FS#17777 - [networkmanager-openconnect] plugin fails to load auth dialog

Attached to Project: Arch Linux
Opened by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 01:52 GMT
Last edited by Ionut Biru (wonder) - Tuesday, 12 January 2010, 13:57 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Ionut Biru (wonder)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
I've been trying to connect to a cisco vpn using the openconnect plugin for networkmanager, but it keeps failing before I even get a chance to authenticate. I get an error saying that there weren't any valid VPN secrets, along with a dialog saying "There was a problem launching the authentication dialog for VPN connection type 'org.freedesktop.NetworkManager.openconnect'. Contact your system administrator.'" /var/log/messages.log shows the following warning:

NetworkManager: <WARN> get_secrets_cb(): Couldn't get connection secrets: vpn-password-dialog.c.262 (nma_vpn_request_password): couldn't run VPN auth dialog..

The dbus config for the openconnect plugin has a policy user called "nm-openconnect", a user which doesn't exist on my system. There is also a warning about this user not existing whenever dbus is restarted.

I took a look at how Fedora's RPM for the openconnect plugin for NetworkManager does things, since it had worked for me before in Fedora. The dbus policy is identical, and the nm-openconnect user and group are added using the following commands:

groupadd -r nm-openconnect
useradd -r -s /sbin/nologin -d / -M -c 'NetworkManager user for OpenConnect' -g nm-openconnect nm-openconnect



I ran these to add the user and group, then restarted, but this did not make any difference. I still got the same error in the messages.log.

Additional info:
* package version(s)
networkmanager-openconnect 0.7.2-2

* config and/or log files etc.

dbus policy:

<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
<allow own="org.freedesktop.NetworkManager.openconnect"/>
<allow send_destination="org.freedesktop.NetworkManager.openconnect"/>
</policy>
<policy user="nm-openconnect">
<allow own="org.freedesktop.NetworkManager.openconnect"/>
<allow send_destination="org.freedesktop.NetworkManager.openconnect"/>
</policy>
<policy context="default">
<deny own="org.freedesktop.NetworkManager.openconnect"/>
<deny send_destination="org.freedesktop.NetworkManager.openconnect"/>
</policy>
</busconfig>

Steps to reproduce:
1) Configure an OpenConnect VPN within NetworkManager.
2) Click the NetworkManager applet icon, then select the VPN from the menu.
This task depends upon

Closed by  Ionut Biru (wonder)
Tuesday, 12 January 2010, 13:57 GMT
Reason for closing:  Fixed
Additional comments about closing:  in testing
Comment by Ionut Biru (wonder) - Sunday, 10 January 2010, 09:35 GMT
which version of networkmanager do you have?
Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 20:11 GMT
ejohnson@gallifrey:~$ pacman -Qi networkmanager
Name : networkmanager
Version : 0.7.2-1
URL : http://www.gnome.org/projects/NetworkManager/
Licenses : GPL
Groups : None
Provides : libnetworkmanager=0.7.2
Depends On : wireless_tools iproute2 hal>=0.5.13-3 libnl>=1.1 ppp dhcpcd>=4.0 wpa_supplicant>=0.6.9
iptables nss>=3.12.4 policykit
Optional Deps : None
Required By : network-manager-applet networkmanager-openconnect
Conflicts With : libnetworkmanager
Replaces : libnetworkmanager
Installed Size : 4204.00 K
Packager : Biru Ionut <ionut@archlinux.ro>
Architecture : x86_64
Build Date : Fri 27 Nov 2009 08:34:05 AM CST
Install Date : Sat 09 Jan 2010 06:52:22 PM CST
Install Reason : Explicitly installed
Install Script : No
Description : Network Management daemon
Comment by Ionut Biru (wonder) - Sunday, 10 January 2010, 20:14 GMT
i don't think is a problem with the plugin itself.

how do you login in gnome? using gdm?
Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 21:46 GMT
This has happened both with a gdm login and with an runlevel 3 login and startx.
Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 21:57 GMT
Might this be an issue with dbus instead, then?
Comment by Ionut Biru (wonder) - Sunday, 10 January 2010, 22:17 GMT
if you say that is working on fedora then we should start finding differences :). I will appreciate if you help me with testing because i don't have the hardware.
without removing nm-openconnect user and group try:

first you can try the version from testing and update openconnect to 2.21. i see that openconnect from fedora has a dependency vpnc-script which contains the script that is in vpnc and you should try it by installing vpnc.

second rebuild openconnect and comment out that sed line.
3rd, try whatever you want and summarize :D

Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 23:03 GMT
I enabled the testing repo but I'm not finding openconnect 2.21.
Comment by Ionut Biru (wonder) - Sunday, 10 January 2010, 23:04 GMT
use abs for that.
Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 23:30 GMT
I first installed the vpnc package. Then I built 2.12 without the sed line in the PKGBUILD. I also built 2.21 with and without the sed line in the PKGBUILD. I tried all three packages, and there was no difference. Same error dialog, and same error in the messages.log.
Comment by Ionut Biru (wonder) - Sunday, 10 January 2010, 23:40 GMT
after adding the username did you rebooted so that dbus rule get loaded correctly?

run from terminal /usr/lib/networkmanager/nm-openconnect-service you got some messages?
Comment by Erik Johnson (MercuryShadow) - Sunday, 10 January 2010, 23:44 GMT
Yeah, the box has been rebooted several times since adding the nm-openconnect user and group. Though I would think a simple dbus restart would load the rule correctly.

Running /usr/lib/networkmanager/nm-openconnect-service gives no output, but fails with status 1


ejohnson@gallifrey:~/Downloads$ /usr/lib/networkmanager/nm-openconnect-service
ejohnson@gallifrey:~/Downloads$ echo $?
1
Comment by Erik Johnson (MercuryShadow) - Monday, 11 January 2010, 01:07 GMT
I used abs to build dbus and dbus-core from the 1.3.0 codebase (http://dbus.freedesktop.org/releases/dbus/dbus-1.3.0.tar.gz), and after a reboot, the problem still remains:

Jan 10 18:59:55 gallifrey NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openconnect'...
Jan 10 18:59:55 gallifrey NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openconnect' started (org.freedesktop.NetworkManager.openconnect), PID 2440
Jan 10 18:59:55 gallifrey kernel: vpn0: Disabled Privacy Extensions
Jan 10 18:59:55 gallifrey NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openconnect' just appeared, activating connections
Jan 10 18:59:56 gallifrey NetworkManager: <WARN> get_secrets_cb(): Couldn't get connection secrets: vpn-password-dialog.c.262 (nma_vpn_request_password): couldn't run VPN auth dialog..
Comment by Erik Johnson (MercuryShadow) - Monday, 11 January 2010, 02:19 GMT
I installed updated versions of networkmanager, networkmanager-openconnect, and network-manager-applet from testing. Still getting the same error.
Comment by Erik Johnson (MercuryShadow) - Monday, 11 January 2010, 02:50 GMT
I went ahead and filed an upstream bug, since it doesn't seem that there's anything wrong with how this package is being built.

https://bugzilla.gnome.org/show_bug.cgi?id=606599

Loading...