ask-password: allow to control lock and key emoji

Giving --echo to systemd-ask-password allows to echo the user input. There's nothing secret, so do not show a lock and key emoji by default. The behavior can be controlled with --emoji=yes|no|auto. The default is auto, which defaults to yes, unless --echo is given.
2024-10-07 00:30:59 +00:00 · 2021-05-26 22:38:30 +02:00 · 2021-05-26 22:38:30 +02:00 · e390c34d00
parent 4858bc0d84
commit e390c34d00
4 changed files with 33 additions and 1 deletions
--- a/man/systemd-ask-password.xml
+++ b/man/systemd-ask-password.xml
@ -165,6 +165,15 @@
        usernames. </para></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><option>--emoji=yes|no|auto</option></term>
+
+        <listitem><para>Controls whether or not to prefix the query with a
+        lock and key emoji (🔐), if the TTY settings permit this. The default
+        is <literal>auto</literal>, which defaults to <literal>yes</literal>,
+        unless <option>--echo</option> is given.</para></listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><option>--no-tty</option></term>

--- a/src/ask-password/ask-password.c
+++ b/src/ask-password/ask-password.c
@ -10,6 +10,7 @@
 #include "log.h"
 #include "macro.h"
 #include "main-func.h"
+#include "parse-argument.h"
 #include "pretty-print.h"
 #include "strv.h"
 #include "terminal-util.h"
@ -45,6 +46,8 @@ static int help(void) {
               "                      credentials\n"
               "     --timeout=SEC    Timeout in seconds\n"
               "     --echo           Do not mask input (useful for usernames)\n"
+               "     --emoji=yes|no|auto\n"
+               "                      Show a lock and key emoji\n"
               "     --no-tty         Ask question via agent even on TTY\n"
               "     --accept-cached  Accept cached passwords\n"
               "     --multiple       List multiple passwords if available\n"
@ -64,6 +67,7 @@ static int parse_argv(int argc, char *argv[]) {
                ARG_ICON = 0x100,
                ARG_TIMEOUT,
                ARG_ECHO,
+                ARG_EMOJI,
                ARG_NO_TTY,
                ARG_ACCEPT_CACHED,
                ARG_MULTIPLE,
@ -80,6 +84,7 @@ static int parse_argv(int argc, char *argv[]) {
                { "icon",          required_argument, NULL, ARG_ICON          },
                { "timeout",       required_argument, NULL, ARG_TIMEOUT       },
                { "echo",          no_argument,       NULL, ARG_ECHO          },
+                { "emoji",         required_argument, NULL, ARG_EMOJI         },
                { "no-tty",        no_argument,       NULL, ARG_NO_TTY        },
                { "accept-cached", no_argument,       NULL, ARG_ACCEPT_CACHED },
                { "multiple",      no_argument,       NULL, ARG_MULTIPLE      },
@ -90,6 +95,7 @@ static int parse_argv(int argc, char *argv[]) {
                {}
        };

+        const char *emoji = NULL;
        int c;

        assert(argc >= 0);
@ -120,6 +126,10 @@ static int parse_argv(int argc, char *argv[]) {
                        arg_flags |= ASK_PASSWORD_ECHO;
                        break;

+                case ARG_EMOJI:
+                        emoji = optarg;
+                        break;
+
                case ARG_NO_TTY:
                        arg_flags |= ASK_PASSWORD_NO_TTY;
                        break;
@ -155,6 +165,18 @@ static int parse_argv(int argc, char *argv[]) {
                        assert_not_reached("Unhandled option");
                }

+        if (isempty(emoji) || streq(emoji, "auto"))
+                SET_FLAG(arg_flags, ASK_PASSWORD_HIDE_EMOJI, FLAGS_SET(arg_flags, ASK_PASSWORD_ECHO));
+        else {
+                int r;
+                bool b;
+
+                r = parse_boolean_argument("--emoji=", emoji, &b);
+                if (r < 0)
+                         return r;
+                SET_FLAG(arg_flags, ASK_PASSWORD_HIDE_EMOJI, !b);
+        }
+
        if (argc > optind) {
                arg_message = strv_join(argv + optind, " ");
                if (!arg_message)
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@ -421,7 +421,7 @@ int ask_password_tty(
        if (!message)
                message = "Password:";

-        if (emoji_enabled())
+        if (!FLAGS_SET(flags, ASK_PASSWORD_HIDE_EMOJI) && emoji_enabled())
                message = strjoina(special_glyph(SPECIAL_GLYPH_LOCK_AND_KEY), " ", message);

        if (flag_file || ((flags & ASK_PASSWORD_ACCEPT_CACHED) && keyname)) {
--- a/src/shared/ask-password-api.h
+++ b/src/shared/ask-password-api.h
@ -14,6 +14,7 @@ typedef enum AskPasswordFlags {
        ASK_PASSWORD_NO_AGENT      = 1 << 5, /* never ask for password via agent */
        ASK_PASSWORD_CONSOLE_COLOR = 1 << 6, /* Use color if /dev/console points to a console that supports color */
        ASK_PASSWORD_NO_CREDENTIAL = 1 << 7, /* never use $CREDENTIALS_DIRECTORY data */
+        ASK_PASSWORD_HIDE_EMOJI    = 1 << 8, /* hide the lock and key emoji */
 } AskPasswordFlags;

 int ask_password_tty(int tty_fd, const char *message, const char *key_name, usec_t until, AskPasswordFlags flags, const char *flag_file, char ***ret);