbox
  4. hit the apply button
  5. Look for a file named /etc/sysconfig/network-scripts/ifcfg-<name of connection you just edited>
  6. ensure that the file's contents looks valid
  7. if the connection required any passwords, look for the file /etc/sysconfig/network-scripts/keys-<name of connection>
  8. ensure the passwords are correct

[edit] User Experience

Users will be able to use NetworkManager with system-wide connections and be happy. Longer-term, we will be able to remove system-config-network from the default install, and shrink the administration menu, which helps users too.

[edit] Dependencies

None

[edit] Contingency Plan

Keep system connections read-only in NetworkManager. system-config-network is still available in any case.

[edit] Documentation

Not at this point. Documentation that will be needed at some point includes documentation of the new /etc/sysconfig keys.

[edit] Release Notes

NetworkManager can now create and edit system-wide network connections in /etc/sysconfig.

[edit] Comments and Discussion