From: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924516

====

Dear Maintainer,

(Testing Debian 10 Buster) Using GNOME Settings > Privacy, turned off the geolocation features on the desktop; however geoclue still contacts location.services.mozilla.com in the background whenever an application requests location services.

When geolocation features are turned off, I would expect this to not occur.

I would expect no communications with location.services.mozilla.com to be occurring with this privacy setting.

Steps to reproduce:

"Turn off the geolocation features of your desktop" (as per GNOME Help) GNOME Settings > Privacy > Location Services = Off

optional - verify from command line that location services are turned off:

gsettings get org.gnome.system.location enabled # should return: false

Monitor geoclue packets using netfilter

option A) using iptables iptables -A OUTPUT -m owner --gid-owner geoclue

Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)

iptables -nvxL OUTPUT #Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

13 1697 all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 116

option B) using nftables (alternative) nft add table inet geoclue nft "add chain inet geoclue geoclue { type filter hook output priority 0; }" nft add rule inet geoclue geoclue skuid geoclue counter

Launch GNOME Maps (or other app utilizing geoclue, e.g. GNOME Calendar)

nft list ruleset #table inet geoclue { # chain geoclue { # type filter hook output priority 0; policy accept; # skuid "geoclue" counter packets 13 bytes 1697 # } #}

...geoclue is communicating with location.services.mozilla.com when it should not.

Work around is to disable and mask geoclue.service.

Thank you! ====