Skip to content
This repository has been archived by the owner on Jun 7, 2022. It is now read-only.

Switching between client and access mode #24

Open
mhfowler opened this issue Mar 29, 2021 · 1 comment
Open

Switching between client and access mode #24

mhfowler opened this issue Mar 29, 2021 · 1 comment

Comments

@mhfowler
Copy link
Contributor

While writing the setup documentation I was testing this out,
I was able to switch between client and access mode using systemctl (worked great!),
but I wasn't able to switch modes using the physical interface or the web interface,
I didn't really poke around as the cause,

but curious if these are working for you @mycognosist with the latest peach code?
@mycognosist
Copy link
Collaborator

@mhfowler

Good catch! I've found the source of the problem in the systemd log:

Mar 18 20:15:51 peach systemd[1]: Started Query and configure network interfaces using JSON-RPC over HTTP..
Mar 18 20:21:24 peach sudo[412]: pam_unix(sudo:auth): conversation failed
Mar 18 20:21:24 peach sudo[412]: pam_unix(sudo:auth): auth could not identify password for [peach-network]
Mar 18 20:21:24 peach sudo[412]: peach-network : user NOT in sudoers ; TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/systemctl start [email protected]

A bit of explanation:

The activate_ap() and activate_client() functions in peach-network simply start the required service via a command call to systemd. For example, sudo systemctl start [email protected]. Under the previous configuration, a rule was created in /etc/sudoers.d/ to allow the peach-network user to run the sudo command without needing to provide a password (we do a similar thing with /etc/sudoers.d/shutdown - configured by peach-config - to allow reboot and shutdown from peach-menu). Since that sudoers rule file is not there any more, we're receiving these errors.

Now that we're running peach-network as a member of the netdev group, I believe it might be possible to successfully execute the systemctl start command without sudo. I was in the process of testing this assumption but I broke my sudoers config and will need to reflash my system (doh!). A good reminder to use visudo for these purposes and not recklessly copy files XD

I'll comment again here once I've tested. Hopefully the netdev membership is sufficient and I can simply update the relevant functions in peach-network to remove sudo from the command. Otherwise, I'll create the necessary sudoers file for the command and submit a PR to peach-config.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mhfowler @mycognosist