1
<?xml version="1.0" encoding="UTF-8"?>
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
<!ENTITY COMMANDNAME "usplash">
5
<!ENTITY TIMESTAMP "2017-02-23">
6
<!ENTITY % common SYSTEM "../common.ent">
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
12
<title>Mandos Manual</title>
13
<!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
<productname>Mandos</productname>
15
<productnumber>&version;</productnumber>
16
<date>&TIMESTAMP;</date>
19
<firstname>Björn</firstname>
20
<surname>Påhlsson</surname>
22
<email>belorn@recompile.se</email>
26
<firstname>Teddy</firstname>
27
<surname>Hogeborn</surname>
29
<email>teddy@recompile.se</email>
44
<holder>Teddy Hogeborn</holder>
45
<holder>Björn Påhlsson</holder>
47
<xi:include href="../legalnotice.xml"/>
51
<refentrytitle>&COMMANDNAME;</refentrytitle>
52
<manvolnum>8mandos</manvolnum>
56
<refname><command>&COMMANDNAME;</command></refname>
57
<refpurpose>Mandos plugin to use usplash to get a
58
password.</refpurpose>
63
<command>&COMMANDNAME;</command>
67
<refsect1 id="description">
68
<title>DESCRIPTION</title>
70
This program prompts for a password using <citerefentry>
71
<refentrytitle>usplash</refentrytitle><manvolnum>8</manvolnum>
72
</citerefentry> and outputs any given password to standard
73
output. If no <citerefentry><refentrytitle
74
>usplash</refentrytitle><manvolnum>8</manvolnum></citerefentry>
75
process can be found, this program will immediately exit with an
76
exit code indicating failure.
79
This program is not very useful on its own. This program is
80
really meant to run as a plugin in the <application
81
>Mandos</application> client-side system, where it is used as a
82
fallback and alternative to retrieving passwords from a
83
<application >Mandos</application> server.
86
If this program is killed (presumably by
87
<citerefentry><refentrytitle>plugin-runner</refentrytitle>
88
<manvolnum>8mandos</manvolnum></citerefentry> because some other
89
plugin provided the password), it cannot tell <citerefentry>
90
<refentrytitle>usplash</refentrytitle><manvolnum>8</manvolnum>
91
</citerefentry> to abort requesting a password, because
92
<citerefentry><refentrytitle>usplash</refentrytitle>
93
<manvolnum>8</manvolnum></citerefentry> does not support this.
94
Therefore, this program will then <emphasis>kill</emphasis> the
95
running <citerefentry><refentrytitle>usplash</refentrytitle>
96
<manvolnum>8</manvolnum></citerefentry> process and start a
97
<emphasis>new</emphasis> one using the same command line
98
arguments as the old one was using.
102
<refsect1 id="options">
103
<title>OPTIONS</title>
105
This program takes no options.
109
<refsect1 id="exit_status">
110
<title>EXIT STATUS</title>
112
If exit status is 0, the output from the program is the password
113
as it was read. Otherwise, if exit status is other than 0, the
114
program was interrupted or encountered an error, and any output
115
so far could be corrupt and/or truncated, and should therefore
120
<refsect1 id="environment">
121
<title>ENVIRONMENT</title>
124
<term><envar>cryptsource</envar></term>
125
<term><envar>crypttarget</envar></term>
128
If set, these environment variables will be assumed to
129
contain the source device name and the target device
130
mapper name, respectively, and will be shown as part of
134
These variables will normally be inherited from
135
<citerefentry><refentrytitle>plugin-runner</refentrytitle>
136
<manvolnum>8mandos</manvolnum></citerefentry>, which will
137
normally have inherited them from
138
<filename>/scripts/local-top/cryptroot</filename> in the
139
initial <acronym>RAM</acronym> disk environment, which will
140
have set them from parsing kernel arguments and
141
<filename>/conf/conf.d/cryptroot</filename> (also in the
142
initial RAM disk environment), which in turn will have been
143
created when the initial RAM disk image was created by
145
>/usr/share/initramfs-tools/hooks/cryptroot</filename>, by
146
extracting the information of the root file system from
147
<filename >/etc/crypttab</filename>.
150
This behavior is meant to exactly mirror the behavior of
151
<command>askpass</command>, the default password prompter.
158
<refsect1 id="files">
162
<term><filename>/dev/.initramfs/usplash_fifo</filename></term>
165
This is the <acronym>FIFO</acronym> to where this program
166
will write the commands for <citerefentry><refentrytitle
167
>usplash</refentrytitle><manvolnum>8</manvolnum>
168
</citerefentry>. See <citerefentry><refentrytitle
169
>fifo</refentrytitle><manvolnum>7</manvolnum>
175
<term><filename>/dev/.initramfs/usplash_outfifo</filename></term>
178
This is the <acronym>FIFO</acronym> where this program
179
will read the password from <citerefentry><refentrytitle
180
>usplash</refentrytitle><manvolnum>8</manvolnum>
181
</citerefentry>. See <citerefentry><refentrytitle
182
>fifo</refentrytitle><manvolnum>7</manvolnum>
188
<term><filename class="directory">/proc</filename></term>
191
To find the running <citerefentry><refentrytitle
192
>usplash</refentrytitle><manvolnum>8</manvolnum>
193
</citerefentry>, this directory will be searched for
194
numeric entries which will be assumed to be directories.
195
In all those directories, the <filename>exe</filename> and
196
<filename>cmdline</filename> entries will be used to
197
determine the name of the running binary, effective user
198
and group <abbrev>ID</abbrev>, and the command line
199
arguments. See <citerefentry><refentrytitle
200
>proc</refentrytitle><manvolnum>5</manvolnum>
206
<term><filename>/sbin/usplash</filename></term>
209
This is the name of the binary which will be searched for
210
in the process list. See <citerefentry><refentrytitle
211
>usplash</refentrytitle><manvolnum>8</manvolnum>
222
Killing <citerefentry><refentrytitle>usplash</refentrytitle>
223
<manvolnum>8</manvolnum></citerefentry> and starting a new one
224
is ugly, but necessary as long as it does not support aborting a
227
<xi:include href="../bugs.xml"/>
230
<refsect1 id="example">
231
<title>EXAMPLE</title>
233
Note that normally, this program will not be invoked directly,
234
but instead started by the Mandos <citerefentry><refentrytitle
235
>plugin-runner</refentrytitle><manvolnum>8mandos</manvolnum>
240
This program takes no options.
243
<userinput>&COMMANDNAME;</userinput>
248
<refsect1 id="security">
249
<title>SECURITY</title>
251
If this program is killed by a signal, it will kill the process
252
<abbrev>ID</abbrev> which at the start of this program was
253
determined to run <citerefentry><refentrytitle
254
>usplash</refentrytitle><manvolnum>8</manvolnum></citerefentry>
255
as root (see also <xref linkend="files"/>). There is a very
256
slight risk that, in the time between those events, that process
257
<abbrev>ID</abbrev> was freed and then taken up by another
258
process; the wrong process would then be killed. Now, this
259
program can only be killed by the user who started it; see
260
<citerefentry><refentrytitle>plugin-runner</refentrytitle>
261
<manvolnum>8mandos</manvolnum></citerefentry>. This program
262
should therefore be started by a completely separate
263
non-privileged user, and no other programs should be allowed to
264
run as that special user. This means that it is not recommended
265
to use the user "nobody" to start this program, as other
266
possibly less trusted programs could be running as "nobody", and
267
they would then be able to kill this program, triggering the
268
killing of the process <abbrev>ID</abbrev> which may or may not
269
be <citerefentry><refentrytitle>usplash</refentrytitle>
270
<manvolnum>8</manvolnum></citerefentry>.
273
The only other thing that could be considered worthy of note is
274
this: This program is meant to be run by <citerefentry>
275
<refentrytitle>plugin-runner</refentrytitle><manvolnum
276
>8mandos</manvolnum></citerefentry>, and will, when run
277
standalone, outside, in a normal environment, immediately output
278
on its standard output any presumably secret password it just
279
received. Therefore, when running this program standalone
280
(which should never normally be done), take care not to type in
281
any real secret password by force of habit, since it would then
282
immediately be shown as output.
286
<refsect1 id="see_also">
287
<title>SEE ALSO</title>
289
<citerefentry><refentrytitle>intro</refentrytitle>
290
<manvolnum>8mandos</manvolnum></citerefentry>,
291
<citerefentry><refentrytitle>crypttab</refentrytitle>
292
<manvolnum>5</manvolnum></citerefentry>,
293
<citerefentry><refentrytitle>fifo</refentrytitle>
294
<manvolnum>7</manvolnum></citerefentry>,
295
<citerefentry><refentrytitle>plugin-runner</refentrytitle>
296
<manvolnum>8mandos</manvolnum></citerefentry>,
297
<citerefentry><refentrytitle>proc</refentrytitle>
298
<manvolnum>5</manvolnum></citerefentry>,
299
<citerefentry><refentrytitle>usplash</refentrytitle>
300
<manvolnum>8</manvolnum></citerefentry>
304
<!-- Local Variables: -->
305
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
306
<!-- time-stamp-end: "[\"']>" -->
307
<!-- time-stamp-format: "%:y-%02m-%02d" -->
added
removed
plugins.d/usplash.xml
