[systemd-devel] [PATCH] ask-password: Add --do-echo to enable echoing the user input

David Sommerseth davids at redhat.com
Thu Sep 18 05:29:14 PDT 2014


On 17/09/14 17:52, "Jóhann B. Guðmundsson" wrote:
> 
> On 09/17/2014 12:26 PM, David Sommerseth wrote:
>> Hi,
>>
>> I've been playing with the systemd feature enabled in OpenVPN.  And I
>> propose this change to systemd-ask-password to avoid masking usernames.
>>   I tried looking for alternative ways querying for usernames through
>> systemd without finding a good solution.
>>
>> This patch has been tested locally on a slightly modified OpenVPN build
>> which calls systemd-ask-password with --do-echo when it queries the user
>> for usernames.
>>
>> If there are better ways how to solve this, please let me know and I'll
>> go that path instead.
>>
>>
> 
> Should this not be fixed upstream openvpn?

OpenVPN have already implemented support for systemd.  The issue is when
OpenVPN starts a config file where will ask the user for username and
password.  Without this systemd patch the result is that the username
isn't displayed as plain text but a bunch of stars - and kicking off
openvpn via systemctl fails.

Based on my systemd knowledge, the alternative is to _not_ use
systemd-ask-password at all, which makes it harder to start openvpn
tunnels via systemctl or at boot time.  And that will not be well
received among OpenVPN users.

If you think we're doing it wrong in OpenVPN, I'm willing to fix this.
As more and more distros move over to systemd, this is something we see
we need to fix in OpenVPN.


--
kind regards,

David Sommerseth



More information about the systemd-devel mailing list