Bug 710552
Summary: | nmcli VPN fails whenever I'm root | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | tuxor <acc-bugz-redhat> |
Component: | NetworkManager | Assignee: | Dan Williams <dcbw> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 15 | CC: | dcbw, jklimes |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-06-28 06:33:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
tuxor
2011-06-03 16:53:51 UTC
version-release number: NetworkManager.x86_64 1:0.8.9997-1.git20110531.fc15 It might be interesting to hear, that my vpn-secret is in /etc/NetworkManager/system-connections/my-openvpn (unencrypted!). But I also have an entry regarding this vpn-secret in my gnome-keyring. When typing "nmcli con list id my-openvpn" (as root or user doesn't matter), the field "vpn.secrets" is empty. So what to do about that?! There are a few ways to handle secrets. In NetworkManager 0.9, these are configured by means of connections' secret property flags: http://projects.gnome.org/NetworkManager/developers/migrating-to-09/secrets-flags.html For most connection types, the default handling is that NM stores passwords itself. However, for certain connections, e.g. VPN, the passwords are rather regarded as personal and thus they are stored by default in clients (e.g. keyring). So, if you have configured my-openvpn connection for a user, but activate that under root, the password in user's keyring is not accessible. You can set password-flags in [vpn] to 0 and add your password to [vpn-secrets] to let NM manage the password and thus be able to activate the connection by any user: [vpn] .... password-flags=0 [vpn-secrets] password=your_password See also http://markmail.org/message/bamybmq5shyk6eje Thanks for your comment. It solved my problem with the dispatcher-scripts. Since this is intended behaviour, it seems like it's "NOTABUG". But it could also be WONTFIX or WORKSFORME. |