Home_greyopenFATE - openSUSE feature tracking > #305356
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

802.1x authentication on wired network using YaST via wpa_supplicant

Feature state

openSUSE Distribution
Rejected Information


Some networks using 802.1x authentication on metallic Ethernet and I think it
would be cool have a possibility, handle this connection type using YaST.

The major problem to support this is that the wpa_supplicant is in /usr/sbin;
it seems also to be difficult to move it to /sbin because of all the libs the
wpa_supplicant is using.

What would be required, is to extent the "supported_on_localfs" function to
check this and start the interface in remotefs flow when 802.1x is enabled.
That is, using remotefs on 802.1x authenticated interfaces would be not
possible -- same as with NetworkManager.



icons/user_comment.png H. D. wrote: (9 years ago)

Is this related/duplicate to 305353 or something else?

icons/user_comment.png M. T. wrote: (9 years ago)

Yes, it is related. This feature requests to add support of 802.1x authentication (in the for the "traditional"
network setup method alias ifup alias netcontrol).

Feature #305353 requests the autodetection of 802.1x and can be considered as extension of this feature.

Autodetection in "traditional" method is not possible at the moment, because the tools (wpa_supplicant) and libraries (ssl at least) required for 802.1x are installed bellow of /usr and enabling it would break /usr on nfs and smb.

Moving them (ssl, krb5 & co) to /lib and wpa_supplicant to /sbin would IMO make sense anyway, since they're required in many cases - also for NFSv4 with GSSAPI...

icons/user_comment.png V. B. wrote: (7 years ago)

Yes. While "/sbin shall be used for systems binaries needed to boot the
machine and configure basic services" I believe that wpa_supplicant
belongs to /sbin. But quick test of moving wpa_* from /usr/sbin to /sbin reveals that NetworkManager stops working.

icons/user_comment.png V. B. wrote: (7 years ago)

Updated the dbus *.service file solved the problem. But more serious
problem in SP1 is that wpa_supplicant uses libraries installed
in /usr/lib (/usr/lib/libssl.so /usr/lib/libcrypto.so). These libraries has been already moved to /lib in 11.3.
Once the rpm of these libraries moved to /lib are available I'm going to
build a wpa_supplicant package.

icons/user_comment.png I. M. wrote: (5 years ago)

4 years later, this would still be useful. :)

icons/user_comment.png p. o. wrote: (5 years ago)

The Factory team is actually working on Wicked implementation. For more informations, please see http://bootstrapping-awesome.org/schedule/#osc-60 and http://gitorious.org/wicked/wicked.


icons/user_comment.png K. D. wrote: (2 years ago)

The first link shows some awesome flowers on a Chinese web page, not sure if the link is still up to date.

According to the what's supported page it isn't available in wicked meanwhile, right?

icons/user_comment.png K. D. wrote: (2 years ago)

What is the status or ETA to 802.1x support by YaST2 - would be awesome to make this easy to use for non networkmanager scenarios.

Last change: 2 years ago
Score: 5
  • Negative: 0
  • Neutral: 1
  • Positive: 5
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint