Bug 15365 - kismet is too old
Summary: kismet is too old
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Florian Hubold
QA Contact:
URL: https://kismetwireless.net/download.s...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-26 09:47 CET by Pavel Kreuzt
Modified: 2015-03-11 19:59 CET (History)
3 users (show)

See Also:
Source RPM: kismet-2011.03.R2-7.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pavel Kreuzt 2015-02-26 09:47:23 CET 
Packaged kismet in mga5 is still a 2011 release, latest released code is https://kismetwireless.net/code/kismet-2013-03-R1b.tar.xz which is much newer. Could it be upgraded?

Reproducible: 

Steps to Reproduce:
David Walser 2015-02-26 15:25:16 CET

CC: (none) => mageia
Assignee: bugsquad => doktor5000

Comment 1 Florian Hubold 2015-02-26 21:54:36 CET 
I'll try to have a look, but it may be hard to get this through the release freeze. And actually we're only one release away, 2013-03 comes directly after 2011.03 release. Check https://kismetwireless.net/code/

Status: NEW => ASSIGNED
CC: (none) => doktor5000

Comment 2 Florian Hubold 2015-03-02 22:22:08 CET 
Just submitted kismet-2013.03.R1b-1.mga5 to cauldron core/updates_testing.

It also adds an SGID kismet_capture helper binary to allow priviledge separation for capturing packets, and running the kismet server as non-root user. The kismet group is added on package installation, users need to add themselves to the kismet group.

Also added a README.urpmi displayed on package install time, showing how to run kismet with this setup.


Works fine here, but unfortunately my current chipset/driver combo does not support monitor mode, hence I cannot test capturing myself -.-

Please test.
Florian Hubold 2015-03-02 22:22:23 CET

CC: (none) => luigiwalser

Comment 3 David Walser 2015-03-02 23:13:57 CET 
Florian, just some notes about the committed update that I sent you on IRC:
The recommends you added don't look appropriate.
oui.txt is in ldetect-lst, so all systems should have this already.  Pulling in wireshark for just this is nonsense.
I'm also not in favor of pulling in all the text-to-speech stuff.
there's a typo in your README, where it says non-root user in section 1, that should be root user
you have an undefined macro in the SPEC %rpmhelper_required_version
as long as it doesn't break anything if it's not installed, I don't think I'd recommend gpsd either.  If someone wants to enable that they can install it.
you can't do install -m 4550, only root can do that.  Just have the SGID bit (which is a value of 2 BTW, not 4) set in the %attr in the %files section
you shouldn't have changed #%%make to #%make.  Since it's commented out, it should have %% to disable the macro expansion.  Same thing with the %%name, it should have been left that way
Don't forget to change the 4550 to 2550 in the %attr
Comment 4 David Walser 2015-03-03 20:49:16 CET 
OK, looking better.

You should have the spec actually use the URL for the manuf, like this.
Source2: http://anonsvn.wireshark.org/wireshark/trunk/manuf

That'll make it easier to update in the future.

The README.urpmi makes more sense now.
Comment 5 Florian Hubold 2015-03-03 23:07:35 CET 
(In reply to David Walser from comment #4)
> OK, looking better.
> 
> You should have the spec actually use the URL for the manuf, like this.
> Source2: http://anonsvn.wireshark.org/wireshark/trunk/manuf

There's no point, as for one that URL is deprecated and for two as there's no version, you can't automate the download of new versions via e.g. mgarepo sync -d ... and everyone should be able to download a text file, no?

Judging by the frequency of kismet updates the next one will probably not happen before end of 2018. But feel free to adjust the URL if you think it might help.


Pushed kismet-2013.03.R1b-2.mga5 to cauldron core/updates_testing, please test.
Comment 6 David Walser 2015-03-03 23:24:50 CET 
(In reply to Florian Hubold from comment #5)
> (In reply to David Walser from comment #4)
> > OK, looking better.
> > 
> > You should have the spec actually use the URL for the manuf, like this.
> > Source2: http://anonsvn.wireshark.org/wireshark/trunk/manuf
> 
> There's no point, as for one that URL is deprecated and for two as there's
> no version, you can't automate the download of new versions via e.g. mgarepo
> sync -d ... and everyone should be able to download a text file, no?

Deprecated according to who?  Right now it redirects so it still works fine.

If the URL was set as the source, you could do svn rm SOURCES/manuf, (rm SOURCES/manuf if it's not gone), mgarepo sync -d and it should re-download it.

But yeah, if it's every 3-5 years, I guess it's no big deal :o)
Comment 7 Florian Hubold 2015-03-04 07:54:09 CET 
(In reply to David Walser from comment #6)
> (In reply to Florian Hubold from comment #5)
> > (In reply to David Walser from comment #4)
> > > OK, looking better.
> > > 
> > > You should have the spec actually use the URL for the manuf, like this.
> > > Source2: http://anonsvn.wireshark.org/wireshark/trunk/manuf
> > 
> > There's no point, as for one that URL is deprecated and for two as there's
> > no version, you can't automate the download of new versions via e.g. mgarepo
> > sync -d ... and everyone should be able to download a text file, no?
> 
> Deprecated according to who?  Right now it redirects so it still works fine.

See the note at http://anonsvn.wireshark.org/wireshark/trunk/


> We've moved to Git
> On January 28, 2014 we migrated from Subversion to Git. Please go to our code
> review site for current development activity.

> DEPRECATED - PLEASE USE https://code.wireshark.org/review INSTEAD

And as the redirection might stop working we may end up with some dead URL ...
Comment 8 Florian Hubold 2015-03-09 21:31:35 CET 
(In reply to Florian Hubold from comment #5)
> Pushed kismet-2013.03.R1b-2.mga5 to cauldron core/updates_testing, please
> test.

@Pavel: Can you please test this, then I'd ask for a freeze push to also get this into Mageia 5. Sadly can't test myself as my current wireless driver doesn't support monitor mode :/
Comment 9 Pavel Kreuzt 2015-03-10 01:01:43 CET 
Tested, got some error when running as unprivileged user (but belonging to kismet group):

ERROR: IPC child Source 'wlp2s0' requires root permissions to shut down, but we're not running as root. Something is wrong.

This is shown when adding a capture source.
Comment 10 Pavel Kreuzt 2015-03-10 01:05:36 CET 
Sorry, sent it without completing. I wanted to say it's shown when adding a source ("requires root permissions to open") and when exiting ("requires root permissions to shut down". 

When running as root, it works correctly, when running as a kismet group user it doesn't. Is the SUID bit set to capture?
Comment 11 David Walser 2015-03-10 01:18:36 CET 
(In reply to Pavel Kreuzt from comment #10)
> When running as root, it works correctly, when running as a kismet group
> user it doesn't. Is the SUID bit set to capture?

No it's not.  Florian's initial commit said SGID in the commit message, which threw me off (he actually did have it set SUID but I had him change that to match the commit message).  I should have thought about it a second though, it actually should be SUID.

Florian, please change the 2 back to a 4.  Sorry I didn't figure that out earlier.
Comment 12 Florian Hubold 2015-03-10 23:18:38 CET 
Submitted kismet-2013.03.R1b-3.mga5 to cauldron core/updates_testing after fixing the changelog. Please test.
Comment 13 Pavel Kreuzt 2015-03-11 01:37:03 CET 
It works well, tested as root and unprivileged (kismet group) user, everything correct. Only thing the monitor VAP is left behind, but it's common with kismet. It's correct for me.
Comment 14 Florian Hubold 2015-03-11 19:59:19 CET 
Thanks for testing, requesting a freeze push to mga5.

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.