X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Ftty-ask-password-agent.c;h=1d17e2289ec7a185342019b81aa7cd24948283a5;hp=8b02b269592d67d68e45d020023a3e057440cde3;hb=7af53310dd9154ba76be7808292d9a046b849e43;hpb=656ce8f77a840b7615180de4d63c4fc29b40cc47;ds=sidebyside

diff --git a/src/tty-ask-password-agent.c b/src/tty-ask-password-agent.c
index 8b02b2695..1d17e2289 100644
--- a/src/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent.c
@@ -30,6 +30,7 @@
 #include <unistd.h>
 #include <getopt.h>
 #include <sys/signalfd.h>
+#include <fcntl.h>
 
 #include "util.h"
 #include "conf-parser.h"
@@ -255,7 +256,7 @@ static int parse_password(const char *filename, char **wall) {
 
                 if (asprintf(&_wall,
                              "%s%sPassword entry required for \'%s\' (PID %u).\r\n"
-                             "Please enter password with the systemd-tty-password-agent tool!",
+                             "Please enter password with the systemd-tty-ask-password-agent tool!",
                              *wall ? *wall : "",
                              *wall ? "\r\n\r\n" : "",
                              message,
@@ -335,6 +336,55 @@ finish:
         return r;
 }
 
+static int tty_block(void) {
+        char *p;
+        const char *t;
+        int fd;
+
+        if (!(t = ttyname(STDIN_FILENO)))
+                return -errno;
+
+        if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(t)) < 0)
+                return -ENOMEM;
+
+        mkdir_parents(p, 0700);
+        mkfifo(p, 0600);
+
+        fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+        free(p);
+
+        if (fd < 0)
+                return -errno;
+
+        return fd;
+}
+
+static bool tty_match(const char *path) {
+        int fd;
+        char *p;
+
+        /* We use named pipes to ensure that wall messages suggesting
+         * password entry are not printed over password prompts
+         * already shown. We use the fact here that opening a pipe in
+         * non-blocking mode for write-only will succeed only if
+         * there's some writer behind it. Using pipes has the
+         * advantage that the block will automatically go away if the
+         * process dies. */
+
+        if (asprintf(&p, "/dev/.systemd/ask-password-block/%s", file_name_from_path(path)) < 0)
+                return true;
+
+        fd = open(p, O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+        free(p);
+
+        if (fd < 0)
+                return true;
+
+        /* What, we managed to open the pipe? Then this tty is filtered. */
+        close_nointr_nofail(fd);
+        return false;
+}
+
 static int show_passwords(void) {
         DIR *d;
         struct dirent *de;
@@ -375,7 +425,7 @@ static int show_passwords(void) {
                 free(p);
 
                 if (wall) {
-                        utmp_wall(wall);
+                        utmp_wall(wall, tty_match);
                         free(wall);
                 }
         }
@@ -394,11 +444,13 @@ static int watch_passwords(void) {
                 _FD_MAX
         };
 
-        int notify = -1, signal_fd = -1;
+        int notify = -1, signal_fd = -1, tty_block_fd = -1;
         struct pollfd pollfd[_FD_MAX];
         sigset_t mask;
         int r;
 
+        tty_block_fd = tty_block();
+
         mkdir_p("/dev/.systemd/ask-password", 0755);
 
         if ((notify = inotify_init1(IN_CLOEXEC)) < 0) {
@@ -456,6 +508,9 @@ finish:
         if (signal_fd >= 0)
                 close_nointr_nofail(signal_fd);
 
+        if (tty_block_fd >= 0)
+                close_nointr_nofail(tty_block_fd);
+
         return r;
 }