Why?

Saving NetworkManager connections (especially for wireless and VPN would be quite handy. We already have a preset for the GNOME keyring, which saves the passwords. The passwords are tagged with a uuid generated by NM, but without persistent NM connections these passwords are orphaned since a new uuid will be generated for the same connection during the next boot.

How?

The NM connections are saved with gconf in the directory /system/network/connections. Unfortunately it’s not enough to make a preset that just makes ~/.gconf/system/network/connections persistent; when persistence is activated, ~/.gconf/system doesn’t exist, so its created, as are the other subdirs. Since live-persist cannot know better, the %gconf.xml files are not created, and these are required (even if empty) in each directory to make them valid in gconf’s eyes.

If we want to support persistent gconf settings in general we need to make a hook that (recursively) creates an empty %gconf.xml% file in each subdirectory of ~/.gconf that lacks it. The hook must runs after persistence is activated, but before the amnesia users session starts. It seems like a job for tails-greeter.

This feels wrong wrt. the Single Responsability Principle. The greeter should greet and pass options to other pieces of software, not actually fiddle with the filesystem.

The persistence already support two types of sources: bind mounts and link. Could it be extended with a ‘gconf’ type that touch those empty files during setup?

Implementation

This has been implemented in the feature/persistent_NM_connecitons branch. Almost everything works as expected:

• All types of connections (wired, wireless, VPN, DSL) are saved.
• Password protected connection (e.g. wireless) have their passwords persistently saved if the "GNOME keyring" preset also is activated.

Issues

The "Connect automatically" checkbox gets unchecked on each boot. This can be fixed by running:

gconftool-2 --set /apps/nm-applet/stamp --type int "1"

before logging in. In the schema this property is described as:

Used to determine whether settings should be migrated to a new version.

This could be fixed by running the above command in tails-greeter like we do for touching the %gconf.xml files. An alternative way would be to make tails-persistence-setup able to make several directories persistent for each preset, and then have the "NetworkManager connection" preset also make ~/.gconf/apps/nm-applet persistent.

OTOH, perhaps we should see this "issue" as a feature? After all, GNOME sets "Connect automatically" by default for each new connection, which may make users automatically connect to some previous network when they do not want to, possibly leaking their MAC address. Still, the presense of that checkbox is confusing. And this functionality seems a bit fragile. The proper way would be to patch away the autoconnect functionality from network-manager-gnome.

done in Tails 0.14