You had so much potential, it’s a shame you died so young…
Sidebar
You had so much potential, it’s a shame you died so young…
Harald Welte, has written on his blog about operating an Open Source GSM network at the recent HAR2009 conference. Photographs and a description and of the setup, run under license of the Dutch regulatory authority, are provided; essentially the setup consisted of a pair of BTS’ (Base Transceiver Stations) running at 100mW transmit power each and tied to a tree. In turn these provided access to the Base Station Controller (BSC), in this case a Linux server in a tent running OpenBSC. The system authenticated users with a token sent via SMS; in total 391 users subscribed to the service and were able to use their phones as if they were on any other network. Independent researchers are increasingly examining GSM networks and equipment, Welte’s work proves that GSM is in the realm of the hackers now and that this realm of mobile networking could be set for a few surprises in the future.
The thing about embedded development is that you spend a lot of time rebooting the embedded device with new firmware which sends your PC’s network interface down and up which triggers a new DHCP request on that interface, which then proceeds to time out (often there is no DHCP server on the embedded device) before you have to manually assign the same static IP that you were using on the interface a few seconds before.
As it turns out there is a way to tell NetworkManager to keep its mitts off of a particular interface. Firstly, find the udi of the interface with the ‘lshal’ command. eg:
udi = ‘/org/freedesktop/Hal/devices/net_00_05_1b_ac_6c_03’
info.capabilities = {‘net’, ‘net.80203’, ‘wake_on_lan’} (string list)
info.category = ‘net.80203’ (string)
info.interfaces = {‘org.freedesktop.Hal.Device.WakeOnLan’} (string list)
info.parent = ‘/org/freedesktop/Hal/devices/usb_device_7a6_8515_0001_if0’ (string)
info.product = ‘Networking Interface’ (string)
info.subsystem = ‘net’ (string)
info.udi = ‘/org/freedesktop/Hal/devices/net_00_05_1b_ac_6c_03’ (string)
linux.hotplug_type = 2 (0x2) (int)
linux.subsystem = ‘net’ (string)
linux.sysfs_path = ‘/sys/devices/pci0000:00/0000:00:1d.7/usb7/7-1/7-1.6/7-1.6:1.0/net/eth1’ (string)
net.80203.mac_address = 21939121155 (0x51bac6c03) (uint64)
net.address = ‘00:05:1b:ac:6c:03’ (string)
net.arp_proto_hw_id = 1 (0x1) (int)
net.interface = ‘eth1’ (string)
net.linux.ifindex = 5 (0x5) (int)
net.originating_device = ‘/org/freedesktop/Hal/devices/usb_device_7a6_8515_0001_if0’ (string)
org.freedesktop.Hal.Device.WakeOnLan.method_argnames = {”, ”, ‘enable’} (string list)
org.freedesktop.Hal.Device.WakeOnLan.method_execpaths = {‘hal-system-wol-supported’, ‘hal-system-wol-enabled’, ‘hal-system-wol-enable’} (string list)
org.freedesktop.Hal.Device.WakeOnLan.method_names = {‘GetSupported’, ‘GetEnabled’, ‘SetEnabled’} (string list)
org.freedesktop.Hal.Device.WakeOnLan.method_signatures = {”, ”, ‘b’} (string list)
Then add this udi as an un-managed device to the [keyfile] section of ‘/etc/NetworkManager/nm-system-settings.conf’. eg:
[keyfile]
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_05_1b_ac_6c_03
It should take effect immediately, and you shouldn’t even need to restart NetworkManager.
Note: Thanks to tambeti on #opensuse-gnome for the tip.
from django.conf import settings from django.contrib.auth.models import User import pyrad.packet from pyrad.client import Client from pyrad.dictionary import Dictionary class RadiusBackend: """ Authenticate against a RADIUS Server. You must have a working RADIUS Server and Secret configured in settings.py. For example: RADIUS_SERVER = '127.0.0.1' RADIUS_SECRET = 'testing123' """ def authenticate(self, username=None, password=None): srv=Client(server=settings.RADIUS_SERVER, secret=settings.RADIUS_SECRET, dict=Dictionary("/usr/share/pyrad/dictionary")) req=srv.CreateAuthPacket(code=pyrad.packet.AccessRequest) req["User-Name"] = username req["User-Password"] = req.PwCrypt(password) req["NAS-Identifier"] = "django" reply=srv.SendPacket(req) if reply.code==pyrad.packet.AccessAccept: print "access accepted" try: user = User.objects.get(username=username) except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # configured on the RADIUS server will. user = User(username=username, password='Koh8oF7eiRou4xahxoob') #TODO: Use user.set_unusable_password() once # Django SVN > 5608 + openSUSE 10.3 bug is fixed user.is_staff = False user.is_superuser = False user.save() return user else: print "access denied" return None def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return NoneJust copy and paste this code into myproj/radiusauth.py and then stick the following in settings.py:
AUTHENTICATION_BACKENDS = ( 'myproj.radiusauth.RadiusBackend', 'django.contrib.auth.backends.ModelBackend', )This code makes use of Wiggy’s wonderfull Pyrad library, so you will need to have it installed also to make things work.