summaryrefslogtreecommitdiffstats
path: root/contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8')
-rw-r--r--contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8120
1 files changed, 0 insertions, 120 deletions
diff --git a/contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8 b/contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8
deleted file mode 100644
index 108f7ee..0000000
--- a/contrib/wpa/wpa_supplicant/doc/docbook/wpa_priv.8
+++ /dev/null
@@ -1,120 +0,0 @@
-.\" This manpage has been automatically generated by docbook2man
-.\" from a DocBook document. This tool can be found at:
-.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
-.\" Please send any bug reports, improvements, comments, patches,
-.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_PRIV" "8" "12 January 2013" "" ""
-
-.SH NAME
-wpa_priv \- wpa_supplicant privilege separation helper
-.SH SYNOPSIS
-
-\fBwpa_priv\fR [ \fB-c \fIctrl path\fB\fR ] [ \fB-Bdd\fR ] [ \fB-P \fIpid file\fB\fR ] [ \fBdriver:ifname \fI[driver:ifname ...]\fB\fR ]
-
-.SH "OVERVIEW"
-.PP
-\fBwpa_priv\fR is a privilege separation helper that
-minimizes the size of \fBwpa_supplicant\fR code that needs
-to be run with root privileges.
-.PP
-If enabled, privileged operations are done in the wpa_priv process
-while leaving rest of the code (e.g., EAP authentication and WPA
-handshakes) to operate in an unprivileged process (wpa_supplicant) that
-can be run as non-root user. Privilege separation restricts the effects
-of potential software errors by containing the majority of the code in an
-unprivileged process to avoid the possibility of a full system
-compromise.
-.PP
-\fBwpa_priv\fR needs to be run with network admin
-privileges (usually, root user). It opens a UNIX domain socket for each
-interface that is included on the command line; any other interface will
-be off limits for \fBwpa_supplicant\fR in this kind of
-configuration. After this, \fBwpa_supplicant\fR can be run as
-a non-root user (e.g., all standard users on a laptop or as a special
-non-privileged user account created just for this purpose to limit access
-to user files even further).
-.SH "EXAMPLE CONFIGURATION"
-.PP
-The following steps are an example of how to configure
-\fBwpa_priv\fR to allow users in the
-\fBwpapriv\fR group to communicate with
-\fBwpa_supplicant\fR with privilege separation:
-.PP
-Create user group (e.g., wpapriv) and assign users that
-should be able to use wpa_supplicant into that group.
-.PP
-Create /var/run/wpa_priv directory for UNIX domain sockets and
-control user access by setting it accessible only for the wpapriv
-group:
-.sp
-.RS
-
-.nf
-mkdir /var/run/wpa_priv
-chown root:wpapriv /var/run/wpa_priv
-chmod 0750 /var/run/wpa_priv
-.fi
-.RE
-.PP
-Start \fBwpa_priv\fR as root (e.g., from system
-startup scripts) with the enabled interfaces configured on the
-command line:
-.sp
-.RS
-
-.nf
-wpa_priv -B -c /var/run/wpa_priv -P /var/run/wpa_priv.pid wext:wlan0
-.fi
-.RE
-.PP
-Run \fBwpa_supplicant\fR as non-root with a user
-that is in the wpapriv group:
-.sp
-.RS
-
-.nf
-wpa_supplicant -i ath0 -c wpa_supplicant.conf
-.fi
-.RE
-.SH "COMMAND ARGUMENTS"
-.TP
-\fB-c ctrl path\fR
-Specify the path to wpa_priv control directory
-(Default: /var/run/wpa_priv/).
-.TP
-\fB-B\fR
-Run as a daemon in the background.
-.TP
-\fB-P file\fR
-Set the location of the PID
-file.
-.TP
-\fBdriver:ifname [driver:ifname ...]\fR
-The <driver> string dictates which of the
-supported \fBwpa_supplicant\fR driver backends is to be
-used. To get a list of supported driver types see wpa_supplicant help
-(e.g, wpa_supplicant -h). The driver backend supported by most good
-drivers is \fBwext\fR\&.
-
-The <ifname> string specifies which network
-interface is to be managed by \fBwpa_supplicant\fR
-(e.g., wlan0 or ath0).
-
-\fBwpa_priv\fR does not use the network interface
-before \fBwpa_supplicant\fR is started, so it is fine to
-include network interfaces that are not available at the time wpa_priv
-is started. wpa_priv can control multiple interfaces with one process,
-but it is also possible to run multiple \fBwpa_priv\fR
-processes at the same time, if desired.
-.SH "SEE ALSO"
-.PP
-\fBwpa_supplicant\fR(8)
-.SH "LEGAL"
-.PP
-wpa_supplicant is copyright (c) 2003-2012,
-Jouni Malinen <j@w1.fi> and
-contributors.
-All Rights Reserved.
-.PP
-This program is licensed under the BSD license (the one with
-advertisement clause removed).
OpenPOWER on IntegriCloud