| 30 Jun 2025 |
 hexa | ok, I'm stupid | 07:31:19 |
| hexa | I tested editing an existing nm connection and that failed with permissions denied | 07:31:31 |
| hexa | but it also fails when like that when I'm in the group | 07:31:40 |
| hexa | * but it also fails like that when I'm in the group | 07:31:48 |
 emily | lol | 07:33:19 |
| emily | maybe you made that connection as root or something | 07:33:29 |
| hexa | maybe, but it is [x] Available to all users, whatever that implies | 07:33:47 |
| emily | usable by, not modifiable by, I think | 07:34:18 |
| emily | like you can log in as another user and still have WiFi | 07:34:25 |
| hexa | ok, but storing should work if I can elevate with polkit, right? | 07:35:07 |
| emily | maybe | 07:35:35 |
| emily | it could all just be broken in some other way :) | 07:35:44 |
| hexa | yes, sure | 07:36:04 |
| hexa | and with polkit-gnome running it prompts me for my password when editing a connection | 07:37:49 |
| hexa | 
Download image.png | 07:38:03 |
| hexa | but that doesn't work when outside the group over ssh | 07:39:03 |
 @brisingr05:matrix.org | FYI polkit_gnome has been unmaintained for about a decade and the repo is archived. | 07:40:57 |
| hexa | super exciting | 07:43:04 |
| hexa | probably all builtin these days | 07:43:08 |
| emily | maybe we should remove some of those things | 07:43:41 |
| hexa | given that the only rule i have for polkit is nm related … i should probably just ignore polkit | 07:44:55 |
| emily | most polkit stuff is not in NixOS rules | 07:45:23 |
| emily | it's in policies shipped with the daemons | 07:45:26 |
| @brisingr05:matrix.org | I brought it up a while ago here: https://matrix.to/#/#security-discuss:nixos.org/$nohR8r25cNgzLbufqDYy-WXd9hkIdpL_s-kvmAZ_HPI
It seems some packages depend on it. | 07:46:05 |
| hexa | there are no policies shipped with the daemon | 07:46:11 |
| emily | udisk mounting is a common thing | 07:46:11 |
| emily | https://github.com/NetworkManager/NetworkManager/blob/5ab04c8f567ca7e1d7b494c1ee13a5b9c907f76c/data/org.freedesktop.NetworkManager.policy.in.in | 07:46:59 |
| hexa | oh, with the nm daemon | 07:47:10 |
| hexa | I thought you meant polkit itself | 07:47:33 |
| hexa | anyway, only rules are properly inspectable from the filesystem sadly | 07:48:10 |
