diff options
author | Thomas Haller <thaller@redhat.com> | 2018-11-21 13:30:16 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2018-12-09 14:47:32 +0100 |
commit | b635b4d4194514baf6bf5b32f1116210c8822668 (patch) | |
tree | 0779aeeb18a5b9438b26ab55c30987c2b1430a53 /src/nm-checkpoint.c | |
parent | b4d3334853b3b6bd28836c85c6290e4518b6f96d (diff) | |
download | NetworkManager-b635b4d4194514baf6bf5b32f1116210c8822668.tar.gz |
core: improve and fix keeping connection active based on "connection.permissions"
By setting "connection.permissions", a profile is restricted to a
particular user.
That means for example, that another user cannot see, modify, delete,
activate or deactivate the profile. It also means, that the profile
will only autoconnect when the user is logged in (has a session).
Note that root is always able to activate the profile. Likewise, the
user is also allowed to manually activate the own profile, even if no
session currently exists (which can easily happen with `sudo`).
When the user logs out (the session goes away), we want do disconnect
the profile, however there are conflicting goals here:
1) if the profile was activate by root user, then logging out the user
should not disconnect the profile. The patch fixes that by not
binding the activation to the connection, if the activation is done
by the root user.
2) if the profile was activated by the owner when it had no session,
then it should stay alive until the user logs in (once) and logs
out again. This is already handled by the previous commit.
Yes, this point is odd. If you first do
$ sudo -u $OTHER_USER nmcli connection up $PROFILE
the profile activates despite not having a session. If you then
$ ssh guest@localhost nmcli device
you'll still see the profile active. However, the moment the SSH session
ends, a session closes and the profile disconnects. It's unclear, how to
solve that any better. I think, a user who cares about this, should not
activate the profile without having a session in the first place.
There are quite some special cases, in particular with internal
activations. In those cases we need to decide whether to bind the
activation to the profile's visibility.
Also, expose the "bind" setting in the D-Bus API. Note, that in the future
this flag may be modified via D-Bus API. Like we may also add related API
that allows to tweak the lifetime of the activation.
Also, I think we broke handling of connection visiblity with 37e8c53eeed
"core: Introduce helper class to track connection keep alive". This
should be fixed now too, with improved behavior.
Fixes: 37e8c53eeed579fe34a68819cd12f3295d581394
https://bugzilla.redhat.com/show_bug.cgi?id=1530977
Diffstat (limited to 'src/nm-checkpoint.c')
-rw-r--r-- | src/nm-checkpoint.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/nm-checkpoint.c b/src/nm-checkpoint.c index b0cf1f5117..5489ed4956 100644 --- a/src/nm-checkpoint.c +++ b/src/nm-checkpoint.c @@ -46,6 +46,7 @@ typedef struct { guint64 ac_version_id; NMDeviceState state; bool realized:1; + bool activation_lifetime_bound_to_profile_visiblity:1; NMUnmanFlagOp unmanaged_explicit; NMActivationReason activation_reason; } DeviceCheckpoint; @@ -335,6 +336,9 @@ activate: subject, NM_ACTIVATION_TYPE_MANAGED, dev_checkpoint->activation_reason, + dev_checkpoint->activation_lifetime_bound_to_profile_visiblity + ? NM_ACTIVATION_STATE_FLAG_LIFETIME_BOUND_TO_PROFILE_VISIBILITY + : NM_ACTIVATION_STATE_FLAG_NONE, &local_error)) { _LOGW ("rollback: reactivation of connection %s/%s failed: %s", nm_settings_connection_get_id (connection), @@ -439,6 +443,8 @@ device_checkpoint_create (NMDevice *device) dev_checkpoint->settings_connection = nm_simple_connection_new_clone (nm_settings_connection_get_connection (settings_connection)); dev_checkpoint->ac_version_id = nm_active_connection_version_id_get (NM_ACTIVE_CONNECTION (act_request)); dev_checkpoint->activation_reason = nm_active_connection_get_activation_reason (NM_ACTIVE_CONNECTION (act_request)); + dev_checkpoint->activation_lifetime_bound_to_profile_visiblity = NM_FLAGS_HAS (nm_active_connection_get_state_flags (NM_ACTIVE_CONNECTION (act_request)), + NM_ACTIVATION_STATE_FLAG_LIFETIME_BOUND_TO_PROFILE_VISIBILITY); } return dev_checkpoint; |