X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Ftty-ask-password-agent.c;h=1d17e2289ec7a185342019b81aa7cd24948283a5;hb=92ab323c824300683efb11fd43c9d834cea9b9e6;hp=8a9330d4acbbc09d7929df14a09270d913328ffb;hpb=e5ebf783cb8e353bf1e07b34ac344bd4883a4ec2;p=elogind.git diff --git a/src/tty-ask-password-agent.c b/src/tty-ask-password-agent.c index 8a9330d4a..1d17e2289 100644 --- a/src/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent.c @@ -29,11 +29,14 @@ #include #include #include +#include +#include #include "util.h" #include "conf-parser.h" #include "utmp-wtmp.h" #include "socket-util.h" +#include "ask-password-api.h" static enum { ACTION_LIST, @@ -200,7 +203,7 @@ finish: return r; } -static int parse_password(const char *filename) { +static int parse_password(const char *filename, char **wall) { char *socket_name = NULL, *message = NULL, *packet = NULL; uint64_t not_after = 0; unsigned pid = 0; @@ -211,6 +214,7 @@ static int parse_password(const char *filename) { { "NotAfter", config_parse_uint64, ¬_after, "Ask" }, { "Message", config_parse_string, &message, "Ask" }, { "PID", config_parse_unsigned, &pid, "Ask" }, + { NULL, NULL, NULL, NULL } }; FILE *f; @@ -228,7 +232,7 @@ static int parse_password(const char *filename) { return -errno; } - if ((r = config_parse(filename, f, NULL, items, false, NULL)) < 0) { + if ((r = config_parse(filename, f, NULL, items, true, NULL)) < 0) { log_error("Failed to parse password file %s: %s", filename, strerror(-r)); goto finish; } @@ -248,11 +252,13 @@ static int parse_password(const char *filename) { if (arg_action == ACTION_LIST) printf("'%s' (PID %u)\n", message, pid); else if (arg_action == ACTION_WALL) { - char *wall; + char *_wall; - if (asprintf(&wall, - "Password entry required for \'%s\' (PID %u).\r\n" - "Please enter password with the systemd-tty-password-agent tool!", + if (asprintf(&_wall, + "%s%sPassword entry required for \'%s\' (PID %u).\r\n" + "Please enter password with the systemd-tty-ask-password-agent tool!", + *wall ? *wall : "", + *wall ? "\r\n\r\n" : "", message, pid) < 0) { log_error("Out of memory"); @@ -260,8 +266,8 @@ static int parse_password(const char *filename) { goto finish; } - r = utmp_wall(wall); - free(wall); + free(*wall); + *wall = _wall; } else { union { struct sockaddr sa; @@ -330,6 +336,55 @@ finish: return r; } +static int tty_block(void) { + char *p; + const char *t; + int fd; + + if (!(t = ttyname(STDIN_FILENO))) + return -errno; + + if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(t)) < 0) + return -ENOMEM; + + mkdir_parents(p, 0700); + mkfifo(p, 0600); + + fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); + free(p); + + if (fd < 0) + return -errno; + + return fd; +} + +static bool tty_match(const char *path) { + int fd; + char *p; + + /* We use named pipes to ensure that wall messages suggesting + * password entry are not printed over password prompts + * already shown. We use the fact here that opening a pipe in + * non-blocking mode for write-only will succeed only if + * there's some writer behind it. Using pipes has the + * advantage that the block will automatically go away if the + * process dies. */ + + if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(path)) < 0) + return true; + + fd = open(p, O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); + free(p); + + if (fd < 0) + return true; + + /* What, we managed to open the pipe? Then this tty is filtered. */ + close_nointr_nofail(fd); + return false; +} + static int show_passwords(void) { DIR *d; struct dirent *de; @@ -346,6 +401,7 @@ static int show_passwords(void) { while ((de = readdir(d))) { char *p; int q; + char *wall; if (de->d_type != DT_REG) continue; @@ -362,10 +418,16 @@ static int show_passwords(void) { goto finish; } - if ((q = parse_password(p)) < 0) + wall = NULL; + if ((q = parse_password(p, &wall)) < 0) r = q; free(p); + + if (wall) { + utmp_wall(wall, tty_match); + free(wall); + } } finish: @@ -376,10 +438,19 @@ finish: } static int watch_passwords(void) { - int notify; - struct pollfd pollfd; + enum { + FD_INOTIFY, + FD_SIGNAL, + _FD_MAX + }; + + int notify = -1, signal_fd = -1, tty_block_fd = -1; + struct pollfd pollfd[_FD_MAX]; + sigset_t mask; int r; + tty_block_fd = tty_block(); + mkdir_p("/dev/.systemd/ask-password", 0755); if ((notify = inotify_init1(IN_CLOEXEC)) < 0) { @@ -392,15 +463,27 @@ static int watch_passwords(void) { goto finish; } + assert_se(sigemptyset(&mask) == 0); + sigset_add_many(&mask, SIGINT, SIGTERM, -1); + assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0); + + if ((signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC)) < 0) { + log_error("signalfd(): %m"); + r = -errno; + goto finish; + } + zero(pollfd); - pollfd.fd = notify; - pollfd.events = POLLIN; + pollfd[FD_INOTIFY].fd = notify; + pollfd[FD_INOTIFY].events = POLLIN; + pollfd[FD_SIGNAL].fd = signal_fd; + pollfd[FD_SIGNAL].events = POLLIN; for (;;) { if ((r = show_passwords()) < 0) break; - if (poll(&pollfd, 1, -1) < 0) { + if (poll(pollfd, _FD_MAX, -1) < 0) { if (errno == EINTR) continue; @@ -409,8 +492,11 @@ static int watch_passwords(void) { goto finish; } - if (pollfd.revents != 0) + if (pollfd[FD_INOTIFY].revents != 0) flush_fd(notify); + + if (pollfd[FD_SIGNAL].revents != 0) + break; } r = 0; @@ -419,6 +505,12 @@ finish: if (notify >= 0) close_nointr_nofail(notify); + if (signal_fd >= 0) + close_nointr_nofail(signal_fd); + + if (tty_block_fd >= 0) + close_nointr_nofail(tty_block_fd); + return r; }