prevent typos.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>silent</option></term>
+
+ <listitem><para>If the encryption password is read from console, no asterisks will be shown
+ while typing the password.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>pkcs11-uri=</option></term>
static unsigned arg_tries = 3;
static bool arg_readonly = false;
static bool arg_verify = false;
+static bool arg_silent = false;
static bool arg_discards = false;
static bool arg_same_cpu_crypt = false;
static bool arg_submit_from_crypt_cpus = false;
arg_readonly = true;
else if (streq(option, "verify"))
arg_verify = true;
+ else if (streq(option, "silent"))
+ arg_silent = true;
else if (STR_IN_SET(option, "allow-discards", "discard"))
arg_discards = true;
else if (streq(option, "same-cpu-crypt"))
_cleanup_strv_free_erase_ char **passwords = NULL;
char **p, *id;
int r = 0;
+ AskPasswordFlags flags = ASK_PASSWORD_PUSH_CACHE | (arg_silent*ASK_PASSWORD_SILENT);
assert(vol);
assert(src);
id = strjoina("cryptsetup:", disk_path);
r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", "cryptsetup.passphrase", until,
- ASK_PASSWORD_PUSH_CACHE | (accept_cached*ASK_PASSWORD_ACCEPT_CACHED),
+ flags | (accept_cached*ASK_PASSWORD_ACCEPT_CACHED),
&passwords);
if (r < 0)
return log_error_errno(r, "Failed to query password: %m");
id = strjoina("cryptsetup-verification:", disk_path);
- r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", "cryptsetup.passphrase", until, ASK_PASSWORD_PUSH_CACHE, &passwords2);
+ r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", "cryptsetup.passphrase", until, flags, &passwords2);
if (r < 0)
return log_error_errno(r, "Failed to query verification password: %m");
"Socket=%s\n"
"AcceptCached=%i\n"
"Echo=%i\n"
- "NotAfter="USEC_FMT"\n",
+ "NotAfter="USEC_FMT"\n"
+ "Silent=%i\n",
getpid_cached(),
socket_name,
(flags & ASK_PASSWORD_ACCEPT_CACHED) ? 1 : 0,
(flags & ASK_PASSWORD_ECHO) ? 1 : 0,
- until);
+ until,
+ (flags & ASK_PASSWORD_SILENT) ? 1 : 0);
if (message)
fprintf(f, "Message=%s\n", message);
static int process_one_password_file(const char *filename) {
_cleanup_free_ char *socket_name = NULL, *message = NULL;
- bool accept_cached = false, echo = false;
+ bool accept_cached = false, echo = false, silent = false;
uint64_t not_after = 0;
unsigned pid = 0;
{ "Ask", "PID", config_parse_unsigned, 0, &pid },
{ "Ask", "AcceptCached", config_parse_bool, 0, &accept_cached },
{ "Ask", "Echo", config_parse_bool, 0, &echo },
+ { "Ask", "Silent", config_parse_bool, 0, &silent },
{}
};
SET_FLAG(flags, ASK_PASSWORD_ACCEPT_CACHED, accept_cached);
SET_FLAG(flags, ASK_PASSWORD_CONSOLE_COLOR, arg_console);
SET_FLAG(flags, ASK_PASSWORD_ECHO, echo);
+ SET_FLAG(flags, ASK_PASSWORD_SILENT, silent);
if (arg_plymouth)
r = ask_password_plymouth(message, not_after, flags, filename, &passwords);