sertonix
commented
10 months ago ~To fix issues like #175 the check should may be removed completely~ not yet confirmed
Closed sertonix closed 8 months ago
sertonix
commented
10 months ago ~To fix issues like #175 the check should may be removed completely~ not yet confirmed
kennylevinsen
commented
10 months ago This will not work for #175, where the shadow file is located elsewhere. For that, the checks would have to be replaced with a password retrieval attempt (the start of run_pw_backend_child).
sertonix
commented
10 months ago This will not work for #175, where the shadow file is located elsewhere. For that, the checks would have to be replaced with a password retrieval attempt (the start of
run_pw_backend_child).
I looked at the code and found a better solution. Will push as soon as it is done.
sertonix
commented
10 months ago Is it safe to pass a pointer to a fork? From what I found it is but want to make sure.
emersion
commented
10 months ago A downside of this approach is that changing the user's password while swaylock is running won't work. In other words, if someone forgets their password and tries to change it via SSH, swaylock still won't unlock. Maybe that's not such a big deal since it's possible to send a signal to swaylock to unlock itself via SSH too.
sertonix
commented
10 months ago A downside of this approach is that changing the user's password while swaylock is running won't work.
I am pretty sure that is already how it works even without my change.
emersion
commented
10 months ago Hm, indeed!
sertonix
commented
10 months ago The privilege drop would also conflict with reading the password later.
sertonix
commented
8 months ago @emersion What is the blocker for this PR?
This ensures that the parent properly errors only if the password cannot be read.