/mandos/release : revision 237.7.510

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/plymouth.c

Committer: Teddy Hogeborn
Date: 2019-02-09 23:23:26 UTC
mto: (237.7.594 trunk)
mto: This revision was merged to the branch mainline in revision 370.
Revision ID: teddy@recompile.se-20190209232326-z1z2kzpgfixz7iaj

Add support for using raw public keys in TLS (RFC 7250)

Since GnuTLS removed support for OpenPGP keys in TLS (RFC 6091), and
no other library supports it, we have to change the protocol to use
something else.  We choose to use "raw public keys" (RFC 7250).  Since
we still use OpenPGP keys to decrypt the secret password, this means
that each client will have two keys: One OpenPGP key and one TLS
public/private key, and the key ID of the latter key is used to
identify clients instead of the fingerprint of the OpenPGP key.

Note that this code is still compatible with GnuTLS before version
3.6.0 (when OpenPGP key support was removed).  This commit merely adds
support for using raw pulic keys instead with GnuTLS 3.6.6. or later.

* DBUS-API (Signals/ClientNotFound): Change name of first parameter
                                     from "Fingerprint" to "KeyID".
  (Mandos Client Interface/Properties/KeyID): New.
* INSTALL: Document conflict with GnuTLS 3.6.0 (which removed OpenPGP
           key support) up until 3.6.6, when support for raw public
           keys was added.  Also document new dependency of client on
           "gnutls-bin" package (for certtool).
* Makefile (run-client): Depend on TLS key files, and also pass them
                         as arguments to client.
  (keydir/tls-privkey.pem, keydir/tls-pubkey.pem): New.
  (confdir/clients.conf): Add dependency on TLS public key.
  (purge-client): Add removal of TLS key files.
* clients.conf ([foo]/key_id, [bar]/key_id): New.
* debian/control (Source: mandos/Build-Depends): Also allow
                                                 libgnutls30 (>= 3.6.6)
  (Package: mandos/Depends): - '' -
  (Package: mandos/Description): Alter description to match new
                                 design.
  (Package: mandos-client/Description): - '' -
  (Package: mandos-client/Depends): Move "gnutls-bin | openssl" to
                                    here from "Recommends".
* debian/mandos-client.README.Debian: Add --tls-privkey and
                                      --tls-pubkey options to test
                                      command.
* debian/mandos-client.postinst (create_key): Renamed to "create_keys"
                                             (all callers changed),
                                             and also create TLS key.
* debian/mandos-client.postrm (purge): Also remove TLS key files.
* intro.xml (DESCRIPTION): Describe new dual-key design.
* mandos (GnuTLS): Define different functions depending on whether
                   support for raw public keys is detected.
  (Client.key_id): New attribute.
  (ClientDBus.KeyID_dbus_property): New method.
  (ProxyClient.__init__): Take new "key_id" parameter.
  (ClientHandler.handle): Use key IDs when using raw public keys and
                          use fingerprints when using OpenPGP keys.
  (ClientHandler.peer_certificate): Also handle raw public keys.
  (ClientHandler.key_id): New.
  (MandosServer.handle_ipc): Pass key ID over the pipe IPC.  Also
                             check for key ID matches when looking up
                             clients.
  (main): Default GnuTLS priority string depends on whether we are
          using raw public keys or not.  When unpickling clients, set
          key_id if not set in the pickle.
  (main/MandosDBusService.ClientNotFound): Change name of first
                                           parameter from
                                           "Fingerprint" to "KeyID".
* mandos-clients.conf.xml (OPTIONS): Document new "key_id" option.
  (OPTIONS/secret): Mention new key ID matchning.
  (EXPANSION/RUNTIME EXPANSION): Add new "key_id" option.
  (EXAMPLE): - '' -
* mandos-ctl (tablewords, main/keywords): Add new "KeyID" property.
* mandos-keygen: Create TLS key files.  New "--tls-keytype" (-T)
                 option.  Alter help text to be more clear about key
                 types.  When in password mode, also output "key_id"
                 option.
* mandos-keygen.xml (SYNOPSIS): Add new "--tls-keytype" (-T) option.
  (DESCRIPTION): Alter to match new dual-key design.
  (OVERVIEW): - '' -
  (FILES): Add TLS key files.
* mandos-options.xml (priority): Document new default priority string
                                 when using raw public keys.
* mandos.xml (NETWORK PROTOCOL): Describe new protocol using key ID.
  (BUGS): Remove issue about checking expire times of OpenPGP keys,
          since TLS public keys do not have expiration times.
  (SECURITY/CLIENT): Alter description to match new design.
  (SEE ALSO/GnuTLS): - '' -
  (SEE ALSO): Add reference to RFC 7250, and alter description of when
              RFC 6091 is used.
* overview.xml: Alter text to match new design.
* plugin-runner.xml (EXAMPLE): Add --tls-pubkey and --tls-privkey
                               options to mandos-client options.
* plugins.d/mandos-client.c: Use raw public keys when compiling with
                             supporting GnuTLS versions. Add new
                             "--tls-pubkey" and "--tls-privkey"
                             options (which do nothing if GnuTLS
                             library does not support raw public
                             keys).  Alter text throughout to reflect
                             new design.  Only generate new DH
                             parameters (based on size of OpenPGP key)
                             when using OpenPGP in TLS.  Default
                             GnuTLS priority string depends on whether
                             we are using raw public keys or not.
* plugins.d/mandos-client.xml (SYNOPSIS): Add new "--tls-privkey" (-t)
                                          and "--tls-pubkey" (-T)
                                          options.
  (DESCRIPTION): Describe new dual-key design.
  (OPTIONS): Document new "--tls-privkey" (-t) and "--tls-pubkey" (-T)
             options.
  (OPTIONS/--dh-bits): No longer necessarily depends on OpenPGP key
                       size.
  (FILES): Add default locations for TLS public and private key files.
  (EXAMPLE): Use new --tls-pubkey and --tls-privkey options.
  (SECURITY): Alter wording slightly to reflect new dual-key design.
  (SEE ALSO/GnuTLS): Alter description to match new design.
  (SEE ALSO): Add reference to RFC 7250, and alter description of when
              RFC 6091 is used.

files added:
bugs.xml

debian/mandos-client.examples

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-tools-conf

initramfs-tools-script-stop

initramfs-unpack

intro.xml

mandos-to-cryptroot-unlock

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

plugins.d/plymouth.c

/* -*- coding: utf-8 -*- */

* Usplash - Read a password from usplash and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* Plymouth - Read a password from Plymouth and output it

* This file is part of Mandos.

* Mandos is free software: you can redistribute it and/or modify it

* under the terms of the GNU General Public License as published by

* the Free Software Foundation, either version 3 of the License, or

* (at your option) any later version.

* Mandos is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* along with Mandos. If not, see <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@fukt.bsnet.se>.

* Contact the authors at <mandos@recompile.se>.

#define _GNU_SOURCE /* asprintf(), TEMP_FAILURE_RETRY() */

#include <stddef.h> /* NULL */

#include <string.h> /* strchr(), memcmp() */

#include <stdio.h> /* asprintf(), perror(), fopen(),

fscanf() */

fscanf(), vasprintf(), fprintf(),

vfprintf() */

#include <unistd.h> /* close(), readlink(), read(),

fork(), setsid(), chdir(), dup2(),

STDERR_FILENO, execv(), access() */

#include <error.h> /* error() */

#include <errno.h> /* TEMP_FAILURE_RETRY */

#include <argz.h> /* argz_count(), argz_extract() */

#include <stdarg.h> /* va_list, va_start(), ... */

sig_atomic_t interrupted_by_signal = 0;

const char plymouth_pid[] = "/dev/.initramfs/plymouth.pid";

/* Used by Ubuntu 11.04 (Natty Narwahl) */

const char plymouth_old_old_pid[] = "/dev/.initramfs/plymouth.pid";

/* Used by Ubuntu 11.10 (Oneiric Ocelot) */

const char plymouth_old_pid[] = "/run/initramfs/plymouth.pid";

/* Used by Debian 9 (stretch) */

const char plymouth_pid[] = "/run/plymouth/pid";

const char plymouth_path[] = "/bin/plymouth";

const char plymouthd_path[] = "/sbin/plymouthd";

const char *plymouthd_default_argv[] = {"/sbin/plymouthd",

"--mode=boot",

"--attach-to-session",

"--pid-file="

"/dev/.initramfs/"

"plymouth.pid",

NULL };

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

/* Function to use when printing errors */

__attribute__((format (gnu_printf, 3, 4)))

void error_plus(int status, int errnum, const char *formatstring,

...){

va_list ap;

char *text;

int ret;

va_start(ap, formatstring);

ret = vasprintf(&text, formatstring, ap);

if(ret == -1){

fprintf(stderr, "Mandos plugin %s: ",

program_invocation_short_name);

vfprintf(stderr, formatstring, ap);

fprintf(stderr, ": ");

fprintf(stderr, "%s\n", strerror(errnum));

error(status, errno, "vasprintf while printing error");

return;

}

fprintf(stderr, "Mandos plugin ");

100

error(status, errnum, "%s", text);

101

free(text);

102

}

103

104

/* Create prompt string */

105

char *makeprompt(void){

106

int ret = 0;

107

char *prompt;

108

const char *const cryptsource = getenv("cryptsource");

109

const char *const crypttarget = getenv("crypttarget");

const char prompt_start[] = "Enter passphrase to unlock the disk";

110

const char prompt_start[] = "Unlocking the disk";

111

const char prompt_end[] = "Enter passphrase";

112

113

if(cryptsource == NULL){

114

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s: ", prompt_start);

115

ret = asprintf(&prompt, "%s\n%s", prompt_start, prompt_end);

116

} else {

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

crypttarget);

117

ret = asprintf(&prompt, "%s (%s)\n%s", prompt_start,

118

crypttarget, prompt_end);

119

}

120

} else {

121

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

122

ret = asprintf(&prompt, "%s %s\n%s", prompt_start, cryptsource,

123

prompt_end);

124

} else {

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

cryptsource, crypttarget);

125

ret = asprintf(&prompt, "%s %s (%s)\n%s", prompt_start,

126

cryptsource, crypttarget, prompt_end);

127

}

128

}

129

if(ret == -1){

107

140

bool become_a_daemon(void){

108

141

int ret = setuid(geteuid());

109

142

if(ret == -1){

110

error(0, errno, "setuid");

143

error_plus(0, errno, "setuid");

111

144

}

112

145

113

146

setsid();

114

147

ret = chdir("/");

115

148

if(ret == -1){

116

error(0, errno, "chdir");

149

error_plus(0, errno, "chdir");

117

150

return false;

118

151

}

119

152

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

120

153

if(ret == -1){

121

error(0, errno, "dup2");

154

error_plus(0, errno, "dup2");

122

155

return false;

123

156

}

124

157

return true;

125

158

}

126

159

160

__attribute__((nonnull (2, 3)))

127

161

bool exec_and_wait(pid_t *pid_return, const char *path,

128

const char **argv, bool interruptable,

162

const char * const *argv, bool interruptable,

129

163

bool daemonize){

130

164

int status;

131

165

int ret;

132

166

pid_t pid;

133

167

pid = fork();

134

168

if(pid == -1){

135

error(0, errno, "fork");

169

error_plus(0, errno, "fork");

136

170

return false;

137

171

}

138

172

if(pid == 0){

142

176

_exit(EX_OSERR);

143

177

}

144

178

}

145

146

char **new_argv = NULL;

147

char *tmp;

179

180

char **new_argv = malloc(sizeof(const char *));

181

if(new_argv == NULL){

182

error_plus(0, errno, "malloc");

183

_exit(EX_OSERR);

184

}

185

char **tmp;

148

186

int i = 0;

149

for (; argv[i]!=(char *)NULL; i++){

150

tmp = realloc(new_argv, sizeof(const char *) * ((size_t)i + 1));

151

if (tmp == NULL){

152

error(0, errno, "realloc");

187

for (; argv[i] != NULL; i++){

188

tmp = realloc(new_argv, sizeof(const char *) * ((size_t)i + 2));

189

if(tmp == NULL){

190

error_plus(0, errno, "realloc");

153

191

free(new_argv);

154

192

_exit(EX_OSERR);

155

193

}

156

new_argv = (char **)tmp;

194

new_argv = tmp;

157

195

new_argv[i] = strdup(argv[i]);

158

196

}

159

new_argv[i] = (char *) NULL;

197

new_argv[i] = NULL;

160

198

161

199

execv(path, (char *const *)new_argv);

162

error(0, errno, "execv");

200

error_plus(0, errno, "execv");

163

201

_exit(EXIT_FAILURE);

164

202

}

165

203

if(pid_return != NULL){

174

212

return false;

175

213

}

176

214

if(ret == -1){

177

error(0, errno, "waitpid");

215

error_plus(0, errno, "waitpid");

178

216

return false;

179

217

}

180

218

if(WIFEXITED(status) and (WEXITSTATUS(status) == 0)){

183

221

return false;

184

222

}

185

223

224

__attribute__((nonnull))

186

225

int is_plymouth(const struct dirent *proc_entry){

187

226

int ret;

188

227

{

189

uintmax_t maxvalue;

228

uintmax_t proc_id;

190

229

char *tmp;

191

230

errno = 0;

192

maxvalue = strtoumax(proc_entry->d_name, &tmp, 10);

231

proc_id = strtoumax(proc_entry->d_name, &tmp, 10);

193

232

194

233

if(errno != 0 or *tmp != '\0'

195

or maxvalue != (uintmax_t)((pid_t)maxvalue)){

234

or proc_id != (uintmax_t)((pid_t)proc_id)){

196

235

return 0;

197

236

}

198

237

}

199

char exe_target[sizeof(plymouth_path)];

238

char exe_target[sizeof(plymouthd_path)];

200

239

char *exe_link;

201

240

ret = asprintf(&exe_link, "/proc/%s/exe", proc_entry->d_name);

202

241

if(ret == -1){

203

error(0, errno, "asprintf");

242

error_plus(0, errno, "asprintf");

204

243

return 0;

205

244

}

206

245

209

248

if(ret == -1){

210

249

free(exe_link);

211

250

if(errno != ENOENT){

212

error(0, errno, "lstat");

251

error_plus(0, errno, "lstat");

213

252

}

214

253

return 0;

215

254

}

223

262

224

263

ssize_t sret = readlink(exe_link, exe_target, sizeof(exe_target));

225

264

free(exe_link);

226

if((sret != (ssize_t)sizeof(plymouth_path)-1) or

227

(memcmp(plymouth_path, exe_target,

228

sizeof(plymouth_path)-1) != 0)){

265

if((sret != (ssize_t)sizeof(plymouthd_path)-1) or

266

(memcmp(plymouthd_path, exe_target,

267

sizeof(plymouthd_path)-1) != 0)){

229

268

return 0;

230

269

}

231

270

return 1;

233

272

234

273

pid_t get_pid(void){

235

274

int ret;

275

uintmax_t proc_id = 0;

236

276

FILE *pidfile = fopen(plymouth_pid, "r");

237

uintmax_t maxvalue = 0;

277

/* Try the new pid file location */

238

278

if(pidfile != NULL){

239

ret = fscanf(pidfile, "%" SCNuMAX, &maxvalue);

279

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

240

280

if(ret != 1){

241

maxvalue = 0;

281

proc_id = 0;

242

282

}

243

283

fclose(pidfile);

244

284

}

245

if(maxvalue == 0){

246

struct dirent **direntries;

285

/* Try the old pid file location */

286

if(proc_id == 0){

287

pidfile = fopen(plymouth_old_pid, "r");

288

if(pidfile != NULL){

289

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

290

if(ret != 1){

291

proc_id = 0;

292

}

293

fclose(pidfile);

294

}

295

}

296

/* Try the old old pid file location */

297

if(proc_id == 0){

298

pidfile = fopen(plymouth_old_old_pid, "r");

299

if(pidfile != NULL){

300

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

301

if(ret != 1){

302

proc_id = 0;

303

}

304

fclose(pidfile);

305

}

306

}

307

/* Look for a plymouth process */

308

if(proc_id == 0){

309

struct dirent **direntries = NULL;

247

310

ret = scandir("/proc", &direntries, is_plymouth, alphasort);

248

sscanf(direntries[0]->d_name, "%" SCNuMAX, &maxvalue);

311

if(ret == -1){

312

error_plus(0, errno, "scandir");

313

}

314

if(ret > 0){

315

for(int i = ret-1; i >= 0; i--){

316

if(proc_id == 0){

317

ret = sscanf(direntries[i]->d_name, "%" SCNuMAX, &proc_id);

318

if(ret < 0){

319

error_plus(0, errno, "sscanf");

320

}

321

}

322

free(direntries[i]);

323

}

324

}

325

/* scandir might preallocate for this variable (man page unclear).

326

even if ret == 0, therefore we need to free it. */

327

free(direntries);

249

328

}

250

329

pid_t pid;

251

pid = (pid_t)maxvalue;

252

if((uintmax_t)pid == maxvalue){

330

pid = (pid_t)proc_id;

331

if((uintmax_t)pid == proc_id){

253

332

return pid;

254

333

}

255

334

256

335

return 0;

257

336

}

258

337

259

const char **getargv(pid_t pid){

338

char **getargv(pid_t pid){

260

339

int cl_fd;

261

340

char *cmdline_filename;

262

341

ssize_t sret;

265

344

ret = asprintf(&cmdline_filename, "/proc/%" PRIuMAX "/cmdline",

266

345

(uintmax_t)pid);

267

346

if(ret == -1){

268

error(0, errno, "asprintf");

347

error_plus(0, errno, "asprintf");

269

348

return NULL;

270

349

}

271

350

273

352

cl_fd = open(cmdline_filename, O_RDONLY);

274

353

free(cmdline_filename);

275

354

if(cl_fd == -1){

276

error(0, errno, "open");

355

error_plus(0, errno, "open");

277

356

return NULL;

278

357

}

279

358

287

366

if(cmdline_len + blocksize > cmdline_allocated){

288

367

tmp = realloc(cmdline, cmdline_allocated + blocksize);

289

368

if(tmp == NULL){

290

error(0, errno, "realloc");

369

error_plus(0, errno, "realloc");

291

370

free(cmdline);

292

371

close(cl_fd);

293

372

return NULL;

300

379

sret = read(cl_fd, cmdline + cmdline_len,

301

380

cmdline_allocated - cmdline_len);

302

381

if(sret == -1){

303

error(0, errno, "read");

382

error_plus(0, errno, "read");

304

383

free(cmdline);

305

384

close(cl_fd);

306

385

return NULL;

309

388

} while(sret != 0);

310

389

ret = close(cl_fd);

311

390

if(ret == -1){

312

error(0, errno, "close");

391

error_plus(0, errno, "close");

313

392

free(cmdline);

314

393

return NULL;

315

394

}

318

397

char **argv = malloc((argz_count(cmdline, cmdline_len) + 1)

319

398

* sizeof(char *)); /* Get number of args */

320

399

if(argv == NULL){

321

error(0, errno, "argv = malloc()");

400

error_plus(0, errno, "argv = malloc()");

322

401

free(cmdline);

323

402

return NULL;

324

403

}

325

404

argz_extract(cmdline, cmdline_len, argv); /* Create argv */

326

return (const char **)argv;

405

return argv;

327

406

}

328

407

329

408

int main(__attribute__((unused))int argc,

351

430

*sig != 0; sig++){

352

431

ret = sigaddset(&new_action.sa_mask, *sig);

353

432

if(ret == -1){

354

error(EX_OSERR, errno, "sigaddset");

433

error_plus(EX_OSERR, errno, "sigaddset");

355

434

}

356

435

ret = sigaction(*sig, NULL, &old_action);

357

436

if(ret == -1){

358

error(EX_OSERR, errno, "sigaction");

437

error_plus(EX_OSERR, errno, "sigaction");

359

438

}

360

439

if(old_action.sa_handler != SIG_IGN){

361

440

ret = sigaction(*sig, &new_action, NULL);

362

441

if(ret == -1){

363

error(EX_OSERR, errno, "sigaction");

442

error_plus(EX_OSERR, errno, "sigaction");

364

443

}

365

444

}

366

445

}

385

464

ret = asprintf(&prompt_arg, "--prompt=%s", prompt);

386

465

free(prompt);

387

466

if(ret == -1){

388

error(EX_OSERR, errno, "asprintf");

467

error_plus(EX_OSERR, errno, "asprintf");

389

468

}

390

469

391

470

/* plymouth ask-for-password --prompt="$prompt" */

404

483

}

405

484

kill_and_wait(plymouth_command_pid);

406

485

407

const char **plymouthd_argv;

486

char **plymouthd_argv = NULL;

408

487

pid_t pid = get_pid();

409

488

if(pid == 0){

410

error(0, 0, "plymouthd pid not found");

411

plymouthd_argv = plymouthd_default_argv;

489

error_plus(0, 0, "plymouthd pid not found");

412

490

} else {

413

491

plymouthd_argv = getargv(pid);

414

492

}

417

495

{ plymouth_path, "quit", NULL },

418

496

false, false);

419

497

if(not bret){

498

if(plymouthd_argv != NULL){

499

free(*plymouthd_argv);

500

free(plymouthd_argv);

501

}

420

502

exit(EXIT_FAILURE);

421

503

}

422

bret = exec_and_wait(NULL, plymouthd_path, plymouthd_argv,

504

bret = exec_and_wait(NULL, plymouthd_path,

505

(plymouthd_argv != NULL)

506

? (const char * const *)plymouthd_argv

507

: plymouthd_default_argv,

423

508

false, true);

509

if(plymouthd_argv != NULL){

510

free(*plymouthd_argv);

511

free(plymouthd_argv);

512

}

424

513

if(not bret){

425

514

exit(EXIT_FAILURE);

426

515

}

Older »