wpa-service-0.21

Eloi Primaux eloi at bliscat.org
Wed Feb 14 02:42:55 PST 2007


AUTHOR: Eloi Primaux eloi AT bliscat dot org

DATE: 2007-02-14

LICENSE: GNU Free Documentation License Version 2

SYNOPSIS: Setting up a wifi interface using wpa_supplicant and LFS IP
services

DESCRIPTION:

ATTACHMENTS:

http://www.linuxfromscratch.org/hints/downloads/attachments/wpa-service/wpa_service.conf
http://www.linuxfromscratch.org/hints/downloads/attachments/wpa-service/wpa-rcscript
http://www.linuxfromscratch.org/hints/downloads/attachments/wpa-service/wpa-service
http://www.linuxfromscratch.org/hints/downloads/attachments/wpa-service/wpa-service-iface
http://www.linuxfromscratch.org/hints/downloads/attachments/wpa-service/wpa_actions-script


PREREQUISITES:

- A working LFS-6.1.1 system or newer with wireless capabilities  
- Almost two networks services like ipv4-static/dhcpcd installed
- wpa_supplicant (>=0.5.7) and wireless drivers
 
HINT:

0) Requirement and Optional tools
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0.a) wpa_supplicant 'The core'
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is NOT an usual step if you omit something here you won't be able
to attach
your device to any access point

Please use the 0.5.7 version or newer, available at:
link: http://hostap.epitest.fi/wpa_supplicant

Again, i strongly recommend you to read its README before doing
anything.
wpa_supplicant may need the source of your drivers then edit the .config
file
as described in the README and set all constants according to your
system.
also when ready install it by executing :

find ./ -name 'Makefile' -exec sed 's,/usr/local,/usr,g' {} \ &&
make &&
make install

1) This Hints
~~~~~~~~~~~~~
wpa_supplicant is designed to be a "daemon" program that runs in the
background
and acts as the back-end component controlling the wireless connection.
wpa_supplicant supports separate front-end programs and a text-based
front-end (wpa_cli) is included with wpa_supplicant.

1.1) Install Files and Directories (this is only a proposal)

  install -d /etc/sysconfig/wpa_supplicant
  install -m644 wpa_service.conf /etc/sysconfig/wpa_supplicant

  install -m755 wpa-rcscript /etc/rc.d/init.d/wpa
  ln -nsf /etc/rc.d/init.d/wpa /etc/rc.d/rc3.d/S15wpa
  ln -nsf /etc/rc.d/init.d/wpa /etc/rc.d/rc5.d/S15wpa
  ln -nsf /etc/rc.d/init.d/wpa /etc/rc.d/rc6.d/K85wpa
  ln -nsf /etc/rc.d/init.d/wpa /etc/rc.d/rc0.d/K85wpa

  install -m755
wpa_actions-script /etc/sysconfig/wpa_supplicant/wpa_actions
  install -m755
ifplugd_wrapper-script /etc/sysconfig/wpa_supplicant/ifplugd_wrapper
  install -m755 wpa-service /etc/sysconfig/network-devices/services

  install -d /etc/sysconfig/network-devices/ifconfig.<IFACE>
  install -m644
wpa-service-iface /etc/sysconfig/network-devices/ifconfig.<IFACE>/wpa-service

  were <IFACE> is your interface

2) Network Configuration
~~~~~~~~~~~~~~~~~~~~~~~~

All configurations go in the wpa-service-iface
which is located
at /etc/sysconfig/network-device/ifconfig.<IFACE>/wpa-service

 
2.1) Network configurations with any of the three functions:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

wpa-service can set up your network according to it's SSID, this means
that if
the SSID "DHCP network" manage ip via a dhcp server, wpa-service will
use the
SSID file descriptor to set up you network when connecting to the SSID
network.

 Those ssid descriptors are named with the name of the SSID they
describe,
 and took place in the /etc/sysconfig/wpa_supplicant directory.
 
 the "AzErTy" SSID descriptor will
be /etc/sysconfig/wpa_supplicant/AzeRtY

2.1) SSID descriptor syntax:
An SSID descriptor is a regular network configuration file as used in
LFS system
it means that if SSID "IPV4" use ipv4-static, the the descriptor "IPV4"
will be

	cat > /etc/sysconfig/wpa_supplicant/IPV4 << "EOF"
	ONBOOT=yes
	SERVICE=ipv4-static
	IP=192.168.1.1
	GATEWAY=192.168.1.2
	PREFIX=24
	BROADCAST=192.168.1.255
	EOF

and if the "DHCP" SSID use dhcp :

	cat > /etc/sysconfig/wpa_supplicant/DHCP << "EOF"
	ONBOOT="yes"
	SERVICE="dhcpcd"
	DHCP_START="-o"
	DHCP_STOP="-k -o" # the '-o' prevent your interface being destroyed by
dhcpcd 

	# Set PRINTIP="yes" to have the script print
	# the DHCP assigned IP address
	PRINTIP="no"

	# Set PRINTALL="yes" to print the DHCP assigned values for
	# IP, SM, DG, and 1st NS. This requires PRINTIP="yes".
	PRINTALL="no"
	EOF

for convenience, wpa_actions fall back
to /etc/sysconfig/wpa_supplicant/AUTO
when no SSID descriptor is available,

Then install a common/automatic network configuration:
I use dhcpcd:   

	cat > /etc/sysconfig/wpa_supplicant/AUTO << "EOF"
	ONBOOT="yes"
	SERVICE="dhcpcd"
	DHCP_START="-o"
	DHCP_STOP="-k -o" # the '-o' prevent your interface being destroyed by
dhcpcd

	# Set PRINTIP="yes" to have the script print
	# the DHCP assigned IP address
	PRINTIP="no"

	# Set PRINTALL="yes" to print the DHCP assigned values for
	# IP, SM, DG, and 1st NS. This requires PRINTIP="yes".
	PRINTALL="no"
	EOF



3) The wpa_supplicant.conf (The network keys description) 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The wpa_supplicant README and wiki explain the composition of this file.

The file syntax is the wpa_supplicant.conf file syntax, it is specific
to the
wpa_supplicant program and only depend of the programmer choice, thus
instead of
explaining you of how this file is read, i will show you a set of
command to
create a config file with wpa_supplicant.

in a bash shell execute:

wpa_passphrase <ssid> [passphrase] >> wpa_supplicant.conf

Where <ssid> is the name of the access point and where [pasphrase] is
your ...
pass-phrase.

Now edit the newly created wpa_supplicant.conf file:
Which should contains something similar to:

network={
        ssid="ssid"
        #psk="passphrase"

psk=2b1d17284c5410ee5eaae7151290e9744af2182b0eb8af20dd4ebb415928f726
}

you will directly see that you can define more than one network in this
file,
that's why wpa_supplicant is very nice: it chooses automatically in its
configuration file the best (aka secure and available) network to
connect.

4) Geting over troubles (and tunning your network)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

open a new console and launch in the foreground wpa_supplicant in debug
mode:

wpa_supplicant -g/var/run/wpa_supplicant-global \
               -P/var/run/wpa_supplicant.pid -ddd

this will make wpa_supplicant to output anything to us.

Now start the wpa_cli in another console:

wpa_cli -g/var/run/wpa_supplicant-global interface_add wlan[X]
"" [driver] \
        /var/run/wpa_supplicant

Where wlan[X] is the device name of your network interface and where
[driver] is
the name of your driver

examples:
wpa_cli -g/var/run/wpa_supplicant-global interface_add ath0 "" madwifi \
        /var/run/wpa_supplicant
wpa_cli -g/var/run/wpa_supplicant-global interface_add eth1 "" wext \
        /var/run/wpa_supplicant

if it fail, please have a look to the output of the wpa_supplicant
daemon

wpa_cli -iwlan[X] -p/var/run/wpa_supplicant

Then in wpa_cli type :

scan

and after some seconds type

scan_result

This will output a list of available networks.

As an example:


root at bliscat:/home/eloi# wpa_cli -iath0 -p/var/run/wpa_supplicant
wpa_cli v0.4.8
Copyright (c) 2004-2005, Jouni Malinen <jkmaline at cc.hut.fi> and
contributors

This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.

Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.


Selected interface 'ath0'

Interactive mode

> scan
OK
> scan_result
bssid / frequency / signal level / flags / ssid
00:0f:b5:ee:af:8f       2437    212     [WPA2-PSK-CCMP-preauth] MY_net
00:10:c6:eb:95:11       2457    205     [WEP]   Wanadoo_5441


you can see that my network 'My_net' use WPA2-PSK-CCMP which is WPA-PSK
with CCMP as group and pairwise

type exit to quit wpa_cli


With this output we can now feed the wpa_supplicant.conf file:

network={
        ssid="ssid"
        key_mgmt=WPA-PSK
        proto=WPA2
        pairwise=CCMP
        group=CCMP
        #psk="passphrase"

psk=2b1d17284c5410ee5eaae7151290e9744af2182b0eb8af20dd4ebb415928f726
}


Note if you wish you can only use the human readable pass-phrase,
then comment it out and comment the hexadecimal pass-phrase

Now kill the last instance of the wpa_supplicant daemon :

killall wpa_supplicant

And test your new configuration file:

wpa_supplicant -d[driver] -iwlan[X] -c[configfile] -dd

example:
wpa_supplicant -dmadwifi -iath0 -c./wpa_supplicant.conf -dd

If you see something like SUCCESS it's done, kill it again and copy the
config
file to a secure directory:

install -d /etc/sysconfig/wpa_supplicant
chmod 700 -c /etc/sysconfig/wpa_supplicant
cp wpa_supplicant.conf /etc/sysconfig/wpa_supplicant/wpa_supplicant.conf
chmod 600 -c /etc/sysconfig/wpa_supplicant/wpa_supplicant.conf


5) The End
~~~~~~~~~~
execute:

/etc/rc.d/init.d/network stop
/etc/rc.d./init.d/wpa restart
/etc/rc.d/init.d/network start

if there is no errors, and your system is connected, then you can safely
restart
your computer to see it setting up your wireless card during boot time.

ACKNOWLEDGMENTS:
 The wireless hint
 The Wireless HOWTO
 wpa_supplicant README
 The madwifi wiki
 The LFS/BLFS Books


CHANGELOG:
2006 03 10 Second release, first send to lfshint
2006 03 16 added some words to help wpa-supplicant.conf writing
2006 03 18 fix wrong paths
2006 03 31 Rewritten and try to match the LFS-standard thank's to
archaic's help
2006 04 01 fix incomplete find commands
2006 10 15 wpa-service 0.2
2006 02 14 some typo fix in scripts, removed ifplugd support, and
wait_for_up function

-------------- next part --------------
A non-text attachment was scrubbed...
Name: wpa_actions
Type: application/x-shellscript
Size: 1492 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hints/attachments/20070214/6ff34d22/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wpa-init
Type: application/x-shellscript
Size: 982 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hints/attachments/20070214/6ff34d22/attachment-0001.bin>
-------------- next part --------------
 # The wpa_supplicant daemon settings

 #the name of the wpa_supplicant client and daemon if they change
        
        WPA_CLIENT_NAME="wpa_cli"
	WPA_DAEMON_NAME="wpa_supplicant"
	
 # here is the directory where wpa_supplicant.conf should be
        
        WPA_CONFIG_DIR="/etc/sysconfig/wpa_supplicant"
 
 # here is the name of your wpa_supplicant.conf file
        
        WPA_CONFIG_FILE="wpa_supplicant.conf"
 
 # here is the name of your action file
 	
 	WPA_ACTION_FILE=$WPA_CONFIG_DIR/wpa_actions
 
 # This is what need wpa_supplicant
	
	WPA_PID_FILE=/var/run/wpa_supplicant.pid
	WPA_GLOBAL_FILE=/var/run/wpa_supplicant-global
	WPA_ACCESS_DIR=/var/run/wpa_supplicant
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wpa-service
Type: application/x-shellscript
Size: 4417 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hints/attachments/20070214/6ff34d22/attachment-0002.bin>
-------------- next part --------------
ONBOOT="yes"
SERVICE="wpa-service"
VERBOSE="NO"
	. /etc/sysconfig/wpa_supplicant/wpa_service.conf

# Here you have to define which wpa driver wpa_supplicant will use for
#this interface
        WPA_DRIVER="madwifi"


More information about the hints mailing list