geoclue gets location despite geolocation features turned off (GNOME Privacy)
From: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924516
====
Dear Maintainer,
(Testing Debian 10 Buster) Using GNOME Settings > Privacy, turned off the geolocation features on the desktop; however geoclue still contacts location.services.mozilla.com in the background whenever an application requests location services.
When geolocation features are turned off, I would expect this to not occur.
I would expect no communications with location.services.mozilla.com to be occurring with this privacy setting.Steps to reproduce:
- "Turn off the geolocation features of your desktop" (as per GNOME Help) GNOME Settings > Privacy > Location Services = Off
optional - verify from command line that location services are turned off:
gsettings get org.gnome.system.location enabled # should return: false
- Monitor geoclue packets using netfilter
option A) using iptables iptables -A OUTPUT -m owner --gid-owner geoclue
Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)
iptables -nvxL OUTPUT #Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
13 1697 all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 116
option B) using nftables (alternative) nft add table inet geoclue nft "add chain inet geoclue geoclue { type filter hook output priority 0; }" nft add rule inet geoclue geoclue skuid geoclue counter
Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)
nft list ruleset #table inet geoclue { # chain geoclue { # type filter hook output priority 0; policy accept; # skuid "geoclue" counter packets 13 bytes 1697 # } #}...geoclue is communicating with location.services.mozilla.com when it should not.
Work around is to disable and mask geoclue.service.
Thank you! ====