/mandos/trunk : revision 962

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/plymouth.c

Committer: Teddy Hogeborn
Date: 2019-02-09 23:23:26 UTC
Revision ID: teddy@recompile.se-20190209232326-z1z2kzpgfixz7iaj

Add support for using raw public keys in TLS (RFC 7250)

Since GnuTLS removed support for OpenPGP keys in TLS (RFC 6091), and
no other library supports it, we have to change the protocol to use
something else.  We choose to use "raw public keys" (RFC 7250).  Since
we still use OpenPGP keys to decrypt the secret password, this means
that each client will have two keys: One OpenPGP key and one TLS
public/private key, and the key ID of the latter key is used to
identify clients instead of the fingerprint of the OpenPGP key.

Note that this code is still compatible with GnuTLS before version
3.6.0 (when OpenPGP key support was removed).  This commit merely adds
support for using raw pulic keys instead with GnuTLS 3.6.6. or later.

* DBUS-API (Signals/ClientNotFound): Change name of first parameter
                                     from "Fingerprint" to "KeyID".
  (Mandos Client Interface/Properties/KeyID): New.
* INSTALL: Document conflict with GnuTLS 3.6.0 (which removed OpenPGP
           key support) up until 3.6.6, when support for raw public
           keys was added.  Also document new dependency of client on
           "gnutls-bin" package (for certtool).
* Makefile (run-client): Depend on TLS key files, and also pass them
                         as arguments to client.
  (keydir/tls-privkey.pem, keydir/tls-pubkey.pem): New.
  (confdir/clients.conf): Add dependency on TLS public key.
  (purge-client): Add removal of TLS key files.
* clients.conf ([foo]/key_id, [bar]/key_id): New.
* debian/control (Source: mandos/Build-Depends): Also allow
                                                 libgnutls30 (>= 3.6.6)
  (Package: mandos/Depends): - '' -
  (Package: mandos/Description): Alter description to match new
                                 design.
  (Package: mandos-client/Description): - '' -
  (Package: mandos-client/Depends): Move "gnutls-bin | openssl" to
                                    here from "Recommends".
* debian/mandos-client.README.Debian: Add --tls-privkey and
                                      --tls-pubkey options to test
                                      command.
* debian/mandos-client.postinst (create_key): Renamed to "create_keys"
                                             (all callers changed),
                                             and also create TLS key.
* debian/mandos-client.postrm (purge): Also remove TLS key files.
* intro.xml (DESCRIPTION): Describe new dual-key design.
* mandos (GnuTLS): Define different functions depending on whether
                   support for raw public keys is detected.
  (Client.key_id): New attribute.
  (ClientDBus.KeyID_dbus_property): New method.
  (ProxyClient.__init__): Take new "key_id" parameter.
  (ClientHandler.handle): Use key IDs when using raw public keys and
                          use fingerprints when using OpenPGP keys.
  (ClientHandler.peer_certificate): Also handle raw public keys.
  (ClientHandler.key_id): New.
  (MandosServer.handle_ipc): Pass key ID over the pipe IPC.  Also
                             check for key ID matches when looking up
                             clients.
  (main): Default GnuTLS priority string depends on whether we are
          using raw public keys or not.  When unpickling clients, set
          key_id if not set in the pickle.
  (main/MandosDBusService.ClientNotFound): Change name of first
                                           parameter from
                                           "Fingerprint" to "KeyID".
* mandos-clients.conf.xml (OPTIONS): Document new "key_id" option.
  (OPTIONS/secret): Mention new key ID matchning.
  (EXPANSION/RUNTIME EXPANSION): Add new "key_id" option.
  (EXAMPLE): - '' -
* mandos-ctl (tablewords, main/keywords): Add new "KeyID" property.
* mandos-keygen: Create TLS key files.  New "--tls-keytype" (-T)
                 option.  Alter help text to be more clear about key
                 types.  When in password mode, also output "key_id"
                 option.
* mandos-keygen.xml (SYNOPSIS): Add new "--tls-keytype" (-T) option.
  (DESCRIPTION): Alter to match new dual-key design.
  (OVERVIEW): - '' -
  (FILES): Add TLS key files.
* mandos-options.xml (priority): Document new default priority string
                                 when using raw public keys.
* mandos.xml (NETWORK PROTOCOL): Describe new protocol using key ID.
  (BUGS): Remove issue about checking expire times of OpenPGP keys,
          since TLS public keys do not have expiration times.
  (SECURITY/CLIENT): Alter description to match new design.
  (SEE ALSO/GnuTLS): - '' -
  (SEE ALSO): Add reference to RFC 7250, and alter description of when
              RFC 6091 is used.
* overview.xml: Alter text to match new design.
* plugin-runner.xml (EXAMPLE): Add --tls-pubkey and --tls-privkey
                               options to mandos-client options.
* plugins.d/mandos-client.c: Use raw public keys when compiling with
                             supporting GnuTLS versions. Add new
                             "--tls-pubkey" and "--tls-privkey"
                             options (which do nothing if GnuTLS
                             library does not support raw public
                             keys).  Alter text throughout to reflect
                             new design.  Only generate new DH
                             parameters (based on size of OpenPGP key)
                             when using OpenPGP in TLS.  Default
                             GnuTLS priority string depends on whether
                             we are using raw public keys or not.
* plugins.d/mandos-client.xml (SYNOPSIS): Add new "--tls-privkey" (-t)
                                          and "--tls-pubkey" (-T)
                                          options.
  (DESCRIPTION): Describe new dual-key design.
  (OPTIONS): Document new "--tls-privkey" (-t) and "--tls-pubkey" (-T)
             options.
  (OPTIONS/--dh-bits): No longer necessarily depends on OpenPGP key
                       size.
  (FILES): Add default locations for TLS public and private key files.
  (EXAMPLE): Use new --tls-pubkey and --tls-privkey options.
  (SECURITY): Alter wording slightly to reflect new dual-key design.
  (SEE ALSO/GnuTLS): Alter description to match new design.
  (SEE ALSO): Add reference to RFC 7250, and alter description of when
              RFC 6091 is used.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

debian/watch

default-mandos

init.d-mandos

initramfs-tools-conf

initramfs-tools-hook

initramfs-tools-script

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos-to-cryptroot-unlock

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

overview.xml

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

tmpfiles.d-mandos.conf

files removed:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files renamed:
mandos-clients.conf => clients.conf

server.py => mandos

plugbasedclient.c => plugin-runner.c

plugins.d/mandosclient.c => plugins.d/mandos-client.c

plugins.d/passprompt.c => plugins.d/password-prompt.c

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/plymouth.c

/* -*- coding: utf-8 -*- */

* Plymouth - Read a password from Plymouth and output it

* This file is part of Mandos.

* Mandos is free software: you can redistribute it and/or modify it

* under the terms of the GNU General Public License as published by

* the Free Software Foundation, either version 3 of the License, or

* (at your option) any later version.

* Mandos is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with Mandos. If not, see <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@recompile.se>.

#define _GNU_SOURCE /* asprintf(), TEMP_FAILURE_RETRY() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction(),

kill(), SIG_IGN */

#include <stdbool.h> /* bool, false, true */

#include <fcntl.h> /* open(), O_RDONLY */

#include <iso646.h> /* and, or, not*/

#include <sys/types.h> /* size_t, ssize_t, pid_t, struct

dirent, waitpid() */

#include <sys/wait.h> /* waitpid() */

#include <stddef.h> /* NULL */

#include <string.h> /* strchr(), memcmp() */

#include <stdio.h> /* asprintf(), perror(), fopen(),

fscanf(), vasprintf(), fprintf(),

vfprintf() */

#include <unistd.h> /* close(), readlink(), read(),

fork(), setsid(), chdir(), dup2(),

STDERR_FILENO, execv(), access() */

#include <stdlib.h> /* free(), EXIT_FAILURE, realloc(),

EXIT_SUCCESS, malloc(), _exit(),

getenv() */

#include <dirent.h> /* scandir(), alphasort() */

#include <inttypes.h> /* intmax_t, strtoumax(), SCNuMAX */

#include <sys/stat.h> /* struct stat, lstat() */

#include <sysexits.h> /* EX_OSERR, EX_UNAVAILABLE */

#include <error.h> /* error() */

#include <errno.h> /* TEMP_FAILURE_RETRY */

#include <argz.h> /* argz_count(), argz_extract() */

#include <stdarg.h> /* va_list, va_start(), ... */

sig_atomic_t interrupted_by_signal = 0;

/* Used by Ubuntu 11.04 (Natty Narwahl) */

const char plymouth_old_old_pid[] = "/dev/.initramfs/plymouth.pid";

/* Used by Ubuntu 11.10 (Oneiric Ocelot) */

const char plymouth_old_pid[] = "/run/initramfs/plymouth.pid";

/* Used by Debian 9 (stretch) */

const char plymouth_pid[] = "/run/plymouth/pid";

const char plymouth_path[] = "/bin/plymouth";

const char plymouthd_path[] = "/sbin/plymouthd";

const char *plymouthd_default_argv[] = {"/sbin/plymouthd",

"--mode=boot",

"--attach-to-session",

NULL };

static void termination_handler(__attribute__((unused))int signum){

if(interrupted_by_signal){

return;

}

interrupted_by_signal = 1;

}

/* Function to use when printing errors */

__attribute__((format (gnu_printf, 3, 4)))

void error_plus(int status, int errnum, const char *formatstring,

...){

va_list ap;

char *text;

int ret;

va_start(ap, formatstring);

ret = vasprintf(&text, formatstring, ap);

if(ret == -1){

fprintf(stderr, "Mandos plugin %s: ",

program_invocation_short_name);

vfprintf(stderr, formatstring, ap);

fprintf(stderr, ": ");

fprintf(stderr, "%s\n", strerror(errnum));

error(status, errno, "vasprintf while printing error");

return;

}

fprintf(stderr, "Mandos plugin ");

100

error(status, errnum, "%s", text);

101

free(text);

102

}

103

104

/* Create prompt string */

105

char *makeprompt(void){

106

int ret = 0;

107

char *prompt;

108

const char *const cryptsource = getenv("cryptsource");

109

const char *const crypttarget = getenv("crypttarget");

110

const char prompt_start[] = "Unlocking the disk";

111

const char prompt_end[] = "Enter passphrase";

112

113

if(cryptsource == NULL){

114

if(crypttarget == NULL){

115

ret = asprintf(&prompt, "%s\n%s", prompt_start, prompt_end);

116

} else {

117

ret = asprintf(&prompt, "%s (%s)\n%s", prompt_start,

118

crypttarget, prompt_end);

119

}

120

} else {

121

if(crypttarget == NULL){

122

ret = asprintf(&prompt, "%s %s\n%s", prompt_start, cryptsource,

123

prompt_end);

124

} else {

125

ret = asprintf(&prompt, "%s %s (%s)\n%s", prompt_start,

126

cryptsource, crypttarget, prompt_end);

127

}

128

}

129

if(ret == -1){

130

return NULL;

131

}

132

return prompt;

133

}

134

135

void kill_and_wait(pid_t pid){

136

TEMP_FAILURE_RETRY(kill(pid, SIGTERM));

137

TEMP_FAILURE_RETRY(waitpid(pid, NULL, 0));

138

}

139

140

bool become_a_daemon(void){

141

int ret = setuid(geteuid());

142

if(ret == -1){

143

error_plus(0, errno, "setuid");

144

}

145

146

setsid();

147

ret = chdir("/");

148

if(ret == -1){

149

error_plus(0, errno, "chdir");

150

return false;

151

}

152

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

153

if(ret == -1){

154

error_plus(0, errno, "dup2");

155

return false;

156

}

157

return true;

158

}

159

160

__attribute__((nonnull (2, 3)))

161

bool exec_and_wait(pid_t *pid_return, const char *path,

162

const char * const *argv, bool interruptable,

163

bool daemonize){

164

int status;

165

int ret;

166

pid_t pid;

167

pid = fork();

168

if(pid == -1){

169

error_plus(0, errno, "fork");

170

return false;

171

}

172

if(pid == 0){

173

/* Child */

174

if(daemonize){

175

if(not become_a_daemon()){

176

_exit(EX_OSERR);

177

}

178

}

179

180

char **new_argv = malloc(sizeof(const char *));

181

if(new_argv == NULL){

182

error_plus(0, errno, "malloc");

183

_exit(EX_OSERR);

184

}

185

char **tmp;

186

int i = 0;

187

for (; argv[i] != NULL; i++){

188

tmp = realloc(new_argv, sizeof(const char *) * ((size_t)i + 2));

189

if(tmp == NULL){

190

error_plus(0, errno, "realloc");

191

free(new_argv);

192

_exit(EX_OSERR);

193

}

194

new_argv = tmp;

195

new_argv[i] = strdup(argv[i]);

196

}

197

new_argv[i] = NULL;

198

199

execv(path, (char *const *)new_argv);

200

error_plus(0, errno, "execv");

201

_exit(EXIT_FAILURE);

202

}

203

if(pid_return != NULL){

204

*pid_return = pid;

205

}

206

do {

207

ret = waitpid(pid, &status, 0);

208

} while(ret == -1 and errno == EINTR

209

and ((not interrupted_by_signal)

210

or (not interruptable)));

211

if(interrupted_by_signal and interruptable){

212

return false;

213

}

214

if(ret == -1){

215

error_plus(0, errno, "waitpid");

216

return false;

217

}

218

if(WIFEXITED(status) and (WEXITSTATUS(status) == 0)){

219

return true;

220

}

221

return false;

222

}

223

224

__attribute__((nonnull))

225

int is_plymouth(const struct dirent *proc_entry){

226

int ret;

227

{

228

uintmax_t proc_id;

229

char *tmp;

230

errno = 0;

231

proc_id = strtoumax(proc_entry->d_name, &tmp, 10);

232

233

if(errno != 0 or *tmp != '\0'

234

or proc_id != (uintmax_t)((pid_t)proc_id)){

235

return 0;

236

}

237

}

238

char exe_target[sizeof(plymouthd_path)];

239

char *exe_link;

240

ret = asprintf(&exe_link, "/proc/%s/exe", proc_entry->d_name);

241

if(ret == -1){

242

error_plus(0, errno, "asprintf");

243

return 0;

244

}

245

246

struct stat exe_stat;

247

ret = lstat(exe_link, &exe_stat);

248

if(ret == -1){

249

free(exe_link);

250

if(errno != ENOENT){

251

error_plus(0, errno, "lstat");

252

}

253

return 0;

254

}

255

256

if(not S_ISLNK(exe_stat.st_mode)

257

or exe_stat.st_uid != 0

258

or exe_stat.st_gid != 0){

259

free(exe_link);

260

return 0;

261

}

262

263

ssize_t sret = readlink(exe_link, exe_target, sizeof(exe_target));

264

free(exe_link);

265

if((sret != (ssize_t)sizeof(plymouthd_path)-1) or

266

(memcmp(plymouthd_path, exe_target,

267

sizeof(plymouthd_path)-1) != 0)){

268

return 0;

269

}

270

return 1;

271

}

272

273

pid_t get_pid(void){

274

int ret;

275

uintmax_t proc_id = 0;

276

FILE *pidfile = fopen(plymouth_pid, "r");

277

/* Try the new pid file location */

278

if(pidfile != NULL){

279

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

280

if(ret != 1){

281

proc_id = 0;

282

}

283

fclose(pidfile);

284

}

285

/* Try the old pid file location */

286

if(proc_id == 0){

287

pidfile = fopen(plymouth_old_pid, "r");

288

if(pidfile != NULL){

289

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

290

if(ret != 1){

291

proc_id = 0;

292

}

293

fclose(pidfile);

294

}

295

}

296

/* Try the old old pid file location */

297

if(proc_id == 0){

298

pidfile = fopen(plymouth_old_old_pid, "r");

299

if(pidfile != NULL){

300

ret = fscanf(pidfile, "%" SCNuMAX, &proc_id);

301

if(ret != 1){

302

proc_id = 0;

303

}

304

fclose(pidfile);

305

}

306

}

307

/* Look for a plymouth process */

308

if(proc_id == 0){

309

struct dirent **direntries = NULL;

310

ret = scandir("/proc", &direntries, is_plymouth, alphasort);

311

if(ret == -1){

312

error_plus(0, errno, "scandir");

313

}

314

if(ret > 0){

315

for(int i = ret-1; i >= 0; i--){

316

if(proc_id == 0){

317

ret = sscanf(direntries[i]->d_name, "%" SCNuMAX, &proc_id);

318

if(ret < 0){

319

error_plus(0, errno, "sscanf");

320

}

321

}

322

free(direntries[i]);

323

}

324

}

325

/* scandir might preallocate for this variable (man page unclear).

326

even if ret == 0, therefore we need to free it. */

327

free(direntries);

328

}

329

pid_t pid;

330

pid = (pid_t)proc_id;

331

if((uintmax_t)pid == proc_id){

332

return pid;

333

}

334

335

return 0;

336

}

337

338

char **getargv(pid_t pid){

339

int cl_fd;

340

char *cmdline_filename;

341

ssize_t sret;

342

int ret;

343

344

ret = asprintf(&cmdline_filename, "/proc/%" PRIuMAX "/cmdline",

345

(uintmax_t)pid);

346

if(ret == -1){

347

error_plus(0, errno, "asprintf");

348

return NULL;

349

}

350

351

/* Open /proc/<pid>/cmdline */

352

cl_fd = open(cmdline_filename, O_RDONLY);

353

free(cmdline_filename);

354

if(cl_fd == -1){

355

error_plus(0, errno, "open");

356

return NULL;

357

}

358

359

size_t cmdline_allocated = 0;

360

size_t cmdline_len = 0;

361

char *cmdline = NULL;

362

char *tmp;

363

const size_t blocksize = 1024;

364

do {

365

/* Allocate more space? */

366

if(cmdline_len + blocksize > cmdline_allocated){

367

tmp = realloc(cmdline, cmdline_allocated + blocksize);

368

if(tmp == NULL){

369

error_plus(0, errno, "realloc");

370

free(cmdline);

371

close(cl_fd);

372

return NULL;

373

}

374

cmdline = tmp;

375

cmdline_allocated += blocksize;

376

}

377

378

/* Read data */

379

sret = read(cl_fd, cmdline + cmdline_len,

380

cmdline_allocated - cmdline_len);

381

if(sret == -1){

382

error_plus(0, errno, "read");

383

free(cmdline);

384

close(cl_fd);

385

return NULL;

386

}

387

cmdline_len += (size_t)sret;

388

} while(sret != 0);

389

ret = close(cl_fd);

390

if(ret == -1){

391

error_plus(0, errno, "close");

392

free(cmdline);

393

return NULL;

394

}

395

396

/* we got cmdline and cmdline_len, ignore rest... */

397

char **argv = malloc((argz_count(cmdline, cmdline_len) + 1)

398

* sizeof(char *)); /* Get number of args */

399

if(argv == NULL){

400

error_plus(0, errno, "argv = malloc()");

401

free(cmdline);

402

return NULL;

403

}

404

argz_extract(cmdline, cmdline_len, argv); /* Create argv */

405

return argv;

406

}

407

408

int main(__attribute__((unused))int argc,

409

__attribute__((unused))char **argv){

410

char *prompt;

411

char *prompt_arg;

412

pid_t plymouth_command_pid;

413

int ret;

414

bool bret;

415

416

/* test -x /bin/plymouth */

417

ret = access(plymouth_path, X_OK);

418

if(ret == -1){

419

/* Plymouth is probably not installed. Don't print an error

420

message, just exit. */

421

exit(EX_UNAVAILABLE);

422

}

423

424

{ /* Add signal handlers */

425

struct sigaction old_action,

426

new_action = { .sa_handler = termination_handler,

427

.sa_flags = 0 };

428

sigemptyset(&new_action.sa_mask);

429

for(int *sig = (int[]){ SIGINT, SIGHUP, SIGTERM, 0 };

430

*sig != 0; sig++){

431

ret = sigaddset(&new_action.sa_mask, *sig);

432

if(ret == -1){

433

error_plus(EX_OSERR, errno, "sigaddset");

434

}

435

ret = sigaction(*sig, NULL, &old_action);

436

if(ret == -1){

437

error_plus(EX_OSERR, errno, "sigaction");

438

}

439

if(old_action.sa_handler != SIG_IGN){

440

ret = sigaction(*sig, &new_action, NULL);

441

if(ret == -1){

442

error_plus(EX_OSERR, errno, "sigaction");

443

}

444

}

445

}

446

}

447

448

/* plymouth --ping */

449

bret = exec_and_wait(&plymouth_command_pid, plymouth_path,

450

(const char *[])

451

{ plymouth_path, "--ping", NULL },

452

true, false);

453

if(not bret){

454

if(interrupted_by_signal){

455

kill_and_wait(plymouth_command_pid);

456

exit(EXIT_FAILURE);

457

}

458

/* Plymouth is probably not running. Don't print an error

459

message, just exit. */

460

exit(EX_UNAVAILABLE);

461

}

462

463

prompt = makeprompt();

464

ret = asprintf(&prompt_arg, "--prompt=%s", prompt);

465

free(prompt);

466

if(ret == -1){

467

error_plus(EX_OSERR, errno, "asprintf");

468

}

469

470

/* plymouth ask-for-password --prompt="$prompt" */

471

bret = exec_and_wait(&plymouth_command_pid,

472

plymouth_path, (const char *[])

473

{ plymouth_path, "ask-for-password",

474

prompt_arg, NULL },

475

true, false);

476

free(prompt_arg);

477

if(bret){

478

exit(EXIT_SUCCESS);

479

}

480

if(not interrupted_by_signal){

481

/* exec_and_wait failed for some other reason */

482

exit(EXIT_FAILURE);

483

}

484

kill_and_wait(plymouth_command_pid);

485

486

char **plymouthd_argv = NULL;

487

pid_t pid = get_pid();

488

if(pid == 0){

489

error_plus(0, 0, "plymouthd pid not found");

490

} else {

491

plymouthd_argv = getargv(pid);

492

}

493

494

bret = exec_and_wait(NULL, plymouth_path, (const char *[])

495

{ plymouth_path, "quit", NULL },

496

false, false);

497

if(not bret){

498

if(plymouthd_argv != NULL){

499

free(*plymouthd_argv);

500

free(plymouthd_argv);

501

}

502

exit(EXIT_FAILURE);

503

}

504

bret = exec_and_wait(NULL, plymouthd_path,

505

(plymouthd_argv != NULL)

506

? (const char * const *)plymouthd_argv

507

: plymouthd_default_argv,

508

false, true);

509

if(plymouthd_argv != NULL){

510

free(*plymouthd_argv);

511

free(plymouthd_argv);

512

}

513

if(not bret){

514

exit(EXIT_FAILURE);

515

}

516

exec_and_wait(NULL, plymouth_path, (const char *[])

517

{ plymouth_path, "show-splash", NULL },

518

false, false);

519

exit(EXIT_FAILURE);

520

}

Older »