USPLASH(8mandos)
NAME
usplash - Mandos plugin to use usplash to get a password.
SYNOPSIS
usplash
DESCRIPTION
This program prompts for a password using usplash(8) and outputs any
given password to standard output. If no usplash(8) process can be
found, this program will immediately exit with an exit code indicating
failure.
This program is not very useful on its own. This program is really
meant to run as a plugin in the Mandos client-side system, where it is
used as a fallback and alternative to retrieving passwords from a
Mandos server.
If this program is killed (presumably by plugin-runner(8mandos) because
some other plugin provided the password), it cannot tell usplash(8) to
abort requesting a password, because usplash(8) does not support this.
Therefore, this program will then kill the running usplash(8) process
and start a new one using the same command line arguments as the old
one was using.
OPTIONS
This program takes no options.
EXIT STATUS
If exit status is 0, the output from the program is the password as it
was read. Otherwise, if exit status is other than 0, the program was
interrupted or encountered an error, and any output so far could be
corrupt and/or truncated, and should therefore be ignored.
ENVIRONMENT
- cryptsource, crypttarget
- If set, these environment variables will be assumed to contain the source device name and the target device mapper name, respectively, and will be shown as part of the prompt.
- These variables will normally be inherited from pluginrunner(8mandos), which will normally have inherited them from
/scripts/local-top/cryptroot in the initial RAM disk environment,
which will have set them from parsing kernel arguments and
/conf/conf.d/cryptroot (also in the initial RAM disk environment), which in turn will have been created when the initial RAM disk
image was created by /usr/share/initramfs-tools/hooks/cryptroot, by extracting the information of the root file system from
/etc/crypttab. - This behavior is meant to exactly mirror the behavior of askpass, the default password prompter.
FILES
- /dev/.initramfs/usplash_fifo
- This is the FIFO to where this program will write the commands for usplash(8). See fifo(7).
- /dev/.initramfs/usplash_outfifo
- This is the FIFO where this program will read the password from
usplash(8). See fifo(7). - /proc
- To find the running usplash(8), this directory will be searched for
numeric entries which will be assumed to be directories. In all
those directories, the exe and cmdline entries will be used to
determine the name of the running binary, effective user and group ID, and the command line arguments. See proc(5). - /sbin/usplash
- This is the name of the binary which will be searched for in the
process list. See usplash(8).
BUGS
Killing usplash(8) and starting a new one is ugly, but necessary as
long as it does not support aborting a password request.
EXAMPLE
Note that normally, this program will not be invoked directly, but
instead started by the Mandos plugin-runner(8mandos).
This program takes no options.
usplash
SECURITY
If this program is killed by a signal, it will kill the process ID
which at the start of this program was determined to run usplash(8) as
root (see also the section called "FILES"). There is a very slight risk
that, in the time between those events, that process ID was freed and
then taken up by another process; the wrong process would then be
killed. Now, this program can only be killed by the user who started
it; see plugin-runner(8mandos). This program should therefore be
started by a completely separate non-privileged user, and no other
programs should be allowed to run as that special user. This means that
it is not recommended to use the user "nobody" to start this program,
as other possibly less trusted programs could be running as "nobody",
and they would then be able to kill this program, triggering the
killing of the process ID which may or may not be usplash(8).
The only other thing that could be considered worthy of note is this:
This program is meant to be run by plugin-runner(8mandos), and will,
when run standalone, outside, in a normal environment, immediately
output on its standard output any presumably secret password it just
received. Therefore, when running this program standalone (which should
never normally be done), take care not to type in any real secret
password by force of habit, since it would then immediately be shown as
output.
SEE ALSO
crypttab(5), fifo(7), plugin-runner(8mandos), proc(5), usplash(8)
COPYRIGHT
Copyright (C) 2008-2009 Teddy Hogeborn, Bjrn Phlsson
This manual page is free software: you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This manual page is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
- You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.