SUMMARY The registration process for plasma-nm to the NetworkManager system does not provide for interactive secret management, precluding runtime secret handling for plasma and other agents STEPS TO REPRODUCE 1. Setup a VPN that needs runtime secrets, such as a fortisslvpn with 2FA after login 2. Try to bring the VPN up with nmcli 3. OBSERVED RESULT NetworkManager fails with the messages Calling old Connect function as not all agents support interactive secrets ERROR: Failed to get PIN: GDBus.Error:org.freedesktop.NetworkManager.Settings.Connection.Failed: More secrets required but cannot ask interactively Actually, it is plasma-nm that prevents interactively asking, since if I stop plasma-nm, then the message no longer appears and nmcli works as expected EXPECTED RESULT SOFTWARE/OS VERSIONS Linux/KDE Plasma: (available in About System) KDE Plasma Version: KDE Frameworks Version: Qt Version: ADDITIONAL INFORMATION
I'm afraid this is not only about adding NM_SECRET_AGENT_CAPABILITY_VPN_HINTS flag, but we don't support passing hints to VPN plugins at this moment.
How much work does this take? Do you have an idea? Would you provide some hints? :-) I'd be glad to lend a hand
First of all I think this flag needs to be added to networkmanager-qt framework, which is a library we use for communication with NetworkManager. We miss implementation of https://people.freedesktop.org/~lkundrak/nm-docs/gdbus-org.freedesktop.NetworkManager.AgentManager.html#gdbus-method-org-freedesktop-NetworkManager-AgentManager.RegisterWithCapabilities This will allow you to pass the flag you need. Then the second part will need to be done in plasma-nm/kded/secretagent.cpp, where we would need to pass hints to the PasswordDialog and from there to VPN plugin and handle the hint from there. Some links: Here you need to add capabilities flag: https://invent.kde.org/frameworks/networkmanager-qt/-/blob/master/src/secretagent.h Here you need to add the missing registration method: https://invent.kde.org/frameworks/networkmanager-qt/-/blob/master/src/secretagent_p.h https://invent.kde.org/frameworks/networkmanager-qt/-/blob/master/src/secretagent.cpp Plasma-nm part: https://invent.kde.org/plasma/plasma-nm/-/blob/master/kded/secretagent.cpp https://invent.kde.org/plasma/plasma-nm/-/blob/master/kded/passworddialog.cpp Plasma-nm generic VPN plugin implementation where you need to add a way to pass hints: https://invent.kde.org/plasma/plasma-nm/-/blob/master/libs/editor/vpnuiplugin.h And last but not least particular VPN implementations: https://invent.kde.org/plasma/plasma-nm/-/tree/master/vpn
OK, not that easy, but I'll try an report back
(In reply to emelenas from comment #4) > OK, not that easy, but I'll try an report back It's not that hard either, it's just probably harder to get oriented in all the code. If you need some hand just let me know either on irc on #freenode/plasma (my nick is jgrulich) or just send me an email.