GNU bug report logs -
#61154
[PATCH] gnu: wpa-supplicant: Patch dbus policy.
Previous Next
Reported by: Sergey Trofimov <sarg <at> sarg.org.ru>
Date: Sun, 29 Jan 2023 20:07:01 UTC
Severity: normal
Tags: patch
Done: Christopher Baines <mail <at> cbaines.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 61154 in the body.
You can then email your comments to 61154 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#61154; Package
guix-patches.
(Sun, 29 Jan 2023 20:07:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Sergey Trofimov <sarg <at> sarg.org.ru>:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Sun, 29 Jan 2023 20:07:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
This patch allows users in netdev group to control wpa-supplicant
via D-Bus interface.
---
gnu/packages/admin.scm | 3 +++
.../wpa-supplicant-dbus-group-policy.patch | 23 +++++++++++++++++++
2 files changed, 26 insertions(+)
create mode 100644 gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 5cea17d562..b3383b4d86 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -2221,6 +2221,9 @@ (define-public wpa-supplicant
(name "wpa-supplicant")
(inputs (modify-inputs (package-inputs wpa-supplicant-minimal)
(prepend dbus)))
+ (source (origin
+ (inherit (package-source wpa-supplicant-minimal))
+ (patches (search-patches "wpa-supplicant-dbus-group-policy.patch"))))
(arguments
(substitute-keyword-arguments (package-arguments wpa-supplicant-minimal)
((#:phases phases)
diff --git a/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
new file mode 100644
index 0000000000..95c18dac18
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
@@ -0,0 +1,23 @@
+Borrowed from debian, allows users in netdev group to control wpa-supplicant
+via D-Bus.
+
+Description: Debian does not use pam_console but uses group membership
+ to control access to D-Bus. Activating both options in the conf file
+ makes it work on Debian and Ubuntu.
+Author: Michael Biebl <biebl <at> debian.org>
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;bug=412179
+---
+--- a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
++++ b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
+@@ -14,6 +14,11 @@
+ <allow send_interface="fi.w1.wpa_supplicant1"/>
+ <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+ </policy>
++ <policy group="netdev">
++ <allow send_destination="fi.w1.wpa_supplicant1"/>
++ <allow send_interface="fi.w1.wpa_supplicant1"/>
++ <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
++ </policy>
+ <policy context="default">
+ <deny own="fi.epitest.hostap.WPASupplicant"/>
+ <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
--
2.39.1
Information forwarded
to
guix-patches <at> gnu.org:
bug#61154; Package
guix-patches.
(Mon, 13 Feb 2023 12:54:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 61154 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On 2023-01-29 21:06, Sergey Trofimov wrote:
> This patch allows users in netdev group to control wpa-supplicant
> via D-Bus interface.
> ---
> gnu/packages/admin.scm | 3 +++
> .../wpa-supplicant-dbus-group-policy.patch | 23 +++++++++++++++++++
> 2 files changed, 26 insertions(+)
> create mode 100644 gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
>
> diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
> index 5cea17d562..b3383b4d86 100644
> --- a/gnu/packages/admin.scm
> +++ b/gnu/packages/admin.scm
> @@ -2221,6 +2221,9 @@ (define-public wpa-supplicant
> (name "wpa-supplicant")
> (inputs (modify-inputs (package-inputs wpa-supplicant-minimal)
> (prepend dbus)))
> + (source (origin
> + (inherit (package-source wpa-supplicant-minimal))
> + (patches (search-patches "wpa-supplicant-dbus-group-policy.patch"))))
> (arguments
> (substitute-keyword-arguments (package-arguments wpa-supplicant-minimal)
> ((#:phases phases)
> diff --git a/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
> new file mode 100644
> index 0000000000..95c18dac18
> --- /dev/null
> +++ b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
> @@ -0,0 +1,23 @@
> +Borrowed from debian, allows users in netdev group to control wpa-supplicant
> +via D-Bus.
> +
> +Description: Debian does not use pam_console but uses group membership
> + to control access to D-Bus. Activating both options in the conf file
> + makes it work on Debian and Ubuntu.
> +Author: Michael Biebl <biebl <at> debian.org>
> +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;bug=412179
> +---
> +--- a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
> ++++ b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
> +@@ -14,6 +14,11 @@
> + <allow send_interface="fi.w1.wpa_supplicant1"/>
> + <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
> + </policy>
> ++ <policy group="netdev">
> ++ <allow send_destination="fi.w1.wpa_supplicant1"/>
> ++ <allow send_interface="fi.w1.wpa_supplicant1"/>
> ++ <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
> ++ </policy>
> + <policy context="default">
> + <deny own="fi.epitest.hostap.WPASupplicant"/>
> + <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
Thank you for the patch, applied, reformatted to fit 80 columns, updated
commit message, pushed as 8d8b9a4c0c6273ce1680233ae234294f511e81b6.
--
Best regards,
Andrew Tropin
[signature.asc (application/pgp-signature, inline)]
Reply sent
to
Christopher Baines <mail <at> cbaines.net>:
You have taken responsibility.
(Wed, 01 Mar 2023 09:40:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Sergey Trofimov <sarg <at> sarg.org.ru>:
bug acknowledged by developer.
(Wed, 01 Mar 2023 09:40:02 GMT)
Full text and
rfc822 format available.
Message #13 received at 61154-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Andrew Tropin <andrew <at> trop.in> writes:
> Thank you for the patch, applied, reformatted to fit 80 columns, updated
> commit message, pushed as 8d8b9a4c0c6273ce1680233ae234294f511e81b6.
This does look to be merged, so marking as done.
[signature.asc (application/pgp-signature, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Wed, 29 Mar 2023 11:24:06 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 45 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.