# openrc, wpa supplicant and wired 802.1X

## cova

Hi all,

I'm facing a quite complex issue so I don't know how to start to handle it.

Scenario:

I'm usign a laptop that has both wireless and wired connections. In my

office I need to connect with wired 802.1X authentication, thus using

wpa_supplicant for eth0. I can also use wireless network, WPA2/EAP.

Moreover, out of office It happens that I can use plain wired

connection or all flavours of wireless connections (open, WPA, WPA2,

etc...)

I still have to find a correct setup to manage this situation seamlessly.

- issue one: I've tried to put in /etc/init.d/net wpa_supplicant

module for both wlan0 and eth0 but eth0 seems ignored (in

wpa_supplicant command line seen with ps I can't see eth0 device, only

wlan0

 - workaround: I added a second wpa_supplicant conf file with eth0

connection parameters, but to use it I have to kill the wpa_supplicant

fired up by openrc and star a new one, with both conf for supplicant

(eth0 and wlan0). this is utterly cumbersome.

- another issue: if i keep rf kill on, thus preventing wlan0 to work,

because I plan to connect using wpa on eth0 interface, I can't fire up

wpa_supplicant with init scripts as it fails wit "rfkill on, error"

that is the wrong behaviour. Basically it seems that the init scripts

are not aware of a situation where both wired and wireless interfaces

needs to be managed by wpa_supplicant.

Do you have any hint about how to solve this or can you suggest some

link to study? many thanks in advance.

----------

## fturco

please post the content of both /etc/wpa_supplicant/wpa_supplicant.conf and /etc/conf.d/net (remove any password, of course).

----------

## cova

 *fturco wrote:*   

> please post the content of both /etc/wpa_supplicant/wpa_supplicant.conf and /etc/conf.d/net (remove any password, of course).

 

ok; /etc/conf.d/net is fairly simple:

modules_wlan0="wpa_supplicant netplugd"

modules_eth0="wpa_supplican netplugd"

I've tried also 

modules_wlan0="wpa_supplicant netplugd"

modules_eth0="netplugd"

wpa_supplicant is the following:

===============

ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=wheel

eapol_version=2

ap_scan=0

update_config=1

country=IT

network={

        ssid="ssid1"

        psk="pwd"

        proto=RSN

        key_mgmt=WPA-PSK

        pairwise=TKIP

        auth_alg=OPEN

}

network={

        ssid="ssid2"

        proto=RSN

        key_mgmt=WPA-EAP

        pairwise=CCMP

        auth_alg=OPEN

        eap=PEAP

        identity="id"

        disabled=1

}

network={

        ssid="ssid3"

        psk="pwd3"

        proto=RSN

        key_mgmt=WPA-PSK

        pairwise=CCMP

        auth_alg=OPEN

        disabled=1

}

network={

        ssid=""

        key_mgmt=IEEE8021X

        auth_alg=OPEN

        eap=PEAP

        identity="id1"

        password="pwd3"

        eapol_flags=0

        disabled=1

}

===============

Then I've tried another way, that means a wpa_supplicant started by /etc/init.d/wpa_supplicant start (killing the wpa_supplicant started by normal init.d), providing a different command line in /etc/conf.d/wpa_supplicant:

/usr/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant_wired.conf -i eth0 -Dwired -B -c/etc/wpa_supplicant/wpa_supplicant.conf

basically I've the following file:

# conf.d file for wpa_supplicant

#

# Please check man 8 wpa_supplicant for more information about the options

# wpa_supplicant accepts.

#

wpa_supplicant_args="-c/etc/wpa_supplicant/wpa_supplicant_wired.conf -i eth0 -Dwired"

wpa_supplicant_wired.conf is here:

ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=wheel

network={

        ssid=""

        key_mgmt=IEEE8021X

        eap=PEAP

        identity="id"

        password="pwd"

        eapol_flags=0

}

As you can see I've not a good solution and it requires some tweaking each time i turn on the pc, but I can't fnd a correct way to configure the network init scripts to manage with supplicant bot wired and wireless connections.

Thanks for any help.

----------

## ewaller

Is there a reason for not using something like NetworkManager or wicd  ??

----------

## cova

 *ewaller wrote:*   

> Is there a reason for not using something like NetworkManager or wicd  ??

 

Well, my question was about wpa_supplicant and init scripts, so you could have answered me in the same way "is there a reason for not using windows??" Maybe yes, maybe not, but that was not my question  :Smile: 

Anyway, I've tested network manager (some months ago) and found it cumbersome and not well suited for my needs. Maybe I'll retry it, as well as wicd; my requirements are

- two interfaces managed at the same moment

- unattended network startup (init scripts)

- no gui required for connection

- management of plugging/unplugging of the cable/rfkill

So far wpa_supplicant started at init script level seems to be the best approach and moreover nothing in documentation says that it's not possible. If I can avoid to install other net managers I will be more than happy.

----------

## ewaller

 *cova wrote:*   

> Well, my question was about wpa_supplicant and init scripts, so you could have answered me in the same way "is there a reason for not using windows??" Maybe yes, maybe not, but that was not my question 

 

Yeah, I understand.  I actually dislike it when responders suggest that you abandon what it is you are trying to do and tell you how well their (different) way works and that you should use it.  I thought about that before I posted.  In reading your OP, I took it that you had a problem and and presented your how you were trying to solve it, but that were not necessarily married to it yet.  I just wanted to ensure you had not overlooked an alternative method.  :Smile: 

----------

