lacme: Preserve $GPG_TTY when spawning the accountd.

This is needed for gpg-encrypted privkeys.
author: Guilhem Moulin <guilhem@fripost.org> 2021-02-18 02:05:48 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2021-02-20 20:16:34 +0100
commit: 5cf25633d48f79f39ab8c35883e1e437b3a058e4 (patch)
tree: b22f047751d27b4ed4f04860e9d2ad0ad0c3fa0c
parent: ad1856777bf108826008b60a1e70c1e3fbb94ec7 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lacme b/lacme
index 87a44be..d141b62 100755
--- a/lacme
+++ b/lacme
@@ -503,14 +503,16 @@ sub acme_client($@) {
     if (defined (my $accountd = $CONFIG->{accountd})) {
         warn "Setting 'privkey' in lacme.conf's [accountd] section is deprecated and will become an error in a future release! "
             ."Set it in lacme-accountd.conf instead.\n" if $accountd->{privkey} ne '';
+        my $GPG_TTY = $ENV{GPG_TTY};
         socketpair($client, my $s, AF_UNIX, SOCK_STREAM, PF_UNSPEC) or die "socketpair: $!";
         my $pid = fork() // "fork: $!";
         unless ($pid) {
             drop_privileges($accountd->{user}, $accountd->{group}, '/');
-            set_FD_CLOEXEC($s, 1);
             $client->close() or die "close: $!";
             open STDIN,  '<&', $s or die "dup: $!";
             open STDOUT, '>&', $s or die "dup: $!";
+            set_FD_CLOEXEC($s, 1);
+            $ENV{GPG_TTY} = $GPG_TTY if defined $GPG_TTY;
             my ($cmd, @args) = split(/\s+/, $accountd->{command}) or die "Empty accountd command\n";
             push @args, '--stdio';
             push @args, '--config='.$accountd->{config}   if $accountd->{config} ne '';
author	Guilhem Moulin <guilhem@fripost.org>	2021-02-18 02:05:48 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2021-02-20 20:16:34 +0100
commit	5cf25633d48f79f39ab8c35883e1e437b3a058e4 (patch)
tree	b22f047751d27b4ed4f04860e9d2ad0ad0c3fa0c
parent	ad1856777bf108826008b60a1e70c1e3fbb94ec7 (diff)