You are not logged in.

#1 2012-11-23 10:58:00

Registered: 2012-11-23
Posts: 3

systemd with wpa_supplicant 802.1X wired and dhcpcd - Need help


At work we use 802.1X wired authentication on the network to get access. If successfully authenticated then I get 10.x.x.x network address from DHCP,
and if not successfully authenticated, I get a 172.x.x.x address from DHCP.

Now I've configured wpa_supplicant with certificates in its configuration file so that one is working fine.

What I have problems with is the startup, this is what I need in order:

* I need wpa_supplicant to start up
* wpa_supplicant needs to authenticate completely
* now dhcpcd may run and I should get 10.x.x.x address.

I've tried two (b*ttfugly) ways of solving this under systemd:

Description=WPA 802.1X

ExecStart=/usr/sbin//wpa_supplicant -ieth0 -Dwired -c/etc/wpa_supplicant/wpa_supplicant.conf


And in dhcpcd@.service I've added:


However this won't work since wpa_supplicant isn't done authenticating when dhcpcd starts up.

I've also tried using -B option to wpa_supplicant and forking in wpa_auth.service like this:

ExecStart=/usr/sbin//wpa_supplicant -B -ieth0 -Dwired -c/etc/wpa_supplicant/wpa_supplicant.conf

Now if I'm lucky this works, but it's still a race condition.

So: Next things I've tried is to make the wpa_auth.service start up a script (Type=forking) that executes wpa_supplicant, and adds a sleep 1, this gives wpa_supplicant 1 second to authenticate, but its still a shitty and unsafe solution.

Last solution I tried was using the above solution but replaced sleep with wpa_cli -a script that according to man page executes the script when it recieves an event. So right now the chain looks like this:

In chronological order:
- wpa_auth.service (systemd)
        - script
               - wpa_supplicant
               - wpa_cli -a script2 (will block until recieving an CONNECTED/DISCONNECTED event from wpa_supplicant, then run script2)
                       - script2
                              -pkill wpa_cli
               - exit 0
done - dhcpcd may start

I just want to find a way to start dhcpcd after wpa_supplicant has authenticated so I get a correct IP address.

How do I do this in a correct way? Can I use dbus somehow to make wpa_supplicant signal that it is done authenticating?


Last edited by dimman (2012-11-23 15:56:01)


Board footer

Powered by FluxBB