diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-18 02:05:48 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-20 20:16:34 +0100 |
| commit | 5cf25633d48f79f39ab8c35883e1e437b3a058e4 (patch) | |
| tree | b22f047751d27b4ed4f04860e9d2ad0ad0c3fa0c | |
| parent | ad1856777bf108826008b60a1e70c1e3fbb94ec7 (diff) | |
lacme: Preserve $GPG_TTY when spawning the accountd.
This is needed for gpg-encrypted privkeys.
| -rwxr-xr-x | lacme | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -503,14 +503,16 @@ sub acme_client($@) { if (defined (my $accountd = $CONFIG->{accountd})) { warn "Setting 'privkey' in lacme.conf's [accountd] section is deprecated and will become an error in a future release! " ."Set it in lacme-accountd.conf instead.\n" if $accountd->{privkey} ne ''; + my $GPG_TTY = $ENV{GPG_TTY}; socketpair($client, my $s, AF_UNIX, SOCK_STREAM, PF_UNSPEC) or die "socketpair: $!"; my $pid = fork() // "fork: $!"; unless ($pid) { drop_privileges($accountd->{user}, $accountd->{group}, '/'); - set_FD_CLOEXEC($s, 1); $client->close() or die "close: $!"; open STDIN, '<&', $s or die "dup: $!"; open STDOUT, '>&', $s or die "dup: $!"; + set_FD_CLOEXEC($s, 1); + $ENV{GPG_TTY} = $GPG_TTY if defined $GPG_TTY; my ($cmd, @args) = split(/\s+/, $accountd->{command}) or die "Empty accountd command\n"; push @args, '--stdio'; push @args, '--config='.$accountd->{config} if $accountd->{config} ne ''; |