From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id OL9fIdpysF6vLwAA0tVLHw (envelope-from ) for ; Mon, 04 May 2020 19:54:02 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id gJNYKuRysF5uJgAAB5/wlQ (envelope-from ) for ; Mon, 04 May 2020 19:54:12 +0000 Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:470:142::17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 4DECC9406F8 for ; Mon, 4 May 2020 19:54:11 +0000 (UTC) Received: from localhost ([::1]:41278 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jVhAJ-0001V6-MJ for larch@yhetil.org; Mon, 04 May 2020 15:54:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51058) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jVhAA-0001Uu-3s for bug-guix@gnu.org; Mon, 04 May 2020 15:54:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:50703) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jVhA9-0002wD-Qh for bug-guix@gnu.org; Mon, 04 May 2020 15:54:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jVhA9-0005Nc-Pb for bug-guix@gnu.org; Mon, 04 May 2020 15:54:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#37369: (no subject) References: <20190910112120.ezqnrrfffhhjvc2d@pelzflorian.localdomain> In-Reply-To: <20190910112120.ezqnrrfffhhjvc2d@pelzflorian.localdomain> Resent-From: Divan Santana via web Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 04 May 2020 19:54:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 37369 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 37369@debbugs.gnu.org Received: via spool by 37369-submit@debbugs.gnu.org id=B37369.158862204020670 (code B ref 37369); Mon, 04 May 2020 19:54:01 +0000 Received: (at 37369) by debbugs.gnu.org; 4 May 2020 19:54:00 +0000 Received: from localhost ([127.0.0.1]:34016 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVhA7-0005NK-GJ for submit@debbugs.gnu.org; Mon, 04 May 2020 15:53:59 -0400 Received: from sender4-of-o56.zoho.com ([136.143.188.56]:21627) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVhA6-0005NB-0G for 37369@debbugs.gnu.org; Mon, 04 May 2020 15:53:58 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1588622035; cv=none; d=zohomail.com; s=zohoarc; b=bmvgCXq2B8USYYeOdvGRTG2Qi62RheYICc2mut1ImfkIwecfuzx9gUyUj1VBd8x/OCDKrDhTIdgPrlhajeGs0J4wYaKPqWDDmLjfqZvHhMfMueEVjoXlqF41msYlPfmZiqzQDGpwxGXRvkO0AAWZrdCvIHTX+Vhqdw4Mk31RvaY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1588622035; h=Content-Type:Date:From:MIME-Version:Message-ID:To; bh=UVf5/C7E4cfoq211cjoJKsLFGELb25NzYJtCwJhWglg=; b=PcFgRGVo5CWhjfatUBEU7rd0p5JD+DUzefWu/y6oqRLNyX5kzgE9OuB7RqKlxvvYIRYlF/dUjX5aJhNT933ak9JymS3dwhahiIWj9r6zbdGwrjzlYpUgW/QOd6ERQyP3FFwOGB5Q8snpOJyaU7gyyKqIy6wSdEqJ4BS1X6lgBwA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=elephly.net; spf=pass smtp.mailfrom=issues.guix.gnu.org@elephly.net; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1588622035; s=zoho; d=elephly.net; i=issues.guix.gnu.org@elephly.net; h=MIME-Version:Content-Type:From:To:Date:Message-ID; bh=UVf5/C7E4cfoq211cjoJKsLFGELb25NzYJtCwJhWglg=; b=PBb6IMvWPz23FZH6MexlCy+FYZ0OdSfxrVTaBEwJK3J6SALw+NJQnmpZNnB0J44U 5fft5aOl2POeucxQBSAe/HckjoSENKSbfgbtINM9zHPgG3VL/A6laGGt5GuT5BTxMnN GQCDhA6pFa/AwBvoNw2I/1wptx9UtQ7u10St7/bk= Received: from localhost (tollana.enn.lu [85.248.227.164]) by mx.zohomail.com with SMTPS id 1588622033904507.5940935155521; Mon, 4 May 2020 12:53:53 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 From: Divan Santana via web Date: Mon, 4 May 2020 21:43:45 +0200 Message-ID: <7f41f4682060.1149bc60b06b9a01@guile.gnu.org> X-ZohoMailClient: External X-Spam-Score: 2.0 (++) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: 1.0 (+) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 X-Spam-Score: 2.29 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=elephly.net header.s=zoho header.b=PBb6IMvW; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 2001:470:142::17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Scan-Result: default: False [2.29 / 13.00]; GENERIC_REPUTATION(0.00)[-0.49495410839976]; DWL_DNSWL_BLOCKED(0.00)[2001:470:142::17:from,elephly.net:dkim]; R_SPF_ALLOW(0.00)[+ip6:2001:470:142::/48:c]; IP_REPUTATION_HAM(0.00)[asn: 22989(0.13), country: US(-0.00), ip: 2001:470:142::17(-0.49)]; TO_DN_NONE(0.00)[]; MX_GOOD(-0.50)[cached: eggs.gnu.org]; DKIM_TRACE(0.00)[elephly.net:+]; MAILLIST(-0.20)[mailman]; FORGED_RECIPIENTS_MAILLIST(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ARC_ALLOW(0.00)[i=1]; ASN(0.00)[asn:22989, ipnet:2001:470:142::/48, country:US]; TAGGED_FROM(0.00)[larch=yhetil.org]; FROM_NEQ_ENVFROM(0.00)[issues.guix.gnu.org@elephly.net,bug-guix-bounces@gnu.org]; RECEIVED_SPAMHAUS_XBL(3.00)[85.248.227.164:received]; R_DKIM_ALLOW(0.00)[elephly.net:s=zoho]; URIBL_BLOCKED(0.00)[elephly.net:dkim]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[elephly.net]; HAS_LIST_UNSUB(-0.01)[]; RCPT_COUNT_ONE(0.00)[1]; BAD_REP_POLICIES(0.10)[]; DNSWL_BLOCKED(0.00)[2001:470:142::17:from]; RCVD_COUNT_SEVEN(0.00)[8]; FORGED_SENDER_MAILLIST(0.00)[] X-TUID: o5wmjQkOB2Pf Hi again, I'm not having any luck getting network-manager-openconnect to work for me. For one, using nm-connection-editor on cli or via exwm program launcher, and creating a new connection tells me: Insufficient privileges Apr 12 21:32:20 swift NetworkManager[385]: [1586719940.8362] audit: op="connection-add" pid=2616 uid=1000 result="fail" reason="Insufficient privileges." $ id uid=1000(ds) gid=998(users) groups=998(users),972(docker),975(libvirt),978(adbusers),984(kvm),986(cdrom),989(lp),990(netdev),991(audio),992(video),993(input),999(wheel) Full system config is pasted below[1]. My groups appear fine. Perhaps some issue with polkit? polkit is running though. polkitd 864 1 0 12:33 ? 00:00:00 /gnu/store/mw57n9nj3y20bfm9ijcbpm16gpsik6sg-polkit-0.116/lib/polkit-1/polkitd --no-debug Not sure if it's the way my desktop is started with exwm. I am able to up / down connections via "nmcli con up id" and without sudo. Secondly, upping a openconnect network manager connection file which is known to work on another distro results in this: $ nmcli con up id my-vpn-2fa --ask Error: openconnect failed: Could not find "openconnect" binary A password is required to connect to 'my-vpn-2fa. Gateway (vpn.secrets.gateway): I notice that after about a minute the GUI form pops up. I then prompts me for my 2FA meaning it passed the 1st authentication bit. After I approve, it then dissapears and seems to disconnect. Apr 12 21:18:38 swift NetworkManager[360]: [1586719118.6929] agent-manager: req[0x1043510, :1.159/nmcli-connect/1000]: agent registered Apr 12 21:18:38 swift NetworkManager[360]: [1586719118.6976] audit: op="connection-activate" uuid="40441d34-5290-4631-8796-5fb57d0f1bf2" name="vpn-fnb-2fa" pid=12530 uid=1000 result="success" Apr 12 21:18:38 swift NetworkManager[360]: [1586719118.7034] vpn-connection[0x10d4330,40441d34-5290-4631-8796-5fb57d0f1bf2,"vpn-fnb-2fa",0]: Started the VPN service, PID 12536 Apr 12 21:18:38 swift NetworkManager[360]: [1586719118.7117] vpn-connection[0x10d4330,40441d34-5290-4631-8796-5fb57d0f1bf2,"vpn-fnb-2fa",0]: Saw the service appear; activating connection Apr 12 21:20:33 swift NetworkManager[360]: [1586719233.2173] settings-connection[0xecac80,40441d34-5290-4631-8796-5fb57d0f1bf2]: write: successfully committed (keyfile: update /etc/NetworkManager/system-connections/vpn-fnb-2fa (40441d34-5290-4631-8796-5fb57d0f1bf2,"vpn-fnb-2fa")) Apr 12 21:20:33 swift NetworkManager[360]: [1586719233.2192] vpn-connection[0x10d4330,40441d34-5290-4631-8796-5fb57d0f1bf2,"vpn-fnb-2fa",0]: final secrets request failed to provide sufficient secrets Apr 12 21:20:33 swift NetworkManager[360]: [1586719233.2234] vpn-connection[0x10d4330,40441d34-5290-4631-8796-5fb57d0f1bf2,"vpn-fnb-2fa",0]: VPN plugin: state changed: stopped (6) Creating a new connecting via sudo and the starting it results in the same. Any idea? [1]: (trimmed slightly) --8<---------------cut here---------------start------------->8--- ;; My laptop guix system configuration. (use-modules (gnu) (gnu packages admin) (gnu packages android) ;for android-udev-rules (gnu packages certs) (gnu packages cups) (gnu packages gnome) (gnu packages gnupg) (gnu packages haskell-apps) (gnu packages linux) (gnu packages shells) (gnu packages suckless) (gnu packages virtualization) (gnu packages wm) (gnu packages xorg) (gnu services avahi) (gnu services cups) (gnu services desktop) (gnu services dns) (gnu services docker) (gnu services monitoring) (gnu services networking) (gnu services pm) (gnu services shepherd) (gnu services sound) (gnu services ssh) (gnu services sysctl) (gnu services virtualization) (gnu services xorg) (gnu system nss) (gnu system shadow) ;for user-group (guix build-system trivial) (guix download) ;for url-fetch (guix git-download) (guix packages) ;for origin (nongnu packages linux) (srfi srfi-1) ;for 'remove' ) (define %extra-linux-modules '("fuse" ; for sshfs "nbd" ; to mount qcow2 images )) (operating-system (host-name "swift") (timezone "Africa/Johannesburg") (locale "en_US.utf8") (locale-libcs (list glibc-2.28 (canonical-package glibc))) (hosts-file (local-file "/home/ds/src/ds-config/.config/guix/etc/hosts")) (sudoers-file (local-file "/home/ds/src/ds-config/.config/guix/etc/sudoers")) (kernel-arguments (list (string-append "resume_offset=106602496") (string-append "modprobe.blacklist=" "pcspkr,snd_pcsp") (string-append "net.ifnames=0") (string-append "kvm_intel.nested=1"))) (kernel linux-4.19) (firmware (cons* linux-firmware %base-firmware)) (initrd (lambda (fs . args) (apply base-initrd fs #:extra-modules %extra-linux-modules args))) (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (target "/boot/efi") )) (mapped-devices (list (mapped-device (source (uuid "3e7beb3b-1037-4ee8-9048-5e048afafbd0")) (target "crypt") (type luks-device-mapping)))) (file-systems (cons* (file-system (device "/dev/nvme0n1p1") (type "msdos") (mount-point "/boot/efi")) (file-system (device "/dev/mapper/crypt") (mount-point "/") (type "ext4") ;; this is breaking ;; (options "noatime,nodiratime") (dependencies mapped-devices)) %base-file-systems)) (swap-devices '("/mnt/swapfile")) (users (cons (user-account (name "ds") (comment "Divan Santana") (group "users") (supplementary-groups '("adbusers" ;for adb "wheel" "kvm" "audio" "video" "lp" "docker" "libvirt" "input" ;; "lpadmin" "cdrom" "netdev")) (home-directory "/home/ds")) %base-user-accounts)) (groups (cons (user-group (system? #t) (name "adbusers")) %base-groups)) (packages (append (map specification->package '( "bash-completion" "binutils" "bridge-utils" "dmidecode" "dnsmasq" "docker" "docker-cli" "docker-compose" "dosfstools" "dtach" "ethtool" "font-adobe-source-code-pro" "font-adobe-source-sans-pro" "font-adobe-source-serif-pro" "font-adobe100dpi" "font-adobe75dpi" "font-awesome" "font-bitstream-vera" "font-dejavu" "font-fantasque-sans" "font-fira-code" "font-fira-mono" "font-fira-sans" "font-gnu-freefont-ttf" "font-google-roboto" "font-hack" "font-inconsolata" "font-iosevka" "font-liberation" "font-misc-misc" "font-tamzen" "font-ubuntu" ;; "font-symbola" ;; missing "git" ;; "arc-theme" ;; fixme, should be in core only "gnome-themes-standard" ;; fixme, should be in core only "iptables" "light" "lsof" "mlocate" "mobile-broadband-provider-info" "modem-manager" "neovim" "netcat" "network-manager-applet" "network-manager-openconnect" "network-manager-vpnc" "net-tools" "nss" ;; FIXME: is not providing certutil "nss-certs" "ntfs-3g" "openconnect" "openssh" "parted" "qemu" "rsync" "setxkbmap" "slock" "usb-modeswitch" "usb-modeswitch-data" "udiskie" "xcape" "xdotool" ;; simulate keyboard/mouse presses "xev" "xf86-input-libinput" "xf86-input-synaptics" "xf86-input-wacom" "xf86-video-fbdev" "xinit" "xmodmap" "xorg-server" "xrandr" "xrdb" "xsel" "xset" "kmonad" "xss-lock" "xterm" "xf86-video-intel" )) %base-packages)) (setuid-programs (cons (file-append qemu "/libexec/qemu-bridge-helper") %setuid-programs)) (services (cons* (service openssh-service-type (openssh-configuration (port-number 8444) (permit-root-login 'without-password) )) (service tor-service-type) (simple-service 'store-my-config etc-service-type `(("config.scm" ,(local-file (assoc-ref (current-source-location) 'filename))))) (service cups-service-type (cups-configuration (web-interface? #t) (extensions (list cups-filters hplip)))) (screen-locker-service slock "slock") (service tlp-service-type (tlp-configuration ;; TODO: enable autosuspend and blacklist certian ;; usb devices. (usb-autosuspend? #f))) (service thermald-service-type) (service gpm-service-type) (service docker-service-type) (service libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt"))) (service virtlog-service-type) (service sysctl-service-type (sysctl-configuration (settings '( ("net.ipv4.ip_forward" . "1") ("vm.swappiness" . "05") )))) (extra-special-file "/usr/bin/env" (file-append coreutils "/bin/env")) firewall-service (service prometheus-node-exporter-service-type (prometheus-node-exporter-configuration (web-listen-address ":9100"))) (service slim-service-type (slim-configuration (auto-login? #t) (default-user "ds") ;; (auto-login-session #f) (xorg-configuration (xorg-configuration (drivers '("modesetting")) )) )) (remove (lambda (service) (eq? (service-kind service) avahi-service-type)) (remove (lambda (service) (eq? (service-kind service) gdm-service-type)) (modify-services %desktop-services (network-manager-service-type config => (network-manager-configuration (inherit config) (dns "dnsmasq") (vpn-plugins (list network-manager-openconnect)) )) (udev-service-type config => (udev-configuration (inherit config) (rules (append (udev-configuration-rules config) (list %backlight-udev-rule android-udev-rules kmonad))))) (login-service-type config => (login-configuration (inherit config) (motd %motd))))))))) --8<---------------cut here---------------end--------------->8---