NetworkManager-0.9.10.0-5.git20140704.fc21.x86_64 Cockpit allows configuration of the network via NetworkManager. This works well for admin users except the actual activation/deactivation of connections. I think at least "org.freedesktop.NetworkManager.network-control" should have <allow_any>auth_admin</allow_any> (Others actions might need adjusting, too.)
Yeah, this should get fixed and non-local users should have access to this stuff. We changed that earlier this year for other tasks, and I don't remember why we didn't fix that up for this too.
> Yeah, this should get fixed and non-local users should have access to this stuff. Ok, nice that we agree! We would like to have this in Fedora 21 still, but we can carefully work around this with a simple polkit rule, so if there is a reason why this can't be fixed in time in the NM package, that is no problem.
Actually the Fedora Server WG discussed this yesterday, and wants us to first and foremost pursue fixing these things in the package with the broken policy ... only including such an overriding polkit rule if all else fails. http://meetbot.fedoraproject.org/fedora-meeting-1/2014-09-23/fedora-meeting-1.2014-09-23-15.01.log.html
Created attachment 944168 [details] Allow non-local admin sessions to control the network. Proposed patch.
Created attachment 944187 [details] Fix broken polkit policy Resolves: rhbz#1145646
Also added patch which can be merged into the Fedora 21 package to fix this issue during the Beta if upstream NetworkManager does not update. The alternative, is for Cockpit to install a polkit rules.d which overrides the NetworkManager policy. Scratch build with this patch: http://koji.fedoraproject.org/koji/taskinfo?taskID=7773139
(In reply to Stef Walter from comment #6) > Scratch build with this patch: > http://koji.fedoraproject.org/koji/taskinfo?taskID=7773139 I have tested this, and it works as expected. I tested both manually and by reverting "c7a9269 polkit: Tweak policy to work for Cockpit" in Cockpit and running the integration tests.
Pushed upstream to git master and nm-0-9-10.
NetworkManager-0.9.10.0-7.git20140704.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/NetworkManager-0.9.10.0-7.git20140704.fc21
Package NetworkManager-0.9.10.0-7.git20140704.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing NetworkManager-0.9.10.0-7.git20140704.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-12865/NetworkManager-0.9.10.0-7.git20140704.fc21 then log in and leave karma (feedback).
NetworkManager-0.9.10.0-10.git20140704.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/FEDORA-2014-13679/NetworkManager-0.9.10.0-10.git20140704.fc21
NetworkManager-0.9.10.0-10.git20140704.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.