Bug 75267

Summary: Password remains on shell prompt when password dialog times out
Product: PolicyKit Reporter: Armin K <krejzi>
Component: daemonAssignee: David Zeuthen (not reading bugmail) <zeuthen>
Status: RESOLVED NOTOURBUG QA Contact: David Zeuthen (not reading bugmail) <zeuthen>
Severity: critical    
Priority: medium CC: lennart
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:

Description Armin K 2014-02-20 16:24:07 UTC 
Trying to reboot my VM via /sbin/reboot, which is a systemd version of reboot. It will spawn its authentication agent, and then the following behaviour occours:



$ /sbin/reboot
==== AUTHENTICATING FOR org.freedesktop.login1.reboot ===
Authentication is required for rebooting the system.
Authenticating as: root
Password: Failed to issue method call: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
Must be root.
polkit-agent-helper-1: pam_authenticate failed: Conversation error
armin [ ~ ]$ -bash: mypassword: command not found



[17:11:12] <Black_Prince> so the trick is
[17:11:16] <Black_Prince> when the password prompt appears
[17:11:21] <Black_Prince> and you type in the password, but don't hit return
[17:11:24] <Black_Prince> it will timeout
[17:11:29] <Black_Prince> and return you to the shell prompt
[17:11:34] <Black_Prince> the shell prompt will have your password written
[17:11:44] <Black_Prince> but you won't see it nor anything else that you type after using the command above
[17:12:18] <Black_Prince> so if you hit return after your shell prompt gets back
[17:12:27] <Black_Prince> you'll see armin [ ~ ]$ -bash: mypassword: command not found
[17:12:29] <Black_Prince> dang
[17:13:03] <Black_Prince> for your info, I typed mypassword in the box just to reproduce it :3
[17:13:09] <Black_Prince> box = password prompt, doh 
[17:15:45] <Black_Prince> note, I was logged via ssh as a normal user
[17:15:56] <Black_Prince> that's why it didn't just reboot, since the session wasn't local
Comment 1 David Zeuthen (not reading bugmail) 2014-02-20 19:08:00 UTC 
FWIW, I agree it's unfortunate that your password is echoed in cleartext, but I'm not sure this is a polkit problem or where the problem is. I guess someone would need to dig deeper to figure out what's happening.
Comment 2 Armin K 2014-02-20 19:24:41 UTC 
I can't reproduce this with pkexec, since the password prompt does not timeout. Well, at least it has been sitting there for last 5 minutes unlike the one in the report that only sits for like 10 seconds.

CC'ing Lennart, since this might be related to systemd's built-in authentication agent.
Comment 3 Armin K 2015-09-06 13:52:58 UTC 
This is a bug in systemd polkit agent.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.