On Mon, 2013-09-16 at 12:06 -0500, Dan Williams wrote: > On Sun, 2013-09-15 at 19:36 +0100, Phil Reynolds wrote: > > My partner sometimes uses my laptop, and on two occasions has somehow > > activated Airplane mode - this of course drops the WLAN and WWAN > > connections. I can't even get the WWAN to work again after this happens > > without rebooting. > > > > I am wondering if there is a way I can stop him activating Airplane > > mode - it's not something he would ever need to activate anyway. > > NetworkManager uses PolicyKit to protect various operations like this. > What you want to do is to ensure that the user cannot obtain these > permissions:
Note that this obviously doesn't stop them from turning airplane mode on if there's a hardware switch or a soft-key. That's usually controlled by BIOS and there's no good way to lock that down, unless BIOS provides one. Also note that it only stops *NetworkManager* from touching the airplane mode status; it won't stop other apps from doing so, if they also provide the ability to turn airplane mode on/off by talking to the kernel directly. Dan > org.freedesktop.NetworkManager.enable-disable-wifi > org.freedesktop.NetworkManager.enable-disable-wwan > > which you'd do by writing some PolicyKit rules to deny that user these > two permissons. Rules are just files that get dropped > into /etc/polkit-1/rules.d and look like this: > > polkit.addRule(function(action, subject) { > if (action.id == "org.freedesktop.NetworkManager.enable-disable-wifi" || > action.id == "org.freedesktop.NetworkManager.enable-disable-wwan") { > if (subject.isInGroup("wheel")) { > return polkit.Result.YES; > } else { > return polkit.Result.NO; > } > } > }); > > (or something along those lines) which will deny this permission > completely to any user who is not in the Unix 'wheel' group. There > should be a good bit of info out there on writing policykit rules. > > Hope this helps, > Dan > > _______________________________________________ > networkmanager-list mailing list > networkmanager-list@gnome.org > https://mail.gnome.org/mailman/listinfo/networkmanager-list _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list