summary refs log tree commit diff
diff options
context:
space:
mode:
authorSergey Trofimov <sarg@sarg.org.ru>2023-01-29 21:06:31 +0100
committerAndrew Tropin <andrew@trop.in>2023-02-13 16:50:16 +0400
commit8d8b9a4c0c6273ce1680233ae234294f511e81b6 (patch)
treef757920b96c79c70bddb3b61cc827eb3e5fe8fd0
parent5b1eab43f011983d9ee560d6935409b6b39706ff (diff)
downloadguix-8d8b9a4c0c6273ce1680233ae234294f511e81b6.tar.gz
gnu: wpa-supplicant: Add netdev group dbus policy.
The patch allows users in netdev group to control wpa-supplicant via D-Bus
interface.

* gnu/packages/admin.scm (wpa-supplicant)[source]: Add dbus policy patch.
* gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch: New file.

Signed-off-by: Andrew Tropin <andrew@trop.in>
-rw-r--r--gnu/packages/admin.scm4
-rw-r--r--gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch23
2 files changed, 27 insertions, 0 deletions
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 3d0886aba8..847a252364 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -2222,6 +2222,10 @@ command.")
     (name "wpa-supplicant")
     (inputs (modify-inputs (package-inputs wpa-supplicant-minimal)
               (prepend dbus)))
+    (source (origin
+              (inherit (package-source wpa-supplicant-minimal))
+              (patches (search-patches
+                        "wpa-supplicant-dbus-group-policy.patch"))))
     (arguments
      (substitute-keyword-arguments (package-arguments wpa-supplicant-minimal)
        ((#:phases phases)
diff --git a/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
new file mode 100644
index 0000000000..95c18dac18
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-dbus-group-policy.patch
@@ -0,0 +1,23 @@
+Borrowed from debian, allows users in netdev group to control wpa-supplicant
+via D-Bus.
+
+Description: Debian does not use pam_console but uses group membership
+ to control access to D-Bus. Activating both options in the conf file
+ makes it work on Debian and Ubuntu.
+Author: Michael Biebl <biebl@debian.org>
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;bug=412179
+---
+--- a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
++++ b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
+@@ -14,6 +14,11 @@
+                 <allow send_interface="fi.w1.wpa_supplicant1"/>
+                 <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+         </policy>
++        <policy group="netdev">
++                <allow send_destination="fi.w1.wpa_supplicant1"/>
++                <allow send_interface="fi.w1.wpa_supplicant1"/>
++                <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
++        </policy>
+         <policy context="default">
+                 <deny own="fi.epitest.hostap.WPASupplicant"/>
+                 <deny send_destination="fi.epitest.hostap.WPASupplicant"/>