On Tue, Feb 11, 2014 at 10:05:37AM +0100, Christian Schmitt wrote: > Hello, currently I have installed a IPA Server (CentOS 6.5) and have a Fedora > 20 Heisenburg Client with ipa installed. > > Currently I have some strange problems with every user account from free IPA. > They can't change the NetworkManager settings on the KDE Gui, like open a > WLAN > connection or connect to a VPN. > > The NetworkManager (nm-applet from KDE) has a Red X Icon in front and if i > click on it there is only a message like "NetworkManager 0.9.8 required, > found". > > If I open a shell and enter: > > > $ nm-connection-editor > > I get the following errors: > > > ** (nm-connection-editor:17166): WARNING **: Could not initialize NMClient > > > /org/freedesktop/NetworkManager: Rejected send message, 3 matched rules; > type="method_call", sender=":1.81" (uid=977800001 pid=17166 comm="nm- > connection-editor ") interface="org.freedesktop.DBus.Properties" > member="GetAll" error name="(unset)" requested_reply="0" > destination="org.freedesktop.NetworkManager" (uid=0 pid=733 > comm="/usr/sbin/NetworkManager --no-daemon ") > > ** (nm-connection-editor:17166): WARNING **: > _nm_remote_settings_ensure_inited: (NMRemoteSettings) error initializing: > Rejected send message, 3 matched rules; type="method_call", sender=":1.81" > (uid=977800001 pid=17166 comm="nm-connection-editor ") > interface="org.freedesktop.DBus.Properties" member="GetAll" error > name="(unset)" requested_reply="0" > destination="org.freedesktop.NetworkManager" (uid=0 pid=733 > comm="/usr/sbin/NetworkManager --no-daemon ") > > This is somehow really strange and looks like some DBus error. But currently > The user is in the user group wheel, and local users working perfectly?
Looking at the NM DBus config at /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf it seems that most rules including the org.freedesktop.DBus.Properties interface are allowed for console users (with policy at_console="true"). Typically, the console user is identified by pam_console. Can you check if the login manager you used has pam_console in the session stack? _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users