Network Settings for all users

Bazzite
1

For about 3 weeks now, the second user on my Bazzite machine is getting a prompt when activating the VPN: “system policy prevents modification of network settings for all users” and the root password is required. I have not changed anything and the solutions I’ve found online only apply to other distros. I would like to permanently change it back so the second user can simply activate the VPN as it was possible before.

My status:
rpm-ostree status
State: idle
Deployments:
● ostree-image-signed:docker://ghcr.io/ublue-os/bazzite:stable
Digest: sha256:ddb61d1ca94a2c7a0fc3b2ef45194a8d058df6fd7f1a26fa2612fb99aee6b9a4
Version:44.20260515(2026-05-15T07:01:06Z)

ostree-image-signed:docker://ghcr.io/ublue-os/bazzite:stable
Digest: sha256:e27048d396ff5b4b571ee1cc8424e536763d9b60d2c9f0bfd1c2ca18477e26e2
Version:44.20260511 (2026-05-11T06:14:40Z)

Any help or pointers in the right direction are appreciated.

2

How are you activating the VPN? Are you using a specific client or Network Manager? What kind of VPN is it? OpenVPN, wireguard, etc?

3

Hello,
thank you for your questions, I’m not very knowledgeable when it comes to network/VPN stuff sadly.

I’m using a Flatpak app to activate the VPN. Flatseal says it talks to:

~/.cert/nm-openvpn → so it should use OpenVPN

Additionally Flatseal tells me it talks to the following:
On System Bus:
org.freedesktop.login1
org.freedesktop.NetworkManager

On Session Bus:
org.freedesktop.secrets
org.kde.StatusNotifierWatcher

The main and second user entries are identical in Flatseal, only the main user has two more entries at Filesystem which aren’t present on the second user:
xdg-config/gtk-4.0
xdg-config/gtk-3.0:ro

Is there anything else I should provide?

Thanks a lot for your help.

4

And now that behaviour stopped again without me changing anything. What is going on here? How can I find out?

5

I´d suggest not using a flatpak app to connect through OpenVPN but do it through the OS via Network Manager. You don´t know how that application is changing your network settings and when it needs root. You can easily set up a VPN in gnome and KDE Plasma natively without a flatpak app:

In KDE it is found in Settings → Wifi & Internet → Wi-Fi & Networking → Add a connection ( + symbol) → OpenVPN. You can configure it to allow for all users. I’ve never had a problem this way. You can also import a VPN connection if you have a config file.