# networkmanager "available to all users" & nm-applet[Solved?]

## ppurka

EDIT: This is broken again. See this post.

EDIT 2: The modification to the pam file as  mentioned here works with slim. lxdm gets the boot from my machine.

EDIT 3 (2013-03-10): This is broken again. How unsurprising. 

EDIT 4 (2015-02-04): Workaround: Here is a workaround since I am using kdm: https://wiki.archlinux.org/index.php/KDM#KDM_and_Gnome-keyring

Hi,

  I am trying to determine if it is possible for networkmanager to connect to my wireless network without requiring to start nm-applet. I believe I need to to go "Edit connections" and ensure that "Available to all users" is enabled. However, irrespective of how many times I check that button and click apply, the next time it is again unchecked. 

I have set up the networkmanager according to the directions in gentoo-wiki: http://en.gentoo-wiki.com/wiki/NetworkManager so I believe from a permissions point of view I am fine. Other salient points of my setup:

 1. I am using kdm to log in to my system

 2. consolekit is started automatically by the xdm service

 3. The DM is enlightenment 0.17

 4. I have already run the following command as root and added my user id:

```
polkit-auth --grant org.freedesktop.network-manager-settings.system.modify --user "USERNAME"
```

 5. I have installed gnome-extra/nm-applet-0.8 and net-misc/networkmanager-0.8-r1

Is there something extra I need to configure to ensure that networkmanager can automatically connect to my wireless without requiring me to start nm-applet?

----------

## ppurka

This turned out to be a regression in networkmanager-0.8. When using networkmanager-0.7.2 none of the configuration specified in the gentoo-wiki article is required. Only requirement is that the polkit-auth command (which is mentioned in the emerge log) should be executed.

----------

## ppurka

It turns out that networkmanager-0.8 does away with policykit altogether (and also does away with polkit-auth). It instead relies on a properly configured consolekit. 

What is required now is:

consolekit init service should be added to the default runlevel

/usr/libexec/polkit-gnome-authentication-agent-1 should be run as the user, after logging in.

----------

## ppurka

Over the past 2 months this has been broken again. At present I am logging in through lxdm and I have hard coded this line at the very beginning of Xsession:

```
eval exec /usr/bin/ck-launch-session /usr/local/bin/starte17
```

starte17 is the following script

```
#!/bin/bash

# Get the PATH and other variables right

. /etc/profile

if ! pgrep kdm >& /dev/null; then

    sudo /usr/bin/sessreg -a -l ":0" $USER

fi

/usr/bin/enlightenment_start "$@"
```

FYI, this is the output of ck-list-sessions after logging in:

```
~> ck-list-sessions 

Session12:

   unix-user = '500'

   realname = 'removed'

   seat = 'Seat1'

   session-type = ''

   active = TRUE

   x11-display = ':0'

   x11-display-device = '/dev/tty7'

   display-device = ''

   remote-host-name = ''

   is-local = TRUE

   on-since = '2010-12-19T08:57:29.186198Z'

   login-session-id = '28'

Session13:

   unix-user = '500'

   realname = 'removed'

   seat = 'Seat1'

   session-type = ''

   active = FALSE

   x11-display = ':0'

   x11-display-device = '/dev/tty7'

   display-device = ''

   remote-host-name = ''

   is-local = TRUE

   on-since = '2010-12-19T08:57:29.265200Z'

   login-session-id = '28'

```

However, if I run startx, which launches 3 xterms and then I run from an xterm: 

```
ck-launch-session enlightenment_start
```

. Then I need to run /usr/libexec/polkit-gnome-authentication-agent-1 and then nm-connection-editor works fine.

Perhaps it is connected: running w or who does not show my user in the output.

```
~> w

 17:21:51 up 19 days, 18:21,  4 users,  load average: 0.01, 0.01, 0.00

USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT

~> who

~> 

```

----------

## ppurka

Both the who and authentication problems are solved after I changed to slim login manager. Thanks to ssuominen's post here.

----------

## SamuliSuominen

 *ppurka wrote:*   

> Over the past 2 months this has been broken again. At present I am logging in through lxdm

 

lxdm... ok, I've never tried lxdm with ConsoleKit yet. lxdm doesn't seem to be in Portage yet :/

----------

## ppurka

 *ssuominen wrote:*   

>  *ppurka wrote:*   Over the past 2 months this has been broken again. At present I am logging in through lxdm 
> 
> lxdm... ok, I've never tried lxdm with ConsoleKit yet. lxdm doesn't seem to be in Portage yet :/

 Right now, it is better that it stays out of portage. Since it was in sabayon and another overlay, I thought it was in good working condition. But now I know better.

----------

## ppurka

This is broken again, as of today. It has been broken for a while but I changed an access point after a long time and noticed it. Even saving "Available to all users" as root doesn't help and it doesn't save the configuration to /etc/Networkmanager. What newfangled method of authentication am I missing now?

My current config:

* Using networkmanager-0.9.6.4, nm-applet-0.9.6.4, polkit-gnome-0.105.

* ck-list-sessions shows that a session is active

```
~» ck-list-sessions 

Session2:

   unix-user = '500'

   realname = 'xxx'

   seat = 'Seat1'

   session-type = 'x11'

   active = TRUE

   x11-display = ':0.0'

   x11-display-device = '/dev/tty7'

   display-device = ''

   remote-host-name = ''

   is-local = TRUE

   on-since = '2013-03-10T23:18:04.633520Z'

   login-session-id = '1'

Session1:

   unix-user = '500'

   realname = 'xxx'

   seat = 'Seat2'

   session-type = ''

   active = FALSE

   x11-display = ':0.0'

   x11-display-device = ''

   display-device = ''

   remote-host-name = ''

   is-local = TRUE

   on-since = '2013-03-10T23:18:04.534616Z'

   login-session-id = '1'

```

* polkit-gnome-authentication-agent is running

```
~» ps aux | grep polkit-gnome

xxx+  2971  0.0  0.0   8588   852 pts/1    SN+  07:46   0:00 grep --color polkit-gnome

xxx+ 27225  0.0  0.6 240856 24892 ?        SNl  07:37   0:00 /usr/libexec/polkit-gnome-authentication-agent-1
```

* "Available to all users" is grayed out.

----------

## nomono

I think I've had sort of the same problem. nm-applet kept on complaining about permissions.

Couldn't get it to work; until I tried creating

/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules

with the content

---->

polkit.addRule(function(action, subject) {

  if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("plugdev")) {

    return polkit.Result.YES;

  }

});

---->

I've got the idea from https://wiki.archlinux.org/index.php/NetworkManager; had to change the group to plugdev, as this

is the way gentoo handles it.

I do not know if this is a bug; looks like it is supposed to work this way; or somewhat like it. Although how to use the polkit, should

be a lot more clear. Would be nice if the ebuild could take care of this kind of stuff

>>greetings<<

----------

## ppurka

Hi nomono, thanks for the advice, but that polkit configuration hasn't worked for me  :Sad:  My user is in plugdev group.

----------

## ppurka

Does anyone have a solution for this problem?

----------

## ppurka

Here is a workaround since I am using kdm for the past couple of months (I was using slim earlier): https://wiki.archlinux.org/index.php/KDM#KDM_and_Gnome-keyring

Add the following lines to /etc/pam.d/kdm:

```

auth       optional     pam_gnome_keyring.so

session    optional     pam_gnome_keyring.so auto_start

```

So now my /etc/pam.d/kdm looks like this:

```
~» cat /etc/pam.d/kde

#%PAM-1.0

auth       required     pam_nologin.so

auth       include      system-local-login

auth       optional     pam_gnome_keyring.so

account    include      system-local-login

password   include      system-local-login

session    include      system-local-login

session    optional     pam_gnome_keyring.so auto_start

```

After this modification I get one password prompt to the gnome-keyring, and then there are no more password prompts from nm-applet.

----------

