x2go and iniating a network vpn connection - rights?

If I wanted to use x2go client to tunnel into another machine that I have on my local lan (opensuse 13.2 running x2go server), so that I can launch a vpn (pptp) to my work computer (not local)… which permission do I need to allow in Security Center and Hardening?

Currently, I get an error “Failed Not Authorized to control networking”, when I try to launch the vpn using x2go.
If I am local on the computer (not using x2go) the vpn works fine, there is only one user and that user does have root rights.

Thanks for your time

I don’t know anything about x2go, although I do connect to remote servers via a PPTP VPN. This could be a polkit privledge issue. Are you using network manager?

If so, check

pkaction --action-id org.freedesktop.NetworkManager.network-control --verbose

You might need to show (explicitly) all commands/steps used with activating the connection. (It’s not clear to me at least from what you posted so far.)

pkaction --action-id org.freedesktop.NetworkManager.network-control --verbose
description: Allow control of network connections
message: System policy prevents control of network connections
vendor: NetworkManager
vendor_url: http://www.gnome.org/projects/NetworkManager
icon: nm-icon
implicit any: no
implicit inactive: yes
implicit active: yes

yes NetworkManager along with several others ;
-openvpn (same version), -pptp (, -vpnc (same version)

In order to activate
I click the network icon (bottom right) of the KDE desktop
my work connection is already setup: so I selection the available network and select CONNECT, then I immediately get the Failed to Activate " Not aurhorized to control networking" message.

Thanks for responding,

Hmmm… when you first configured your PPTP connection, did you select ‘All users may connect to this network’? Maybe a ‘system connection’ will behave differently to a ‘user connection’, since the privileges are different. Anyway, easy enough to go back and check/change if necessary.

yep, I deleted the connection and tried again both when using x2go. Fail.

I also logged out of x2go, connected with the keyboard, video, mouse;
created a new connection.
new ensuring that I selected to allow all users.
tested it, it connected while I was logged in as jason.

logged out.
tunneled again with x2go
tried to connect
got the error

and I double checked that user jason had root rights prior to starting…

I retried, this time giving the user jason every right as shown in yast > user and group management, no change. Fail.

Maybe worth starting a thread X2Go forum


If you really feel that NM should handle this better, then a bug report perhaps


I retried, this time giving the user jason every right as shown in yast > user and group management, no change. Fail.

No, it’s not a group-based permissions issue. It is likely polkit/session-related, but above my knowledge/experience to help with any further.

Today I was able to connect thru the tunnel when I login to the x2go server machine as root itself.

I dont like doing it, but it is functional.

Definately seems like a bug as when I logged in as user, and that user did indeed have root rights…


Users should never ever have root rights for sure in a remote network situation. Those excess rights will bite you at some point.

The real issue is that Network Manager is preventing user configuration via X2Go to be able to facilitate a VPN connection. It’s not clear to me how to gain the necessary privileges. As long as the OP isn’t running a root session then connecting via X2Go run as root is acceptable but annoying.

I wonder if the following might be applicable?


***Note: As of this writing, if you’re using x2go client there is an issue with network-manager an D-bus.

This can occur if network-manager and network-manager-openvpn were installed after the system was setup.
Try editing /etc/NetworkManager/NetworkManager.conf and change managed=false to managed=true as below, then reboot.



Still have this problem, been running as root (only when tunneling)
recently it annoyed me so I figured I would check back in on this thread…

thanks deano for replying, however my x2go client is also acting as an owncloud server…so a little nervous of messing it up.

this is all that is in my clients NetworkManager.conf file:


I can’t really offer any further advice other than what has been posted already. If it was me, I’d try as suggested in post #11, and check behaviour. You can always revert the configuration again if it doesn’t help.