You are not logged in.
Hi,
At work we use 802.1X wired authentication on the network to get access. If successfully authenticated then I get 10.x.x.x network address from DHCP,
and if not successfully authenticated, I get a 172.x.x.x address from DHCP.
Now I've configured wpa_supplicant with certificates in its configuration file so that one is working fine.
What I have problems with is the startup, this is what I need in order:
* I need wpa_supplicant to start up
* wpa_supplicant needs to authenticate completely
* now dhcpcd may run and I should get 10.x.x.x address.
I've tried two (b*ttfugly) ways of solving this under systemd:
wpa_auth.service
[Unit]
Description=WPA 802.1X
Requires=sys-subsystem-net-devices-eth0.device
After=sys-subsystem-net-devices-eth0.device
[Service]
Type=simple
ExecStart=/usr/sbin//wpa_supplicant -ieth0 -Dwired -c/etc/wpa_supplicant/wpa_supplicant.conf
[Install]
Alias=multi-user.target.wants/wpa_auth.service
And in dhcpcd@.service I've added:
After=wpa_auth.service
However this won't work since wpa_supplicant isn't done authenticating when dhcpcd starts up.
I've also tried using -B option to wpa_supplicant and forking in wpa_auth.service like this:
Type=forking
ExecStart=/usr/sbin//wpa_supplicant -B -ieth0 -Dwired -c/etc/wpa_supplicant/wpa_supplicant.conf
Now if I'm lucky this works, but it's still a race condition.
So: Next things I've tried is to make the wpa_auth.service start up a script (Type=forking) that executes wpa_supplicant, and adds a sleep 1, this gives wpa_supplicant 1 second to authenticate, but its still a shitty and unsafe solution.
Last solution I tried was using the above solution but replaced sleep with wpa_cli -a script that according to man page executes the script when it recieves an event. So right now the chain looks like this:
In chronological order:
- wpa_auth.service (systemd)
Type=forking
- script
- wpa_supplicant
- wpa_cli -a script2 (will block until recieving an CONNECTED/DISCONNECTED event from wpa_supplicant, then run script2)
- script2
-pkill wpa_cli
- exit 0
done - dhcpcd may start
I just want to find a way to start dhcpcd after wpa_supplicant has authenticated so I get a correct IP address.
How do I do this in a correct way? Can I use dbus somehow to make wpa_supplicant signal that it is done authenticating?
Thanks
Last edited by dimman (2012-11-23 15:56:01)
Offline