| <?xml version='1.0'?> <!--*-nxml-*--> |
| <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
| "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
| |
| <!-- |
| This file is part of systemd. |
| |
| Copyright 2011 Lennart Poettering |
| |
| systemd is free software; you can redistribute it and/or modify it |
| under the terms of the GNU Lesser General Public License as published by |
| the Free Software Foundation; either version 2.1 of the License, or |
| (at your option) any later version. |
| |
| systemd is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| Lesser General Public License for more details. |
| |
| You should have received a copy of the GNU Lesser General Public License |
| along with systemd; If not, see <http://www.gnu.org/licenses/>. |
| --> |
| |
| <refentry id="systemd-ask-password"> |
| |
| <refentryinfo> |
| <title>systemd-ask-password</title> |
| <productname>systemd</productname> |
| |
| <authorgroup> |
| <author> |
| <contrib>Developer</contrib> |
| <firstname>Lennart</firstname> |
| <surname>Poettering</surname> |
| <email>lennart@poettering.net</email> |
| </author> |
| </authorgroup> |
| </refentryinfo> |
| |
| <refmeta> |
| <refentrytitle>systemd-ask-password</refentrytitle> |
| <manvolnum>1</manvolnum> |
| </refmeta> |
| |
| <refnamediv> |
| <refname>systemd-ask-password</refname> |
| <refpurpose>Query the user for a system password</refpurpose> |
| </refnamediv> |
| |
| <refsynopsisdiv> |
| <cmdsynopsis> |
| <command>systemd-ask-password <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt">MESSAGE</arg></command> |
| </cmdsynopsis> |
| </refsynopsisdiv> |
| |
| <refsect1> |
| <title>Description</title> |
| |
| <para><command>systemd-ask-password</command> may be |
| used to query a system password or passphrase from the |
| user, using a question message specified on the |
| command line. When run from a TTY it will query a |
| password on the TTY and print it to STDOUT. When run |
| with no TTY or with <option>--no-tty</option> it will |
| query the password system-wide and allow active users |
| to respond via several agents. The latter is |
| only available to privileged processes.</para> |
| |
| <para>The purpose of this tool is to query system-wide |
| passwords -- that is passwords not attached to a |
| specific user account. Examples include: unlocking |
| encrypted hard disks when they are plugged in or at |
| boot, entering an SSL certificate passphrase for web |
| and VPN servers.</para> |
| |
| <para>Existing agents are: a boot-time password agent |
| asking the user for passwords using Plymouth; a |
| boot-time password agent querying the user directly on |
| the console; an agent requesting password input via a |
| <citerefentry><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry> |
| message; an agent suitable for running in a GNOME |
| session; a command line agent which can be started |
| temporarily to process queued password requests; a TTY |
| agent that is temporarily spawned during |
| <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> |
| invocations.</para> |
| |
| <para>Additional password agents may be implemented |
| according to the <ulink |
| url="http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents">systemd |
| Password Agent Specification</ulink>.</para> |
| |
| <para>If a password is queried on a tty the user may |
| press TAB to hide the asterisks normally shown for |
| each character typed. Pressing Backspace as first key |
| achieves the same effect.</para> |
| |
| </refsect1> |
| |
| <refsect1> |
| <title>Options</title> |
| |
| <para>The following options are understood:</para> |
| |
| <variablelist> |
| <varlistentry> |
| <term><option>--h</option></term> |
| <term><option>--help</option></term> |
| |
| <listitem><para>Prints a short help |
| text and exits.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><option>--icon=</option></term> |
| |
| <listitem><para>Specify an icon name |
| alongside the password query, which may |
| be used in all agents supporting |
| graphical display. The icon name |
| should follow the <ulink |
| url="http://standards.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html">XDG |
| Icon Naming |
| Specification</ulink>.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><option>--timeout=</option></term> |
| |
| <listitem><para>Specify the query |
| timeout in seconds. Defaults to |
| 90s.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><option>--no-tty</option></term> |
| |
| <listitem><para>Never ask for password |
| on current TTY even if one is |
| available. Always use agent |
| system.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><option>--accept-cached</option></term> |
| |
| <listitem><para>If passed accept |
| cached passwords, i.e. passwords |
| previously typed in.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><option>--multiple</option></term> |
| |
| <listitem><para>When used in |
| conjunction with |
| <option>--accept-cached</option> |
| accept multiple passwords. This will |
| output one password per |
| line.</para></listitem> |
| </varlistentry> |
| </variablelist> |
| |
| </refsect1> |
| |
| <refsect1> |
| <title>Exit status</title> |
| |
| <para>On success 0 is returned, a non-zero failure |
| code otherwise.</para> |
| </refsect1> |
| |
| <refsect1> |
| <title>See Also</title> |
| <para> |
| <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry> |
| </para> |
| </refsect1> |
| |
| </refentry> |