--- src/tty-ask-password-agent/tty-ask-password-agent.c | 171 +++++++++++++++++++- 1 file changed, 166 insertions(+), 5 deletions(-) Index: systemd-221/src/tty-ask-password-agent/tty-ask-password-agent.c =================================================================== --- systemd-221/src/tty-ask-password-agent/tty-ask-password-agent.c +++ systemd-221/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -31,6 +31,10 @@ #include #include #include +#include +#include +#include +#include #include "util.h" #include "mkdir.h" @@ -45,6 +49,8 @@ #include "process-util.h" #include "terminal-util.h" #include "signal-util.h" +#include "fileio.h" +#include "macro.h" static enum { ACTION_LIST, @@ -53,6 +59,20 @@ static enum { ACTION_WALL } arg_action = ACTION_QUERY; +struct console { + char *tty; + pid_t pid; + int id; +}; + +static volatile unsigned long *usemask; +static volatile sig_atomic_t sigchild; +static void chld_handler(int sig) +{ + (void)sig; + ++sigchild; +} + static bool arg_plymouth = false; static bool arg_console = false; @@ -211,6 +231,60 @@ static int ask_password_plymouth( return 0; } +static const char *current_dev = "/dev/console"; +static struct console* collect_consoles(int * num) { + _cleanup_free_ char *active = NULL; + const char *word, *state; + struct console *con = NULL; + size_t con_len; + size_t len; + int ret, id = 0; + + ret = read_one_line_file("/sys/class/tty/console/active", &active); + if (ret < 0) + return con; + FOREACH_WORD(word, len, active, state) { + _cleanup_free_ char *tty = NULL; + + if (strneq(word, "tty0", len) && + read_one_line_file("/sys/class/tty/tty0/active", &tty) >= 0) { + word = tty; + len = strlen(tty); + } + con = greedy_realloc((void**)&con, &con_len, ++id, sizeof(struct console) + 5 + len + 1); + if (con == NULL) { + log_oom(); + return con; + } + con->tty = ((char*)con)+sizeof(struct console); + sprintf(con->tty, "/dev/%.*s", (int)len, word); + con->id = id; + } + if (con == NULL) { + con = greedy_realloc((void**)&con, &con_len, 1, sizeof(struct console)); + if (con == NULL) { + log_oom(); + return con; + } + con->tty = (char*)current_dev; + con->id = id = 1; + } + + if (num) + *num = id; + return con; +} + +static void free_consoles(struct console *con, int num) { + int n; + + if (!con) + return; + for (n = 0; n < num; n++) + free(&con[n]); + free(con); +} + static int parse_password(const char *filename, char **wall) { _cleanup_free_ char *socket_name = NULL, *message = NULL, *packet = NULL; uint64_t not_after = 0; @@ -311,7 +385,7 @@ static int parse_password(const char *filename, char **wall) { _cleanup_free_ char *password = NULL; if (arg_console) { - tty_fd = acquire_terminal("/dev/console", false, false, false, USEC_INFINITY); + tty_fd = acquire_terminal(current_dev, false, false, false, USEC_INFINITY); if (tty_fd < 0) return tty_fd; } @@ -615,8 +689,87 @@ static int parse_argv(int argc, char *argv[]) { return 1; } +static int wait_for_answer(void) +{ + struct console *consoles; + struct sigaction sig = { + .sa_handler = chld_handler, + .sa_flags = SA_NOCLDSTOP | SA_RESTART, + }; + struct sigaction oldsig; + sigset_t set, oldset; + int status = 0, num = 0, n, ret; + pid_t job; + + consoles = collect_consoles(&num); + if (!consoles) { + log_error("Failed to query password: %m"); + exit(EXIT_FAILURE); + } + if (num == 1) { + n = 1; + goto nofork; + } + + assert_se(sigemptyset(&set) == 0); + assert_se(sigaddset(&set, SIGHUP) == 0); + assert_se(sigaddset(&set, SIGCHLD) == 0); + assert_se(sigemptyset(&sig.sa_mask) == 0); + assert_se(sigprocmask(SIG_UNBLOCK, &set, &oldset) == 0); + assert_se(sigaction(SIGCHLD, &sig, &oldsig) == 0); + sig.sa_handler = SIG_DFL; + assert_se(sigaction(SIGHUP, &sig, NULL) == 0); + + for (n = 0; n < num; n++) { + consoles[n].pid = fork(); + + if (consoles[n].pid < 0) { + log_error("Failed to query password: %m"); + exit(EXIT_FAILURE); + } + + if (consoles[n].pid == 0) { + if (prctl(PR_SET_PDEATHSIG, SIGHUP) < 0) + _exit(EXIT_FAILURE); + zero(sig); + assert_se(sigprocmask(SIG_UNBLOCK, &oldset, NULL) == 0); + assert_se(sigaction(SIGCHLD, &oldsig, NULL) == 0); + nofork: + setsid(); + release_terminal(); + *usemask |= 1 << consoles[n].id; + current_dev = consoles[n].tty; + return consoles[n].id; /* child */ + } + } + + ret = 0; + while ((job = wait(&status)) != 0) { + if (job < 0) { + if (errno != EINTR) + break; + continue; + } + for (n = 0; n < num; n++) { + if (consoles[n].pid == job || kill(consoles[n].pid, 0) < 0) { + *usemask &= ~(1 << consoles[n].id); + continue; + } + if (*usemask & (1 << consoles[n].id)) + continue; + kill(consoles[n].pid, SIGHUP); + usleep(50000); + kill(consoles[n].pid, SIGKILL); + } + if (WIFEXITED(status) && ret == 0) + ret = WEXITSTATUS(status); + } + free_consoles(consoles, num); + exit(ret != 0 ? EXIT_FAILURE : EXIT_SUCCESS); /* parent */ +} + int main(int argc, char *argv[]) { - int r; + int r, id = 0; log_set_target(LOG_TARGET_AUTO); log_parse_environment(); @@ -628,11 +781,27 @@ int main(int argc, char *argv[]) { if (r <= 0) goto finish; + /* + * Use this shared memory area to be able to synchronize the + * workers asking for password with the main process. + * This allows to continue if one of the consoles had been + * used as afterwards the remaining asking processes will + * be terminated. The wait_for_terminate() does not help + * for this use case. + */ + usemask = mmap(NULL, sizeof(*usemask), PROT_READ | PROT_WRITE, + MAP_ANONYMOUS | MAP_SHARED, -1, 0); + assert_se(usemask != NULL); + if (arg_console) { - setsid(); - release_terminal(); + if (!arg_plymouth && arg_action != ACTION_WALL && + arg_action != ACTION_LIST) { + id = wait_for_answer(); + } else { + setsid(); + release_terminal(); + } } - if (IN_SET(arg_action, ACTION_WATCH, ACTION_WALL)) r = watch_passwords(); else @@ -641,6 +810,7 @@ int main(int argc, char *argv[]) { if (r < 0) log_error_errno(r, "Error: %m"); + *usemask &= ~(1 << id); finish: return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; }