/mandos/trunk : revision 450

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/plymouth.c

Committer: Teddy Hogeborn
Date: 2010-09-28 19:38:10 UTC
mfrom: (237.4.2 mandos-release)
Revision ID: teddy@fukt.bsnet.se-20100928193810-hw5fktxy93epthxx

Merge from release branch.

files removed:
debian/source

debian/source/format

debian/source/local-options

intro.xml

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.postinst

debian/mandos.prerm

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

plugins.d/plymouth.c

/* -*- coding: utf-8 -*- */

* Plymouth - Read a password from Plymouth and output it

* Usplash - Read a password from usplash and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@recompile.se>.

* Contact the authors at <mandos@fukt.bsnet.se>.

#define _GNU_SOURCE /* asprintf(), TEMP_FAILURE_RETRY() */

#include <stddef.h> /* NULL */

#include <string.h> /* strchr(), memcmp() */

#include <stdio.h> /* asprintf(), perror(), fopen(),

fscanf(), vasprintf(), fprintf(),

vfprintf() */

fscanf() */

#include <unistd.h> /* close(), readlink(), read(),

fork(), setsid(), chdir(), dup2(),

STDERR_FILENO, execv(), access() */

#include <error.h> /* error() */

#include <errno.h> /* TEMP_FAILURE_RETRY */

#include <argz.h> /* argz_count(), argz_extract() */

#include <stdarg.h> /* va_list, va_start(), ... */

sig_atomic_t interrupted_by_signal = 0;

/* Used by Ubuntu 11.04 (Natty Narwahl) */

const char plymouth_old_pid[] = "/dev/.initramfs/plymouth.pid";

/* Used by Ubuntu 11.10 (Oneiric Ocelot) */

const char plymouth_pid[] = "/run/initramfs/plymouth.pid";

const char plymouth_pid[] = "/dev/.initramfs/plymouth.pid";

const char plymouth_path[] = "/bin/plymouth";

const char plymouthd_path[] = "/sbin/plymouthd";

const char *plymouthd_default_argv[] = {"/sbin/plymouthd",

"--mode=boot",

"--attach-to-session",

"--pid-file="

"/dev/.initramfs/"

"plymouth.pid",

NULL };

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

/* Function to use when printing errors */

void error_plus(int status, int errnum, const char *formatstring,

...){

va_list ap;

char *text;

int ret;

va_start(ap, formatstring);

ret = vasprintf(&text, formatstring, ap);

if (ret == -1){

fprintf(stderr, "Mandos plugin %s: ",

program_invocation_short_name);

vfprintf(stderr, formatstring, ap);

fprintf(stderr, ": ");

fprintf(stderr, "%s\n", strerror(errnum));

error(status, errno, "vasprintf while printing error");

return;

}

fprintf(stderr, "Mandos plugin ");

error(status, errnum, "%s", text);

free(text);

}

100

/* Create prompt string */

101

char *makeprompt(void){

102

int ret = 0;

103

char *prompt;

104

const char *const cryptsource = getenv("cryptsource");

105

const char *const crypttarget = getenv("crypttarget");

106

const char prompt_start[] = "Unlocking the disk";

107

const char prompt_end[] = "Enter passphrase";

const char prompt_start[] = "Enter passphrase to unlock the disk";

108

109

if(cryptsource == NULL){

110

if(crypttarget == NULL){

111

ret = asprintf(&prompt, "%s\n%s", prompt_start, prompt_end);

ret = asprintf(&prompt, "%s: ", prompt_start);

112

} else {

113

ret = asprintf(&prompt, "%s (%s)\n%s", prompt_start,

114

crypttarget, prompt_end);

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

crypttarget);

115

}

116

} else {

117

if(crypttarget == NULL){

118

ret = asprintf(&prompt, "%s %s\n%s", prompt_start, cryptsource,

119

prompt_end);

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

120

} else {

121

ret = asprintf(&prompt, "%s %s (%s)\n%s", prompt_start,

122

cryptsource, crypttarget, prompt_end);

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

cryptsource, crypttarget);

123

}

124

}

125

if(ret == -1){

136

107

bool become_a_daemon(void){

137

108

int ret = setuid(geteuid());

138

109

if(ret == -1){

139

error_plus(0, errno, "setuid");

110

error(0, errno, "setuid");

140

111

}

141

112

142

113

setsid();

143

114

ret = chdir("/");

144

115

if(ret == -1){

145

error_plus(0, errno, "chdir");

116

error(0, errno, "chdir");

146

117

return false;

147

118

}

148

119

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

149

120

if(ret == -1){

150

error_plus(0, errno, "dup2");

121

error(0, errno, "dup2");

151

122

return false;

152

123

}

153

124

return true;

161

132

pid_t pid;

162

133

pid = fork();

163

134

if(pid == -1){

164

error_plus(0, errno, "fork");

135

error(0, errno, "fork");

165

136

return false;

166

137

}

167

138

if(pid == 0){

171

142

_exit(EX_OSERR);

172

143

}

173

144

}

174

145

175

146

char **new_argv = NULL;

176

char **tmp;

147

char *tmp;

177

148

int i = 0;

178

for (; argv[i]!=NULL; i++){

149

for (; argv[i]!=(char *)NULL; i++){

179

150

tmp = realloc(new_argv, sizeof(const char *) * ((size_t)i + 1));

180

151

if (tmp == NULL){

181

error_plus(0, errno, "realloc");

152

error(0, errno, "realloc");

182

153

free(new_argv);

183

154

_exit(EX_OSERR);

184

155

}

185

new_argv = tmp;

156

new_argv = (char **)tmp;

186

157

new_argv[i] = strdup(argv[i]);

187

158

}

188

new_argv[i] = NULL;

159

new_argv[i] = (char *) NULL;

189

160

190

161

execv(path, (char *const *)new_argv);

191

error_plus(0, errno, "execv");

162

error(0, errno, "execv");

192

163

_exit(EXIT_FAILURE);

193

164

}

194

165

if(pid_return != NULL){

203

174

return false;

204

175

}

205

176

if(ret == -1){

206

error_plus(0, errno, "waitpid");

177

error(0, errno, "waitpid");

207

178

return false;

208

179

}

209

180

if(WIFEXITED(status) and (WEXITSTATUS(status) == 0)){

225

196

return 0;

226

197

}

227

198

}

228

char exe_target[sizeof(plymouthd_path)];

199

char exe_target[sizeof(plymouth_path)];

229

200

char *exe_link;

230

201

ret = asprintf(&exe_link, "/proc/%s/exe", proc_entry->d_name);

231

202

if(ret == -1){

232

error_plus(0, errno, "asprintf");

203

error(0, errno, "asprintf");

233

204

return 0;

234

205

}

235

206

238

209

if(ret == -1){

239

210

free(exe_link);

240

211

if(errno != ENOENT){

241

error_plus(0, errno, "lstat");

212

error(0, errno, "lstat");

242

213

}

243

214

return 0;

244

215

}

252

223

253

224

ssize_t sret = readlink(exe_link, exe_target, sizeof(exe_target));

254

225

free(exe_link);

255

if((sret != (ssize_t)sizeof(plymouthd_path)-1) or

256

(memcmp(plymouthd_path, exe_target,

257

sizeof(plymouthd_path)-1) != 0)){

226

if((sret != (ssize_t)sizeof(plymouth_path)-1) or

227

(memcmp(plymouth_path, exe_target,

228

sizeof(plymouth_path)-1) != 0)){

258

229

return 0;

259

230

}

260

231

return 1;

262

233

263

234

pid_t get_pid(void){

264

235

int ret;

236

FILE *pidfile = fopen(plymouth_pid, "r");

265

237

uintmax_t maxvalue = 0;

266

FILE *pidfile = fopen(plymouth_pid, "r");

267

/* Try the new pid file location */

268

238

if(pidfile != NULL){

269

239

ret = fscanf(pidfile, "%" SCNuMAX, &maxvalue);

270

240

if(ret != 1){

272

242

}

273

243

fclose(pidfile);

274

244

}

275

/* Try the old pid file location */

276

if(maxvalue == 0){

277

pidfile = fopen(plymouth_pid, "r");

278

if(pidfile != NULL){

279

ret = fscanf(pidfile, "%" SCNuMAX, &maxvalue);

280

if(ret != 1){

281

maxvalue = 0;

282

}

283

fclose(pidfile);

284

}

285

}

286

/* Look for a plymouth process */

287

if(maxvalue == 0){

288

struct dirent **direntries = NULL;

245

if(maxvalue == 0){

246

struct dirent **direntries;

289

247

ret = scandir("/proc", &direntries, is_plymouth, alphasort);

290

if (ret == -1){

291

error_plus(0, errno, "scandir");

292

}

293

if (ret > 0){

294

ret = sscanf(direntries[0]->d_name, "%" SCNuMAX, &maxvalue);

295

if (ret < 0){

296

error_plus(0, errno, "sscanf");

297

}

298

}

299

/* scandir might preallocate for this variable (man page unclear).

300

even if ret == 0, therefore we need to free it. */

301

free(direntries);

248

sscanf(direntries[0]->d_name, "%" SCNuMAX, &maxvalue);

302

249

}

303

250

pid_t pid;

304

251

pid = (pid_t)maxvalue;

318

265

ret = asprintf(&cmdline_filename, "/proc/%" PRIuMAX "/cmdline",

319

266

(uintmax_t)pid);

320

267

if(ret == -1){

321

error_plus(0, errno, "asprintf");

268

error(0, errno, "asprintf");

322

269

return NULL;

323

270

}

324

271

326

273

cl_fd = open(cmdline_filename, O_RDONLY);

327

274

free(cmdline_filename);

328

275

if(cl_fd == -1){

329

error_plus(0, errno, "open");

276

error(0, errno, "open");

330

277

return NULL;

331

278

}

332

279

340

287

if(cmdline_len + blocksize > cmdline_allocated){

341

288

tmp = realloc(cmdline, cmdline_allocated + blocksize);

342

289

if(tmp == NULL){

343

error_plus(0, errno, "realloc");

290

error(0, errno, "realloc");

344

291

free(cmdline);

345

292

close(cl_fd);

346

293

return NULL;

353

300

sret = read(cl_fd, cmdline + cmdline_len,

354

301

cmdline_allocated - cmdline_len);

355

302

if(sret == -1){

356

error_plus(0, errno, "read");

303

error(0, errno, "read");

357

304

free(cmdline);

358

305

close(cl_fd);

359

306

return NULL;

362

309

} while(sret != 0);

363

310

ret = close(cl_fd);

364

311

if(ret == -1){

365

error_plus(0, errno, "close");

312

error(0, errno, "close");

366

313

free(cmdline);

367

314

return NULL;

368

315

}

371

318

char **argv = malloc((argz_count(cmdline, cmdline_len) + 1)

372

319

* sizeof(char *)); /* Get number of args */

373

320

if(argv == NULL){

374

error_plus(0, errno, "argv = malloc()");

321

error(0, errno, "argv = malloc()");

375

322

free(cmdline);

376

323

return NULL;

377

324

}

404

351

*sig != 0; sig++){

405

352

ret = sigaddset(&new_action.sa_mask, *sig);

406

353

if(ret == -1){

407

error_plus(EX_OSERR, errno, "sigaddset");

354

error(EX_OSERR, errno, "sigaddset");

408

355

}

409

356

ret = sigaction(*sig, NULL, &old_action);

410

357

if(ret == -1){

411

error_plus(EX_OSERR, errno, "sigaction");

358

error(EX_OSERR, errno, "sigaction");

412

359

}

413

360

if(old_action.sa_handler != SIG_IGN){

414

361

ret = sigaction(*sig, &new_action, NULL);

415

362

if(ret == -1){

416

error_plus(EX_OSERR, errno, "sigaction");

363

error(EX_OSERR, errno, "sigaction");

417

364

}

418

365

}

419

366

}

438

385

ret = asprintf(&prompt_arg, "--prompt=%s", prompt);

439

386

free(prompt);

440

387

if(ret == -1){

441

error_plus(EX_OSERR, errno, "asprintf");

388

error(EX_OSERR, errno, "asprintf");

442

389

}

443

390

444

391

/* plymouth ask-for-password --prompt="$prompt" */

460

407

const char **plymouthd_argv;

461

408

pid_t pid = get_pid();

462

409

if(pid == 0){

463

error_plus(0, 0, "plymouthd pid not found");

410

error(0, 0, "plymouthd pid not found");

464

411

plymouthd_argv = plymouthd_default_argv;

465

412

} else {

466

413

plymouthd_argv = getargv(pid);

Older »