Allowing Wi-Fi Scans on a Raspberry Pi 5

pi configure wifi scans
,

If you are working with a Raspberry Pi 5 over XRDP and need to perform Wi-Fi scans, you might encounter permission issues, typically accompanied by the constant appearance of an authentication prompt whenever the Wi-Fi icon is clicked:

This is due to a system service called Polkit (formerly PolicyKit) which is designed to define and handle policies for unprivileged processes to communicate with privileged ones. Configuring Polkit LocalAuthority correctly can allow non-privileged users to perform tasks such as Wi-Fi scans without needing elevated permissions.

In this blog post, we will walk through the steps to configure Polkit LocalAuthority to enable Wi-Fi scans on your Raspberry Pi 5.

Step 1: Install Necessary Packages

Before we start, ensure that you have all necessary packages installed. Typically, you’ll need iw and polkit. You can install these using the following command:

sudo apt update && sudo apt upgrade
sudo apt install iw policykit-1

Step 2: Create a Polkit Policy File

Polkit uses policy files to define rules. We will create a policy file to allow Wi-Fi scans:

sudo nano /etc/polkit-1/localauthority/50-local.d/10-enable-wifi-scans.pkla

Step 3: Define the Policy

In the newly created file, add the following content to define a policy that allows Wi-Fi scans:

[Allow Wi-Fi Scans]
Identity=unix-user:your-username
Action=org.freedesktop.NetworkManager.wifi.scan;org.freedesktop.NetworkManager.enable-disable-wifi;org.freedesktop.NetworkManager.settings.modify.own;org.freedesktop.NetworkManager.settings.modify.system;org.freedesktop.NetworkManager.network-control
ResultAny=yes
ResultInactive=yes
ResultActive=yes

Replace your-username with the username you are configuring this for. If you want to allow this for all users, you can use unix-user:*.

Here’s a breakdown of what each line means:

  • [Allow Wi-Fi Scans]: This is a descriptive label for the policy.
  • Identity=unix-user:your-username: This specifies the user or group the policy applies to.
  • Action=org.freedesktop.NetworkManager.wifi.scan;org.freedesktop.NetworkManager.enable-disable-wifi;org.freedesktop.NetworkManager.settings.modify.own;org.freedesktop.NetworkManager.settings.modify.system;org.freedesktop.NetworkManager.network-control: This defines the actions that ares being allowed. In this case, it is controlling network actions like Wi-Fi scans.
  • ResultAny=yes, ResultInactive=yes, ResultActive=yes: These lines specify the result of the policy in different states. Setting them to yes grants permission.

Step 4: Save and Close the File

After adding the necessary content, save and close the file. In nano, you can do this by pressing CTRL+O to save, and CTRL+X to exit.

Step 5: Restart the Polkit Service

sudo systemctl restart polkit

Step 6: Verify the Configuration

If everything is set up correctly, you should be able to see the available Wi-Fi networks without needing to use sudo.

Conclusion

By configuring Polkit LocalAuthority on your Raspberry Pi 5, you can allow non-privileged users to perform Wi-Fi scans safely and efficiently. This method enhances security by limiting the need for elevated permissions while maintaining functionality.

Feel free to explore more Polkit policies to fine-tune permissions for other tasks as needed. With these configurations, your Raspberry Pi can become a more flexible and secure tool for your projects.

Happy scanning!

,

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top