#!/bin/bash # # ask-for-passphrase - designed to be used by SSLPassPhraseDialog exec: # # Copyright Canonical, Ltd. 2010, All Rights Reserved # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # sitename=$1 keytype=$2 log="logger -p daemon.err -t apache2" prompt="Enter passphrase for SSL/TLS keys for $sitename ($keytype):" # Apache gives us a pipe for stdin, but we want to # talk to apache's terminal. tty=`tty < /proc/${PPID}/fd/0` if [ "$tty" = "not a tty" ] ; then if [ -x /bin/systemd-ask-password ] ; then exec /bin/systemd-ask-password --timeout=0 "$prompt" elif [ -x /bin/plymouth ] && plymouth --ping ; then echo $prompt | logger exec plymouth ask-for-password --prompt="$prompt" else $log "No way to ask user for passphrase" exit 1 fi $log "Passphrase prompt failed" exit 1 fi # We must not print anything on stdout except the passphrase read -s -p "$prompt" passphrase > $tty 2>&1 < $tty echo > $tty echo "$passphrase"