Hi. On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote: > On 2022-06-14 15:43:40 +0100, Brian wrote: > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote: > > > No issues with iwlist and nmcli. > > > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs > > when run as root. > > For security reasons, I don't want to run them as root.
First example they provide in wpa_supplicant.conf(5) shows the way to use wpa_cli sensibly without being root. One just needs to define a group for wpa_supplicant's control socket, like this: ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev Add a user to a netdev group and you're set. > The iwlist and nmcli utilities don't need root to work correctly. I don't know about iwlist, but nmcli uses dbus to communicate with NetworkManager. From the security standpoint, such approach clearly loses to the simple unix socket communication restricted by natural POSIX permissions. Reco
