From a7fe1a31f0dc5ab2182503c031cac9714c89db2d Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Jan 24 2011 22:40:24 +0000 Subject: Bug 576534 - Password displayed on console when entered in command-line utilities https://bugzilla.redhat.com/show_bug.cgi?id=576534 Resolves: bug 576534 Bug Description: Password displayed on console when entered in command-line utilities Reviewed by: nhosoi (Thanks!) Branch: master Fix Description: Add a new configurable path - sttyexec - to configure.ac. This is the absolute path and filename of the stty command to use with the -echo and echo options to disable and enable tty echo for password entry with perl scripts. By default it is set to /bin/stty but it can be overridden on a per-platform basis in configure.ac. I had to move DialogManager.pm to DialogManager.pm.in in order to replace the stty command used there (which actually worked with just stty - not sure why that worked but other perl scripts did not). Platforms tested: RHEL6 x86_64 Flag Day: yes - file renamed - autoconf file changes Doc impact: no --- diff --git a/Makefile.am b/Makefile.am index 5345225..0b7edaf 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1390,6 +1390,7 @@ fixupcmd = sed \ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \ -e 's,@with_selinux\@,@with_selinux@,g' \ -e 's,@perlexec\@,@perlexec@,g' \ + -e 's,@sttyexec\@,@sttyexec@,g' \ -e 's,@initconfigdir\@,$(initconfigdir),g'\ -e 's,@updatedir\@,$(updatedir),g' \ -e 's,@ldaplib\@,$(ldaplib),g' \ @@ -1451,6 +1452,7 @@ fixupcmd = sed \ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \ -e 's,@with_selinux\@,@with_selinux@,g' \ -e 's,@perlexec\@,@perlexec@,g' \ + -e 's,@sttyexec\@,@sttyexec@,g' \ -e 's,@initconfigdir\@,$(initconfigdir),g' \ -e 's,@updatedir\@,$(updatedir),g' \ -e 's,@ldaplib\@,$(ldaplib),g' \ diff --git a/Makefile.in b/Makefile.in index 39d400f..b559695 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1235,6 +1235,7 @@ serverincdir = $(includedir)@serverincdir@ serverplugindir = $(libdir)@serverplugindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +sttyexec = @sttyexec@ svrcore_inc = @svrcore_inc@ svrcore_lib = @svrcore_lib@ sysconfdir = @sysconfdir@ @@ -2471,6 +2472,7 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS @BUNDLE_FALSE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \ @BUNDLE_FALSE@ -e 's,@with_selinux\@,@with_selinux@,g' \ @BUNDLE_FALSE@ -e 's,@perlexec\@,@perlexec@,g' \ +@BUNDLE_FALSE@ -e 's,@sttyexec\@,@sttyexec@,g' \ @BUNDLE_FALSE@ -e 's,@initconfigdir\@,$(initconfigdir),g' \ @BUNDLE_FALSE@ -e 's,@updatedir\@,$(updatedir),g' \ @BUNDLE_FALSE@ -e 's,@ldaplib\@,$(ldaplib),g' \ @@ -2542,6 +2544,7 @@ rsearch_bin_LDADD = $(NSPR_LINK) $(NSS_LINK) $(LDAPSDK_LINK) $(SASL_LINK) $(LIBS @BUNDLE_TRUE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \ @BUNDLE_TRUE@ -e 's,@with_selinux\@,@with_selinux@,g' \ @BUNDLE_TRUE@ -e 's,@perlexec\@,@perlexec@,g' \ +@BUNDLE_TRUE@ -e 's,@sttyexec\@,@sttyexec@,g' \ @BUNDLE_TRUE@ -e 's,@initconfigdir\@,$(initconfigdir),g'\ @BUNDLE_TRUE@ -e 's,@updatedir\@,$(updatedir),g' \ @BUNDLE_TRUE@ -e 's,@ldaplib\@,$(ldaplib),g' \ diff --git a/configure b/configure index 48e2e0f..6e679d1 100755 --- a/configure +++ b/configure @@ -669,6 +669,7 @@ SOLARIS_TRUE HPUX_FALSE HPUX_TRUE initconfigdir +sttyexec perlexec initdir LIBCRUN @@ -17060,6 +17061,15 @@ fi # and HP-UX, /usr/bin/perl is 32 bit, so we cannot use # those with our 64 bit compiled product. perlexec='/usr/bin/env perl' +# we use stty in perl scripts to disable password echo +# this doesn't work unless the full absolute path of the +# stty command is used e.g. system("stty -echo") does not +# work but system("/bin/stty -echo") does work +# since the path of stty may not be the same on all +# platforms, we set the default here to /bin/stty and +# allow that value to be overridden in the platform +# specific section below +sttyexec=/bin/stty case $host in *-*-linux*) @@ -17288,6 +17298,7 @@ fi + # set default initconfigdir if not already set # value will be set so as to be relative to $(sysconfdir) if test -z "$initconfigdir" ; then diff --git a/configure.ac b/configure.ac index 286cf5f..f990895 100644 --- a/configure.ac +++ b/configure.ac @@ -357,6 +357,15 @@ AC_ARG_WITH(initddir, # and HP-UX, /usr/bin/perl is 32 bit, so we cannot use # those with our 64 bit compiled product. perlexec='/usr/bin/env perl' +# we use stty in perl scripts to disable password echo +# this doesn't work unless the full absolute path of the +# stty command is used e.g. system("stty -echo") does not +# work but system("/bin/stty -echo") does work +# since the path of stty may not be the same on all +# platforms, we set the default here to /bin/stty and +# allow that value to be overridden in the platform +# specific section below +sttyexec=/bin/stty case $host in *-*-linux*) AC_DEFINE([XP_UNIX], [1], [UNIX]) @@ -467,6 +476,7 @@ if test -n "$with_initddir" ; then fi AC_SUBST(initdir) AC_SUBST(perlexec) +AC_SUBST(sttyexec) # set default initconfigdir if not already set # value will be set so as to be relative to $(sysconfdir) diff --git a/ldap/admin/src/scripts/DialogManager.pm b/ldap/admin/src/scripts/DialogManager.pm deleted file mode 100644 index a9f493b..0000000 --- a/ldap/admin/src/scripts/DialogManager.pm +++ /dev/null @@ -1,241 +0,0 @@ -# BEGIN COPYRIGHT BLOCK -# This Program is free software; you can redistribute it and/or modify it under -# the terms of the GNU General Public License as published by the Free Software -# Foundation; version 2 of the License. -# -# This Program is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along with -# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple -# Place, Suite 330, Boston, MA 02111-1307 USA. -# -# In addition, as a special exception, Red Hat, Inc. gives You the additional -# right to link the code of this Program with code not covered under the GNU -# General Public License ("Non-GPL Code") and to distribute linked combinations -# including the two, subject to the limitations in this paragraph. Non-GPL Code -# permitted under this exception must only link to the code of this Program -# through those well defined interfaces identified in the file named EXCEPTION -# found in the source code files (the "Approved Interfaces"). The files of -# Non-GPL Code may instantiate templates or use macros or inline functions from -# the Approved Interfaces without causing the resulting work to be covered by -# the GNU General Public License. Only Red Hat, Inc. may make changes or -# additions to the list of Approved Interfaces. You must obey the GNU General -# Public License in all respects for all of the Program code and other code used -# in conjunction with the Program except the Non-GPL Code covered by this -# exception. If you modify this file, you may extend this exception to your -# version of the file, but you are not obligated to do so. If you do not wish to -# provide this exception without modification, you must delete this exception -# statement from your version and license this file solely under the GPL without -# exception. -# -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# END COPYRIGHT BLOCK -# - -package DialogManager; -use Exporter (); -@ISA = qw(Exporter); -@EXPORT = qw($BACK $SAME $NEXT $ERR); -@EXPORT_OK = qw($BACK $SAME $NEXT $ERR); - -use Dialog; -use SetupLog; - -# Dialog responses -$FIRST = -2; # go back to first prompt on a dialog -$BACK = -1; # go back to previous dialog -$SAME = 0; # reshow the same prompt or dialog -$NEXT = 1; # go to the next dialog -$ERR = 2; # fatal error - -# The DialogManager controls the flow of the dialogs and contains context shared -# among all of the dialogs (resources, logs, current setup type, etc.) -# all of these are optional -sub new { - my $type = shift; - my $self = {}; - - $self->{setup} = shift; - $self->{res} = shift; - $self->{type} = shift; - - $self->{log} = $self->{setup}->{log}; - $self->{inf} = $self->{setup}->{inf}; - - $self = bless $self, $type; - - return $self; -} - -sub getType { - my $self = shift; - return $self->{type}; -} - -sub setType { - my $self = shift; - $self->{type} = shift; -} - -sub addDialog { - my $self = shift; - for my $dialog (@_) { - $dialog->setManager($self); - push @{$self->{dialogs}}, $dialog; - } -} - -sub resetDialog { - my $self = shift; - @{$self->{dialogs}} = (); -} - -# see if the user answered with the special BACK answer -sub isBack { - my $self = shift; - my $ans = shift; - - if (!$ans) { - return 0; - } - - # the word "back" - if ($ans =~ /^\s*back\s*$/i) { - return 1; - } - # a Ctrl-B sequence - if ($ans eq '') { - return 1; - } - - return 0; -} - -sub log { - my $self = shift; - if (!$self->{log}) { - print @_; - } else { - $self->{log}->logMessage($INFO, "Setup", @_); - } -} - -sub getText { - my $self = shift; - return $self->{res}->getText(@_); -} - -sub handleError { - my $self = shift; - my $msg = $self->{res}->getText('setup_err_exit'); - $self->{log}->logMessage($FATAL, "Setup", $msg); -} - -sub showText { - my $self = shift; - my $msg = shift; - my $text = $self->getText($msg); - print "\n", ("=" x 78), "\n"; - # display it, - print $text; - # log it - $self->log($text); -} - -sub showPrompt { - my $self = shift; - my $msg = shift; - my $defaultans = shift; - my $ispwd = shift; - - my $text = $self->getText($msg); - # display it, - print $text; - # log it - $self->log($text . "\n"); - # display the default answer - if ($defaultans) { - print " [$defaultans]"; - } - print ": "; - # if we are prompting for a password, disable console echo - if ($ispwd) { - system("stty -echo"); - } - # read the answer - my $ans = ; - # if we are prompting for a password, enable console echo - if ($ispwd) { - system("stty echo"); - print "\n"; - } - chop($ans); # trim trailing newline - - # see if this is the special BACK response, and finish if so - if ($self->isBack($ans)) { - $self->log("BACK\n"); - return $ans; - } - - if (!length($ans)) { - $ans = $defaultans; - } - - # log the response, if not a password - if (!$ispwd) { - $self->log($ans . "\n"); - } - - return $ans; -} - -sub alert { - my $self = shift; - my $msg = $self->{res}->getText(@_); - print $msg; - $self->{log}->logMessage($WARN, "Setup", $msg); -} - -sub run { - my $self = shift; - my $done; - my $index = 0; - my $incr = 1; - my $rc = 0; - - while (!$done) { - my $dialog = $self->{dialogs}->[$index]; - if ($dialog->isEnabled()) { - my $resp = $NEXT; - $resp = $dialog->run($incr); - if ($resp == $BACK) { - $incr = -1; - } elsif ($resp == $NEXT) { - $incr = 1; - } elsif (($resp == $SAME) or ($resp == $FIRST)) { - $incr = 0; - } else { - $self->handleError($resp); - $done = 1; - $rc = 1; - } - } - $index += $incr; - if ($index < 0) { - $index = 0; - } elsif ($index >= @{$self->{dialogs}}) { - $done = 1; - } - } - - return $rc; -} - -############################################################################# -# Mandatory TRUE return value. -# -1; diff --git a/ldap/admin/src/scripts/DialogManager.pm.in b/ldap/admin/src/scripts/DialogManager.pm.in new file mode 100644 index 0000000..9c07f31 --- /dev/null +++ b/ldap/admin/src/scripts/DialogManager.pm.in @@ -0,0 +1,241 @@ +# BEGIN COPYRIGHT BLOCK +# This Program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free Software +# Foundation; version 2 of the License. +# +# This Program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along with +# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple +# Place, Suite 330, Boston, MA 02111-1307 USA. +# +# In addition, as a special exception, Red Hat, Inc. gives You the additional +# right to link the code of this Program with code not covered under the GNU +# General Public License ("Non-GPL Code") and to distribute linked combinations +# including the two, subject to the limitations in this paragraph. Non-GPL Code +# permitted under this exception must only link to the code of this Program +# through those well defined interfaces identified in the file named EXCEPTION +# found in the source code files (the "Approved Interfaces"). The files of +# Non-GPL Code may instantiate templates or use macros or inline functions from +# the Approved Interfaces without causing the resulting work to be covered by +# the GNU General Public License. Only Red Hat, Inc. may make changes or +# additions to the list of Approved Interfaces. You must obey the GNU General +# Public License in all respects for all of the Program code and other code used +# in conjunction with the Program except the Non-GPL Code covered by this +# exception. If you modify this file, you may extend this exception to your +# version of the file, but you are not obligated to do so. If you do not wish to +# provide this exception without modification, you must delete this exception +# statement from your version and license this file solely under the GPL without +# exception. +# +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# END COPYRIGHT BLOCK +# + +package DialogManager; +use Exporter (); +@ISA = qw(Exporter); +@EXPORT = qw($BACK $SAME $NEXT $ERR); +@EXPORT_OK = qw($BACK $SAME $NEXT $ERR); + +use Dialog; +use SetupLog; + +# Dialog responses +$FIRST = -2; # go back to first prompt on a dialog +$BACK = -1; # go back to previous dialog +$SAME = 0; # reshow the same prompt or dialog +$NEXT = 1; # go to the next dialog +$ERR = 2; # fatal error + +# The DialogManager controls the flow of the dialogs and contains context shared +# among all of the dialogs (resources, logs, current setup type, etc.) +# all of these are optional +sub new { + my $type = shift; + my $self = {}; + + $self->{setup} = shift; + $self->{res} = shift; + $self->{type} = shift; + + $self->{log} = $self->{setup}->{log}; + $self->{inf} = $self->{setup}->{inf}; + + $self = bless $self, $type; + + return $self; +} + +sub getType { + my $self = shift; + return $self->{type}; +} + +sub setType { + my $self = shift; + $self->{type} = shift; +} + +sub addDialog { + my $self = shift; + for my $dialog (@_) { + $dialog->setManager($self); + push @{$self->{dialogs}}, $dialog; + } +} + +sub resetDialog { + my $self = shift; + @{$self->{dialogs}} = (); +} + +# see if the user answered with the special BACK answer +sub isBack { + my $self = shift; + my $ans = shift; + + if (!$ans) { + return 0; + } + + # the word "back" + if ($ans =~ /^\s*back\s*$/i) { + return 1; + } + # a Ctrl-B sequence + if ($ans eq '') { + return 1; + } + + return 0; +} + +sub log { + my $self = shift; + if (!$self->{log}) { + print @_; + } else { + $self->{log}->logMessage($INFO, "Setup", @_); + } +} + +sub getText { + my $self = shift; + return $self->{res}->getText(@_); +} + +sub handleError { + my $self = shift; + my $msg = $self->{res}->getText('setup_err_exit'); + $self->{log}->logMessage($FATAL, "Setup", $msg); +} + +sub showText { + my $self = shift; + my $msg = shift; + my $text = $self->getText($msg); + print "\n", ("=" x 78), "\n"; + # display it, + print $text; + # log it + $self->log($text); +} + +sub showPrompt { + my $self = shift; + my $msg = shift; + my $defaultans = shift; + my $ispwd = shift; + + my $text = $self->getText($msg); + # display it, + print $text; + # log it + $self->log($text . "\n"); + # display the default answer + if ($defaultans) { + print " [$defaultans]"; + } + print ": "; + # if we are prompting for a password, disable console echo + if ($ispwd) { + system("@sttyexec@ -echo"); + } + # read the answer + my $ans = ; + # if we are prompting for a password, enable console echo + if ($ispwd) { + system("@sttyexec@ echo"); + print "\n"; + } + chop($ans); # trim trailing newline + + # see if this is the special BACK response, and finish if so + if ($self->isBack($ans)) { + $self->log("BACK\n"); + return $ans; + } + + if (!length($ans)) { + $ans = $defaultans; + } + + # log the response, if not a password + if (!$ispwd) { + $self->log($ans . "\n"); + } + + return $ans; +} + +sub alert { + my $self = shift; + my $msg = $self->{res}->getText(@_); + print $msg; + $self->{log}->logMessage($WARN, "Setup", $msg); +} + +sub run { + my $self = shift; + my $done; + my $index = 0; + my $incr = 1; + my $rc = 0; + + while (!$done) { + my $dialog = $self->{dialogs}->[$index]; + if ($dialog->isEnabled()) { + my $resp = $NEXT; + $resp = $dialog->run($incr); + if ($resp == $BACK) { + $incr = -1; + } elsif ($resp == $NEXT) { + $incr = 1; + } elsif (($resp == $SAME) or ($resp == $FIRST)) { + $incr = 0; + } else { + $self->handleError($resp); + $done = 1; + $rc = 1; + } + } + $index += $incr; + if ($index < 0) { + $index = 0; + } elsif ($index >= @{$self->{dialogs}}) { + $done = 1; + } + } + + return $rc; +} + +############################################################################# +# Mandatory TRUE return value. +# +1; diff --git a/ldap/admin/src/scripts/template-bak2db.pl.in b/ldap/admin/src/scripts/template-bak2db.pl.in index 96bfd16..4cd51ab 100644 --- a/ldap/admin/src/scripts/template-bak2db.pl.in +++ b/ldap/admin/src/scripts/template-bak2db.pl.in @@ -93,11 +93,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-db2bak.pl.in b/ldap/admin/src/scripts/template-db2bak.pl.in index 27f9f30..b443f0b 100644 --- a/ldap/admin/src/scripts/template-db2bak.pl.in +++ b/ldap/admin/src/scripts/template-db2bak.pl.in @@ -90,11 +90,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-db2index.pl.in b/ldap/admin/src/scripts/template-db2index.pl.in index 91101a1..eb58957 100644 --- a/ldap/admin/src/scripts/template-db2index.pl.in +++ b/ldap/admin/src/scripts/template-db2index.pl.in @@ -129,11 +129,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-db2ldif.pl.in b/ldap/admin/src/scripts/template-db2ldif.pl.in index f3148ff..2db6421 100644 --- a/ldap/admin/src/scripts/template-db2ldif.pl.in +++ b/ldap/admin/src/scripts/template-db2ldif.pl.in @@ -181,11 +181,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in b/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in index 17ca9f7..1745f80 100644 --- a/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in +++ b/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in @@ -111,11 +111,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-fixup-memberof.pl.in b/ldap/admin/src/scripts/template-fixup-memberof.pl.in index 5dff5f7..547379f 100644 --- a/ldap/admin/src/scripts/template-fixup-memberof.pl.in +++ b/ldap/admin/src/scripts/template-fixup-memberof.pl.in @@ -120,11 +120,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-ldif2db.pl.in b/ldap/admin/src/scripts/template-ldif2db.pl.in index b4d2c83..da6073b 100644 --- a/ldap/admin/src/scripts/template-ldif2db.pl.in +++ b/ldap/admin/src/scripts/template-ldif2db.pl.in @@ -169,11 +169,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-ns-accountstatus.pl.in b/ldap/admin/src/scripts/template-ns-accountstatus.pl.in index 0b4deeb..7769ce2 100644 --- a/ldap/admin/src/scripts/template-ns-accountstatus.pl.in +++ b/ldap/admin/src/scripts/template-ns-accountstatus.pl.in @@ -465,11 +465,11 @@ if ($pwfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $rootpw = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($rootpw); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-ns-activate.pl.in b/ldap/admin/src/scripts/template-ns-activate.pl.in index 0b4deeb..7769ce2 100644 --- a/ldap/admin/src/scripts/template-ns-activate.pl.in +++ b/ldap/admin/src/scripts/template-ns-activate.pl.in @@ -465,11 +465,11 @@ if ($pwfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $rootpw = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($rootpw); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-ns-inactivate.pl.in b/ldap/admin/src/scripts/template-ns-inactivate.pl.in index 0b4deeb..7769ce2 100644 --- a/ldap/admin/src/scripts/template-ns-inactivate.pl.in +++ b/ldap/admin/src/scripts/template-ns-inactivate.pl.in @@ -465,11 +465,11 @@ if ($pwfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $rootpw = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($rootpw); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-schema-reload.pl.in b/ldap/admin/src/scripts/template-schema-reload.pl.in index 7cac483..364c2b0 100644 --- a/ldap/admin/src/scripts/template-schema-reload.pl.in +++ b/ldap/admin/src/scripts/template-schema-reload.pl.in @@ -110,11 +110,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-syntax-validate.pl.in b/ldap/admin/src/scripts/template-syntax-validate.pl.in index 401ec87..b5fb796 100644 --- a/ldap/admin/src/scripts/template-syntax-validate.pl.in +++ b/ldap/admin/src/scripts/template-syntax-validate.pl.in @@ -120,11 +120,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline } diff --git a/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in b/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in index 7ad6ca2..53e4cea 100644 --- a/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in +++ b/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in @@ -124,11 +124,11 @@ if ($passwdfile ne ""){ # Read the password from terminal print "Bind Password: "; # Disable console echo - system("stty -echo") if -t STDIN; + system("@sttyexec@ -echo") if -t STDIN; # read the answer $passwd = ; # Enable console echo - system("stty echo") if -t STDIN; + system("@sttyexec@ echo") if -t STDIN; print "\n"; chop($passwd); # trim trailing newline }