aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2017-10-30 14:41:57 +0100
committerGravatar Christian Hesse <mail@eworm.de>2017-10-30 14:41:57 +0100
commit3bc54ac0d2950f3c65e20939db98333dcd4df744 (patch)
tree46bd91f56e6d5438ea7ce1fed8f44dcf657693fa
parentd7696f73602c4d5399ad065a3c9dfa26c53f179b (diff)
downloadmkinitcpio-ykfde-3bc54ac0d2950f3c65e20939db98333dcd4df744.tar.gz
mkinitcpio-ykfde-3bc54ac0d2950f3c65e20939db98333dcd4df744.tar.zst
make sure the worker is run from systemd service
-rw-r--r--bin/Makefile6
-rw-r--r--bin/worker.c11
-rw-r--r--systemd/ykfde-worker.service2
3 files changed, 16 insertions, 3 deletions
diff --git a/bin/Makefile b/bin/Makefile
index a7c1efe..53e14bc 100644
--- a/bin/Makefile
+++ b/bin/Makefile
@@ -4,15 +4,17 @@ INSTALL := install
RM := rm
# flags
CFLAGS += -std=gnu11 -O2 -fPIC -Wall -Werror
+CFLAGS += -liniparser -lkeyutils -lykpers-1 -lyubikey
+CFLAGS += $(shell pkg-config --cflags --libs libsystemd 2>/dev/null)
LDFLAGS += -Wl,-z,now -Wl,-z,relro -pie
all: worker ykfde ykfde-cpio
worker: worker.c ../config.h
- $(CC) $(CFLAGS) -liniparser -lkeyutils -lykpers-1 -lyubikey $(LDFLAGS) -o worker worker.c
+ $(CC) $(CFLAGS) $(LDFLAGS) -o worker worker.c
ykfde: ykfde.c ../config.h ../version.h
- $(CC) $(CFLAGS) -lcryptsetup -liniparser -lkeyutils -lykpers-1 -lyubikey $(LDFLAGS) -o ykfde ykfde.c
+ $(CC) $(CFLAGS) -lcryptsetup $(LDFLAGS) -o ykfde ykfde.c
ykfde-cpio: ykfde-cpio.c ../config.h ../version.h
$(CC) $(CFLAGS) -larchive $(LDFLAGS) -o ykfde-cpio ykfde-cpio.c
diff --git a/bin/worker.c b/bin/worker.c
index 470acb2..1ca9233 100644
--- a/bin/worker.c
+++ b/bin/worker.c
@@ -26,6 +26,8 @@
#include <sys/un.h>
#include <unistd.h>
+#include <systemd/sd-daemon.h>
+
#include <iniparser.h>
#include <keyutils.h>
@@ -350,6 +352,12 @@ int main(int argc, char **argv) {
(void) tmp;
#endif
+ /* check that we are running from systemd */
+ if (sd_notify(0, "READY=0\nSTATUS=Work in progress...") <= 0) {
+ fprintf(stderr, "This is expected to run from a systemd service.\n");
+ goto out10;
+ }
+
/* initialize static memory */
memset(challenge, 0, CHALLENGELEN + 1);
memset(passphrase, 0, PASSPHRASELEN + 2);
@@ -387,6 +395,9 @@ int main(int argc, char **argv) {
if ((rc = walk_askpass(passphrase)) < 0)
goto out30;
+ /* notify systemd about success */
+ sd_notify(0, "READY=1\nSTATUS=All done.");
+
out30:
/* release Yubikey */
if (yk_release() == 0)
diff --git a/systemd/ykfde-worker.service b/systemd/ykfde-worker.service
index 1207034..8af735a 100644
--- a/systemd/ykfde-worker.service
+++ b/systemd/ykfde-worker.service
@@ -11,6 +11,6 @@ Wants=cryptsetup-pre.target
After=ykfde-2f.service
[Service]
-Type=oneshot
+Type=notify
KeyringMode=shared
ExecStart=/usr/lib/ykfde/worker