Linux and Wireless Config

Configuring wireless on Linux is a pain. Gentoo doesn’t make the situation any easier: there’s a text file in /etc/conf.d that needs to be edited to include your SSID, keys, options, etc., and if you’re using WPA/WPA2, you need to mess with /etc/wpa_supplicant/wpa_supplicant.conf as well. If I want to change networks (say, when I visit my dad’s house), I have to edit these files and restart the interface.

There’s NetworkManager. It looks really cool. Unfortunately, it doesn’t work on my PowerBook. It never scans for wireless networks (though it appears to detect my wireless interface ok), and its logging output isn’t too useful. To be fair, I haven’t had the time to look into it too deeply (after spending hours and hours getting it to build properly, I didn’t have much patience for runtime issues), and I’m aware that the Gentoo ‘backend’ isn’t one of the more mature ones. Also: it’s ridiculously over-engineered. I do understand all the various cool things you can do with it because of how it’s designed and integrated into the desktop, but all of that stuff isn’t useful for my general usage.

Oh, and I still can’t get NetworkManager to compile without gnome-panel present, which really pisses me off. It doesn’t even build a GNOME panel applet, as far as I can tell. Regardless, I use Xfce, as we all should know by now. I’ve tried to keep the number of extraneous useless libraries and apps installed on my laptop to a minimum, so I don’t really want to install most of GNOME just for a network control applet in my systray.

(I’d just like to point out that I think NetworkManager is a great piece of software. It obviously does work very well for some people. Just because it doesn’t work for me, or doesn’t meet my needs quite as well as I’d like, that doesn’t mean I think it’s crap. It most definitely isn’t.)

I was thinking about what I care about for a wireless network manager. I realised that I don’t need/want it to manage my wired ethernet interface. (That’s a separate project: just a simple daemon, probably written in bash or perl, that configures/un-configures the interface when a cable is plugged in or removed.) For wireless, I’m thinking about the MacOS X model here. You get a little menu in the menu bar that lets you turn wireless on and off, pick networks, enter security info, and (I think, don’t have the Mac in front of me right now) open up the networking settings panel. That’s really all I need as well. I don’t need fancy system services (I’ll count on Gentoo’s startup script to try to connect to my default already-defined networks on startup), I don’t need it to take care of my ethernet interface, I don’t need it integrated into my desktop so all my apps can know whether or not I have a network connection, I don’t need a D-Bus service, and I don’t need some weirdo ‘dhcdbd’ thing (I still have no idea what this does or why NetworkManager needs it, and I don’t particularly care).

So, I think I’m going to blatantly rip off the Mac and write a little system tray icon (yes, I know, abuse of the systray; sue me) to handle my wireless connections. I was looking at wpa_supplicant, and it appears that it’s freakin’ awesome. You can use it for connections to unsecured, WEPed, and WPAed networks (among a bunch of other things most people aren’t likely to have in their home), and it has a command-line tool to control a running instance of it (wpa_cli), which can add/remove networks, set parameters, force it to reassociate, etc. So I’m thinking I’ll just require wpa_supplicant, and do network management through that. There are two things that require root access: 1) bringing the interface up and down, and 2) writing out a new wpa_supplicant.conf file so the system boot scripts can take advantage of any changes (this is optional). We don’t need root for wpa_supplicant control, because it can be configured to allow normal users to control it based on their group membership (though on my laptop, the permissions on the control socket were messed up when I first tried it).

Bringing the interface up and down is annoying, since it’s a very tiny (yet critical) action, and I need to pay attention to a bunch of security-related issues. One option is to use gksu or some other GUI method of prompting for the password. I like this from a development perspective, as it requires very little work on my part. It’s a pain from the user’s perspective, though, as I don’t feel that a logged-in user should have to enter his/her password every time they want to turn wireless on or off. A lazy option is just to require the user to set up ‘sudo’ to let them run ifconfig with root privs with no password, but I don’t really like that either. I think I’ll end up writing a setuid helper app that validates the logged-in user in some other way (perhaps using pam_console).

I’m going to attempt to do it without depending on any Xfce libraries (though I might pull in libexo for the session client and a couple other things). I’d like to create a general-purpose desktop-neutral app here. It’s certainly not going to cater to everyone, and probably won’t work on all distros without some manual fudging. I just don’t have the time or desire to spend that much time on it (yet), and I’ll have to rely on contributors to submit patches for their setup of choice, if they care to do so.

Otherwise, it’s not that hard. I’ll store wireless config in my own format in the user’s homedir. There can be an option to write out a system-wide wpa_supplicant.conf file to sync changes with the system so the interface can come up on boot with some default setup. All that’s left is a lot of text output parsing (from wpa_cli, which hopefully doesn’t change output formats between versions), and good CLI/GUI integration when setting wireless parameters and presenting feedback to the user. Since I’ll be in MD for 2.5 weeks, I’ll give it a shot, as I don’t really have all that much planned while I’m at home.

(I think I’m going to name it ‘airconfig’; when I make a website for it, it’ll likely be here. If anyone has any thoughts for a more creative name, feel free to leave a comment.)