From 2b93417398f641e410f0b3564135508ebfb71ac0 Mon Sep 17 00:00:00 2001 From: Marco Ricci Date: Wed, 18 Sep 2024 20:04:31 +0200 Subject: [PATCH] Support running UNIX Pageant in foreground mode, without debugging output This new mode makes it easy to run Pageant as a "supervised" instance, e.g. as part of a test harness for other programs interacting with an SSH agent, which is the original use case. Because Pageant is then running as a child process of the supervisor, the operating system notifies the supervisor of the child's aliveness without resorting to PIDs or socket addresses, both of which may principally run stale and/or get recycled. --- doc/man-pageant.but | 14 ++++++++++++-- unix/pageant.c | 8 +++++++- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/doc/man-pageant.but b/doc/man-pageant.but index d202f166..1ece3aec 100644 --- a/doc/man-pageant.but +++ b/doc/man-pageant.but @@ -8,8 +8,8 @@ \S{pageant-manpage-synopsis} SYNOPSIS -\c pageant ( -X | -T | --permanent | --debug ) [ [ --encrypted ] key-file... ] -\e bbbbbbb bb bb bbbbbbbbbbb bbbbbbb bbbbbbbbbbb iiiiiiii +\c pageant ( -X | -T | --permanent | --debug | --foreground ) [ [ --encrypted ] key-file... ] +\e bbbbbbb bb bb bbbbbbbbbbb bbbbbbb bbbbbbbbbbbb bbbbbbbbbbb iiiiiiii \c pageant [ [ --encrypted ] key-file... ] --exec command [ args... ] \e bbbbbbb bbbbbbbbb iiiiiiii bbbbbb iiiiiii iiii \c pageant -a [ --encrypted ] key-file... @@ -183,6 +183,16 @@ prompts will need to be answered on standard input. This is useful for debugging what Pageant itself is doing, or what another process is doing to it. +\dt \cw{--foreground} + +\dd Like \cw{--debug}, Pageant will run in the foreground, without +forking. It will print its environment variable setup commands on +standard output. Unlike \cw{--debug}, Pageant will not automatically log +agent activity to standard output, nor will it force passphrase prompts +to standard input. This is useful if Pageant is spawned by a parent +process that controls or otherwise programmatically interfaces with +Pageant. + \S{pageant-manpage-client} CLIENT OPTIONS The following options tell Pageant to operate in client mode, diff --git a/unix/pageant.c b/unix/pageant.c index 2b72db7c..43eb1e88 100644 --- a/unix/pageant.c +++ b/unix/pageant.c @@ -198,6 +198,7 @@ static void usage(void) printf(" -T run with the lifetime of the controlling tty\n"); printf(" --permanent run permanently\n"); printf(" --debug run in debugging mode, without forking\n"); + printf(" --foreground run permanently, without forking\n"); printf(" --exec run with the lifetime of that command\n"); printf("Client options, for talking to an existing agent:\n"); printf(" -a add key(s) to the existing agent\n"); @@ -425,7 +426,7 @@ bool have_controlling_tty(void) static char **exec_args = NULL; static enum { - LIFE_UNSPEC, LIFE_X11, LIFE_TTY, LIFE_DEBUG, LIFE_PERM, LIFE_EXEC + LIFE_UNSPEC, LIFE_X11, LIFE_TTY, LIFE_DEBUG, LIFE_PERM, LIFE_EXEC, LIFE_FOREGROUND } life = LIFE_UNSPEC; static const char *display = NULL; static enum { @@ -1222,6 +1223,9 @@ void run_agent(FILE *logfp, const char *symlink_path) pageant_fork_and_print_env(true); } else if (life == LIFE_PERM) { pageant_fork_and_print_env(false); + } else if (life == LIFE_FOREGROUND) { + setvbuf(stdout, NULL, _IOLBF, 0); + pageant_print_env(getpid()); } else if (life == LIFE_DEBUG) { /* Force stdout to be line-buffered in preference to unbuffered, so * that if diagnostic output is being piped somewhere, it will arrive @@ -1366,6 +1370,8 @@ int main(int argc, char **argv) } } else if (!strcmp(p, "--debug")) { life = LIFE_DEBUG; + } else if (!strcmp(p, "--foreground")) { + life = LIFE_FOREGROUND; } else if (!strcmp(p, "--test-sign")) { curr_keyact = KEYACT_CLIENT_SIGN; sign_flags = 0;