def _get_password_from_user(self, parent, profile_id = None, mode = None, pw_id = 1, prompt = None):
"""
ask user for password. This does even work when run as cronjob
and user is logged in.
"""
if prompt is None:
prompt = _('Profile \'%(profile)s\': Enter password for %(mode)s: ') % {'profile': self.config.get_profile_name(profile_id), 'mode': self.config.SNAPSHOT_MODES[mode][pw_id + 1]}
tools.register_backintime_path('qt4')
x_server = tools.check_x_server()
import_successful = False
if x_server:
try:
import messagebox
import_successful = True
except ImportError:
pass
if not import_successful or not x_server:
import getpass
alarm = tools.Alarm()
alarm.start(300)
try:
password = getpass.getpass(prompt)
alarm.stop()
except Timeout:
password = ''
return password
password = messagebox.ask_password_dialog(parent, self.config.APP_NAME,
prompt = prompt,
timeout = 300)
return password
def unlock_ssh_agent(self, force = False):
"""
using askpass.py to unlock private key in ssh-agent
"""
env = os.environ.copy()
env['SSH_ASKPASS'] = '******'
env['ASKPASS_PROFILE_ID'] = self.profile_id
env['ASKPASS_MODE'] = self.mode
if force:
#remove private key first so we can check if the given password is valid
logger.debug('Remove private key %s from ssh agent' % self.private_key_file, self)
proc = subprocess.Popen(['ssh-add', '-d', self.private_key_file],
stdin=subprocess.DEVNULL,
stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL,
universal_newlines = True)
proc.communicate()
proc = subprocess.Popen(['ssh-add', '-l'],
stdout = subprocess.PIPE,
universal_newlines = True)
output = proc.communicate()[0]
if force or not output.find(self.private_key_fingerprint) >= 0:
logger.debug('Add private key %s to ssh agent' % self.private_key_file, self)
password_available = any([self.config.get_password_save(self.profile_id),
self.config.get_password_use_cache(self.profile_id),
not self.password is None
])
logger.debug('Password available: %s' %password_available, self)
if not password_available and not tools.check_x_server():
#we need to unlink stdin from ssh-add in order to make it
#use our own backintime-askpass.
#But because of this we can NOT use getpass inside backintime-askpass
#if password is not saved and there is no x-server.
#So, let's just keep ssh-add asking for the password in that case.
alarm = tools.Alarm()
alarm.start(10)
try:
proc = subprocess.call(['ssh-add', self.private_key_file])
alarm.stop()
except tools.Timeout:
pass
else:
if self.password:
logger.debug('Provide password through temp FIFO', self)
thread = password_ipc.TempPasswordThread(self.password)
env['ASKPASS_TEMP'] = thread.temp_file
thread.start()
proc = subprocess.Popen(['ssh-add', self.private_key_file],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env = env,
preexec_fn = os.setsid,
universal_newlines = True)
output, error = proc.communicate()
if proc.returncode:
logger.error('Failed to unlock SSH private key %s: %s'
%(self.private_key_file, error),
self)
if self.password:
thread.stop()
proc = subprocess.Popen(['ssh-add', '-l'],
stdout = subprocess.PIPE,
universal_newlines = True)
output = proc.communicate()[0]
if not output.find(self.private_key_fingerprint) >= 0:
logger.debug('Was not able to unlock private key %s' %self.private_key_file, self)
raise MountException( _('Could not unlock ssh private key. Wrong password '
'or password not available for cron.'))
else:
logger.debug('Private key %s is already unlocked in ssh agent'
%self.private_key_file, self)
def init(self, snapshots):
self.snapshots = snapshots
if not tools.check_x_server():
return False
return True
def test_check_x_server(self):
try:
tools.check_x_server()
except Exception as e:
self.fail('tools.ckeck_x_server() raised exception {}'.format(str(e)))
def unlock_ssh_agent(self, force = False):
"""
using askpass.py to unlock private key in ssh-agent
"""
env = os.environ.copy()
env['SSH_ASKPASS'] = '******'
env['ASKPASS_PROFILE_ID'] = self.profile_id
env['ASKPASS_MODE'] = self.mode
if force:
#remove private key first so we can check if the given password is valid
logger.debug('Remove private key %s from ssh agent' % self.private_key_file, self)
proc = subprocess.Popen(['ssh-add', '-d', self.private_key_file],
stdin=subprocess.DEVNULL,
stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL,
universal_newlines = True)
proc.communicate()
proc = subprocess.Popen(['ssh-add', '-l'],
stdout = subprocess.PIPE,
universal_newlines = True)
output = proc.communicate()[0]
if force or not output.find(self.private_key_fingerprint) >= 0:
logger.debug('Add private key %s to ssh agent' % self.private_key_file, self)
password_available = any([self.config.get_password_save(self.profile_id),
self.config.get_password_use_cache(self.profile_id),
not self.password is None
])
logger.debug('Password available: %s' %password_available, self)
if not password_available and not tools.check_x_server():
#we need to unlink stdin from ssh-add in order to make it
#use our own backintime-askpass.
#But because of this we can NOT use getpass inside backintime-askpass
#if password is not saved and there is no x-server.
#So, let's just keep ssh-add asking for the password in that case.
alarm = tools.Alarm()
alarm.start(10)
try:
proc = subprocess.call(['ssh-add', self.private_key_file])
alarm.stop()
except tools.Timeout:
pass
else:
if self.password:
logger.debug('Provide password through temp FIFO', self)
thread = password_ipc.TempPasswordThread(self.password)
env['ASKPASS_TEMP'] = thread.temp_file
thread.start()
proc = subprocess.Popen(['ssh-add', self.private_key_file],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env = env,
preexec_fn = os.setsid,
universal_newlines = True)
output, error = proc.communicate()
if proc.returncode:
logger.error('Failed to unlock SSH private key %s: %s'
%(self.private_key_file, error),
self)
if self.password:
thread.stop()
proc = subprocess.Popen(['ssh-add', '-l'],
stdout = subprocess.PIPE,
universal_newlines = True)
output = proc.communicate()[0]
if not output.find(self.private_key_fingerprint) >= 0:
logger.debug('Was not able to unlock private key %s' %self.private_key_file, self)
raise MountException( _('Could not unlock ssh private key. Wrong password '
'or password not available for cron.'))
else:
logger.debug('Private key %s is already unlocked in ssh agent'
%self.private_key_file, self)
def init( self, snapshots ):
self.snapshots = snapshots
if not tools.check_x_server():
return False
return True
