:: Re: [DNG] Systemd Shims
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Edward Bartolo
Date:  
À: dng
Sujet: Re: [DNG] Systemd Shims
Alternatively, instead of running the ifup command with sudo, one can
start the application/daemon itself using sudo. This makes it possible
to use sudo while allowing only our application/daemon to run with
root privileges. I also think, this application can be made into a
daemon and started by a sysvinit script. However, let us not run,
first we learn to walk by providing a way to connect in a desktop or
window manager.

I think, there is no need of providing a graphical dialog for users as
a shell can be made to automatically open asking for the ESSID and
password interactively. I think, I can start working on this, as this
seems to be possible.


On 16/08/2015, Edward Bartolo <edbarx@???> wrote:
> I think, there is no need of providing a graphical dialog for users as
> a shell can be made to automatically open asking for the ESSID and
> password interactively. I think, I can start working on this, as this
> seems to be possible.
>
> On 16/08/2015, Edward Bartolo <edbarx@???> wrote:
>> Alternatively, instead of running the ifup command with sudo, one can
>> start the application/daemon itself using sudo. This makes it possible
>> to use sudo while allowing only our application/daemon to run with
>> root privileges. I also think, this application can be made into a
>> daemon and started by a sysvinit script. However, let us not run,
>> first we learn to walk by providing a way to connect in a desktop or
>> window manager.
>>
>> On 16/08/2015, Edward Bartolo <edbarx@???> wrote:
>>> The ifup command is the one that comes ready with a default
>>> installation.
>>>
>>> The contents of an-interfaces-file is as follows. Be advised that eth0
>>> may not be needed in our case, but I included it to be on the safe
>>> side.
>>>
>>> -----------------------------------------------------------------
>>> # The loopback network interface
>>> auto lo
>>> iface lo inet loopback
>>>
>>> # The primary network interface
>>> # allow-hotplug eth0
>>> iface eth0 inet dhcp
>>>
>>>
>>> # WIFI Configuration
>>> # auto wlan0
>>> iface wlan0 inet dhcp
>>>     wpa-ssid  wifinamestring
>>>     wpa-psk   "password"
>>> -------------------------------------------------------------

>>>
>>> I create one interfaces file per wifi point and keep them in a
>>> different location. Then, I use the command:
>>> ifup wlan0 -i specific-interface-file
>>>
>>> I have wpasupplicant installed and the wifi itself is configured only
>>> for encrypted connections.
>>>
>>> The variour interfaces files are made unreadable by non root users by
>>> changing ownership and permissions.
>>>
>>> In the past I used sudo to only allow a custom script be run by non
>>> root. To disallow non root from using ifup with its full flexibility I
>>> created a script which took no parameters to specifically run the ifup
>>> command complete with the parameter list I wanted. Other than ifup was
>>> not allowed to be run by non root.
>>>
>>>
>>> I think, the algorithm may work something on these lines:
>>>
>>> 1) query for a list of available ESSIDs
>>> 2) sort for the one with the strongest signal
>>> 3) check whether there is an interfaces file with that ESSID
>>> ........... i) if found call ifup using the file, check return value
>>> from
>>> ifup
>>> ................a) if success exit and continue
>>> ................b) if failed try with the next signal strength
>>> ............ii) if an intefaces file does not exist present a dialog
>>> with the ESSID if ................available, ask for ESSID and
>>> password, goto i)
>>>
>>>
>>> The files I create are all like the one I quoted. To connect, I run
>>> ifup as root as follows:
>>> ifup -i interfaces-file-for-wifi-point wlan0
>>>
>>> That's all.
>>> Thanks
>>>
>>> On 16/08/2015, Steve Litt <slitt@???> wrote:
>>>> On Sun, 16 Aug 2015 18:48:44 +0100
>>>> Edward Bartolo <edbarx@???> wrote:
>>>>
>>>>> I would like to humbly add my little contribution to this thread.
>>>>>
>>>>> I am posting using Devuan 64 bit connected to a home WIFI without any
>>>>> network managers. I connect by using separate /etc/network/interfaces
>>>>> files. The one for my home wifi is in /etc/network/interfaces while
>>>>> the rest are saved under my home directory.
>>>>>
>>>>> To connect, I use the command as root:
>>>>> ifup wlan0 -i an-interfaces-file
>>>>
>>>> I, too, am a big fan of command based network connections rather than
>>>> data based. My only question is this: What is life like when you walk
>>>> from Macdonalds to Burger King and change hotspots?
>>>>
>>>> I think for the travelling guy, there must be a quick facility to see
>>>> available hotspots with their strengths and security status, choose
>>>> one, input a password if that ESSID hasn't been encountered already,
>>>> and log in.
>>>>
>>>> What was in your "an-interfaces-file"? (obviously change the
>>>> passwords). Did you use wpa-supplicant at all?
>>>>
>>>>
>>>> [snip]
>>>>
>>>>> My point is, what I do manually, can be done through code resulting in
>>>>> a simple application. The advantage I see is, it would be standalone.
>>>>
>>>> Pre-cisely!
>>>>
>>>>> I am tempted to create this application to automate my connection, but
>>>>> most probably, as I am more prolific in Delphi Pascal, the language of
>>>>> choice will be Lazarus Pascal. I can write C++ GUI applications but
>>>>> that requires more effort on my part. As long as logic programming in
>>>>> C/C++ that is on the same level if not easier.
>>>>
>>>> Show me the way you do it manually, and I'll make something into which
>>>> you can plug in your Lazarus front end. Somebody else can plug in their
>>>> Dialog front end.
>>>>
>>>>>
>>>>> The hardest part seem to be allowing the ifup command to run with root
>>>>> privileges.
>>>>
>>>> Well, if the user doesn't mind having sudo with a sudoers file, easiest
>>>> way to do that is to allow sudo nopassword. Is there a non-root group
>>>> that would allow ifup to do its thing?
>>>>
>>>> What does your ifup command look like, and what does the
>>>> "an-interfaces-file" look like? Does one interfaces file contain lots
>>>> of ESSIDs, or one ESSID per interface file? What do you do about making
>>>> the password secure from prying, non-root eyes? As far as you know, do
>>>> you use wpa_supplicant in any way?
>>>>
>>>> Thanks,
>>>>
>>>> SteveT
>>>>
>>>> Steve Litt
>>>> August 2015 featured book: Troubleshooting: Just the Facts
>>>> http://www.troubleshooters.com/tjust
>>>> _______________________________________________
>>>> Dng mailing list
>>>> Dng@???
>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>>>>
>>>
>>
>