]>
Commit | Line | Data |
---|---|---|
490aed58 LP |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU General Public License as published by | |
10 | the Free Software Foundation; either version 2 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
22 | #include <sys/socket.h> | |
23 | #include <sys/poll.h> | |
24 | #include <sys/types.h> | |
25 | #include <assert.h> | |
26 | #include <string.h> | |
27 | #include <errno.h> | |
28 | #include <unistd.h> | |
29 | #include <fcntl.h> | |
30 | #include <sys/un.h> | |
31 | #include <sys/stat.h> | |
32 | #include <sys/signalfd.h> | |
33 | #include <getopt.h> | |
1b39d4b9 LP |
34 | #include <termios.h> |
35 | #include <limits.h> | |
0e098b15 | 36 | #include <stddef.h> |
490aed58 LP |
37 | |
38 | #include "log.h" | |
39 | #include "macro.h" | |
40 | #include "util.h" | |
41 | ||
42 | static const char *arg_icon = NULL; | |
43 | static const char *arg_message = NULL; | |
1b39d4b9 | 44 | static bool arg_use_tty = true; |
490aed58 LP |
45 | static usec_t arg_timeout = 60 * USEC_PER_SEC; |
46 | ||
47 | static int create_socket(char **name) { | |
48 | int fd; | |
49 | union { | |
50 | struct sockaddr sa; | |
51 | struct sockaddr_un un; | |
52 | } sa; | |
53 | int one = 1, r; | |
54 | char *c; | |
55 | ||
56 | assert(name); | |
57 | ||
58 | if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) < 0) { | |
59 | log_error("socket() failed: %m"); | |
60 | return -errno; | |
61 | } | |
62 | ||
63 | zero(sa); | |
64 | sa.un.sun_family = AF_UNIX; | |
ec863ba6 | 65 | snprintf(sa.un.sun_path, sizeof(sa.un.sun_path)-1, "/dev/.systemd/ask-password/sck.%llu", random_ull()); |
490aed58 | 66 | |
ec863ba6 | 67 | if (bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)) < 0) { |
490aed58 LP |
68 | r = -errno; |
69 | log_error("bind() failed: %m"); | |
70 | goto fail; | |
71 | } | |
72 | ||
73 | if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) { | |
74 | r = -errno; | |
75 | log_error("SO_PASSCRED failed: %m"); | |
76 | goto fail; | |
77 | } | |
78 | ||
ec863ba6 | 79 | if (!(c = strdup(sa.un.sun_path))) { |
490aed58 LP |
80 | r = -ENOMEM; |
81 | log_error("Out of memory"); | |
82 | goto fail; | |
83 | } | |
84 | ||
85 | *name = c; | |
86 | return fd; | |
87 | ||
88 | fail: | |
89 | close_nointr_nofail(fd); | |
90 | ||
91 | return r; | |
92 | } | |
93 | ||
94 | static int help(void) { | |
95 | ||
96 | printf("%s [OPTIONS...] MESSAGE\n\n" | |
ad6ab0af | 97 | "Query the user for a system passphrase, via the TTY or an UI agent.\n\n" |
490aed58 LP |
98 | " -h --help Show this help\n" |
99 | " --icon=NAME Icon name\n" | |
ec863ba6 | 100 | " --timeout=SEC Timeout in sec\n" |
1b39d4b9 | 101 | " --no-tty Ask question via agent even on TTY\n", |
490aed58 LP |
102 | program_invocation_short_name); |
103 | ||
104 | return 0; | |
105 | } | |
106 | ||
107 | static int parse_argv(int argc, char *argv[]) { | |
108 | ||
109 | enum { | |
110 | ARG_ICON = 0x100, | |
1b39d4b9 LP |
111 | ARG_TIMEOUT, |
112 | ARG_NO_TTY | |
490aed58 LP |
113 | }; |
114 | ||
115 | static const struct option options[] = { | |
116 | { "help", no_argument, NULL, 'h' }, | |
117 | { "icon", required_argument, NULL, ARG_ICON }, | |
118 | { "timeout", required_argument, NULL, ARG_TIMEOUT }, | |
1b39d4b9 | 119 | { "no-tty", no_argument, NULL, ARG_NO_TTY }, |
490aed58 LP |
120 | { NULL, 0, NULL, 0 } |
121 | }; | |
122 | ||
123 | int c; | |
124 | ||
125 | assert(argc >= 0); | |
126 | assert(argv); | |
127 | ||
128 | while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0) { | |
129 | ||
130 | switch (c) { | |
131 | ||
132 | case 'h': | |
133 | help(); | |
134 | return 0; | |
135 | ||
136 | case ARG_ICON: | |
137 | arg_icon = optarg; | |
138 | break; | |
139 | ||
140 | case ARG_TIMEOUT: | |
141 | if (parse_usec(optarg, &arg_timeout) < 0 || arg_timeout <= 0) { | |
142 | log_error("Failed to parse --timeout parameter %s", optarg); | |
143 | return -EINVAL; | |
144 | } | |
145 | break; | |
146 | ||
1b39d4b9 LP |
147 | case ARG_NO_TTY: |
148 | arg_use_tty = false; | |
149 | break; | |
150 | ||
490aed58 LP |
151 | case '?': |
152 | return -EINVAL; | |
153 | ||
154 | default: | |
155 | log_error("Unknown option code %c", c); | |
156 | return -EINVAL; | |
157 | } | |
158 | } | |
159 | ||
160 | if (optind != argc-1) { | |
161 | help(); | |
162 | return -EINVAL; | |
163 | } | |
164 | ||
165 | arg_message = argv[optind]; | |
1b39d4b9 | 166 | return 1; |
490aed58 LP |
167 | } |
168 | ||
1b39d4b9 | 169 | static int ask_agent(void) { |
b9ba604e LP |
170 | enum { |
171 | FD_SOCKET, | |
172 | FD_SIGNAL, | |
173 | _FD_MAX | |
174 | }; | |
175 | ||
490aed58 LP |
176 | char temp[] = "/dev/.systemd/ask-password/tmp.XXXXXX"; |
177 | char final[sizeof(temp)] = ""; | |
1b39d4b9 | 178 | int fd = -1, r; |
490aed58 LP |
179 | FILE *f = NULL; |
180 | char *socket_name = NULL; | |
b9ba604e | 181 | int socket_fd = -1, signal_fd = -1; |
490aed58 LP |
182 | sigset_t mask; |
183 | usec_t not_after; | |
b9ba604e | 184 | struct pollfd pollfd[_FD_MAX]; |
490aed58 | 185 | |
ec863ba6 LP |
186 | mkdir_p("/dev/.systemd/ask-password", 0755); |
187 | ||
490aed58 LP |
188 | if ((fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY)) < 0) { |
189 | log_error("Failed to create password file: %m"); | |
1b39d4b9 | 190 | r = -errno; |
490aed58 LP |
191 | goto finish; |
192 | } | |
193 | ||
194 | fchmod(fd, 0644); | |
195 | ||
196 | if (!(f = fdopen(fd, "w"))) { | |
197 | log_error("Failed to allocate FILE: %m"); | |
1b39d4b9 | 198 | r = -errno; |
490aed58 LP |
199 | goto finish; |
200 | } | |
201 | ||
202 | fd = -1; | |
203 | ||
204 | assert_se(sigemptyset(&mask) == 0); | |
205 | sigset_add_many(&mask, SIGINT, SIGTERM, -1); | |
206 | assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0); | |
207 | ||
208 | if ((signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC)) < 0) { | |
209 | log_error("signalfd(): %m"); | |
1b39d4b9 | 210 | r = -errno; |
490aed58 LP |
211 | goto finish; |
212 | } | |
213 | ||
1b39d4b9 LP |
214 | if ((socket_fd = create_socket(&socket_name)) < 0) { |
215 | r = socket_fd; | |
490aed58 | 216 | goto finish; |
1b39d4b9 | 217 | } |
490aed58 LP |
218 | |
219 | not_after = now(CLOCK_MONOTONIC) + arg_timeout; | |
220 | ||
221 | fprintf(f, | |
222 | "[Ask]\n" | |
ec863ba6 | 223 | "PID=%lu\n" |
490aed58 LP |
224 | "Socket=%s\n" |
225 | "NotAfter=%llu\n", | |
ec863ba6 | 226 | (unsigned long) getpid(), |
490aed58 LP |
227 | socket_name, |
228 | (unsigned long long) not_after); | |
229 | ||
230 | if (arg_message) | |
231 | fprintf(f, "Message=%s\n", arg_message); | |
232 | ||
233 | if (arg_icon) | |
234 | fprintf(f, "Icon=%s\n", arg_icon); | |
235 | ||
236 | fflush(f); | |
237 | ||
238 | if (ferror(f)) { | |
239 | log_error("Failed to write query file: %m"); | |
1b39d4b9 | 240 | r = -errno; |
490aed58 LP |
241 | goto finish; |
242 | } | |
243 | ||
244 | memcpy(final, temp, sizeof(temp)); | |
245 | ||
246 | final[sizeof(final)-11] = 'a'; | |
247 | final[sizeof(final)-10] = 's'; | |
248 | final[sizeof(final)-9] = 'k'; | |
249 | ||
250 | if (rename(temp, final) < 0) { | |
251 | log_error("Failed to rename query file: %m"); | |
1b39d4b9 | 252 | r = -errno; |
490aed58 LP |
253 | goto finish; |
254 | } | |
255 | ||
b9ba604e LP |
256 | zero(pollfd); |
257 | pollfd[FD_SOCKET].fd = socket_fd; | |
258 | pollfd[FD_SOCKET].events = POLLIN; | |
259 | pollfd[FD_SIGNAL].fd = signal_fd; | |
260 | pollfd[FD_SIGNAL].events = POLLIN; | |
490aed58 | 261 | |
b9ba604e | 262 | for (;;) { |
490aed58 LP |
263 | char passphrase[LINE_MAX+1]; |
264 | struct msghdr msghdr; | |
265 | struct iovec iovec; | |
266 | struct ucred *ucred; | |
267 | union { | |
268 | struct cmsghdr cmsghdr; | |
269 | uint8_t buf[CMSG_SPACE(sizeof(struct ucred))]; | |
270 | } control; | |
271 | ssize_t n; | |
1b39d4b9 | 272 | int k; |
490aed58 | 273 | |
b9ba604e | 274 | if ((k = poll(pollfd, _FD_MAX, arg_timeout/USEC_PER_MSEC)) < 0) { |
490aed58 LP |
275 | |
276 | if (errno == EINTR) | |
277 | continue; | |
278 | ||
1b39d4b9 LP |
279 | log_error("poll() failed: %m"); |
280 | r = -errno; | |
490aed58 LP |
281 | goto finish; |
282 | } | |
283 | ||
284 | if (k <= 0) { | |
285 | log_notice("Timed out"); | |
1b39d4b9 | 286 | r = -ETIME; |
490aed58 LP |
287 | goto finish; |
288 | } | |
289 | ||
290 | if (pollfd[FD_SIGNAL].revents & POLLIN) | |
291 | break; | |
292 | ||
293 | if (pollfd[FD_SOCKET].revents != POLLIN) { | |
294 | log_error("Unexpected poll() event."); | |
1b39d4b9 | 295 | r = -EIO; |
490aed58 LP |
296 | goto finish; |
297 | } | |
298 | ||
299 | zero(iovec); | |
300 | iovec.iov_base = passphrase; | |
301 | iovec.iov_len = sizeof(passphrase)-1; | |
302 | ||
303 | zero(control); | |
304 | zero(msghdr); | |
305 | msghdr.msg_iov = &iovec; | |
306 | msghdr.msg_iovlen = 1; | |
307 | msghdr.msg_control = &control; | |
308 | msghdr.msg_controllen = sizeof(control); | |
309 | ||
310 | if ((n = recvmsg(socket_fd, &msghdr, 0)) < 0) { | |
311 | ||
312 | if (errno == EAGAIN || | |
313 | errno == EINTR) | |
314 | continue; | |
315 | ||
316 | log_error("recvmsg() failed: %m"); | |
1b39d4b9 | 317 | r = -errno; |
490aed58 LP |
318 | goto finish; |
319 | } | |
320 | ||
321 | if (n <= 0) { | |
322 | log_error("Message too short"); | |
323 | continue; | |
324 | } | |
325 | ||
326 | if (msghdr.msg_controllen < CMSG_LEN(sizeof(struct ucred)) || | |
327 | control.cmsghdr.cmsg_level != SOL_SOCKET || | |
328 | control.cmsghdr.cmsg_type != SCM_CREDENTIALS || | |
329 | control.cmsghdr.cmsg_len != CMSG_LEN(sizeof(struct ucred))) { | |
330 | log_warning("Received message without credentials. Ignoring."); | |
331 | continue; | |
332 | } | |
333 | ||
334 | ucred = (struct ucred*) CMSG_DATA(&control.cmsghdr); | |
335 | if (ucred->uid != 0) { | |
336 | log_warning("Got request from unprivileged user. Ignoring."); | |
337 | continue; | |
338 | } | |
339 | ||
340 | if (passphrase[0] == '+') { | |
341 | passphrase[n] = 0; | |
342 | fputs(passphrase+1, stdout); | |
1b39d4b9 LP |
343 | fflush(stdout); |
344 | } else if (passphrase[0] == '-') { | |
345 | r = -ECANCELED; | |
490aed58 | 346 | goto finish; |
1b39d4b9 | 347 | } else { |
490aed58 LP |
348 | log_error("Invalid packet"); |
349 | continue; | |
350 | } | |
351 | ||
352 | break; | |
353 | } | |
354 | ||
1b39d4b9 | 355 | r = 0; |
490aed58 LP |
356 | |
357 | finish: | |
358 | if (fd >= 0) | |
359 | close_nointr_nofail(fd); | |
360 | ||
ec863ba6 LP |
361 | if (socket_name) { |
362 | unlink(socket_name); | |
363 | free(socket_name); | |
364 | } | |
365 | ||
490aed58 LP |
366 | if (socket_fd >= 0) |
367 | close_nointr_nofail(socket_fd); | |
368 | ||
b9ba604e LP |
369 | if (signal_fd >= 0) |
370 | close_nointr_nofail(signal_fd); | |
371 | ||
490aed58 LP |
372 | if (f) |
373 | fclose(f); | |
374 | ||
375 | unlink(temp); | |
376 | ||
377 | if (final[0]) | |
378 | unlink(final); | |
379 | ||
380 | return r; | |
381 | } | |
1b39d4b9 | 382 | |
1b39d4b9 LP |
383 | int main(int argc, char *argv[]) { |
384 | int r; | |
385 | ||
386 | log_parse_environment(); | |
387 | log_open(); | |
388 | ||
389 | if ((r = parse_argv(argc, argv)) <= 0) | |
390 | goto finish; | |
391 | ||
ec863ba6 LP |
392 | if (arg_use_tty && isatty(STDIN_FILENO)) { |
393 | char *password = NULL; | |
394 | ||
395 | if ((r = ask_password_tty(arg_message, now(CLOCK_MONOTONIC) + arg_timeout, NULL, &password)) >= 0) { | |
396 | fputs(password, stdout); | |
397 | fflush(stdout); | |
398 | free(password); | |
399 | } | |
400 | ||
401 | } else | |
1b39d4b9 LP |
402 | r = ask_agent(); |
403 | ||
404 | finish: | |
405 | return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; | |
406 | } |