diff --git a/panels/network.py b/panels/network.py index 395a01bf..262cd081 100644 --- a/panels/network.py +++ b/panels/network.py @@ -197,9 +197,6 @@ class Panel(ScreenPanel): self._screen.remove_keyboard() result = self.sdbus_nm.add_network(ssid, self.labels['network_psk'].get_text()) if "error" in result: - if result["error"] == "insufficient_privileges": - self.permissions_fix_dialog() - return self._screen.show_popup_message(result["message"]) if result["error"] == "psk_invalid": return @@ -207,33 +204,6 @@ class Panel(ScreenPanel): self.connect_network(widget, ssid, showadd=False) self.close_add_network() - def permissions_fix_dialog(self): - - label = Gtk.Label(wrap=True, vexpand=True) - label.set_markup( - _("Insufficient priviledges detected") + "\n" - + _("Do you want to let KlipperScreen try to solve the issue?") - ) - buttons = [ - {"name": _("Accept"), "response": Gtk.ResponseType.OK, "style": 'dialog-warning'}, - {"name": _("Cancel"), "response": Gtk.ResponseType.CANCEL, "style": 'dialog-error'}, - ] - self._gtk.Dialog(_("Insufficient privileges"), buttons, label, self.confirm_permission_fix) - - def confirm_permission_fix(self, dialog, response_id): - self._gtk.remove_dialog(dialog) - if response_id == Gtk.ResponseType.CANCEL: - return - if response_id == Gtk.ResponseType.OK: - conf_d_path = "/etc/NetworkManager/conf.d" - if not os.path.exists(conf_d_path): - subprocess.run(["sudo", "mkdir", "-p", conf_d_path]) - with open("/tmp/any-user.conf", "w") as f: - f.write("[main]\nauth-polkit=false\n") - subprocess.run(["sudo", "mv", "/tmp/any-user.conf", "/etc/NetworkManager/conf.d/any-user.conf"]) - subprocess.run(["sudo", "systemctl", "restart", "NetworkManager.service"]) - subprocess.run(["sudo", "systemctl", "restart", "KlipperScreen.service"]) - def back(self): if self.show_add: self.close_add_network() diff --git a/scripts/KlipperScreen-install.sh b/scripts/KlipperScreen-install.sh index ee94e6fb..34716b75 100755 --- a/scripts/KlipperScreen-install.sh +++ b/scripts/KlipperScreen-install.sh @@ -180,7 +180,9 @@ create_policy() echo_text "Installing KlipperScreen PolicyKit Rules" sudo groupadd -f klipperscreen + sudo groupadd -f network sudo adduser "$USER" netdev + sudo adduser "$USER" network if [ ! -x "$(command -v pkaction)" ]; then echo "PolicyKit not installed" return @@ -208,10 +210,8 @@ create_policy() KS_GID=$( getent group klipperscreen | awk -F: '{printf "%d", $3}' ) sudo tee ${RULE_FILE} > /dev/null << EOF -// Allow KlipperScreen to reboot, shutdown, etc polkit.addRule(function(action, subject) { - if (action.id == "org.freedesktop.NetworkManager.settings.modify.system" && - subject.isInGroup("network")) { + if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) { return polkit.Result.YES; } }); @@ -224,15 +224,7 @@ polkit.addRule(function(action, subject) { action.id == "org.freedesktop.login1.halt-multiple-sessions" || action.id.startsWith("org.freedesktop.NetworkManager.")) && subject.user == "$USER") { - // Only allow processes with the "klipperscreen" supplementary group - // access - var regex = "^Groups:.+?\\\s$KS_GID[\\\s\\\0]"; - var cmdpath = "/proc/" + subject.pid.toString() + "/status"; - try { - polkit.spawn(["grep", "-Po", regex, cmdpath]); - return polkit.Result.YES; - } catch (error) { - return polkit.Result.NOT_HANDLED; + return polkit.Result.YES; } } }); @@ -300,6 +292,11 @@ install_network_manager() else echo_ok "Installing NetworkManager for the network panel" sudo apt install network-manager + sudo mkdir -p /etc/NetworkManager/conf.d + sudo tee /etc/NetworkManager/conf.d/any-user.conf > /dev/null << EOF +[main] +auth-polkit=false +EOF sudo systemctl -q disable dhcpcd 2> /dev/null sudo systemctl -q stop dhcpcd 2> /dev/null sudo systemctl enable NetworkManager