Blank CMD and password in the log messages

[JcBernack]

Describe the bug After the update to 0.9.0 I noticed that on boot the CMD seems to be blank. At first I didn't see it and just entered my password which than didn't seem to do much.

Afterwards, I manually selected a Hyprland Session and entered my password again. This time it didn't work again, but displayed an error that contained my password in the clear. Unfortunately, I also later found this message in the service journal, including my password in the clear.

So I think there is two issues here:

• Some weird behavior with a blank CMD
• Error message in the log that might contain the entered password

Expected behavior Not under any circumstances should the entered password appear in the logs.

System information:

• Distribution: Arch
• greetd version: 0.10.0-1
• tuigreet version: 0.9.0-1
• Installation method (from source, package, binary, etc.): package
• tuigreet command line: tuigreet --greeting \"was 1 arch\" --time --remember

Journal log

-- Boot dac54e7db6ce4430a9210131186250f5 --
May 16 13:59:12 arch systemd[1]: Started Greeter daemon.
May 16 13:59:12 arch greetd[955]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: Specific(1), switch: true }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "tuigreet --g>
May 16 13:59:12 arch greetd[956]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", servi>
May 16 13:59:12 arch greetd[956]: pam_unix(greetd:session): session opened for user greeter(uid=969) by greeter(uid=0)
May 16 13:59:12 arch greetd[1011]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", serv>
May 16 13:59:44 arch greetd[1011]: error: expected Args or Cancel, got: PamResponse { resp: Some("mypassword") }
May 16 13:59:44 arch greetd[955]: client loop failed: i/o error: Broken pipe (os error 32)
May 16 13:59:51 arch greetd[1225]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", serv>
May 16 13:59:54 arch greetd[1225]: pam_unix(greetd:session): session opened for user gigo(uid=1000) by gigo(uid=0)
May 17 00:03:05 arch greetd[188179]: config: Config { file: ConfigFile { terminal: ConfigTerminal { vt: None, switch: false }, general: ConfigGeneral { source_profile: true, runfile: "/run/greetd.run", service: "greetd" }, default_session: ConfigSession { command: "", user: "", se>
May 17 00:03:05 arch systemd[1]: Stopping Greeter daemon...
May 17 00:03:05 arch systemd[1]: greetd.service: Deactivated successfully.
May 17 00:03:05 arch systemd[1]: Stopped Greeter daemon.

Debug log

2024-05-17T01:15:42.519316Z  INFO tuigreet: 49: tuigreet started
2024-05-17T01:15:42.521049Z  INFO tuigreet: 66: creating remembered session for user gigo
2024-05-17T01:15:42.521053Z  INFO tuigreet::ipc: 36: sending request to greetd: CreateSession { username: "gigo" }
2024-05-17T01:15:42.540254Z  INFO tuigreet::ipc: 72: received greetd message: AuthMessage { auth_message_type: Secret, auth_message: "Password: " }
2024-05-17T01:15:54.321384Z  INFO tuigreet::ipc: 36: sending request to greetd: PostAuthMessageResponse
2024-05-17T01:15:54.336825Z  INFO tuigreet::ipc: 72: received greetd message: Success
2024-05-17T01:15:54.336830Z  INFO tuigreet::ipc: 149: authentication successful, starting session
2024-05-17T01:16:00.952391Z  INFO tuigreet::ipc: 36: sending request to greetd: PostAuthMessageResponse
2024-05-17T01:16:00.953540Z  INFO tuigreet::ipc: 72: received greetd message: Error { error_type: Error, description: "expected Args or Cancel, got: PamResponse { resp: Some(\"mypassword\") }" }
2024-05-17T01:16:00.953548Z  INFO tuigreet::ipc: 180: received an error from greetd: Error - expected Args or Cancel, got: PamResponse { resp: Some("mypassword") }
2024-05-17T01:16:00.953550Z  INFO tuigreet::ipc: 207: cancelling session
2024-05-17T01:16:05.849461Z  INFO tuigreet::ipc: 36: sending request to greetd: CreateSession { username: "gigo" }
2024-05-17T01:16:05.867865Z  INFO tuigreet::ipc: 72: received greetd message: AuthMessage { auth_message_type: Secret, auth_message: "Password: " }
2024-05-17T01:16:08.172451Z  INFO tuigreet::ipc: 36: sending request to greetd: PostAuthMessageResponse
2024-05-17T01:16:08.188092Z  INFO tuigreet::ipc: 72: received greetd message: Success
2024-05-17T01:16:08.188098Z  INFO tuigreet::ipc: 149: authentication successful, starting session
2024-05-17T01:16:08.188105Z  INFO tuigreet::ipc: 36: sending request to greetd: StartSession { cmd: ["Hyprland"], env: ["XDG_SESSION_DESKTOP=hyprland", "DESKTOP_SESSION=hyprland", "XDG_SESSION_TYPE=wayland"] }
2024-05-17T01:16:08.188172Z  INFO tuigreet::ipc: 72: received greetd message: Success
2024-05-17T01:16:08.188175Z  INFO tuigreet::ipc: 115: greetd acknowledged session start, exiting
2024-05-17T01:16:08.188176Z  INFO tuigreet::ipc: 118: caching last successful username
2024-05-17T01:16:08.188301Z  INFO tuigreet: 122: preparing exit with status Success
2024-05-17T01:16:08.190115Z  INFO tuigreet: 90: exiting main loop

[apognu]

I could reproduce the issue when no command/session was configured. I just pushed a potential fix (basically, refuse to start a session if no command was configured on the dev/no-session-error branch. Could you try and inform if this fixes the error message and log line issues?

Edit: I also pushed another commit to remove every instance of tuigreet unpacking an error from greetd and outputing it somewhere, which is what happened here.

[JcBernack]

Thanks for the fast response!

I can confirm that it shows "No command configured" now and that the password does not end up in the log anymore.

The blank CMD behavior itself remains, but is better described in the other issue: https://github.com/apognu/tuigreet/issues/141

[apognu]

Yes, I'll keep the other issue to track those things separately. :+1:

[apognu]

This is now available in the 0.9.1 version of tuigreet.