Xfce Forum

Sub domains
 

You are not logged in.

#1 2019-08-25 23:15:48

johnywhy
Member
Registered: 2011-10-09
Posts: 283

[Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

I don't mean the connection itself should be passwordless.
I mean the tool used to connect (wifi-menu, NetCtl, etc) should be passwordless.

I would like to enable all non-root users to connect to wifi, without sudo or root password. My current tool is:
wifi-menu

wifi-menu requires root privileges. Hoping to make the command executable by anyone, regardless of what groups they're in. Otherwise by group-permission.

I found methods using sudo, but what if sudo isn't installed?
(i choose not to run sudo for reasons. If you disagree, plz comment on the other thread)

thx

Last edited by johnywhy (2019-08-27 00:46:03)


arch xfce x86_64

Offline

#2 2019-08-26 00:29:07

alcornoqui
Member
Registered: 2014-07-28
Posts: 831

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

Offline

#3 2019-08-26 00:48:22

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

thx @alcornoqui! but seems pkexec will ask user for root password when it runs.

Last edited by johnywhy (2019-08-26 17:08:40)


arch xfce x86_64

Offline

#4 2019-08-26 02:08:07

Aravisian
Member
Registered: 2019-08-17
Posts: 410

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

You can configure SUeruserDO to operate without asking for a password if you want. But it must be installed in order to use the privileges.
Just as you cannot run GUI's without an engine to run them.

Offline

#5 2019-08-26 02:11:07

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

thx! But as i mentioned in the title of this question, i would like to find a method not dependent on sudo, if possible.

Last edited by johnywhy (2019-08-26 08:45:45)


arch xfce x86_64

Offline

#6 2019-08-26 03:04:06

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

Here are the permissions on the executable:

% ls -l /usr/bin/wifi-menu
-rwxr-xr-x 1 root root 9270 Feb 12  2019 /usr/bin/wifi-menu

i'm seeing some possibilities. Here are several possible options. There's overlap between some of these:

---

chmod 4750 a specific program [that can wrap the command], to elevate the rights of a normal user to execute that as root.
https://serverfault.com/a/676725

---

1) create a special group, with your normal user as the only member in that group.
2) for your script, assign owner/group as root/special-group, with rwx permissions for root, and r-x for group.
https://www.linuxquestions.org/question … ost3838946

---

# cp /bin/vi ~user/bin/myvi
# chown root.group ~user/bin/myvi
# chmod 4750 ~user/bin/myvi
https://www.quora.com/How-do-I-give-roo … /Vern-Hart

---

Executables have permissions bits. One of the permissions bits is the setuid bit. The setuid bit indicates the system should set the user ID of the running process to the OWNER of the executable rather than the RUNNER. So, you’d take a copy of, say, /bin/bash, use chown to set its owner to root, and use chmod to give it a setuid bit.
https://www.quora.com/How-do-I-give-roo … aul-Reiber

Compile this program like -

Become root, say su -
Compile program - gcc -o make_me_root this_prog.c
chmod 6755 make_me_root
logout
Now anything you run with make_me_root <arg> will be run as root

#include <unistd.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char *const argv[])
{
int i,j;
char *comm=argv[1];
char *curr_user;
char *mesg;
argv++;
curr_user=getenv("LOGNAME");
// Permision for specific user
if (!strcmp(curr_user,"XXXXXXXXXXXXXXXXXXXX"))
{
setresuid(0,0,0); //uid of root
setresgid(0,0,0); //gid of root
j=execv(comm,argv);
printf ("\n\nCheck that <%s> exist in the path env,variable or give a full path\n",argv[0]);
}
else
{
exit(EXIT_FAILURE);
}
return 0;
}
https://www.quora.com/How-do-I-give-roo … -Shukla-14

---

Create a user just for this command. Make them a root user, but limit their to this file. Not sure if this is possible without sudo. If this works, it may be the simplest solution.
https://security.stackexchange.com/a/150581

---

Might cgroups help?

---

Put the exe in your home dir, take ownership, and give yourself full permissions.
I tried this, and still got the "wifi-menu requires root privileges" error.

------------

Might polkit help?
https://askubuntu.com/a/315900

---

This failed:

% su
% chmod 4750 /usr/bin/wifi-menu
% exit          (return to non-root prompt)
% wifi-menu
zsh: permission denied: wifi-menu

---

also failed:

% pkexec chmod +x /usr/bin/wifi-menu
% wifi-menu
/bin/bash: /usr/bin/wifi-menu: Permission denied

---

strange approach, involving deleting and recreating the user:
https://www.linuxquestions.org/question … 175601499/

---

embed the root password in a script which calls my target.
The password could be clear text, and then remove everyone's read/write access to the file containing the password.
Or, encrypt it.
Or, put the password in an environment variable, or retrieve it from someplace else...
https://www.perlmonks.org/?node_id=1183260
https://stackoverflow.com/questions/331 … -seeing-it
https://askubuntu.com/questions/52212/w … y-a-script

Last edited by johnywhy (2019-08-27 14:19:05)


arch xfce x86_64

Offline

#7 2019-08-26 03:08:57

Aravisian
Member
Registered: 2019-08-17
Posts: 410

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

johnywhy wrote:

thx! i would like to find a method not dependent on sudo, if possible.

There are two ways of looking at it:
1.) Anything is possible if you have the knowledge, drive and time.
2.) It's impossible.


I admire your curiosity and scientific inquisitiveness into the basics of how Operating Systems work. But for what you have been describing wanting to do; you would need to really start from scratch and build your operating system from the ground up. Pick a base, a language and start from there. It's entirely possible... But no easy task.

There was a time when you would have had an easier time of it. As time passes, more is built on top of the underlying foundation and this adds many degrees of complexity and inter-dependency.
A forum is a great place to get a quick answer. Kind of like Wikipedia. But if you want/need in depth knowledge, an education is required for that. Going to school for it, getting formatted instruction with a set curriculum.

Your curiosity and scientific examination is a great thing. It's why we remember Halley and Newton and Galileo. Pasteur... The old "What happens if I do this?" is the most powerful question in our history.
But a person must also responsibly accept the consequences of asking it. wink

Offline

#8 2019-08-26 03:14:35

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

More interesting clues:

network operations require root privileges. networkmanager and wicd handle this by running a daemon as root, and an applet as user. netctl handles it by requiring you to use root privileges. I think you can't. If you want to manage wifi without sudo, you should switch to networkmanager or wicd.
https://www.reddit.com/r/archlinux/comm … s/cqrh9kr/

If you don't use netctl but just wpa_supplicant with a static config and a dhcp client that's always running in the background (like dhcpcd or systemd-networkd), you can add a line like
ctrl_interface=DIR=/run/wpa_supplicant GROUP=network
to your wpa_supplicant.conf, add your user to the network group and switch networks using wpa_cli or wpa_gui (package: extra/wpa_supplicant_gui).
https://www.reddit.com/r/archlinux/comm … s/cqrtr1b/

Instead of wifi-menu, you can use network manager, root privilege is not required by normal user when performing such tasks. After installation, enable the daemon, then you can use:
nmgui(ncurse based)
nmcli
https://www.quora.com/Why-does-Arch-Lin … achary-Mao

i love people who offer solutions and solid information! smile

Aravisian wrote:

we remember Halley and Newton and Galileo. Pasteur...

Philosophy is nice, but i'm here for technical knowledge. thx

Last edited by johnywhy (2019-08-26 17:12:35)


arch xfce x86_64

Offline

#9 2019-08-27 00:43:26

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

My original purpose was to allow all non-root users to connect to wifi without root password.

I solved that, using wicd instead of NetCtl. As described above in my list of possible solutions, wicd allows users to connect without root. Great!

So, i'll stop pursing this thread for now.

But, the exploration of this topic is still very interesting to me, and potentially useful: allowing non-root users to run root tasks without pw, without sudo, and without sudoers. i haven't cracked that yet. I believe the solution is in my list of possible solutions, above. The method involving chmod and/or chown seems most promising to me, atm. So, I hope others will continue to contribute to this thread.

thx!

Last edited by johnywhy (2019-08-27 02:21:56)


arch xfce x86_64

Offline

#10 2019-08-27 02:08:59

Aravisian
Member
Registered: 2019-08-17
Posts: 410

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

johnywhy wrote:

My original purpose was to allow all non-root users to connect to wifi without root password.

I solved that, using wicd instead of NetCtl.
Great!

So, i'll stop pursing this thread for now.

Can you show your full solution so that others may use it?

Offline

#11 2019-08-27 02:10:52

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

For me, install and confgure wicd this way for arch
https://wiki.archlinux.org/index.php/Wicd#Installation

Might be a bit different for other OS's


arch xfce x86_64

Offline

#12 2019-08-27 06:59:32

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

Update, although wicd works, i'm trying out more of these methods.

i tried this one from above:
https://www.reddit.com/r/archlinux/comm … s/cqrtr1b/

added the following to
/etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/run/wpa_supplicant GROUP=network

Then ran wpa-cute, and still got a permissions error. I suspect my config line above is wrong.
Any suggestions?

I noticed that both wpa-cute and wicd-gtk consume quite of bit of RAM, about 50MB and 60MB respectively. Since i'm trying to run a slim OS, hoping there's a more lightweight solution.

Wondering if this config method could be applied to some other executable, like wifi-menu smile

Last edited by johnywhy (2019-08-27 13:49:47)


arch xfce x86_64

Offline

#13 2019-08-27 09:44:15

Aravisian
Member
Registered: 2019-08-17
Posts: 410

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

johnywhy wrote:

Update, i tried this one from above:
https://www.reddit.com/r/archlinux/comm … s/cqrtr1b/

added the following to
/etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/run/wpa_supplicant GROUP=network

Then ran wpa-cute, and still got a permissions error. I suspect my config line above is wrong.
Any suggestions?

I noticed that both wpa-cute and wicd-gtk consume quite of bit of RAM, about 50MB and 60MB respectively. Since i'm trying to run a slim OS, hoping there's a more lightweight solution.

Wondering if this config method could be applied to some other executable, like wifi-menu smile

Johnywhy,
Could you also do a quick update on your title so viewers know solution still needed? OTherwise some may breeze over the thread assuming the recent post is a "thanks. works great" comment.

Offline

#14 2019-08-27 10:50:10

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

The wicd solution works. Now I'm just experimenting with other options.

Are you a moderator, or just being helpful?

Last edited by johnywhy (2019-08-27 11:25:06)


arch xfce x86_64

Offline

#15 2019-08-27 13:14:25

Aravisian
Member
Registered: 2019-08-17
Posts: 410

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

johnywhy wrote:

The wicd solution works. Now I'm just experimenting with other options.

Ah, I misunderstood when you said you got a permissions error.

johnywhy wrote:

Are you a moderator, or just being helpful?

No, I am an ordinary member, Not a Moderator.
But yes, trying to be helpful.

Offline

#16 2019-08-27 14:06:13

johnywhy
Member
Registered: 2011-10-09
Posts: 283

Re: [Solved] Passwordless Wifi Connections Without Sudo or Sudoers?

I discovered another option, dhcpcd-ui.

https://roy.marples.name/projects/dhcpcd-ui
https://roy.marples.name/cgit/dhcpcd-ui.git/
http://roy.marples.name/downloads/dhcpc … .5.tar.bz2
https://aur.archlinux.org/packages/dhcpcd-ui/

The dev told me it can do rootless wifi connections smile

It uses dhcpcd daemon and wpa_supplicant, which are already running on arch anyway. So it's a lighter weight install than wpa-cute or wicd-gtk, which run their own daemons. Eats less RAM too-- on first try, it consumes only 29MB RAM. That's less than wpa-cute or wicd-gtk.

Not totally working quite right yet, i think my experiments have munged my OS big_smile  I'll report back when running.

Last edited by johnywhy (2019-08-27 19:33:38)


arch xfce x86_64

Offline

Board footer

Powered by FluxBB