hostapd: Allow ctrl_iface group to be specified on command line

The new -G<group> command line argument can now be used to set the group
for the control interfaces to enable cases where hostapd is used without
a configuration file and the controlling program is not running with
root user privileges.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c
index f20721b8a0c792e657ef7ab0b72be44149fcec1f..2153329dd1d5e23637dff63de9fc218508f32d50 100644 (file)
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -1076,6 +1076,14 @@ int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
                return -1;
        }
 
+       if (!hapd->conf->ctrl_interface_gid_set &&
+           hapd->iface->interfaces->ctrl_iface_group &&
+           chown(hapd->conf->ctrl_interface, -1,
+                 hapd->iface->interfaces->ctrl_iface_group) < 0) {
+               perror("chown[ctrl_interface]");
+               return -1;
+       }
+
 #ifdef ANDROID
        /*
         * Android is using umask 0077 which would leave the control interface
@@ -1148,6 +1156,13 @@ int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
                goto fail;
        }
 
+       if (!hapd->conf->ctrl_interface_gid_set &&
+           hapd->iface->interfaces->ctrl_iface_group &&
+           chown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
+               perror("chown[ctrl_interface/ifname]");
+               goto fail;
+       }
+
        if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
                perror("chmod[ctrl_interface/ifname]");
                goto fail;
@@ -1316,6 +1331,11 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
                        perror("mkdir[ctrl_interface]");
                        goto fail;
                }
+       } else if (interface->ctrl_iface_group &&
+                  chown(interface->global_iface_path, -1,
+                        interface->ctrl_iface_group) < 0) {
+               perror("chown[ctrl_interface]");
+               goto fail;
        }
 
        if (os_strlen(interface->global_iface_path) + 1 +
@@ -1369,6 +1389,12 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
                }
        }
 
+       if (interface->ctrl_iface_group &&
+           chown(fname, -1, interface->ctrl_iface_group) < 0) {
+               perror("chown[ctrl_interface]");
+               goto fail;
+       }
+
        if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
                perror("chmod[ctrl_interface/ifname]");
                goto fail;

diff --git a/hostapd/main.c b/hostapd/main.c
index d4256d0f6ead88416b8fd2bae1d5e2c3f58d05b1..4b0da3c10b0e32a3fb5fc90dd363a7fb90dccd7f 100644 (file)
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -9,6 +9,7 @@
 #include "utils/includes.h"
 #ifndef CONFIG_NATIVE_WINDOWS
 #include <syslog.h>
+#include <grp.h>
 #endif /* CONFIG_NATIVE_WINDOWS */
 
 #include "utils/common.h"
@@ -480,7 +481,8 @@ static void usage(void)
                "\n"
                "usage: hostapd [-hdBKtv] [-P <PID file>] [-e <entropy file>] "
                "\\\n"
-               "         [-g <global ctrl_iface>] <configuration file(s)>\n"
+               "         [-g <global ctrl_iface>] [-G <group>] \\\n"
+               "         <configuration file(s)>\n"
                "\n"
                "options:\n"
                "   -h   show this usage\n"
@@ -488,6 +490,7 @@ static void usage(void)
                "   -B   run daemon in the background\n"
                "   -e   entropy file\n"
                "   -g   global control interface path\n"
+               "   -G   group for control interfaces\n"
                "   -P   PID file\n"
                "   -K   include key data in debug messages\n"
 #ifdef CONFIG_DEBUG_FILE
@@ -531,6 +534,22 @@ static int hostapd_get_global_ctrl_iface(struct hapd_interfaces *interfaces,
 }
 
 
+static int hostapd_get_ctrl_iface_group(struct hapd_interfaces *interfaces,
+                                       const char *group)
+{
+#ifndef CONFIG_NATIVE_WINDOWS
+       struct group *grp;
+       grp = getgrnam(group);
+       if (grp == NULL) {
+               wpa_printf(MSG_ERROR, "Unknown group '%s'", group);
+               return -1;
+       }
+       interfaces->ctrl_iface_group = grp->gr_gid;
+#endif /* CONFIG_NATIVE_WINDOWS */
+       return 0;
+}
+
+
 int main(int argc, char *argv[])
 {
        struct hapd_interfaces interfaces;
@@ -556,7 +575,7 @@ int main(int argc, char *argv[])
        interfaces.global_ctrl_sock = -1;
 
        for (;;) {
-               c = getopt(argc, argv, "Bde:f:hKP:tvg:");
+               c = getopt(argc, argv, "Bde:f:hKP:tvg:G:");
                if (c < 0)
                        break;
                switch (c) {
@@ -594,7 +613,9 @@ int main(int argc, char *argv[])
                case 'g':
                        hostapd_get_global_ctrl_iface(&interfaces, optarg);
                        break;
-
+               case 'G':
+                       hostapd_get_ctrl_iface_group(&interfaces, optarg);
+                       break;
                default:
                        usage();
                        break;

diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
index 8ab4f3e0e76466d98add669faf5a5470a8d973df..f5aed994770380b43eccd8ae73e1ed21d6a8a149 100644 (file)
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -40,6 +40,7 @@ struct hapd_interfaces {
        int global_ctrl_sock;
        char *global_iface_path;
        char *global_iface_name;
+       gid_t ctrl_iface_group;
        struct hostapd_iface **iface;
 };