chiark / gitweb /
ask-password: don't show wall message on ttys we are already running a tty agent on
[elogind.git] / src / tty-ask-password-agent.c
index 8a9330d..1d17e22 100644 (file)
 #include <sys/inotify.h>
 #include <unistd.h>
 #include <getopt.h>
+#include <sys/signalfd.h>
+#include <fcntl.h>
 
 #include "util.h"
 #include "conf-parser.h"
 #include "utmp-wtmp.h"
 #include "socket-util.h"
+#include "ask-password-api.h"
 
 static enum {
         ACTION_LIST,
@@ -200,7 +203,7 @@ finish:
         return r;
 }
 
-static int parse_password(const char *filename) {
+static int parse_password(const char *filename, char **wall) {
         char *socket_name = NULL, *message = NULL, *packet = NULL;
         uint64_t not_after = 0;
         unsigned pid = 0;
@@ -211,6 +214,7 @@ static int parse_password(const char *filename) {
                 { "NotAfter", config_parse_uint64,   &not_after,   "Ask" },
                 { "Message",  config_parse_string,   &message,     "Ask" },
                 { "PID",      config_parse_unsigned, &pid,         "Ask" },
+                { NULL, NULL, NULL, NULL }
         };
 
         FILE *f;
@@ -228,7 +232,7 @@ static int parse_password(const char *filename) {
                 return -errno;
         }
 
-        if ((r = config_parse(filename, f, NULL, items, false, NULL)) < 0) {
+        if ((r = config_parse(filename, f, NULL, items, true, NULL)) < 0) {
                 log_error("Failed to parse password file %s: %s", filename, strerror(-r));
                 goto finish;
         }
@@ -248,11 +252,13 @@ static int parse_password(const char *filename) {
         if (arg_action == ACTION_LIST)
                 printf("'%s' (PID %u)\n", message, pid);
         else if (arg_action == ACTION_WALL) {
-                char *wall;
+                char *_wall;
 
-                if (asprintf(&wall,
-                             "Password entry required for \'%s\' (PID %u).\r\n"
-                             "Please enter password with the systemd-tty-password-agent tool!",
+                if (asprintf(&_wall,
+                             "%s%sPassword entry required for \'%s\' (PID %u).\r\n"
+                             "Please enter password with the systemd-tty-ask-password-agent tool!",
+                             *wall ? *wall : "",
+                             *wall ? "\r\n\r\n" : "",
                              message,
                              pid) < 0) {
                         log_error("Out of memory");
@@ -260,8 +266,8 @@ static int parse_password(const char *filename) {
                         goto finish;
                 }
 
-                r = utmp_wall(wall);
-                free(wall);
+                free(*wall);
+                *wall = _wall;
         } else {
                 union {
                         struct sockaddr sa;
@@ -330,6 +336,55 @@ finish:
         return r;
 }
 
+static int tty_block(void) {
+        char *p;
+        const char *t;
+        int fd;
+
+        if (!(t = ttyname(STDIN_FILENO)))
+                return -errno;
+
+        if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(t)) < 0)
+                return -ENOMEM;
+
+        mkdir_parents(p, 0700);
+        mkfifo(p, 0600);
+
+        fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+        free(p);
+
+        if (fd < 0)
+                return -errno;
+
+        return fd;
+}
+
+static bool tty_match(const char *path) {
+        int fd;
+        char *p;
+
+        /* We use named pipes to ensure that wall messages suggesting
+         * password entry are not printed over password prompts
+         * already shown. We use the fact here that opening a pipe in
+         * non-blocking mode for write-only will succeed only if
+         * there's some writer behind it. Using pipes has the
+         * advantage that the block will automatically go away if the
+         * process dies. */
+
+        if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(path)) < 0)
+                return true;
+
+        fd = open(p, O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+        free(p);
+
+        if (fd < 0)
+                return true;
+
+        /* What, we managed to open the pipe? Then this tty is filtered. */
+        close_nointr_nofail(fd);
+        return false;
+}
+
 static int show_passwords(void) {
         DIR *d;
         struct dirent *de;
@@ -346,6 +401,7 @@ static int show_passwords(void) {
         while ((de = readdir(d))) {
                 char *p;
                 int q;
+                char *wall;
 
                 if (de->d_type != DT_REG)
                         continue;
@@ -362,10 +418,16 @@ static int show_passwords(void) {
                         goto finish;
                 }
 
-                if ((q = parse_password(p)) < 0)
+                wall = NULL;
+                if ((q = parse_password(p, &wall)) < 0)
                         r = q;
 
                 free(p);
+
+                if (wall) {
+                        utmp_wall(wall, tty_match);
+                        free(wall);
+                }
         }
 
 finish:
@@ -376,10 +438,19 @@ finish:
 }
 
 static int watch_passwords(void) {
-        int notify;
-        struct pollfd pollfd;
+        enum {
+                FD_INOTIFY,
+                FD_SIGNAL,
+                _FD_MAX
+        };
+
+        int notify = -1, signal_fd = -1, tty_block_fd = -1;
+        struct pollfd pollfd[_FD_MAX];
+        sigset_t mask;
         int r;
 
+        tty_block_fd = tty_block();
+
         mkdir_p("/dev/.systemd/ask-password", 0755);
 
         if ((notify = inotify_init1(IN_CLOEXEC)) < 0) {
@@ -392,15 +463,27 @@ static int watch_passwords(void) {
                 goto finish;
         }
 
+        assert_se(sigemptyset(&mask) == 0);
+        sigset_add_many(&mask, SIGINT, SIGTERM, -1);
+        assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
+
+        if ((signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC)) < 0) {
+                log_error("signalfd(): %m");
+                r = -errno;
+                goto finish;
+        }
+
         zero(pollfd);
-        pollfd.fd = notify;
-        pollfd.events = POLLIN;
+        pollfd[FD_INOTIFY].fd = notify;
+        pollfd[FD_INOTIFY].events = POLLIN;
+        pollfd[FD_SIGNAL].fd = signal_fd;
+        pollfd[FD_SIGNAL].events = POLLIN;
 
         for (;;) {
                 if ((r = show_passwords()) < 0)
                         break;
 
-                if (poll(&pollfd, 1, -1) < 0) {
+                if (poll(pollfd, _FD_MAX, -1) < 0) {
 
                         if (errno == EINTR)
                                 continue;
@@ -409,8 +492,11 @@ static int watch_passwords(void) {
                         goto finish;
                 }
 
-                if (pollfd.revents != 0)
+                if (pollfd[FD_INOTIFY].revents != 0)
                         flush_fd(notify);
+
+                if (pollfd[FD_SIGNAL].revents != 0)
+                        break;
         }
 
         r = 0;
@@ -419,6 +505,12 @@ finish:
         if (notify >= 0)
                 close_nointr_nofail(notify);
 
+        if (signal_fd >= 0)
+                close_nointr_nofail(signal_fd);
+
+        if (tty_block_fd >= 0)
+                close_nointr_nofail(tty_block_fd);
+
         return r;
 }