diff --git a/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch
new file mode 100644
index 0000000000..a03fcc9f92
--- /dev/null
+++ b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch
@@ -0,0 +1,33 @@
+--- a/src/common/wpa_ctrl.c
++++ b/src/common/wpa_ctrl.c
+@@ -135,7 +135,7 @@ try_again:
+ 		return NULL;
+ 	}
+ 	tries++;
+-#ifdef ANDROID
++
+ 	/* Set client socket file permissions so that bind() creates the client
+ 	 * socket with these permissions and there is no need to try to change
+ 	 * them with chmod() after bind() which would have potential issues with
+@@ -147,7 +147,7 @@ try_again:
+ 	 * operations to allow the response to go through. Those are using the
+ 	 * no-deference-symlinks version to avoid races. */
+ 	fchmod(ctrl->s, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+-#endif /* ANDROID */
++
+ 	if (bind(ctrl->s, (struct sockaddr *) &ctrl->local,
+ 		    sizeof(ctrl->local)) < 0) {
+ 		if (errno == EADDRINUSE && tries < 2) {
+@@ -165,7 +165,11 @@ try_again:
+ 		return NULL;
+ 	}
+ 
+-#ifdef ANDROID
++#ifndef ANDROID
++	/* Set group even if we do not have privileges to change owner */
++	lchown(ctrl->local.sun_path, -1, 101);
++	lchown(ctrl->local.sun_path, 101, 101);
++#else
+ 	/* Set group even if we do not have privileges to change owner */
+ 	lchown(ctrl->local.sun_path, -1, AID_WIFI);
+ 	lchown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI);