Alternatively, instead of running the ifup command with sudo, one can start the application/daemon itself using sudo. This makes it possible to use sudo while allowing only our application/daemon to run with root privileges. I also think, this application can be made into a daemon and started by a sysvinit script. However, let us not run, first we learn to walk by providing a way to connect in a desktop or window manager.
I think, there is no need of providing a graphical dialog for users as a shell can be made to automatically open asking for the ESSID and password interactively. I think, I can start working on this, as this seems to be possible. On 16/08/2015, Edward Bartolo <[email protected]> wrote: > I think, there is no need of providing a graphical dialog for users as > a shell can be made to automatically open asking for the ESSID and > password interactively. I think, I can start working on this, as this > seems to be possible. > > On 16/08/2015, Edward Bartolo <[email protected]> wrote: >> Alternatively, instead of running the ifup command with sudo, one can >> start the application/daemon itself using sudo. This makes it possible >> to use sudo while allowing only our application/daemon to run with >> root privileges. I also think, this application can be made into a >> daemon and started by a sysvinit script. However, let us not run, >> first we learn to walk by providing a way to connect in a desktop or >> window manager. >> >> On 16/08/2015, Edward Bartolo <[email protected]> wrote: >>> The ifup command is the one that comes ready with a default >>> installation. >>> >>> The contents of an-interfaces-file is as follows. Be advised that eth0 >>> may not be needed in our case, but I included it to be on the safe >>> side. >>> >>> ----------------------------------------------------------------- >>> # The loopback network interface >>> auto lo >>> iface lo inet loopback >>> >>> # The primary network interface >>> # allow-hotplug eth0 >>> iface eth0 inet dhcp >>> >>> >>> # WIFI Configuration >>> # auto wlan0 >>> iface wlan0 inet dhcp >>> wpa-ssid wifinamestring >>> wpa-psk "password" >>> ------------------------------------------------------------- >>> >>> I create one interfaces file per wifi point and keep them in a >>> different location. Then, I use the command: >>> ifup wlan0 -i specific-interface-file >>> >>> I have wpasupplicant installed and the wifi itself is configured only >>> for encrypted connections. >>> >>> The variour interfaces files are made unreadable by non root users by >>> changing ownership and permissions. >>> >>> In the past I used sudo to only allow a custom script be run by non >>> root. To disallow non root from using ifup with its full flexibility I >>> created a script which took no parameters to specifically run the ifup >>> command complete with the parameter list I wanted. Other than ifup was >>> not allowed to be run by non root. >>> >>> >>> I think, the algorithm may work something on these lines: >>> >>> 1) query for a list of available ESSIDs >>> 2) sort for the one with the strongest signal >>> 3) check whether there is an interfaces file with that ESSID >>> ........... i) if found call ifup using the file, check return value >>> from >>> ifup >>> ................a) if success exit and continue >>> ................b) if failed try with the next signal strength >>> ............ii) if an intefaces file does not exist present a dialog >>> with the ESSID if ................available, ask for ESSID and >>> password, goto i) >>> >>> >>> The files I create are all like the one I quoted. To connect, I run >>> ifup as root as follows: >>> ifup -i interfaces-file-for-wifi-point wlan0 >>> >>> That's all. >>> Thanks >>> >>> On 16/08/2015, Steve Litt <[email protected]> wrote: >>>> On Sun, 16 Aug 2015 18:48:44 +0100 >>>> Edward Bartolo <[email protected]> wrote: >>>> >>>>> I would like to humbly add my little contribution to this thread. >>>>> >>>>> I am posting using Devuan 64 bit connected to a home WIFI without any >>>>> network managers. I connect by using separate /etc/network/interfaces >>>>> files. The one for my home wifi is in /etc/network/interfaces while >>>>> the rest are saved under my home directory. >>>>> >>>>> To connect, I use the command as root: >>>>> ifup wlan0 -i an-interfaces-file >>>> >>>> I, too, am a big fan of command based network connections rather than >>>> data based. My only question is this: What is life like when you walk >>>> from Macdonalds to Burger King and change hotspots? >>>> >>>> I think for the travelling guy, there must be a quick facility to see >>>> available hotspots with their strengths and security status, choose >>>> one, input a password if that ESSID hasn't been encountered already, >>>> and log in. >>>> >>>> What was in your "an-interfaces-file"? (obviously change the >>>> passwords). Did you use wpa-supplicant at all? >>>> >>>> >>>> [snip] >>>> >>>>> My point is, what I do manually, can be done through code resulting in >>>>> a simple application. The advantage I see is, it would be standalone. >>>> >>>> Pre-cisely! >>>> >>>>> I am tempted to create this application to automate my connection, but >>>>> most probably, as I am more prolific in Delphi Pascal, the language of >>>>> choice will be Lazarus Pascal. I can write C++ GUI applications but >>>>> that requires more effort on my part. As long as logic programming in >>>>> C/C++ that is on the same level if not easier. >>>> >>>> Show me the way you do it manually, and I'll make something into which >>>> you can plug in your Lazarus front end. Somebody else can plug in their >>>> Dialog front end. >>>> >>>>> >>>>> The hardest part seem to be allowing the ifup command to run with root >>>>> privileges. >>>> >>>> Well, if the user doesn't mind having sudo with a sudoers file, easiest >>>> way to do that is to allow sudo nopassword. Is there a non-root group >>>> that would allow ifup to do its thing? >>>> >>>> What does your ifup command look like, and what does the >>>> "an-interfaces-file" look like? Does one interfaces file contain lots >>>> of ESSIDs, or one ESSID per interface file? What do you do about making >>>> the password secure from prying, non-root eyes? As far as you know, do >>>> you use wpa_supplicant in any way? >>>> >>>> Thanks, >>>> >>>> SteveT >>>> >>>> Steve Litt >>>> August 2015 featured book: Troubleshooting: Just the Facts >>>> http://www.troubleshooters.com/tjust >>>> _______________________________________________ >>>> Dng mailing list >>>> [email protected] >>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng >>>> >>> >> > _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
