[systemd-devel] systemd-tty-ask-password-agent, new warning
Andrei Borzenkov
arvidjaar at gmail.com
Wed Jul 9 04:18:51 UTC 2025
08.07.2025 22:38, James Muir (jamesmui) wrote:
>>>> Is systemd-tty-ask-password still an optional component?
>>>>
>>>> Is this new behaviour (where systemd-tty-ask-password is repeatedly executed) intentional?
>>>
>>> It is not new behavior. systemctl did it for as long as I remember.
>>
>> Okay. But the display of the warning is new behaviour.
>>
>> Was the warning just not visible or not generated before?
>>
>> Should systemd-tty-ask-password not be considered an optional component?
> Answering my own question: yes, the warning / failure message was not visible until recently (v255.10).
> The following commit adds a log statement to exec-util,c and that is why it has appeared:
> https://github.com/systemd/systemd-stable/commit/76fe6ebee8
> Any comment on my other question: is systemd-tty-ask-password an optional component?
It is optional. You can skip it with --no-ask-password. If you did not,
it is assumed you wanted password agent and the warning is correct. It
is just a message, systemctl does not fail if it could not launch
password agent. So, even from this angle it is optional. Maybe you mean
"warning should be optional"?
Your distribution could install alias
systemctl="systemctl --no-ask-password "
although this would need extending systemctl with --ask-password to
override the default.
Theoretically it is possible to watch /run/systemd/ask-password and only
launch agent when password requests are present. But that just shifts
the problem - you still get the same error, just not every time.
systemctl knows nothing about user intentions nor can it know whether
service to be started will need secrets.
More information about the systemd-devel
mailing list