GUI password prompt

[80KiloMett]

Hi,

I have ph type bound to a keyboard shortcut in my window manager. The problem is: When I reboot my machine, there is no password database in the cache, so I need to enter my password. This in turn breaks my keyboard shortcut. So whenever I reboot my system or my cache expires (I like to have a cache timeout) I have to open a terminal to unlock the database before I can use the shortcut.

What I'm imagining is something like the sudo -A flag, that can delegate the password entry to an external command. I currently have the password patch for dmenu installed and a dmenu-script set up to act as my sudo-askpass-command. This way I can run shell scripts that need root privileges from dmenu.

[80KiloMett]

Okay... premature post as always. I just had a look at the Code and saw that passhole uses zenity for this purpose, which I had not installed. From my perspective the problem is solved for now.

Even though my problem is solved two things:

• Being able to define custom tools for this purpose would still be nice
• Zenity should be listed somewhere as a dependency for the ph type command

I'm gonna keep this open for now as a feature request. If you'd like I can reformulate the issue.

[PRESFIL]

keepmenu in this case spawn default launcher (dmenu) and ask password. If password is correct, it keeps doing and spawn normal keepmenu main menu, where user can select from password. You can opt out of zenity altogether if there is a dmenu.

[Evidlo]

@PRESFIL That's a good idea. I can fall back to dmenu for password prompt if zenity isn't present.

[PRESFIL]

I don't know why zenity is needed in principle (it's so beautiful? ;) ). In this case, it is a duplication of functionality. At the same time, it is unnecessary, because dmenu will always be there, because this is not an optional dependency.

[PRESFIL]

zenity is probably needed to hide the password, isn't it? dmenu really can't do this out of the box, but there is one tricky hack: firecat53/keepmenu#46. (they have a separate font and background settings for password prompt, so it merges with the background and is unreadable).

[Evidlo]

I tried this out and it seems to work OK.

I wouldn't go so far as to call it a hack. passhole already does this when displaying passwords with the show command.

dmenu -nf black -nb black -p password <&-

[PRESFIL]

I call this a hack because it seems to me that the password can be stolen using xdotool ). But, keepmenu already uses this method, so that is fine. User can also use a patched dmenu, but then he|she need to pass additional parameters to it somehow.

[Evidlo]

because dmenu will always be there, because this is not an optional dependency.

Dmenu is not a hard dependency. You can use whatever menu tool you specify in --prog.

I call this a hack because it seems to me that the password can be stolen using xdotool

If your machine is compromised, you're already hosed because the attacker can just run a keylogger to capture your database password or dump passhole's memory to get at the open database.