]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
ec863ba6 LP |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2010 Lennart Poettering | |
6af62124 | 6 | Copyright 2015 Werner Fink |
ec863ba6 LP |
7 | ***/ |
8 | ||
ec863ba6 | 9 | #include <errno.h> |
3f6fd1ba LP |
10 | #include <fcntl.h> |
11 | #include <getopt.h> | |
12 | #include <poll.h> | |
6af62124 | 13 | #include <signal.h> |
3f6fd1ba LP |
14 | #include <stdbool.h> |
15 | #include <stddef.h> | |
ec863ba6 | 16 | #include <string.h> |
3f6fd1ba | 17 | #include <sys/inotify.h> |
6af62124 | 18 | #include <sys/prctl.h> |
3f6fd1ba | 19 | #include <sys/signalfd.h> |
ec863ba6 | 20 | #include <sys/socket.h> |
6af62124 | 21 | #include <sys/wait.h> |
ec863ba6 | 22 | #include <sys/un.h> |
ec863ba6 | 23 | #include <unistd.h> |
ec863ba6 | 24 | |
b5efdb8a | 25 | #include "alloc-util.h" |
3f6fd1ba LP |
26 | #include "ask-password-api.h" |
27 | #include "conf-parser.h" | |
28 | #include "def.h" | |
a0956174 | 29 | #include "dirent-util.h" |
6af62124 | 30 | #include "exit-status.h" |
3ffd4af2 | 31 | #include "fd-util.h" |
6af62124 WF |
32 | #include "fileio.h" |
33 | #include "hashmap.h" | |
c004493c | 34 | #include "io-util.h" |
6af62124 | 35 | #include "macro.h" |
49e942b2 | 36 | #include "mkdir.h" |
9eb977db | 37 | #include "path-util.h" |
3f6fd1ba LP |
38 | #include "process-util.h" |
39 | #include "signal-util.h" | |
e5ebf783 | 40 | #include "socket-util.h" |
07630cea | 41 | #include "string-util.h" |
21bc923a | 42 | #include "strv.h" |
288a74cc | 43 | #include "terminal-util.h" |
3f6fd1ba LP |
44 | #include "util.h" |
45 | #include "utmp-wtmp.h" | |
ec863ba6 LP |
46 | |
47 | static enum { | |
48 | ACTION_LIST, | |
49 | ACTION_QUERY, | |
50 | ACTION_WATCH, | |
51 | ACTION_WALL | |
52 | } arg_action = ACTION_QUERY; | |
53 | ||
e5ebf783 | 54 | static bool arg_plymouth = false; |
0cf84693 | 55 | static bool arg_console = false; |
6af62124 | 56 | static const char *arg_device = NULL; |
e5ebf783 | 57 | |
21bc923a LP |
58 | static int ask_password_plymouth( |
59 | const char *message, | |
60 | usec_t until, | |
e287086b | 61 | AskPasswordFlags flags, |
21bc923a | 62 | const char *flag_file, |
e287086b | 63 | char ***ret) { |
21bc923a | 64 | |
fc2fffe7 | 65 | static const union sockaddr_union sa = PLYMOUTH_SOCKET; |
1d749d04 | 66 | _cleanup_close_ int fd = -1, notify = -1; |
1d749d04 | 67 | _cleanup_free_ char *packet = NULL; |
e5ebf783 LP |
68 | ssize_t k; |
69 | int r, n; | |
b92bea5d | 70 | struct pollfd pollfd[2] = {}; |
e5ebf783 LP |
71 | char buffer[LINE_MAX]; |
72 | size_t p = 0; | |
73 | enum { | |
74 | POLL_SOCKET, | |
75 | POLL_INOTIFY | |
76 | }; | |
77 | ||
e287086b | 78 | assert(ret); |
21bc923a | 79 | |
e5ebf783 | 80 | if (flag_file) { |
1d749d04 ZJS |
81 | notify = inotify_init1(IN_CLOEXEC|IN_NONBLOCK); |
82 | if (notify < 0) | |
83 | return -errno; | |
e5ebf783 | 84 | |
1d749d04 ZJS |
85 | r = inotify_add_watch(notify, flag_file, IN_ATTRIB); /* for the link count */ |
86 | if (r < 0) | |
87 | return -errno; | |
e5ebf783 LP |
88 | } |
89 | ||
1d749d04 ZJS |
90 | fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); |
91 | if (fd < 0) | |
92 | return -errno; | |
e5ebf783 | 93 | |
fc2fffe7 | 94 | r = connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)); |
4a62c710 | 95 | if (r < 0) |
00843602 | 96 | return -errno; |
e5ebf783 | 97 | |
e287086b | 98 | if (flags & ASK_PASSWORD_ACCEPT_CACHED) { |
21bc923a LP |
99 | packet = strdup("c"); |
100 | n = 1; | |
00843602 | 101 | } else if (asprintf(&packet, "*\002%c%s%n", (int) (strlen(message) + 1), message, &n) < 0) |
7de80bfe | 102 | packet = NULL; |
1d749d04 | 103 | if (!packet) |
00843602 | 104 | return -ENOMEM; |
e5ebf783 | 105 | |
553acb7b ZJS |
106 | r = loop_write(fd, packet, n + 1, true); |
107 | if (r < 0) | |
108 | return r; | |
e5ebf783 | 109 | |
e5ebf783 LP |
110 | pollfd[POLL_SOCKET].fd = fd; |
111 | pollfd[POLL_SOCKET].events = POLLIN; | |
112 | pollfd[POLL_INOTIFY].fd = notify; | |
113 | pollfd[POLL_INOTIFY].events = POLLIN; | |
114 | ||
115 | for (;;) { | |
116 | int sleep_for = -1, j; | |
117 | ||
118 | if (until > 0) { | |
119 | usec_t y; | |
120 | ||
121 | y = now(CLOCK_MONOTONIC); | |
122 | ||
1602b008 LP |
123 | if (y > until) { |
124 | r = -ETIME; | |
125 | goto finish; | |
126 | } | |
e5ebf783 LP |
127 | |
128 | sleep_for = (int) ((until - y) / USEC_PER_MSEC); | |
129 | } | |
130 | ||
1602b008 LP |
131 | if (flag_file && access(flag_file, F_OK) < 0) { |
132 | r = -errno; | |
133 | goto finish; | |
134 | } | |
e5ebf783 | 135 | |
e287086b | 136 | j = poll(pollfd, notify >= 0 ? 2 : 1, sleep_for); |
1d749d04 | 137 | if (j < 0) { |
e5ebf783 LP |
138 | if (errno == EINTR) |
139 | continue; | |
140 | ||
1602b008 LP |
141 | r = -errno; |
142 | goto finish; | |
143 | } else if (j == 0) { | |
144 | r = -ETIME; | |
145 | goto finish; | |
146 | } | |
e5ebf783 | 147 | |
e287086b | 148 | if (notify >= 0 && pollfd[POLL_INOTIFY].revents != 0) |
665dfe93 | 149 | (void) flush_fd(notify); |
e5ebf783 LP |
150 | |
151 | if (pollfd[POLL_SOCKET].revents == 0) | |
152 | continue; | |
153 | ||
1d749d04 | 154 | k = read(fd, buffer + p, sizeof(buffer) - p); |
e287086b | 155 | if (k < 0) { |
3742095b | 156 | if (IN_SET(errno, EINTR, EAGAIN)) |
e287086b LP |
157 | continue; |
158 | ||
1602b008 LP |
159 | r = -errno; |
160 | goto finish; | |
161 | } else if (k == 0) { | |
162 | r = -EIO; | |
163 | goto finish; | |
164 | } | |
e5ebf783 LP |
165 | |
166 | p += k; | |
167 | ||
168 | if (p < 1) | |
169 | continue; | |
170 | ||
171 | if (buffer[0] == 5) { | |
21bc923a | 172 | |
e287086b | 173 | if (flags & ASK_PASSWORD_ACCEPT_CACHED) { |
21bc923a LP |
174 | /* Hmm, first try with cached |
175 | * passwords failed, so let's retry | |
176 | * with a normal password request */ | |
97b11eed | 177 | packet = mfree(packet); |
21bc923a | 178 | |
1602b008 LP |
179 | if (asprintf(&packet, "*\002%c%s%n", (int) (strlen(message) + 1), message, &n) < 0) { |
180 | r = -ENOMEM; | |
181 | goto finish; | |
182 | } | |
21bc923a | 183 | |
553acb7b ZJS |
184 | r = loop_write(fd, packet, n+1, true); |
185 | if (r < 0) | |
1602b008 | 186 | goto finish; |
21bc923a | 187 | |
e287086b | 188 | flags &= ~ASK_PASSWORD_ACCEPT_CACHED; |
21bc923a LP |
189 | p = 0; |
190 | continue; | |
191 | } | |
192 | ||
e5ebf783 | 193 | /* No password, because UI not shown */ |
1602b008 LP |
194 | r = -ENOENT; |
195 | goto finish; | |
e5ebf783 | 196 | |
4c701096 | 197 | } else if (IN_SET(buffer[0], 2, 9)) { |
e5ebf783 | 198 | uint32_t size; |
21bc923a | 199 | char **l; |
e5ebf783 | 200 | |
4cf07da2 | 201 | /* One or more answers */ |
e5ebf783 LP |
202 | if (p < 5) |
203 | continue; | |
204 | ||
205 | memcpy(&size, buffer+1, sizeof(size)); | |
bb53abeb | 206 | size = le32toh(size); |
1602b008 LP |
207 | if (size + 5 > sizeof(buffer)) { |
208 | r = -EIO; | |
209 | goto finish; | |
210 | } | |
e5ebf783 LP |
211 | |
212 | if (p-5 < size) | |
213 | continue; | |
214 | ||
1d749d04 | 215 | l = strv_parse_nulstr(buffer + 5, size); |
1602b008 LP |
216 | if (!l) { |
217 | r = -ENOMEM; | |
218 | goto finish; | |
219 | } | |
e5ebf783 | 220 | |
e287086b | 221 | *ret = l; |
e5ebf783 | 222 | break; |
21bc923a | 223 | |
1602b008 | 224 | } else { |
e5ebf783 | 225 | /* Unknown packet */ |
1602b008 LP |
226 | r = -EIO; |
227 | goto finish; | |
228 | } | |
e5ebf783 LP |
229 | } |
230 | ||
1602b008 LP |
231 | r = 0; |
232 | ||
233 | finish: | |
2d26d8e0 | 234 | explicit_bzero(buffer, sizeof(buffer)); |
1602b008 | 235 | return r; |
e5ebf783 LP |
236 | } |
237 | ||
bbada6d7 JAS |
238 | static int send_passwords(const char *socket_name, char **passwords) { |
239 | _cleanup_free_ char *packet = NULL; | |
240 | _cleanup_close_ int socket_fd = -1; | |
241 | union sockaddr_union sa = { .un.sun_family = AF_UNIX }; | |
242 | size_t packet_length = 1; | |
243 | char **p, *d; | |
5439206b | 244 | ssize_t n; |
bbada6d7 JAS |
245 | int r; |
246 | ||
247 | assert(socket_name); | |
248 | ||
249 | STRV_FOREACH(p, passwords) | |
250 | packet_length += strlen(*p) + 1; | |
251 | ||
252 | packet = new(char, packet_length); | |
253 | if (!packet) | |
254 | return -ENOMEM; | |
255 | ||
256 | packet[0] = '+'; | |
257 | ||
258 | d = packet + 1; | |
259 | STRV_FOREACH(p, passwords) | |
260 | d = stpcpy(d, *p) + 1; | |
261 | ||
262 | socket_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0); | |
263 | if (socket_fd < 0) { | |
264 | r = log_debug_errno(errno, "socket(): %m"); | |
265 | goto finish; | |
266 | } | |
267 | ||
268 | strncpy(sa.un.sun_path, socket_name, sizeof(sa.un.sun_path)); | |
269 | ||
5439206b LP |
270 | n = sendto(socket_fd, packet, packet_length, MSG_NOSIGNAL, &sa.sa, SOCKADDR_UN_LEN(sa.un)); |
271 | if (n < 0) { | |
bbada6d7 | 272 | r = log_debug_errno(errno, "sendto(): %m"); |
5439206b LP |
273 | goto finish; |
274 | } | |
275 | ||
276 | r = (int) n; | |
bbada6d7 JAS |
277 | |
278 | finish: | |
2d26d8e0 | 279 | explicit_bzero(packet, packet_length); |
bbada6d7 JAS |
280 | return r; |
281 | } | |
282 | ||
0ddf1d3a | 283 | static int parse_password(const char *filename, char **wall) { |
bbada6d7 | 284 | _cleanup_free_ char *socket_name = NULL, *message = NULL; |
1602b008 | 285 | bool accept_cached = false, echo = false; |
ec863ba6 LP |
286 | uint64_t not_after = 0; |
287 | unsigned pid = 0; | |
ec863ba6 | 288 | |
f975e971 LP |
289 | const ConfigTableItem items[] = { |
290 | { "Ask", "Socket", config_parse_string, 0, &socket_name }, | |
291 | { "Ask", "NotAfter", config_parse_uint64, 0, ¬_after }, | |
292 | { "Ask", "Message", config_parse_string, 0, &message }, | |
293 | { "Ask", "PID", config_parse_unsigned, 0, &pid }, | |
294 | { "Ask", "AcceptCached", config_parse_bool, 0, &accept_cached }, | |
64845bdc | 295 | { "Ask", "Echo", config_parse_bool, 0, &echo }, |
1d749d04 | 296 | {} |
ec863ba6 LP |
297 | }; |
298 | ||
ec863ba6 | 299 | int r; |
ec863ba6 LP |
300 | |
301 | assert(filename); | |
302 | ||
36f822c4 ZJS |
303 | r = config_parse(NULL, filename, NULL, |
304 | NULL, | |
305 | config_item_table_lookup, items, | |
bcde742e | 306 | CONFIG_PARSE_RELAXED|CONFIG_PARSE_WARN, NULL); |
36f822c4 ZJS |
307 | if (r < 0) |
308 | return r; | |
ec863ba6 | 309 | |
7dcda352 | 310 | if (!socket_name) { |
ec863ba6 | 311 | log_error("Invalid password file %s", filename); |
e46eab86 | 312 | return -EBADMSG; |
ec863ba6 LP |
313 | } |
314 | ||
e46eab86 ZJS |
315 | if (not_after > 0 && now(CLOCK_MONOTONIC) > not_after) |
316 | return 0; | |
ec863ba6 | 317 | |
e46eab86 ZJS |
318 | if (pid > 0 && !pid_is_alive(pid)) |
319 | return 0; | |
ded80335 | 320 | |
ec863ba6 LP |
321 | if (arg_action == ACTION_LIST) |
322 | printf("'%s' (PID %u)\n", message, pid); | |
e46eab86 | 323 | |
ec863ba6 | 324 | else if (arg_action == ACTION_WALL) { |
0ddf1d3a | 325 | char *_wall; |
ec863ba6 | 326 | |
0ddf1d3a LP |
327 | if (asprintf(&_wall, |
328 | "%s%sPassword entry required for \'%s\' (PID %u).\r\n" | |
9d3e691e | 329 | "Please enter password with the systemd-tty-ask-password-agent tool!", |
5cfee414 | 330 | strempty(*wall), |
0ddf1d3a | 331 | *wall ? "\r\n\r\n" : "", |
ec863ba6 | 332 | message, |
e46eab86 ZJS |
333 | pid) < 0) |
334 | return log_oom(); | |
ec863ba6 | 335 | |
0ddf1d3a LP |
336 | free(*wall); |
337 | *wall = _wall; | |
e46eab86 | 338 | |
ec863ba6 | 339 | } else { |
bbada6d7 | 340 | _cleanup_strv_free_erase_ char **passwords = NULL; |
ec863ba6 | 341 | |
3742095b | 342 | assert(IN_SET(arg_action, ACTION_QUERY, ACTION_WATCH)); |
ec863ba6 LP |
343 | |
344 | if (access(socket_name, W_OK) < 0) { | |
ec863ba6 LP |
345 | if (arg_action == ACTION_QUERY) |
346 | log_info("Not querying '%s' (PID %u), lacking privileges.", message, pid); | |
347 | ||
e46eab86 | 348 | return 0; |
ec863ba6 LP |
349 | } |
350 | ||
bbada6d7 | 351 | if (arg_plymouth) |
e287086b | 352 | r = ask_password_plymouth(message, not_after, accept_cached ? ASK_PASSWORD_ACCEPT_CACHED : 0, filename, &passwords); |
bbada6d7 JAS |
353 | else { |
354 | char *password = NULL; | |
00843602 | 355 | int tty_fd = -1; |
0cf84693 | 356 | |
e46eab86 | 357 | if (arg_console) { |
149bc84a | 358 | const char *con = arg_device ?: "/dev/console"; |
6af62124 | 359 | |
8854d795 | 360 | tty_fd = acquire_terminal(con, ACQUIRE_TERMINAL_WAIT, USEC_INFINITY); |
e46eab86 | 361 | if (tty_fd < 0) |
befd657b | 362 | return log_error_errno(tty_fd, "Failed to acquire %s: %m", con); |
3d18b167 LP |
363 | |
364 | r = reset_terminal_fd(tty_fd, true); | |
365 | if (r < 0) | |
366 | log_warning_errno(r, "Failed to reset terminal, ignoring: %m"); | |
e46eab86 | 367 | } |
0cf84693 | 368 | |
c2b32159 LP |
369 | r = ask_password_tty(tty_fd, message, NULL, not_after, |
370 | (echo ? ASK_PASSWORD_ECHO : 0) | | |
371 | (arg_console ? ASK_PASSWORD_CONSOLE_COLOR : 0), | |
372 | filename, &password); | |
e5ebf783 | 373 | |
0cf84693 | 374 | if (arg_console) { |
00843602 | 375 | tty_fd = safe_close(tty_fd); |
0cf84693 LP |
376 | release_terminal(); |
377 | } | |
21bc923a | 378 | |
bbada6d7 JAS |
379 | if (r >= 0) |
380 | r = strv_push(&passwords, password); | |
0cf84693 | 381 | |
bbada6d7 JAS |
382 | if (r < 0) |
383 | string_free_erase(password); | |
1602b008 | 384 | } |
ec863ba6 | 385 | |
bbada6d7 JAS |
386 | /* If the query went away, that's OK */ |
387 | if (IN_SET(r, -ETIME, -ENOENT)) | |
388 | return 0; | |
ec863ba6 | 389 | |
bbada6d7 JAS |
390 | if (r < 0) |
391 | return log_error_errno(r, "Failed to query password: %m"); | |
ec863ba6 | 392 | |
bbada6d7 | 393 | r = send_passwords(socket_name, passwords); |
00843602 | 394 | if (r < 0) |
bbada6d7 | 395 | return log_error_errno(r, "Failed to send: %m"); |
ec863ba6 LP |
396 | } |
397 | ||
e46eab86 | 398 | return 0; |
ec863ba6 LP |
399 | } |
400 | ||
0cf84693 | 401 | static int wall_tty_block(void) { |
1d749d04 | 402 | _cleanup_free_ char *p = NULL; |
fc116c6a | 403 | dev_t devnr; |
00843602 | 404 | int fd, r; |
7af53310 | 405 | |
4d6d6518 | 406 | r = get_ctty_devnr(0, &devnr); |
e287086b LP |
407 | if (r == -ENXIO) /* We have no controlling tty */ |
408 | return -ENOTTY; | |
4d6d6518 | 409 | if (r < 0) |
00843602 | 410 | return log_error_errno(r, "Failed to get controlling TTY: %m"); |
7af53310 | 411 | |
2b583ce6 | 412 | if (asprintf(&p, "/run/systemd/ask-password-block/%u:%u", major(devnr), minor(devnr)) < 0) |
00843602 | 413 | return log_oom(); |
7af53310 | 414 | |
e3e2cf07 LP |
415 | (void) mkdir_parents_label(p, 0700); |
416 | (void) mkfifo(p, 0600); | |
7af53310 LP |
417 | |
418 | fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); | |
7af53310 | 419 | if (fd < 0) |
2ee4e222 | 420 | return log_debug_errno(errno, "Failed to open %s: %m", p); |
7af53310 LP |
421 | |
422 | return fd; | |
423 | } | |
424 | ||
99f710dd | 425 | static bool wall_tty_match(const char *path, void *userdata) { |
1d749d04 | 426 | _cleanup_free_ char *p = NULL; |
00843602 LP |
427 | _cleanup_close_ int fd = -1; |
428 | struct stat st; | |
fc116c6a | 429 | |
1d749d04 | 430 | if (!path_is_absolute(path)) |
63c372cb | 431 | path = strjoina("/dev/", path); |
fc116c6a | 432 | |
00843602 LP |
433 | if (lstat(path, &st) < 0) { |
434 | log_debug_errno(errno, "Failed to stat %s: %m", path); | |
fc116c6a | 435 | return true; |
00843602 | 436 | } |
fc116c6a | 437 | |
00843602 LP |
438 | if (!S_ISCHR(st.st_mode)) { |
439 | log_debug("%s is not a character device.", path); | |
fc116c6a | 440 | return true; |
00843602 | 441 | } |
7af53310 LP |
442 | |
443 | /* We use named pipes to ensure that wall messages suggesting | |
444 | * password entry are not printed over password prompts | |
445 | * already shown. We use the fact here that opening a pipe in | |
446 | * non-blocking mode for write-only will succeed only if | |
447 | * there's some writer behind it. Using pipes has the | |
448 | * advantage that the block will automatically go away if the | |
449 | * process dies. */ | |
450 | ||
00843602 LP |
451 | if (asprintf(&p, "/run/systemd/ask-password-block/%u:%u", major(st.st_rdev), minor(st.st_rdev)) < 0) { |
452 | log_oom(); | |
7af53310 | 453 | return true; |
00843602 | 454 | } |
7af53310 LP |
455 | |
456 | fd = open(p, O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); | |
00843602 | 457 | if (fd < 0) { |
fe4a1d0f | 458 | log_debug_errno(errno, "Failed to open the wall pipe: %m"); |
00843602 LP |
459 | return 1; |
460 | } | |
7af53310 LP |
461 | |
462 | /* What, we managed to open the pipe? Then this tty is filtered. */ | |
00843602 | 463 | return 0; |
7af53310 LP |
464 | } |
465 | ||
ec863ba6 | 466 | static int show_passwords(void) { |
1d749d04 | 467 | _cleanup_closedir_ DIR *d; |
ec863ba6 LP |
468 | struct dirent *de; |
469 | int r = 0; | |
470 | ||
1d749d04 ZJS |
471 | d = opendir("/run/systemd/ask-password"); |
472 | if (!d) { | |
ec863ba6 LP |
473 | if (errno == ENOENT) |
474 | return 0; | |
475 | ||
ad71eee5 | 476 | return log_error_errno(errno, "Failed to open /run/systemd/ask-password: %m"); |
ec863ba6 LP |
477 | } |
478 | ||
00843602 | 479 | FOREACH_DIRENT_ALL(de, d, return log_error_errno(errno, "Failed to read directory: %m")) { |
1d749d04 | 480 | _cleanup_free_ char *p = NULL, *wall = NULL; |
ec863ba6 LP |
481 | int q; |
482 | ||
1a6f4df6 LP |
483 | /* We only support /dev on tmpfs, hence we can rely on |
484 | * d_type to be reliable */ | |
485 | ||
ec863ba6 LP |
486 | if (de->d_type != DT_REG) |
487 | continue; | |
488 | ||
55cdd057 | 489 | if (hidden_or_backup_file(de->d_name)) |
ec863ba6 LP |
490 | continue; |
491 | ||
492 | if (!startswith(de->d_name, "ask.")) | |
493 | continue; | |
494 | ||
1d749d04 ZJS |
495 | p = strappend("/run/systemd/ask-password/", de->d_name); |
496 | if (!p) | |
497 | return log_oom(); | |
ec863ba6 | 498 | |
1d749d04 ZJS |
499 | q = parse_password(p, &wall); |
500 | if (q < 0 && r == 0) | |
ec863ba6 LP |
501 | r = q; |
502 | ||
1d749d04 | 503 | if (wall) |
00843602 | 504 | (void) utmp_wall(wall, NULL, NULL, wall_tty_match, NULL); |
ec863ba6 LP |
505 | } |
506 | ||
ec863ba6 LP |
507 | return r; |
508 | } | |
509 | ||
510 | static int watch_passwords(void) { | |
b9ba604e LP |
511 | enum { |
512 | FD_INOTIFY, | |
513 | FD_SIGNAL, | |
514 | _FD_MAX | |
515 | }; | |
516 | ||
1d749d04 | 517 | _cleanup_close_ int notify = -1, signal_fd = -1, tty_block_fd = -1; |
b92bea5d | 518 | struct pollfd pollfd[_FD_MAX] = {}; |
b9ba604e | 519 | sigset_t mask; |
ec863ba6 LP |
520 | int r; |
521 | ||
0cf84693 | 522 | tty_block_fd = wall_tty_block(); |
7af53310 | 523 | |
00843602 | 524 | (void) mkdir_p_label("/run/systemd/ask-password", 0755); |
ec863ba6 | 525 | |
1d749d04 ZJS |
526 | notify = inotify_init1(IN_CLOEXEC); |
527 | if (notify < 0) | |
00843602 | 528 | return log_error_errno(errno, "Failed to allocate directory watch: %m"); |
ec863ba6 | 529 | |
1d749d04 | 530 | if (inotify_add_watch(notify, "/run/systemd/ask-password", IN_CLOSE_WRITE|IN_MOVED_TO) < 0) |
00843602 | 531 | return log_error_errno(errno, "Failed to add /run/systemd/ask-password to directory watch: %m"); |
ec863ba6 | 532 | |
72c0a2c2 LP |
533 | assert_se(sigemptyset(&mask) >= 0); |
534 | assert_se(sigset_add_many(&mask, SIGINT, SIGTERM, -1) >= 0); | |
535 | assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) >= 0); | |
b9ba604e | 536 | |
1d749d04 ZJS |
537 | signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC); |
538 | if (signal_fd < 0) | |
00843602 | 539 | return log_error_errno(errno, "Failed to allocate signal file descriptor: %m"); |
b9ba604e | 540 | |
b9ba604e LP |
541 | pollfd[FD_INOTIFY].fd = notify; |
542 | pollfd[FD_INOTIFY].events = POLLIN; | |
543 | pollfd[FD_SIGNAL].fd = signal_fd; | |
544 | pollfd[FD_SIGNAL].events = POLLIN; | |
ec863ba6 LP |
545 | |
546 | for (;;) { | |
1d749d04 ZJS |
547 | r = show_passwords(); |
548 | if (r < 0) | |
da927ba9 | 549 | log_error_errno(r, "Failed to show password: %m"); |
ec863ba6 | 550 | |
b9ba604e | 551 | if (poll(pollfd, _FD_MAX, -1) < 0) { |
ec863ba6 LP |
552 | if (errno == EINTR) |
553 | continue; | |
554 | ||
1d749d04 | 555 | return -errno; |
ec863ba6 LP |
556 | } |
557 | ||
b9ba604e | 558 | if (pollfd[FD_INOTIFY].revents != 0) |
00843602 | 559 | (void) flush_fd(notify); |
b9ba604e LP |
560 | |
561 | if (pollfd[FD_SIGNAL].revents != 0) | |
562 | break; | |
ec863ba6 LP |
563 | } |
564 | ||
1d749d04 | 565 | return 0; |
ec863ba6 LP |
566 | } |
567 | ||
601185b4 | 568 | static void help(void) { |
ec863ba6 LP |
569 | printf("%s [OPTIONS...]\n\n" |
570 | "Process system password requests.\n\n" | |
e5ebf783 | 571 | " -h --help Show this help\n" |
c52f663b | 572 | " --version Show package version\n" |
e5ebf783 LP |
573 | " --list Show pending password requests\n" |
574 | " --query Process pending password requests\n" | |
35b8ca3a HH |
575 | " --watch Continuously process password requests\n" |
576 | " --wall Continuously forward password requests to wall\n" | |
0cf84693 LP |
577 | " --plymouth Ask question with Plymouth instead of on TTY\n" |
578 | " --console Ask question on /dev/console instead of current TTY\n", | |
ec863ba6 | 579 | program_invocation_short_name); |
ec863ba6 LP |
580 | } |
581 | ||
582 | static int parse_argv(int argc, char *argv[]) { | |
583 | ||
584 | enum { | |
585 | ARG_LIST = 0x100, | |
586 | ARG_QUERY, | |
587 | ARG_WATCH, | |
588 | ARG_WALL, | |
0cf84693 | 589 | ARG_PLYMOUTH, |
c52f663b LP |
590 | ARG_CONSOLE, |
591 | ARG_VERSION | |
ec863ba6 LP |
592 | }; |
593 | ||
594 | static const struct option options[] = { | |
6af62124 WF |
595 | { "help", no_argument, NULL, 'h' }, |
596 | { "version", no_argument, NULL, ARG_VERSION }, | |
597 | { "list", no_argument, NULL, ARG_LIST }, | |
598 | { "query", no_argument, NULL, ARG_QUERY }, | |
599 | { "watch", no_argument, NULL, ARG_WATCH }, | |
600 | { "wall", no_argument, NULL, ARG_WALL }, | |
601 | { "plymouth", no_argument, NULL, ARG_PLYMOUTH }, | |
602 | { "console", optional_argument, NULL, ARG_CONSOLE }, | |
eb9da376 | 603 | {} |
ec863ba6 LP |
604 | }; |
605 | ||
606 | int c; | |
607 | ||
608 | assert(argc >= 0); | |
609 | assert(argv); | |
610 | ||
601185b4 | 611 | while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0) |
ec863ba6 LP |
612 | |
613 | switch (c) { | |
614 | ||
615 | case 'h': | |
601185b4 ZJS |
616 | help(); |
617 | return 0; | |
ec863ba6 | 618 | |
c52f663b | 619 | case ARG_VERSION: |
3f6fd1ba | 620 | return version(); |
c52f663b | 621 | |
ec863ba6 LP |
622 | case ARG_LIST: |
623 | arg_action = ACTION_LIST; | |
624 | break; | |
625 | ||
626 | case ARG_QUERY: | |
627 | arg_action = ACTION_QUERY; | |
628 | break; | |
629 | ||
630 | case ARG_WATCH: | |
631 | arg_action = ACTION_WATCH; | |
632 | break; | |
633 | ||
634 | case ARG_WALL: | |
635 | arg_action = ACTION_WALL; | |
636 | break; | |
637 | ||
e5ebf783 LP |
638 | case ARG_PLYMOUTH: |
639 | arg_plymouth = true; | |
640 | break; | |
641 | ||
0cf84693 LP |
642 | case ARG_CONSOLE: |
643 | arg_console = true; | |
6af62124 WF |
644 | if (optarg) { |
645 | ||
646 | if (isempty(optarg)) { | |
647 | log_error("Empty console device path is not allowed."); | |
648 | return -EINVAL; | |
649 | } | |
650 | ||
651 | arg_device = optarg; | |
652 | } | |
0cf84693 LP |
653 | break; |
654 | ||
ec863ba6 LP |
655 | case '?': |
656 | return -EINVAL; | |
657 | ||
658 | default: | |
eb9da376 | 659 | assert_not_reached("Unhandled option"); |
ec863ba6 | 660 | } |
ec863ba6 LP |
661 | |
662 | if (optind != argc) { | |
601185b4 | 663 | log_error("%s takes no arguments.", program_invocation_short_name); |
ec863ba6 LP |
664 | return -EINVAL; |
665 | } | |
666 | ||
6af62124 WF |
667 | if (arg_plymouth || arg_console) { |
668 | ||
669 | if (!IN_SET(arg_action, ACTION_QUERY, ACTION_WATCH)) { | |
670 | log_error("Options --query and --watch conflict."); | |
671 | return -EINVAL; | |
672 | } | |
673 | ||
674 | if (arg_plymouth && arg_console) { | |
675 | log_error("Options --plymouth and --console conflict."); | |
676 | return -EINVAL; | |
677 | } | |
678 | } | |
679 | ||
ec863ba6 LP |
680 | return 1; |
681 | } | |
682 | ||
6af62124 WF |
683 | /* |
684 | * To be able to ask on all terminal devices of /dev/console | |
685 | * the devices are collected. If more than one device is found, | |
686 | * then on each of the terminals a inquiring task is forked. | |
687 | * Every task has its own session and its own controlling terminal. | |
688 | * If one of the tasks does handle a password, the remaining tasks | |
689 | * will be terminated. | |
690 | */ | |
4c253ed1 | 691 | static int ask_on_this_console(const char *tty, pid_t *ret_pid, int argc, char *argv[]) { |
6af62124 WF |
692 | struct sigaction sig = { |
693 | .sa_handler = nop_signal_handler, | |
694 | .sa_flags = SA_NOCLDSTOP | SA_RESTART, | |
695 | }; | |
4c253ed1 LP |
696 | pid_t pid; |
697 | int r; | |
6af62124 WF |
698 | |
699 | assert_se(sigprocmask_many(SIG_UNBLOCK, NULL, SIGHUP, SIGCHLD, -1) >= 0); | |
700 | ||
701 | assert_se(sigemptyset(&sig.sa_mask) >= 0); | |
702 | assert_se(sigaction(SIGCHLD, &sig, NULL) >= 0); | |
703 | ||
704 | sig.sa_handler = SIG_DFL; | |
705 | assert_se(sigaction(SIGHUP, &sig, NULL) >= 0); | |
706 | ||
b6e1fff1 | 707 | r = safe_fork("(sd-passwd)", FORK_RESET_SIGNALS|FORK_LOG, &pid); |
4c253ed1 | 708 | if (r < 0) |
b6e1fff1 | 709 | return r; |
4c253ed1 | 710 | if (r == 0) { |
6af62124 WF |
711 | int ac; |
712 | ||
713 | assert_se(prctl(PR_SET_PDEATHSIG, SIGHUP) >= 0); | |
714 | ||
6af62124 WF |
715 | for (ac = 0; ac < argc; ac++) { |
716 | if (streq(argv[ac], "--console")) { | |
421eaea0 | 717 | argv[ac] = strjoina("--console=", tty); |
6af62124 WF |
718 | break; |
719 | } | |
720 | } | |
721 | ||
722 | assert(ac < argc); | |
723 | ||
724 | execv(SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH, argv); | |
725 | _exit(EXIT_FAILURE); | |
726 | } | |
4c253ed1 LP |
727 | |
728 | *ret_pid = pid; | |
6af62124 WF |
729 | return 0; |
730 | } | |
731 | ||
732 | static void terminate_agents(Set *pids) { | |
733 | struct timespec ts; | |
734 | siginfo_t status = {}; | |
735 | sigset_t set; | |
736 | Iterator i; | |
737 | void *p; | |
738 | int r, signum; | |
739 | ||
740 | /* | |
741 | * Request termination of the remaining processes as those | |
742 | * are not required anymore. | |
743 | */ | |
744 | SET_FOREACH(p, pids, i) | |
745 | (void) kill(PTR_TO_PID(p), SIGTERM); | |
746 | ||
747 | /* | |
748 | * Collect the processes which have go away. | |
749 | */ | |
750 | assert_se(sigemptyset(&set) >= 0); | |
751 | assert_se(sigaddset(&set, SIGCHLD) >= 0); | |
752 | timespec_store(&ts, 50 * USEC_PER_MSEC); | |
753 | ||
754 | while (!set_isempty(pids)) { | |
755 | ||
756 | zero(status); | |
757 | r = waitid(P_ALL, 0, &status, WEXITED|WNOHANG); | |
758 | if (r < 0 && errno == EINTR) | |
759 | continue; | |
760 | ||
761 | if (r == 0 && status.si_pid > 0) { | |
762 | set_remove(pids, PID_TO_PTR(status.si_pid)); | |
763 | continue; | |
764 | } | |
765 | ||
766 | signum = sigtimedwait(&set, NULL, &ts); | |
767 | if (signum < 0) { | |
768 | if (errno != EAGAIN) | |
769 | log_error_errno(errno, "sigtimedwait() failed: %m"); | |
770 | break; | |
771 | } | |
772 | assert(signum == SIGCHLD); | |
773 | } | |
774 | ||
775 | /* | |
776 | * Kill hanging processes. | |
777 | */ | |
778 | SET_FOREACH(p, pids, i) { | |
779 | log_warning("Failed to terminate child %d, killing it", PTR_TO_PID(p)); | |
780 | (void) kill(PTR_TO_PID(p), SIGKILL); | |
781 | } | |
782 | } | |
783 | ||
784 | static int ask_on_consoles(int argc, char *argv[]) { | |
785 | _cleanup_set_free_ Set *pids = NULL; | |
786 | _cleanup_strv_free_ char **consoles = NULL; | |
787 | siginfo_t status = {}; | |
788 | char **tty; | |
789 | pid_t pid; | |
790 | int r; | |
791 | ||
792 | r = get_kernel_consoles(&consoles); | |
793 | if (r < 0) | |
794 | return log_error_errno(r, "Failed to determine devices of /dev/console: %m"); | |
795 | ||
796 | pids = set_new(NULL); | |
797 | if (!pids) | |
798 | return log_oom(); | |
799 | ||
800 | /* Start an agent on each console. */ | |
801 | STRV_FOREACH(tty, consoles) { | |
802 | r = ask_on_this_console(*tty, &pid, argc, argv); | |
803 | if (r < 0) | |
804 | return r; | |
805 | ||
806 | if (set_put(pids, PID_TO_PTR(pid)) < 0) | |
807 | return log_oom(); | |
808 | } | |
809 | ||
810 | /* Wait for an agent to exit. */ | |
811 | for (;;) { | |
812 | zero(status); | |
813 | ||
814 | if (waitid(P_ALL, 0, &status, WEXITED) < 0) { | |
815 | if (errno == EINTR) | |
816 | continue; | |
817 | ||
818 | return log_error_errno(errno, "waitid() failed: %m"); | |
819 | } | |
820 | ||
821 | set_remove(pids, PID_TO_PTR(status.si_pid)); | |
822 | break; | |
823 | } | |
824 | ||
1f0958f6 | 825 | if (!is_clean_exit(status.si_code, status.si_status, EXIT_CLEAN_DAEMON, NULL)) |
6af62124 WF |
826 | log_error("Password agent failed with: %d", status.si_status); |
827 | ||
828 | terminate_agents(pids); | |
829 | return 0; | |
830 | } | |
831 | ||
ec863ba6 LP |
832 | int main(int argc, char *argv[]) { |
833 | int r; | |
834 | ||
4b261568 | 835 | log_set_target(LOG_TARGET_AUTO); |
ec863ba6 LP |
836 | log_parse_environment(); |
837 | log_open(); | |
838 | ||
4c12626c LP |
839 | umask(0022); |
840 | ||
1d749d04 ZJS |
841 | r = parse_argv(argc, argv); |
842 | if (r <= 0) | |
ec863ba6 LP |
843 | goto finish; |
844 | ||
6af62124 WF |
845 | if (arg_console && !arg_device) |
846 | /* | |
847 | * Spawn for each console device a separate process. | |
848 | */ | |
849 | r = ask_on_consoles(argc, argv); | |
850 | else { | |
851 | ||
852 | if (arg_device) { | |
853 | /* | |
854 | * Later on, a controlling terminal will be acquired, | |
855 | * therefore the current process has to become a session | |
856 | * leader and should not have a controlling terminal already. | |
857 | */ | |
858 | (void) setsid(); | |
859 | (void) release_terminal(); | |
860 | } | |
0cf84693 | 861 | |
6af62124 WF |
862 | if (IN_SET(arg_action, ACTION_WATCH, ACTION_WALL)) |
863 | r = watch_passwords(); | |
864 | else | |
865 | r = show_passwords(); | |
866 | } | |
96707269 | 867 | |
ec863ba6 LP |
868 | finish: |
869 | return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; | |
870 | } |