Timo, could dbus be the cause for this issue?

Helmut, this sounds like bug #359793 .

D-Bus doesn't fail to launch wpa-supplicant on my system.  If you have a system where it can be reproduced I could take a look at it.

Felix, I cannot reproduce it as well. Btw the patch from bug #371500 should not be needed anymore with factory.

Please update again to current factory and retry. Thanks.

I am on todays factory:

# rpm -q NetworkManager wpa_supplicant
NetworkManager-0.7.0.r3453-9
wpa_supplicant-0.5.10-12

It did work on my previous system which had been updated from 10.3-alpha0plus. But I did a new install with 11.0-alpha3 and now it does not work. I replaced wpa_supplicant in /usr/share/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service with a wrapper shell script to see what is going on, but it is not even called. :-(

Is there anything I can try to debug this issue?

Felix, please try the following:

Stop NM and wpa_supplicant:
> rcnetwork stop
> killall wpa_supplicant 

Try to start wpa_supplicant using system-bus-activation:
> dbus-send --system --dest=fi.epitest.hostap.WPASupplicant 
  /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface

Check if wpa_supplicant is active now:
> ps aux | grep wpa_supplicant

If it is not running the system-bus-activation somehow failed.

I have nearly nothing modified on my system:
# rpm -V wpa_supplicant


# dbus-send --system --dest=fi.epitest.hostap.WPASupplicant /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface

# ps aux | grep wpa_supplicant
root      8027  0.0  0.0   3068   788 pts/3    S+   15:25   0:00 grep wpa_supplicant

# wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -f/var/log/wpa_supplicant.log -Dmadwifi -u -iwlan0 &

# ps aux | grep wpa_supplicant
root      8611  0.4  0.1   4060  1756 pts/3    S    15:30   0:00 wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -f/var/log/wpa_supplicant.log -Dmadwifi -u -iwlan0
root      8642  0.0  0.0   3068   780 pts/3    R+   15:31   0:00 grep wpa_supplicant

Ok to me it looks like system bus activation fails.


# ps aux | grep dbus | cut -b 66-
/bin/dbus-daemon --system
dbus-launch --autolaunch 7aca0d4295da0f97ed37ea8047ea78e0 --binary-syntax --close-stderr
/bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
dbus-launch --sh-syntax --exit-with-session
/bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
grep dbus

Felix, can you please attach your /etc/dbus-1/system.d/wpa_supplicant.conf ?

Thanks!

What happens if you add --print-reply to the dbus-send parameters?

$ dbus-send --print-reply --system --dest=fi.epitest.hostap.WPASupplicant /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface

# cat /etc/dbus-1/system.d/wpa_supplicant.conf
<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
        <policy user="root">
                <allow own="fi.epitest.hostap.WPASupplicant"/>

                <allow send_destination="fi.epitest.hostap.WPASupplicant"/>
                <allow send_interface="fi.epitest.hostap.WPASupplicant"/>
        </policy>
        <policy context="default">
                <deny own="fi.epitest.hostap.WPASupplicant"/>
                <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
                <deny send_interface="fi.epitest.hostap.WPASupplicant"/>
        </policy>
</busconfig>

as user:
# dbus-send --print-reply --system --dest=fi.epitest.hostap.WPASupplicant /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface
Error org.freedesktop.DBus.Error.AccessDenied: A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface "fi.epitest.hostap.WPASupplicant" member "getInterface" error name "(unset)" destination "fi.epitest.hostap.WPASupplicant")

as root:
# dbus-send --print-reply --system --dest=fi.epitest.hostap.WPASupplicant /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface
Error fi.epitest.hostap.WPASupplicant.InvalidOptions: Did not receive correct message arguments.

stopping my running wpa_supplicant, i get the following as user:

# dbus-send --print-reply --system --dest=fi.epitest.hostap.WPASupplicant /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.getInterface
Error org.freedesktop.DBus.Error.Spawn.PermissionsInvalid: The permission of the setuid helper is not correct

Could you please tar up your /etc/dbus-1/system.d directory and attach the file to the bug?

JFYI:  The dbus-send error when running as root seems to be okay, while the one when running as user looks like some sort of policy issue.  Obviously.  ;-)

Thanks!

Oh, the setuid thing looks good.  Please post the output of 

$ ls -al `rpm -ql dbus-1|grep launch`

Thanks!

Created attachment 206539 [details]
/etc/dbus-1/system.d

Hi Timo, here is the dir, thanks for looking into it.

ls -al `rpm -ql dbus-1|grep launch`
-rwxr-x--- 1 root messagebus 237168 28. Mär 21:21 /lib/dbus-1/dbus-daemon-launch-helper

OK, that's it.  Running the following as root should fix it.

$ chmod +s `rpm -ql dbus-1|grep launch`

Now I wonder how this could happen...  Is this a fresh installation?  An update?  Did you ever had some manual intervention towards this binary? :) 

Just read your first comment... Fresh installation.  When did you install it?  Recently or back in January or so?

I'll take the bugzilla joker.

Please post the output of

$ grep dbus-1 /etc/permissione

(by the way, your dbus-1/system.d content was looking fine at a quick look)

This should read

$ grep dbus-1 /etc/permission*

Sorry for the spam.

# chmod u+s /lib/dbus-1/dbus-daemon-launch-helper
did help, I can scan for networks now, although i cannot connect, but that's another bug. ;)

# grep dbus-1 /etc/permission*
/etc/permissions.easy:# dbus-1 (#333361)
/etc/permissions.easy:/lib/dbus-1/dbus-daemon-launch-helper                   root:messagebus   4750
/etc/permissions.easy:/lib64/dbus-1/dbus-daemon-launch-helper                 root:messagebus   4750
/etc/permissions.paranoid:# dbus-1 (#333361)
/etc/permissions.paranoid:/lib/dbus-1/dbus-daemon-launch-helper                   root:messagebus   0750
/etc/permissions.paranoid:/lib64/dbus-1/dbus-daemon-launch-helper                 root:messagebus   0750
/etc/permissions.secure:# dbus-1 (#333361)
/etc/permissions.secure:/lib/dbus-1/dbus-daemon-launch-helper                   root:messagebus   0750
/etc/permissions.secure:/lib64/dbus-1/dbus-daemon-launch-helper                 root:messagebus   0750

my installation is from alpha3 (mid of march)

I have in /etc/sysconfig/security:
## Type:        string
## Default:     "easy local"
#
# SuSE Linux contains two different configurations for
# chkstat. The differences can be found in /etc/permissions.secure
# and /etc/permissions.easy. If you create your own configuration
# (e.g. permissions.foo), you can enter the extension here as well.
#
# (easy/secure local foo whateveryouwant).
#
PERMISSION_SECURITY="secure local"

sadly I cannot see bug #333361 which seems to intoduce the new permissions... 

chkstat now gives the following:
# chkstat /etc/permissions.secure
Checking permissions and ownerships - using the permissions files
        /etc/permissions.secure
/lib/dbus-1/dbus-daemon-launch-helper should be root:messagebus 0750. (wrong permissions 4750)

This is probably a duplicate of bug #373654. 

lets close this as a dupe of bug #373654. After setting the permissions I had no problems anymore.

*** This bug has been marked as a duplicate of bug 373654 ***