[openwrt/openwrt] hostapd: allow hostapd under ujail to communicate with hostapd_cli
LEDE Commits
lede-commits at lists.infradead.org
Tue Nov 23 10:54:41 PST 2021
dangole pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/398cbb76fa88f2d5dcc05b0ecc24ced1bbcad9ca
commit 398cbb76fa88f2d5dcc05b0ecc24ced1bbcad9ca
Author: Mark Mentovai <mark at moxienet.com>
AuthorDate: Tue Nov 23 12:28:55 2021 -0500
hostapd: allow hostapd under ujail to communicate with hostapd_cli
When procd-ujail is available, 1f785383875a runs hostapd as user
"network", with only limited additional capabilities (CAP_NET_ADMIN and
CAP_NET_RAW).
hostapd_cli (CONFIG_PACKAGE_hostapd-utils) communicates with hostapd
over a named UNIX-domain socket. hostapd_cli is responsible for creating
this socket at /tmp/wpa_ctrl_$pid_$counter. Since it typically runs as
root, this endpoint is normally created with uid root, gid root, mode
0755. As a result, hostapd running as uid network is able to receive
control messages sent through this interface, but is not able to respond
to them. If debug-level logging is enabled (CONFIG_WPA_MSG_MIN_PRIORITY
<= 2 at build, and log_level <= 2 in /etc/config/wireless wifi-device),
this message will appear from hostapd:
CTRL: sendto failed: Permission denied
As a fix, hostapd_cli should create the socket node in the filesystem
with uid network, gid network, mode 0770. This borrows the presently
Android-only strategy already in hostapd intended to solve the same
problem on Android.
If procd-ujail is not available and hostapd falls back to running as
root, it will still be able to read from and write to the socket even if
the node in the filesystem has been restricted to the network user and
group. This matches the logic in
package/network/services/hostapd/files/wpad.init, which sets the uid and
gid of /var/run/hostapd to network regardless of whether procd-ujail is
available.
As it appears that the "network" user and group are statically allocated
uid 101 and gid 101, respectively, per
package/base-files/files/etc/passwd and USERID in
package/network/services/hostapd/Makefile, this patch also uses a
constant 101 for the uid and gid.
Signed-off-by: Mark Mentovai <mark at moxienet.com>
[refreshed patch]
Signed-off-by: Daniel Golle <daniel at makrotopia.org>
---
.../patches/610-hostapd_cli_ujail_permission.patch | 33 ++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch
new file mode 100644
index 0000000000..a03fcc9f92
--- /dev/null
+++ b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch
@@ -0,0 +1,33 @@
+--- a/src/common/wpa_ctrl.c
++++ b/src/common/wpa_ctrl.c
+@@ -135,7 +135,7 @@ try_again:
+ return NULL;
+ }
+ tries++;
+-#ifdef ANDROID
++
+ /* Set client socket file permissions so that bind() creates the client
+ * socket with these permissions and there is no need to try to change
+ * them with chmod() after bind() which would have potential issues with
+@@ -147,7 +147,7 @@ try_again:
+ * operations to allow the response to go through. Those are using the
+ * no-deference-symlinks version to avoid races. */
+ fchmod(ctrl->s, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+-#endif /* ANDROID */
++
+ if (bind(ctrl->s, (struct sockaddr *) &ctrl->local,
+ sizeof(ctrl->local)) < 0) {
+ if (errno == EADDRINUSE && tries < 2) {
+@@ -165,7 +165,11 @@ try_again:
+ return NULL;
+ }
+
+-#ifdef ANDROID
++#ifndef ANDROID
++ /* Set group even if we do not have privileges to change owner */
++ lchown(ctrl->local.sun_path, -1, 101);
++ lchown(ctrl->local.sun_path, 101, 101);
++#else
+ /* Set group even if we do not have privileges to change owner */
+ lchown(ctrl->local.sun_path, -1, AID_WIFI);
+ lchown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI);
More information about the lede-commits
mailing list