shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-20 18:04:03 +03:00
Code

exec-util: allow to invoke polkit/ask-password agent even if STDIN is not a tty

Browse Source 
Closes #35018.

(cherry picked from commit 0f81c8406f0f47175c699715e84de8291057033c)
This commit is contained in:
Yu Watanabe 2024-12-01 17:36:33 +09:00 committed by Luca Boccassi
parent bcf740e4a3
commit 070c28a12a
3 changed files with 18 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/shared/ask-password-agent.c
View File

@ -18,12 +18,8 @@ int ask_password_agent_open(void) {
if (agent_pid > 0)
return 0;
/* We check STDIN here, not STDOUT, since this is about input, not output */
if (!isatty_safe(STDIN_FILENO))
return 0;
/* Also check if we have a controlling terminal. If not (ENXIO here), we aren't actually invoked
* interactively on a terminal, hence fail */
/* Check if we have a controlling terminal. If not (ENXIO here), we aren't actually invoked
* interactively on a terminal, hence fail. */
r = get_ctty_devnr(0, NULL);
if (r == -ENXIO)
return 0;

23
src/shared/exec-util.c
View File

@ -544,7 +544,6 @@ int fexecve_or_execve(int executable_fd, const char *executable, char *const arg
}
int _fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret_pid, const char *path, ...) {
bool stdout_is_tty, stderr_is_tty;
size_t n, i;
va_list ap;
char **l;
@ -567,17 +566,18 @@ int _fork_agent(const char *name, const int except[], size_t n_except, pid_t *re
/* In the child: */
stdout_is_tty = isatty_safe(STDOUT_FILENO);
stderr_is_tty = isatty_safe(STDERR_FILENO);
bool stdin_is_tty = isatty_safe(STDIN_FILENO),
stdout_is_tty = isatty_safe(STDOUT_FILENO),
stderr_is_tty = isatty_safe(STDERR_FILENO);
if (!stdout_is_tty || !stderr_is_tty) {
if (!stdin_is_tty || !stdout_is_tty || !stderr_is_tty) {
int fd;
/* Detach from stdout/stderr and reopen /dev/tty for them. This is important to ensure that
* when systemctl is started via popen() or a similar call that expects to read EOF we
/* Detach from stdin/stdout/stderr and reopen /dev/tty for them. This is important to ensure
* that when systemctl is started via popen() or a similar call that expects to read EOF we
* actually do generate EOF and not delay this indefinitely by keeping an unused copy of
* stdin around. */
fd = open("/dev/tty", O_WRONLY);
fd = open("/dev/tty", stdin_is_tty ? O_WRONLY : (stdout_is_tty && stderr_is_tty) ? O_RDONLY : O_RDWR);
if (fd < 0) {
if (errno != ENXIO) {
log_error_errno(errno, "Failed to open /dev/tty: %m");
@ -588,13 +588,18 @@ int _fork_agent(const char *name, const int except[], size_t n_except, pid_t *re
* connected to a TTY. That's a weird setup, but let's handle it gracefully: let's
* skip the forking of the agents, given the TTY setup is not in order. */
} else {
if (!stdin_is_tty && dup2(fd, STDIN_FILENO) < 0) {
log_error_errno(errno, "Failed to dup2 /dev/tty to STDIN: %m");
_exit(EXIT_FAILURE);
}
if (!stdout_is_tty && dup2(fd, STDOUT_FILENO) < 0) {
log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
log_error_errno(errno, "Failed to dup2 /dev/tty to STDOUT: %m");
_exit(EXIT_FAILURE);
}
if (!stderr_is_tty && dup2(fd, STDERR_FILENO) < 0) {
log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
log_error_errno(errno, "Failed to dup2 /dev/tty to STDERR: %m");
_exit(EXIT_FAILURE);
}

8
src/shared/polkit-agent.c
View File

@ -31,12 +31,8 @@ int polkit_agent_open(void) {
if (geteuid() == 0)
return 0;
/* We check STDIN here, not STDOUT, since this is about input, not output */
if (!isatty_safe(STDIN_FILENO))
return 0;
/* Also check if we have a controlling terminal. If not (ENXIO here), we aren't actually invoked
* interactively on a terminal, hence fail */
/* Check if we have a controlling terminal. If not (ENXIO here), we aren't actually invoked
* interactively on a terminal, hence fail. */
r = get_ctty_devnr(0, NULL);
if (r == -ENXIO)
return 0;