systemd-ask-password.xml revision 7f434cf4c9a72c3291a8603a3e91dd66dde4d640
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering This file is part of systemd.
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering Copyright 2011 Lennart Poettering
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering systemd is free software; you can redistribute it and/or modify it
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering under the terms of the GNU General Public License as published by
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering the Free Software Foundation; either version 2 of the License, or
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering (at your option) any later version.
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering systemd is distributed in the hope that it will be useful, but
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering WITHOUT ANY WARRANTY; without even the implied warranty of
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering General Public License for more details.
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering You should have received a copy of the GNU General Public License
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering along with systemd; If not, see <http://www.gnu.org/licenses/>.
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <refentryinfo>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </authorgroup>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </refentryinfo>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <refentrytitle>systemd-ask-password</refentrytitle>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <refpurpose>Query the user for a system password</refpurpose>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <refsynopsisdiv>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <command>systemd-ask-password <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="opt">MESSAGE</arg></command>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </cmdsynopsis>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </refsynopsisdiv>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para><command>systemd-ask-password</command> may be
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering used to query a system password or passphrase from the
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering user, using a question message specified on the
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering command line. When run from a TTY it will query a
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering password on the TTY and print it to STDOUT. When run
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering with no TTY or with <option>--no-tty</option> it will
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering query the password system-wide and allow active users
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering to respond via several agents. The latter is
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering only available to privileged processes.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>The purpose of this tool is to query system-wide
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering passwords -- that is passwords not attached to a
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering specific user account. Examples include: unlocking
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering encrypted hard disks when they are plugged in or at
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering boot, entering an SSL certificate passphrase for web
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering and VPN servers.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>Existing agents are: a boot-time password agent
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering asking the user for passwords using Plymouth; a
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering boot-time password agent querying the user directly on
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering the console; an agent requesting password input via a
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering message; an agent suitable for running in a GNOME
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering session; a command line agent which can be started
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering temporarily to process queued password requests; a TTY
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering agent that is temporarily spawned during
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering invocations.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>Additional password agents may be implemented
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering according to the <ulink
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering url="http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents">systemd
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering Password Agent Specification</ulink>.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>If a password is queried on a tty the user may
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering press TAB to hide the asterisks normally shown for
a6ad1458e8baf913e9ee377c52863b927d7a2638Thomas Hindoe Paaboel Andersen each character typed. Pressing Backspace as first key
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering achieves the same effect.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>The following options are understood:</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <variablelist>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
a6ad1458e8baf913e9ee377c52863b927d7a2638Thomas Hindoe Paaboel Andersen text and exits.</para></listitem>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering alongside the pasword query, which may
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering be used in all agents supporting
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering graphical display. The icon name
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering should follow the <ulink
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering url="http://standards.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html">XDG
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering timeout in seconds. Defaults to
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering on current TTY even if one is
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering available. Always use agent
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <term><option>--accept-cached</option></term>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering cached passwords, i.e. passwords
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering conjunction with
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering accept multiple passwords. This will
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering output one password per
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </varlistentry>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering </variablelist>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <para>On success 0 is returned, a non-zero failure
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering code otherwise.</para>
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
faae655de3cdbed4be1d472b01ce0c4d81e905edLennart Poettering <citerefentry><refentrytitle>wall</refentrytitle><manvolnum>1</manvolnum></citerefentry>