diff options
author | Dan Williams <dcbw@redhat.com> | 2010-06-02 02:23:51 -0700 |
---|---|---|
committer | Dan Williams <dcbw@redhat.com> | 2010-06-02 02:23:51 -0700 |
commit | 299ab139e4058da7f89defc148940e0a67b9a90e (patch) | |
tree | 94d06c633b4b43770d4f99ec508094aaed05e47b | |
parent | a08227525c40daf1fd239ab75df4019986a53a86 (diff) | |
download | NetworkManager-299ab139e4058da7f89defc148940e0a67b9a90e.tar.gz |
core: add policy for overall network control
Allows for locking down connections completely and disallowing
certain users from touching networking at all.
-rw-r--r-- | policy/org.freedesktop.NetworkManager.policy.in | 9 | ||||
-rw-r--r-- | src/nm-manager-auth.h | 1 | ||||
-rw-r--r-- | src/nm-manager.c | 2 |
3 files changed, 12 insertions, 0 deletions
diff --git a/policy/org.freedesktop.NetworkManager.policy.in b/policy/org.freedesktop.NetworkManager.policy.in index a912872491..e6540655d4 100644 --- a/policy/org.freedesktop.NetworkManager.policy.in +++ b/policy/org.freedesktop.NetworkManager.policy.in @@ -54,5 +54,14 @@ </defaults> </action> + <action id="org.freedesktop.NetworkManager.network-control"> + <_description>Allow control of network connections</_description> + <_message>System policy prevents control of network connections</_message> + <defaults> + <allow_inactive>yes</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + </policyconfig> diff --git a/src/nm-manager-auth.h b/src/nm-manager-auth.h index 14e130115e..44bb309973 100644 --- a/src/nm-manager-auth.h +++ b/src/nm-manager-auth.h @@ -32,6 +32,7 @@ #define NM_AUTH_PERMISSION_ENABLE_DISABLE_WIFI "org.freedesktop.NetworkManager.enable-disable-wifi" #define NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN "org.freedesktop.NetworkManager.enable-disable-wwan" #define NM_AUTH_PERMISSION_USE_USER_CONNECTIONS "org.freedesktop.NetworkManager.use-user-connections" +#define NM_AUTH_PERMISSION_NETWORK_CONTROL "org.freedesktop.NetworkManager.network-control" typedef struct NMAuthChain NMAuthChain; diff --git a/src/nm-manager.c b/src/nm-manager.c index eaad533e45..874433a1e2 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -3076,6 +3076,7 @@ get_permissions_done_cb (NMAuthChain *chain, get_perm_add_result (chain, results, NM_AUTH_PERMISSION_ENABLE_DISABLE_WIFI); get_perm_add_result (chain, results, NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN); get_perm_add_result (chain, results, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS); + get_perm_add_result (chain, results, NM_AUTH_PERMISSION_NETWORK_CONTROL); dbus_g_method_return (context, results); g_hash_table_destroy (results); } @@ -3110,6 +3111,7 @@ impl_manager_get_permissions (NMManager *self, nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_ENABLE_DISABLE_WIFI, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, FALSE); } /* Legacy 0.6 compatibility interface */ |