hostapd: Allow ctrl_iface group to be specified on command line

The new -G<group> command line argument can now be used to set the group
for the control interfaces to enable cases where hostapd is used without
a configuration file and the controlling program is not running with
root user privileges.

Signed-hostap: Jouni Malinen <j@w1.fi>

hostapd/ctrl_iface.c

@@ -1076,6 +1076,14 @@ int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
 		return -1;
 	}
 
+	if (!hapd->conf->ctrl_interface_gid_set &&
+	    hapd->iface->interfaces->ctrl_iface_group &&
+	    chown(hapd->conf->ctrl_interface, -1,
+		  hapd->iface->interfaces->ctrl_iface_group) < 0) {
+		perror("chown[ctrl_interface]");
+		return -1;
+	}
+
 #ifdef ANDROID
 	/*
 	 * Android is using umask 0077 which would leave the control interface
@@ -1148,6 +1156,13 @@ int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
 		goto fail;
 	}
 
+	if (!hapd->conf->ctrl_interface_gid_set &&
+	    hapd->iface->interfaces->ctrl_iface_group &&
+	    chown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
+		perror("chown[ctrl_interface/ifname]");
+		goto fail;
+	}
+
 	if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
 		perror("chmod[ctrl_interface/ifname]");
 		goto fail;
@@ -1316,6 +1331,11 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
 			perror("mkdir[ctrl_interface]");
 			goto fail;
 		}
+	} else if (interface->ctrl_iface_group &&
+		   chown(interface->global_iface_path, -1,
+			 interface->ctrl_iface_group) < 0) {
+		perror("chown[ctrl_interface]");
+		goto fail;
 	}
 
 	if (os_strlen(interface->global_iface_path) + 1 +
@@ -1369,6 +1389,12 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
 		}
 	}
 
+	if (interface->ctrl_iface_group &&
+	    chown(fname, -1, interface->ctrl_iface_group) < 0) {
+		perror("chown[ctrl_interface]");
+		goto fail;
+	}
+
 	if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
 		perror("chmod[ctrl_interface/ifname]");
 		goto fail;

hostapd/main.c

@@ -9,6 +9,7 @@
 #include "utils/includes.h"
 #ifndef CONFIG_NATIVE_WINDOWS
 #include <syslog.h>
+#include <grp.h>
 #endif /* CONFIG_NATIVE_WINDOWS */
 
 #include "utils/common.h"
@@ -480,7 +481,8 @@ static void usage(void)
 		"\n"
 		"usage: hostapd [-hdBKtv] [-P <PID file>] [-e <entropy file>] "
 		"\\\n"
-		"         [-g <global ctrl_iface>] <configuration file(s)>\n"
+		"         [-g <global ctrl_iface>] [-G <group>] \\\n"
+		"         <configuration file(s)>\n"
 		"\n"
 		"options:\n"
 		"   -h   show this usage\n"
@@ -488,6 +490,7 @@ static void usage(void)
 		"   -B   run daemon in the background\n"
 		"   -e   entropy file\n"
 		"   -g   global control interface path\n"
+		"   -G   group for control interfaces\n"
 		"   -P   PID file\n"
 		"   -K   include key data in debug messages\n"
 #ifdef CONFIG_DEBUG_FILE
@@ -531,6 +534,22 @@ static int hostapd_get_global_ctrl_iface(struct hapd_interfaces *interfaces,
 }
 
 
+static int hostapd_get_ctrl_iface_group(struct hapd_interfaces *interfaces,
+					const char *group)
+{
+#ifndef CONFIG_NATIVE_WINDOWS
+	struct group *grp;
+	grp = getgrnam(group);
+	if (grp == NULL) {
+		wpa_printf(MSG_ERROR, "Unknown group '%s'", group);
+		return -1;
+	}
+	interfaces->ctrl_iface_group = grp->gr_gid;
+#endif /* CONFIG_NATIVE_WINDOWS */
+	return 0;
+}
+
+
 int main(int argc, char *argv[])
 {
 	struct hapd_interfaces interfaces;
@@ -556,7 +575,7 @@ int main(int argc, char *argv[])
 	interfaces.global_ctrl_sock = -1;
 
 	for (;;) {
-		c = getopt(argc, argv, "Bde:f:hKP:tvg:");
+		c = getopt(argc, argv, "Bde:f:hKP:tvg:G:");
 		if (c < 0)
 			break;
 		switch (c) {
@@ -594,7 +613,9 @@ int main(int argc, char *argv[])
 		case 'g':
 			hostapd_get_global_ctrl_iface(&interfaces, optarg);
 			break;
-
+		case 'G':
+			hostapd_get_ctrl_iface_group(&interfaces, optarg);
+			break;
 		default:
 			usage();
 			break;

src/ap/hostapd.h

@@ -40,6 +40,7 @@ struct hapd_interfaces {
 	int global_ctrl_sock;
 	char *global_iface_path;
 	char *global_iface_name;
+	gid_t ctrl_iface_group;
 	struct hostapd_iface **iface;
 };