Commit e5ebf783 authored by Lennart Poettering's avatar Lennart Poettering

ask-password: add minimal plymouth password agent

parent 5f36328f
...@@ -58,8 +58,6 @@ ...@@ -58,8 +58,6 @@
* start getty 2-6 only when actual vt switch happens * start getty 2-6 only when actual vt switch happens
(same model as socket on-demand activation) (same model as socket on-demand activation)
* ask-password plymouth agent
* spawn ask-password tty agent temporarily in systemctl * spawn ask-password tty agent temporarily in systemctl
* readahead: btrfs/LVM SSD detection * readahead: btrfs/LVM SSD detection
...@@ -84,6 +82,8 @@ ...@@ -84,6 +82,8 @@
* make description of .swap files nicer: resolve /dev/by-uuid/ symlink * make description of .swap files nicer: resolve /dev/by-uuid/ symlink
* systemctl status getty@tty1.service
External: External:
* patch kernel to add /proc/swaps change notifications * patch kernel to add /proc/swaps change notifications
......
...@@ -33,6 +33,7 @@ ...@@ -33,6 +33,7 @@
#include "util.h" #include "util.h"
#include "conf-parser.h" #include "conf-parser.h"
#include "utmp-wtmp.h" #include "utmp-wtmp.h"
#include "socket-util.h"
static enum { static enum {
ACTION_LIST, ACTION_LIST,
...@@ -41,6 +42,164 @@ static enum { ...@@ -41,6 +42,164 @@ static enum {
ACTION_WALL ACTION_WALL
} arg_action = ACTION_QUERY; } arg_action = ACTION_QUERY;
static bool arg_plymouth = false;
static int ask_password_plymouth(const char *message, usec_t until, const char *flag_file, char **_passphrase) {
int fd = -1, notify = -1;
union sockaddr_union sa;
char *packet = NULL;
ssize_t k;
int r, n;
struct pollfd pollfd[2];
char buffer[LINE_MAX];
size_t p = 0;
enum {
POLL_SOCKET,
POLL_INOTIFY
};
if (flag_file) {
if ((notify = inotify_init1(IN_CLOEXEC|IN_NONBLOCK)) < 0) {
r = -errno;
goto finish;
}
if (inotify_add_watch(notify, flag_file, IN_ATTRIB /* for the link count */) < 0) {
r = -errno;
goto finish;
}
}
if ((fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) < 0) {
r = -errno;
goto finish;
}
zero(sa);
sa.sa.sa_family = AF_UNIX;
strncpy(sa.un.sun_path+1, "/ply-boot-protocol", sizeof(sa.un.sun_path)-1);
if (connect(fd, &sa.sa, sizeof(sa.un)) < 0) {
r = -errno;
goto finish;
}
if (asprintf(&packet, "*\002%c%s%n", (int) (strlen(message) + 1), message, &n) < 0) {
r = -ENOMEM;
goto finish;
}
if ((k = loop_write(fd, packet, n+1, true)) != n+1) {
r = k < 0 ? (int) k : -EIO;
goto finish;
}
zero(pollfd);
pollfd[POLL_SOCKET].fd = fd;
pollfd[POLL_SOCKET].events = POLLIN;
pollfd[POLL_INOTIFY].fd = notify;
pollfd[POLL_INOTIFY].events = POLLIN;
for (;;) {
int sleep_for = -1, j;
if (until > 0) {
usec_t y;
y = now(CLOCK_MONOTONIC);
if (y > until) {
r = -ETIMEDOUT;
goto finish;
}
sleep_for = (int) ((until - y) / USEC_PER_MSEC);
}
if (flag_file)
if (access(flag_file, F_OK) < 0) {
r = -errno;
goto finish;
}
if ((j = poll(pollfd, notify > 0 ? 2 : 1, sleep_for)) < 0) {
if (errno == EINTR)
continue;
r = -errno;
goto finish;
} else if (j == 0) {
r = -ETIMEDOUT;
goto finish;
}
if (notify > 0 && pollfd[POLL_INOTIFY].revents != 0)
flush_fd(notify);
if (pollfd[POLL_SOCKET].revents == 0)
continue;
if ((k = read(fd, buffer + p, sizeof(buffer) - p)) <= 0) {
r = k < 0 ? -errno : -EIO;
goto finish;
}
p += k;
if (p < 1)
continue;
if (buffer[0] == 5) {
/* No password, because UI not shown */
r = -ENOENT;
goto finish;
} else if (buffer[0] == 2) {
uint32_t size;
char *s;
/* One answer */
if (p < 5)
continue;
memcpy(&size, buffer+1, sizeof(size));
if (size+5 > sizeof(buffer)) {
r = -EIO;
goto finish;
}
if (p-5 < size)
continue;
if (!(s = strndup(buffer + 5, size))) {
r = -ENOMEM;
goto finish;
}
*_passphrase = s;
break;
} else {
/* Unknown packet */
r = -EIO;
goto finish;
}
}
r = 0;
finish:
if (notify >= 0)
close_nointr_nofail(notify);
if (fd >= 0)
close_nointr_nofail(fd);
free(packet);
return r;
}
static int parse_password(const char *filename) { static int parse_password(const char *filename) {
char *socket_name = NULL, *message = NULL, *packet = NULL; char *socket_name = NULL, *message = NULL, *packet = NULL;
uint64_t not_after = 0; uint64_t not_after = 0;
...@@ -122,8 +281,13 @@ static int parse_password(const char *filename) { ...@@ -122,8 +281,13 @@ static int parse_password(const char *filename) {
goto finish; goto finish;
} }
if ((r = ask_password_tty(message, not_after, filename, &password)) < 0) { if (arg_plymouth)
log_error("Failed to query passwords: %s", strerror(-r)); r = ask_password_plymouth(message, not_after, filename, &password);
else
r = ask_password_tty(message, not_after, filename, &password);
if (r < 0) {
log_error("Failed to query password: %s", strerror(-r));
goto finish; goto finish;
} }
...@@ -262,11 +426,12 @@ static int help(void) { ...@@ -262,11 +426,12 @@ static int help(void) {
printf("%s [OPTIONS...]\n\n" printf("%s [OPTIONS...]\n\n"
"Process system password requests.\n\n" "Process system password requests.\n\n"
" -h --help Show this help\n" " -h --help Show this help\n"
" --list Show pending password requests\n" " --list Show pending password requests\n"
" --query Process pending password requests\n" " --query Process pending password requests\n"
" --watch Continously process password requests\n" " --watch Continously process password requests\n"
" --wall Continously forward password requests to wall\n", " --wall Continously forward password requests to wall\n"
" --plymouth Ask question with Plymouth instead of on TTY\n",
program_invocation_short_name); program_invocation_short_name);
return 0; return 0;
...@@ -279,15 +444,17 @@ static int parse_argv(int argc, char *argv[]) { ...@@ -279,15 +444,17 @@ static int parse_argv(int argc, char *argv[]) {
ARG_QUERY, ARG_QUERY,
ARG_WATCH, ARG_WATCH,
ARG_WALL, ARG_WALL,
ARG_PLYMOUTH
}; };
static const struct option options[] = { static const struct option options[] = {
{ "help", no_argument, NULL, 'h' }, { "help", no_argument, NULL, 'h' },
{ "list", no_argument, NULL, ARG_LIST }, { "list", no_argument, NULL, ARG_LIST },
{ "query", no_argument, NULL, ARG_QUERY }, { "query", no_argument, NULL, ARG_QUERY },
{ "watch", no_argument, NULL, ARG_WATCH }, { "watch", no_argument, NULL, ARG_WATCH },
{ "wall", no_argument, NULL, ARG_WALL }, { "wall", no_argument, NULL, ARG_WALL },
{ NULL, 0, NULL, 0 } { "plymouth", no_argument, NULL, ARG_PLYMOUTH },
{ NULL, 0, NULL, 0 }
}; };
int c; int c;
...@@ -319,6 +486,10 @@ static int parse_argv(int argc, char *argv[]) { ...@@ -319,6 +486,10 @@ static int parse_argv(int argc, char *argv[]) {
arg_action = ACTION_WALL; arg_action = ACTION_WALL;
break; break;
case ARG_PLYMOUTH:
arg_plymouth = true;
break;
case '?': case '?':
return -EINVAL; return -EINVAL;
......
...@@ -3380,7 +3380,7 @@ int ask_password_tty(const char *message, usec_t until, const char *flag_file, c ...@@ -3380,7 +3380,7 @@ int ask_password_tty(const char *message, usec_t until, const char *flag_file, c
assert(_passphrase); assert(_passphrase);
if (flag_file) { if (flag_file) {
if ((notify = inotify_init1(IN_CLOEXEC)) < 0) { if ((notify = inotify_init1(IN_CLOEXEC|IN_NONBLOCK)) < 0) {
r = -errno; r = -errno;
goto finish; goto finish;
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment