Package: geoclue-2.0
Version: 2.5.2-1
Severity: normal
Dear Maintainer,
(Testing Debian 10 Buster)
Using GNOME Settings > Privacy, turned off the geolocation features on the
desktop; however geoclue still contacts location.services.mozilla.com in the
background whenever an application requests location services.
When geolocation features are turned off, I would expect this to not occur.
I would expect no communications with location.services.mozilla.com to
be occurring with this privacy setting.
Steps to reproduce:
1) "Turn off the geolocation features of your desktop" (as per GNOME Help)
GNOME Settings > Privacy > Location Services = Off
# optional - verify from command line that location services are turned off:
gsettings get org.gnome.system.location enabled # should return: false
2) Monitor geoclue packets using netfilter
option A) using iptables
iptables -A OUTPUT -m owner --gid-owner geoclue
# Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)
iptables -nvxL OUTPUT
#Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
# pkts bytes target prot opt in out source destination
# 13 1697 all -- * * 0.0.0.0/0 0.0.0.0/0
owner GID match 116
option B) using nftables (alternative)
nft add table inet geoclue
nft "add chain inet geoclue geoclue { type filter hook output priority 0; }"
nft add rule inet geoclue geoclue skuid geoclue counter
# Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)
nft list ruleset
#table inet geoclue {
# chain geoclue {
# type filter hook output priority 0; policy accept;
# skuid "geoclue" counter packets 13 bytes 1697
# }
#}
...geoclue is communicating with location.services.mozilla.com when it should
not.
Work around is to disable and mask geoclue.service.
Thank you!
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages geoclue-2.0 depends on:
ii adduser 3.118
ii libavahi-client3 0.7-4+b1
ii libavahi-common3 0.7-4+b1
ii libavahi-glib1 0.7-4+b1
ii libc6 2.28-8
ii libglib2.0-0 2.58.3-1
ii libjson-glib-1.0-0 1.4.4-2
ii libmm-glib0 1.10.0-1
ii libnotify4 0.7.7-4
ii libsoup2.4-1 2.64.2-2
Versions of packages geoclue-2.0 recommends:
ii avahi-daemon 0.7-4+b1
ii iio-sensor-proxy 2.4-2
ii modemmanager 1.10.0-1
ii wpasupplicant 2:2.7+git20190128+0c1e29f-2
geoclue-2.0 suggests no packages.
-- no debconf information
