diff --git a/debian-pkg/etc/sudoers.d/tinypilot b/debian-pkg/etc/sudoers.d/tinypilot index 1afd13d3c..88ecea9d3 100644 --- a/debian-pkg/etc/sudoers.d/tinypilot +++ b/debian-pkg/etc/sudoers.d/tinypilot @@ -1,6 +1,8 @@ tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/change-hostname tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/collect-debug-logs tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/configure-janus +tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/disable-wifi +tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/enable-wifi tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/read-update-log tinypilot ALL=(ALL) NOPASSWD: /opt/tinypilot-privileged/scripts/update tinypilot ALL=(ALL) NOPASSWD: /sbin/shutdown diff --git a/debian-pkg/opt/tinypilot-privileged/scripts/disable-wifi b/debian-pkg/opt/tinypilot-privileged/scripts/disable-wifi new file mode 100755 index 000000000..2d3d71470 --- /dev/null +++ b/debian-pkg/opt/tinypilot-privileged/scripts/disable-wifi @@ -0,0 +1,45 @@ +#!/bin/bash +# +# Disable the WiFi network connection. + +# Exit on first failure. +set -e + +print_help() { + cat < 0 )); do + case "$1" in + --help) + print_help + exit + ;; + *) + >&2 echo "Unknown flag/argument: $1" + >&2 echo "Use the '--help' flag for more information" + exit 1 + ;; + esac +done + +# Echo commands before executing them, by default to stderr. +set -x + +# Exit on unset variable. +set -u + +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +readonly SCRIPT_DIR +readonly CONFIG_FILE='/etc/wpa_supplicant/wpa_supplicant.conf' + +# Remove any existing automated configuration. +"${SCRIPT_DIR}/strip-marker-sections" "${CONFIG_FILE}" + +# Effectuate changes. This will disable the WiFi connection instantly. +rfkill block wlan diff --git a/debian-pkg/opt/tinypilot-privileged/scripts/enable-wifi b/debian-pkg/opt/tinypilot-privileged/scripts/enable-wifi new file mode 100755 index 000000000..4b615560c --- /dev/null +++ b/debian-pkg/opt/tinypilot-privileged/scripts/enable-wifi @@ -0,0 +1,145 @@ +#!/bin/bash +# +# Enables a WiFi network connection. + +# Exit on first failure. +set -e + +print_help() { + cat < 0 )); do + case "$1" in + --help) + print_help + exit + ;; + --country) + if (( "$#" < 2 )); then + shift + break + fi + WIFI_COUNTRY="$2" + shift # For flag name. + shift # For flag value. + ;; + --ssid) + if (( "$#" < 2 )); then + shift + break + fi + WIFI_SSID="$2" + shift # For flag name. + shift # For flag value. + ;; + --psk) + if (( "$#" < 2 )); then + shift + break + fi + WIFI_PSK="$2" + shift # For flag name. + shift # For flag value. + ;; + *) + >&2 echo "Unknown flag/argument: $1" + >&2 echo "Use the '--help' flag for more information" + exit 1 + ;; + esac +done +readonly WIFI_COUNTRY +readonly WIFI_SSID +readonly WIFI_PSK="${WIFI_PSK:-}" + +if [[ -z "${WIFI_COUNTRY}" ]]; then + >&2 echo 'Missing argument: COUNTRY' + >&2 echo "Use the '--help' flag for more information" + exit 1 +fi + +# According to ISO 3166-1 alpha-2, the country code has to contain 2 letters. +COUNTRY_LENGTH="$(echo -n "${WIFI_COUNTRY}" | wc --bytes)" +readonly COUNTRY_LENGTH +if (( "${COUNTRY_LENGTH}" != 2 )); then + >&2 echo 'Invalid argument: COUNTRY' + >&2 echo "Use the '--help' flag for more information" + exit 1 +fi + +if [[ -z "${WIFI_SSID}" ]]; then + >&2 echo 'Missing argument: SSID' + >&2 echo "Use the '--help' flag for more information" + exit 1 +fi + +# If a password is specified, it has to be 8-63 characters in length. +if [[ -n "${WIFI_PSK}" ]]; then + PSK_LENGTH="$(echo -n "${WIFI_PSK}" | wc --bytes)" + readonly PSK_LENGTH + if (( "${PSK_LENGTH}" < 8 || "${PSK_LENGTH}" > 63 )); then + >&2 echo 'Invalid argument: PSK' + >&2 echo "Use the '--help' flag for more information" + exit 1 + fi +fi + +# Echo commands before executing them, by default to stderr. +set -x + +# Exit on unset variable. +set -u + +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +readonly SCRIPT_DIR + +# Remove any existing automated configuration. +readonly CONFIG_FILE='/etc/wpa_supplicant/wpa_supplicant.conf' +"${SCRIPT_DIR}/strip-marker-sections" "${CONFIG_FILE}" + +# Write out the new configuration. +# shellcheck source=lib/markers.sh +. "${SCRIPT_DIR}/lib/markers.sh" +{ + echo "${MARKER_START}" + echo "country=${WIFI_COUNTRY}" + + # Generate the "network" block of the config. + # - If a password is specified, we use the `wpa_passphrase` command. This + # outputs a complete "network" block, and hashes the password instead of + # storing it in clear text. Note that it still includes the original + # password as comment line in the output, so we have to strip off that line + # (which starts with `#psk=`) + # - If no password is specified, we assemble the "network" block manually. In + # this case, we also have to set `key_mgmt=NONE` to denote an open network. + if [[ -n "${WIFI_PSK}" ]]; then + wpa_passphrase "${WIFI_SSID}" "${WIFI_PSK}" | sed '/^\t#psk=.*/d' + else + echo 'network={' + echo -e "\tssid=\"${WIFI_SSID}\"" + echo -e '\tkey_mgmt=NONE' + echo '}' + fi + + echo "${MARKER_END}" +} >> "${CONFIG_FILE}" + +# Effectuate changes. +rfkill unblock wifi +wpa_cli -i wlan0 reconfigure diff --git a/dev-scripts/mock-scripts/disable-wifi b/dev-scripts/mock-scripts/disable-wifi new file mode 100755 index 000000000..636149d21 --- /dev/null +++ b/dev-scripts/mock-scripts/disable-wifi @@ -0,0 +1,3 @@ +#!/bin/bash + +# Mock version of /opt/tinypilot-privileged/scripts/disable-wifi diff --git a/dev-scripts/mock-scripts/enable-wifi b/dev-scripts/mock-scripts/enable-wifi new file mode 100755 index 000000000..f616e1f55 --- /dev/null +++ b/dev-scripts/mock-scripts/enable-wifi @@ -0,0 +1,3 @@ +#!/bin/bash + +# Mock version of /opt/tinypilot-privileged/scripts/enable-wifi