2011-04-08 19:57:17 +04:00
<?xml version='1.0'?> <!-- * - nxml - * -->
< !DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2011 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
2012-04-12 02:20:58 +04:00
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
2011-04-08 19:57:17 +04:00
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
2012-04-12 02:20:58 +04:00
Lesser General Public License for more details.
2011-04-08 19:57:17 +04:00
2012-04-12 02:20:58 +04:00
You should have received a copy of the GNU Lesser General Public License
2011-04-08 19:57:17 +04:00
along with systemd; If not, see <http: / / w w w . g n u . o r g / l i c e n s e s /> .
-->
<refentry id= "systemd-ask-password" >
<refentryinfo >
<title > systemd-ask-password</title>
<productname > systemd</productname>
<authorgroup >
<author >
<contrib > Developer</contrib>
<firstname > Lennart</firstname>
<surname > Poettering</surname>
<email > lennart@poettering.net</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta >
<refentrytitle > systemd-ask-password</refentrytitle>
<manvolnum > 1</manvolnum>
</refmeta>
<refnamediv >
<refname > systemd-ask-password</refname>
<refpurpose > Query the user for a system password</refpurpose>
</refnamediv>
<refsynopsisdiv >
<cmdsynopsis >
<command > systemd-ask-password <arg choice= "opt" rep= "repeat" > OPTIONS</arg> <arg choice= "opt" > MESSAGE</arg> </command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 >
<title > Description</title>
<para > <command > systemd-ask-password</command> may be
used to query a system password or passphrase from the
user, using a question message specified on the
command line. When run from a TTY it will query a
password on the TTY and print it to STDOUT. When run
with no TTY or with <option > --no-tty</option> it will
query the password system-wide and allow active users
to respond via several agents. The latter is
only available to privileged processes.</para>
<para > The purpose of this tool is to query system-wide
passwords -- that is passwords not attached to a
specific user account. Examples include: unlocking
encrypted hard disks when they are plugged in or at
boot, entering an SSL certificate passphrase for web
and VPN servers.</para>
<para > Existing agents are: a boot-time password agent
asking the user for passwords using Plymouth; a
boot-time password agent querying the user directly on
the console; an agent requesting password input via a
<citerefentry > <refentrytitle > wall</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry>
message; an agent suitable for running in a GNOME
session; a command line agent which can be started
temporarily to process queued password requests; a TTY
agent that is temporarily spawned during
<citerefentry > <refentrytitle > systemctl</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry>
invocations.</para>
<para > Additional password agents may be implemented
according to the <ulink
url="http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents">systemd
Password Agent Specification</ulink> .</para>
2012-10-26 02:16:47 +04:00
<para > If a password is queried on a TTY the user may
2011-04-08 19:57:17 +04:00
press TAB to hide the asterisks normally shown for
each character typed. Pressing Backspace as first key
achieves the same effect.</para>
</refsect1>
<refsect1 >
<title > Options</title>
<para > The following options are understood:</para>
<variablelist >
<varlistentry >
2012-06-27 12:48:13 +04:00
<term > <option > -h</option> </term>
2011-04-08 19:57:17 +04:00
<term > <option > --help</option> </term>
<listitem > <para > Prints a short help
text and exits.</para> </listitem>
</varlistentry>
<varlistentry >
<term > <option > --icon=</option> </term>
<listitem > <para > Specify an icon name
2011-06-18 17:40:20 +04:00
alongside the password query, which may
2011-04-08 19:57:17 +04:00
be used in all agents supporting
graphical display. The icon name
should follow the <ulink
url="http://standards.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html">XDG
Icon Naming
Specification</ulink> .</para> </listitem>
</varlistentry>
<varlistentry >
<term > <option > --timeout=</option> </term>
<listitem > <para > Specify the query
2011-04-14 04:30:43 +04:00
timeout in seconds. Defaults to
2011-04-28 00:29:29 +04:00
90s.</para> </listitem>
2011-04-08 19:57:17 +04:00
</varlistentry>
<varlistentry >
<term > <option > --no-tty</option> </term>
<listitem > <para > Never ask for password
on current TTY even if one is
available. Always use agent
system.</para> </listitem>
</varlistentry>
<varlistentry >
<term > <option > --accept-cached</option> </term>
<listitem > <para > If passed accept
cached passwords, i.e. passwords
previously typed in.</para> </listitem>
</varlistentry>
<varlistentry >
<term > <option > --multiple</option> </term>
<listitem > <para > When used in
conjunction with
<option > --accept-cached</option>
accept multiple passwords. This will
output one password per
line.</para> </listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 >
<title > Exit status</title>
<para > On success 0 is returned, a non-zero failure
code otherwise.</para>
</refsect1>
<refsect1 >
<title > See Also</title>
<para >
<citerefentry > <refentrytitle > systemd</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > systemctl</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > plymouth</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > wall</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry>
</para>
</refsect1>
</refentry>