Re: Entering a passphrase interactively in a runit script

From: Laurent Bercot <ska-supervision_at_skarnet.org>
Date: Wed, 25 May 2016 13:53:00 +0200

On 25/05/2016 12:50, Christophe-Marie Duquesne wrote:
> I am trying to write a runit script that would require a passphrase
> when starting. This passphrase must not exist in clear on the
> filesystem, and it would require user interaction.

  This is not easy to do properly. Supervised services are usually run with
a safe, minimal environment. Typically, with runit, services have their
stdin, stdout and stderr pointing to /dev/console - a design I do not
agree with: it should be /dev/null by default, and /dev/console should only
be used for emergency logging and never for input.

  If you need user interaction in a service, you will have to create the way
for the user to interact. /dev/console, as any shared resource, is
dangerous because other programs could grab it and you may end up not
reading the proper input.
  If you have X running by the time your service is launched, the ideal
mechanism is one similar to ssh-askpass: you'd give the DISPLAY environment
variable to your service, which would get its user input via an ad-hoc
window on the specified display.
  If you don't, then it may be desirable to create a terminal (for instance
in a Linux virtual console) and use it to get user input.

  Interactive supervised services are generally not a good idea. If they
die, they cannot be respawned without user action, which goes against the
principle of supervision. If you need authentication, please consider
something similar to ssh-agent, which asks for interactive input once and
provides noninteractive authentication afterwards.

-- 
  Laurent
Received on Wed May 25 2016 - 11:53:00 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:44:19 UTC