man/systemd-ask-password.xml

@@ -156,24 +156,13 @@
         to 90s. A timeout of 0 waits indefinitely. </para></listitem>
       </varlistentry>
 
-      <varlistentry>
-        <term><option>--echo=yes|no|masked</option></term>
-
-        <listitem><para>Controls whether to echo user input. Takes a boolean or the special string
-        <literal>masked</literal>, the default being the latter. If enabled the typed characters are echoed
-        literally, which is useful for prompting for usernames and other non-protected data. If disabled the
-        typed characters are not echoed in any form, the user will not get feedback on their input. If set to
-        <literal>masked</literal>, an asterisk (<literal>*</literal>) is echoed for each character
-        typed. In this mode, if the user hits the tabulator key (<literal>↹</literal>), echo is turned
-        off. (Alternatively, if the user hits the backspace key (<literal>⌫</literal>) while no data has
-        been entered otherwise, echo is turned off, too).</para></listitem>
-      </varlistentry>
-
       <varlistentry>
         <term><option>--echo</option></term>
-        <term><option>-e</option></term>
 
-        <listitem><para>Equivalent to <option>--echo=yes</option>, see above.</para></listitem>
+        <listitem><para>Echo the user input instead of masking it.
+        This is useful when using
+        <filename>systemd-ask-password</filename> to query for
+        usernames. </para></listitem>
       </varlistentry>
 
       <varlistentry>
@@ -182,7 +171,7 @@
         <listitem><para>Controls whether or not to prefix the query with a
         lock and key emoji (🔐), if the TTY settings permit this. The default
         is <literal>auto</literal>, which defaults to <literal>yes</literal>,
-        unless <option>--echo=yes</option> is given.</para></listitem>
+        unless <option>--echo</option> is given.</para></listitem>
       </varlistentry>
 
       <varlistentry>

src/ask-password/ask-password.c

@@ -45,9 +45,7 @@ static int help(void) {
                "                      Credential name for LoadCredential=/SetCredential=\n"
                "                      credentials\n"
                "     --timeout=SEC    Timeout in seconds\n"
-               "     --echo=yes|no|masked\n"
+               "     --echo           Do not mask input (useful for usernames)\n"
-               "                      Control whether to show password while typing (echo)\n"
-               "  -e --echo           Equivalent to --echo=yes\n"
                "     --emoji=yes|no|auto\n"
                "                      Show a lock and key emoji\n"
                "     --no-tty         Ask question via agent even on TTY\n"
@@ -68,6 +66,7 @@ static int parse_argv(int argc, char *argv[]) {
         enum {
                 ARG_ICON = 0x100,
                 ARG_TIMEOUT,
+                ARG_ECHO,
                 ARG_EMOJI,
                 ARG_NO_TTY,
                 ARG_ACCEPT_CACHED,
@@ -84,7 +83,7 @@ static int parse_argv(int argc, char *argv[]) {
                 { "version",       no_argument,       NULL, ARG_VERSION       },
                 { "icon",          required_argument, NULL, ARG_ICON          },
                 { "timeout",       required_argument, NULL, ARG_TIMEOUT       },
-                { "echo",          optional_argument, NULL, 'e'               },
+                { "echo",          no_argument,       NULL, ARG_ECHO          },
                 { "emoji",         required_argument, NULL, ARG_EMOJI         },
                 { "no-tty",        no_argument,       NULL, ARG_NO_TTY        },
                 { "accept-cached", no_argument,       NULL, ARG_ACCEPT_CACHED },
@@ -97,14 +96,12 @@ static int parse_argv(int argc, char *argv[]) {
         };
 
         const char *emoji = NULL;
-        int c, r;
+        int c;
 
         assert(argc >= 0);
         assert(argv);
 
-        /* Note the asymmetry: the long option --echo= allows an optional argument, the short option does
+        while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
-         * not. */
-        while ((c = getopt_long(argc, argv, "+he", options, NULL)) >= 0)
 
                 switch (c) {
 
@@ -119,30 +116,14 @@ static int parse_argv(int argc, char *argv[]) {
                         break;
 
                 case ARG_TIMEOUT:
-                        r = parse_sec(optarg, &arg_timeout);
+                        if (parse_sec(optarg, &arg_timeout) < 0)
-                        if (r < 0)
+                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
-                                return log_error_errno(r, "Failed to parse --timeout= parameter: %s", optarg);
+                                                       "Failed to parse --timeout parameter %s",
-
+                                                       optarg);
                         break;
 
-                case 'e':
+                case ARG_ECHO:
-                        if (!optarg) {
+                        arg_flags |= ASK_PASSWORD_ECHO;
-                                /* Short option -e is used, or no argument to long option --echo= */
-                                arg_flags |= ASK_PASSWORD_ECHO;
-                                arg_flags &= ~ASK_PASSWORD_SILENT;
-                        } else if (isempty(optarg) || streq(optarg, "masked"))
-                                /* Empty argument or explicit string "masked" for default behaviour. */
-                                arg_flags &= ~(ASK_PASSWORD_ECHO|ASK_PASSWORD_SILENT);
-                        else {
-                                bool b;
-
-                                r = parse_boolean_argument("--echo=", optarg, &b);
-                                if (r < 0)
-                                        return r;
-
-                                SET_FLAG(arg_flags, ASK_PASSWORD_ECHO, b);
-                                SET_FLAG(arg_flags, ASK_PASSWORD_SILENT, !b);
-                        }
                         break;
 
                 case ARG_EMOJI:
@@ -187,12 +168,12 @@ static int parse_argv(int argc, char *argv[]) {
         if (isempty(emoji) || streq(emoji, "auto"))
                 SET_FLAG(arg_flags, ASK_PASSWORD_HIDE_EMOJI, FLAGS_SET(arg_flags, ASK_PASSWORD_ECHO));
         else {
+                int r;
                 bool b;
 
                 r = parse_boolean_argument("--emoji=", emoji, &b);
                 if (r < 0)
                          return r;
-
                 SET_FLAG(arg_flags, ASK_PASSWORD_HIDE_EMOJI, !b);
         }
 
@@ -200,14 +181,6 @@ static int parse_argv(int argc, char *argv[]) {
                 arg_message = strv_join(argv + optind, " ");
                 if (!arg_message)
                         return log_oom();
-        } else if (FLAGS_SET(arg_flags, ASK_PASSWORD_ECHO)) {
-                /* By default ask_password_auto() will query with the string "Password: ", which is not right
-                 * when full echo is on, since then it's unlikely a password. Let's hence default to a less
-                 * confusing string in that case. */
-
-                arg_message = strdup("Input:");
-                if (!arg_message)
-                        return log_oom();
         }
 
         return 1;

src/test/test-capability.c

@@ -159,15 +159,9 @@ static void test_drop_privileges_fail(void) {
 }
 
 static void test_drop_privileges(void) {
-        fork_test(test_drop_privileges_fail);
-
-        if (have_effective_cap(CAP_NET_RAW) == 0) /* The remaining two tests only work if we have CAP_NET_RAW
-                                                   * in the first place. If we are run in some restricted
-                                                   * container environment we might not. */
-                return;
-
         fork_test(test_drop_privileges_keep_net_raw);
         fork_test(test_drop_privileges_dontkeep_net_raw);
+        fork_test(test_drop_privileges_fail);
 }
 
 static void test_have_effective_cap(void) {

src/test/test-exec-util.c

@@ -22,7 +22,7 @@
 #include "tests.h"
 
 static int here = 0, here2 = 0, here3 = 0;
-static void *ignore_stdout_args[] = { &here, &here2, &here3 };
+void *ignore_stdout_args[] = {&here, &here2, &here3};
 
 /* noop handlers, just check that arguments are passed correctly */
 static int ignore_stdout_func(int fd, void *arg) {

src/test/test-execute.c

@@ -924,8 +924,8 @@ int main(int argc, char *argv[]) {
         can_unshare = have_namespaces();
 
         /* It is needed otherwise cgroup creation fails */
-        if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0)
+        if (getuid() != 0)
-                return log_tests_skipped("not privileged");
+                return log_tests_skipped("not root");
 
         r = enter_cgroup_subroot(NULL);
         if (r == -ENOMEDIUM)

src/test/test-mount-util.c

@@ -4,7 +4,6 @@
 #include <sys/statvfs.h>
 
 #include "alloc-util.h"
-#include "capability-util.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "mount-util.h"
@@ -76,8 +75,8 @@ static void test_bind_remount_recursive(void) {
         _cleanup_free_ char *subdir = NULL;
         const char *p;
 
-        if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) {
+        if (geteuid() != 0) {
-                (void) log_tests_skipped("not running privileged");
+                (void) log_tests_skipped("not running as root");
                 return;
         }
 
@@ -129,8 +128,8 @@ static void test_bind_remount_recursive(void) {
 static void test_bind_remount_one(void) {
         pid_t pid;
 
-        if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) {
+        if (geteuid() != 0) {
-                (void) log_tests_skipped("not running privileged");
+                (void) log_tests_skipped("not running as root");
                 return;
         }
 

src/test/test-seccomp.c

@@ -15,7 +15,6 @@
 #endif
 
 #include "alloc-util.h"
-#include "capability-util.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "macro.h"
@@ -42,10 +41,6 @@
 #  define SECCOMP_RESTRICT_ADDRESS_FAMILIES_BROKEN 0
 #endif
 
-static bool have_seccomp_privs(void) {
-        return geteuid() == 0 && have_effective_cap(CAP_SYS_ADMIN) > 0; /* If we are root but CAP_SYS_ADMIN we can't do caps (unless we also do NNP) */
-}
-
 static void test_parse_syscall_and_errno(void) {
         _cleanup_free_ char *n = NULL;
         int e;
@@ -173,8 +168,8 @@ static void test_filter_sets(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -308,8 +303,8 @@ static void test_restrict_namespace(void) {
                 log_notice("Seccomp not available, skipping remaining tests in %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping remaining tests in %s", __func__);
+                log_notice("Not root, skipping remaining tests in %s", __func__);
                 return;
         }
 
@@ -378,8 +373,8 @@ static void test_protect_sysctl(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -431,8 +426,8 @@ static void test_protect_syslog(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -473,8 +468,8 @@ static void test_restrict_address_families(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -562,8 +557,8 @@ static void test_restrict_realtime(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -609,8 +604,8 @@ static void test_memory_deny_write_execute_mmap(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 #if HAVE_VALGRIND_VALGRIND_H
@@ -679,8 +674,8 @@ static void test_memory_deny_write_execute_shmat(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 #if HAVE_VALGRIND_VALGRIND_H
@@ -744,8 +739,8 @@ static void test_restrict_archs(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -784,8 +779,8 @@ static void test_load_syscall_filter_set_raw(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -882,8 +877,8 @@ static void test_lock_personality(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }
 
@@ -946,8 +941,8 @@ static void test_restrict_suid_sgid(void) {
                 log_notice("Seccomp not available, skipping %s", __func__);
                 return;
         }
-        if (!have_seccomp_privs()) {
+        if (geteuid() != 0) {
-                log_notice("Not privileged, skipping %s", __func__);
+                log_notice("Not root, skipping %s", __func__);
                 return;
         }