Bug 174467

Summary: user password required for system-wide WEP key
Product: [Fedora] Fedora Reporter: David Woodhouse <dwmw2>
Component: NetworkManagerAssignee: Dan Williams <dcbw>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: bjohnson
Target Milestone: ---Keywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-12 09:42:47 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 150225, 176728, 235704    
Description Flags
login prompt for NM none

Description David Woodhouse 2005-11-29 07:21:06 EST
The new version of NetworkManager makes me enter my password to the GNOME
keyring thingy before it will connect to the wireless network.

The WEP key is a system-wide thing; that's why it's stored in
/etc/sysconfig/network-scripts/key-eth1. NetworkManager ought to connect without
user interaction, as it used to in FC4.
Comment 1 jim 2005-12-30 07:31:24 EST
Created attachment 122641 [details]
login prompt for NM
Comment 2 Chris Chabot 2006-01-04 13:59:35 EST
I reported something like this before in bug #172555 
Hope to see it fixed some day :-)
Comment 3 David Woodhouse 2006-01-09 13:08:07 EST

*** This bug has been marked as a duplicate of 172555 ***
Comment 4 Ray Strode [halfline] 2006-01-11 10:34:29 EST
This is actually a really hard problem to solve.  We can't let every user of a
machine have access to one persons VPN, for instance.  This same idea can be
extended to access points (who's to say the access point is not connected to a
local intranet only type thing?).  This gets even more complicated when you
factor in things like fast user switching.  The bottom line is the problem is
not going to get solved for FC5.
Comment 5 David Woodhouse 2006-01-11 10:41:57 EST
You already _do_ let every user of the machine access the VPN while it's up. You
haven't played with iptables and per-user filtering, have you? That's a bogus

It would be fairly simple to put keys somewhere which are usable by
NetworkManager  in the absence of any given user. Ideally you'd use the keys
which are always configured with system-config-network.
Comment 6 David Woodhouse 2007-03-25 15:51:04 EDT
This seems to have got worse. Now I'm asked for the password every time my
machine comes back from suspend-to-RAM.
Comment 7 Will Woods 2007-05-11 17:14:59 EDT
This works for me with current rawhide - I'm asked for my password once and only

David, can you confirm and either close this bug or move it to F8Target (so we
can push for a proper solution next release)?
Comment 8 Matthias Clasen 2007-05-17 13:48:33 EDT
This is unlikely to see any action before f7 final.
Comment 9 David Woodhouse 2007-07-30 05:57:20 EDT
I'm still asked for a password. Just once, but even that is too much, and is a
regression since FC4.
Comment 10 W. Michael Petullo 2007-08-26 17:14:12 EDT
Have you guys tried pam_keyring?  The pam_keyring module unlocks gnome-keyring
with the system password a user provides to log in.
Comment 11 Dan Williams 2008-02-12 09:42:47 EST

*** This bug has been marked as a duplicate of 154652 ***