我目前正在研究一个ArchLinux系统,我尝试配置使用的规则波尔基特所以里面的用户网络组能够运行 nmcli 命令。
我创建了一个 polkit 规则,如下所示:
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {
return polkit.Result.YES;
}
});
当我运行如下命令时:
nmcli connection shownmcli connection up enp11s0f0
一切正常美好的。
但由于一个奇怪的原因失败使用如下命令:
nmcli connection reloadnmcli connection load enp11s0f0
我已经在规则中添加了一些日志重新加载命令不生成任何日志。
这加载命令显示这些日志:
10:04:38.658: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-network']
10:04:38.659: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.661: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.sleep-wake']
10:04:38.662: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.665: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wifi']
10:04:38.665: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.668: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wwan']
10:04:38.668: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.671: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wimax']
10:04:38.671: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.674: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.network-control']
10:04:38.674: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.677: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.wifi.share.protected']
10:04:38.677: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
但失败了Error: failed to load connection: access denied.
如果我检查 nmcli 权限:
$ nmcli general permissions
PERMISSION VALUE
org.freedesktop.NetworkManager.enable-disable-network yes
org.freedesktop.NetworkManager.enable-disable-wifi yes
org.freedesktop.NetworkManager.enable-disable-wwan yes
org.freedesktop.NetworkManager.enable-disable-wimax yes
org.freedesktop.NetworkManager.sleep-wake yes
org.freedesktop.NetworkManager.network-control yes
org.freedesktop.NetworkManager.wifi.share.protected yes
org.freedesktop.NetworkManager.wifi.share.open yes
org.freedesktop.NetworkManager.settings.modify.system yes
org.freedesktop.NetworkManager.settings.modify.own yes
org.freedesktop.NetworkManager.settings.modify.hostname yes
org.freedesktop.NetworkManager.settings.modify.global-dns yes
org.freedesktop.NetworkManager.reload yes
org.freedesktop.NetworkManager.checkpoint-rollback yes
org.freedesktop.NetworkManager.enable-disable-statistics yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check yes
org.freedesktop.NetworkManager.wifi.scan unknown
有关如何修复它的任何线索吗?
答案1
这在政策上是不可能的。
看https://bugzilla.redhat.com/show_bug.cgi?id=1921082,它被关闭作为不是一个错误。