Security Bear is software that grants an easy way for devices to manage and connect first time to WiFi.
Example: The embedded devices come out of the factory with this software pre-installed. User opens hotspot with the default name and password of the software for first-time connection with the device. After the device is connected to the hotspot the user update both First priority and Second priority WiFi names and password, default name and password are deleted (for security reasons) as they were stored in First priority.
The user is connected to his desired WiFi and has a way to connect to the device in case there is a connection problem (like Second priority WiFi changed the password without updating the software beforehand).
I am using ip route
to get the default gateway of the device
Example:
$ ip route
default via 155.62.20.1 dev wlx20e6170b190c proto dhcp metric 600
22.5.132.0/24 dev mpqemubr0 proto kernel scope link src 22.5.132.1 linkdown
52.254.0.0/16 dev wlx20e6170b190c scope link metric 1000
120.27.0.0/16 dev docker0 proto kernel scope link src 120.27.0.1 linkdown
144.121.60.0/24 dev wlx20e6170b190c proto kernel scope link src 144.121.60.154 metric 600
I take the line of the result that contains the word default
and take the IP from that line.
Then I run another command
hostname -I
155.62.20.154 120.27.0.1 22.5.132.1
And compare the IPs to the default gateway IP from the last command (without last number).
And this way I find the current device IP.
In this example the correct result is 155.62.20.154
.
Snappy debug:
me@me-comp:~$ snappy-debug.security scanlog
INFO: Following '/var/log/syslog'. If have dropped messages, use:
INFO: $ sudo journalctl --output=short --follow --all | sudo snappy-debug
= AppArmor =
Time: Dec 30 20:30:30
Log: apparmor="DENIED" operation="exec" profile="snap.security-bear.security-bear" name="/usr/bin/ip" pid=20181 comm="DartWorker" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
File: /usr/bin/ip (exec)
Suggestions:
* adjust snap to ship 'ip'
* adjust program to use relative paths if the snap already ships 'ip'
* add one of 'network-control, network-observe' to 'plugs'
= AppArmor =
Time: Dec 30 20:30:30
Log: apparmor="DENIED" operation="open" profile="snap.security-bear.security-bear" name="/proc/sys/vm/max_map_count" pid=20185 comm="Security-Bear" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
File: /proc/sys/vm/max_map_count (read)
Suggestion:
* adjust program to not access '@{PROC}/sys/vm/max_map_count'
= Seccomp =
Time: Dec 30 19:06:39
Log: auid=4294967295 uid=0 gid=0 ses=4294967295 subj=snap.security-bear.security-bear pid=8667 comm="nmcli" exe="/snap/security-bear/52/usr/bin/nmcli" sig=0 arch=c000003e 314(sched_setattr) compat=0 ip=0x7f0c3636389d code=0x50000
Syscall: sched_setattr
Suggestion:
* add 'process-control' to 'plugs'
Error in my code: ProcessException: Permission denied
for Command: ip route
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: Unhandled exception:
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: ProcessException: Permission denied
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: Command: ip route
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #0 _ProcessImpl._start (dart:io-patch/process_patch.dart:390)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #1 Process.start (dart:io-patch/process_patch.dart:36)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #2 _runNonInteractiveProcess (dart:io-patch/process_patch.dart:565)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #3 Process.run (dart:io-patch/process_patch.dart:47)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #4 NetworkActions.getDefaultGateway (package:security_bear/features/security_bear/application/usecases/network_actions/network_actions.dart:226)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #5 NetworkActions.connectToAdminWhenExist (package:security_bear/features/security_bear/application/usecases/network_actions/network_actions.dart:78)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: <asynchronous suspension>
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: #6 SecurityBearManagerU.manegeNetworkConnection (package:security_bear/features/security_bear/application/usecases/core_u/security_bear_manager.dart:38)
2021-12-30T20:13:21+02:00 security-bear.security-bear[17443]: <asynchronous suspension>
2021-12-30T20:13:21+02:00 systemd[1]: snap.security-bear.security-bear.service: Main process exited, code=exited, status=255/EXCEPTION
2021-12-30T20:13:21+02:00 systemd[1]: snap.security-bear.security-bear.service: Failed with result 'exit-code'.
2021-12-30T20:13:21+02:00 systemd[1]: snap.security-bear.security-bear.service: Scheduled restart job, restart counter is at 6.
2021-12-30T20:13:21+02:00 systemd[1]: Stopped Service for snap application security-bear.security-bear.
2021-12-30T20:13:21+02:00 systemd[1]: snap.security-bear.security-bear.service: Start request repeated too quickly.
2021-12-30T20:13:21+02:00 systemd[1]: snap.security-bear.security-bear.service: Failed with result 'exit-code'.
2021-12-30T20:13:21+02:00 systemd[1]: Failed to start Service for snap application security-bear.security-bear.