From 19d7ce2f7b8c74ffd81acafb3205e3184bef5d01 Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Wed, 31 Dec 2025 10:58:26 -0500 Subject: [PATCH 1/4] docs/PASSWORD_AGENTS: note that the user directory may be created --- docs/PASSWORD_AGENTS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/PASSWORD_AGENTS.md b/docs/PASSWORD_AGENTS.md index b6c0f051c21..5609f48bf26 100644 --- a/docs/PASSWORD_AGENTS.md +++ b/docs/PASSWORD_AGENTS.md @@ -100,4 +100,4 @@ now available, with the same protocol as the system-wide counterpart. Unprivileged, per-directory agents should watch this directory in parallel to the system-wide one. Unprivileged queriers (i.e. clients to these agents) should pick the per-user directory to place their password request -files in. +files in. If the directory does not exist, agents may create it. From dc08cb1eb83072666a4ff21e1db8d35712e29121 Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Wed, 31 Dec 2025 10:58:53 -0500 Subject: [PATCH 2/4] docs/PASSWORD_AGENTS: clarify that `Echo=0` may obscure --- docs/PASSWORD_AGENTS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/PASSWORD_AGENTS.md b/docs/PASSWORD_AGENTS.md index 5609f48bf26..3bf4138ad0f 100644 --- a/docs/PASSWORD_AGENTS.md +++ b/docs/PASSWORD_AGENTS.md @@ -40,7 +40,7 @@ It is easy to write additional agents. The basic algorithm to follow looks like * You'll find the PID of the client asking the question in the `PID=` field in the `[Ask]` section (Before asking your question use `kill(PID, 0)` and ignore the file if this returns `ESRCH`; there's no need to show the data of this field but if you want to you may) -* `Echo=` specifies whether the input should be obscured. If this field is missing or is `Echo=0`, the input should not be shown. +* `Echo=` specifies whether the input should be obscured. If this field is missing or is `Echo=0`, the input should not be shown as-is. * The socket to send the response to is configured via `Socket=` in the `[Ask]` section. It is a `AF_UNIX`/`SOCK_DGRAM` socket in the file system. * Ignore files where the time specified in the `NotAfter=` field in the `[Ask]` section is in the past. The time is specified in usecs, and refers to the `CLOCK_MONOTONIC` clock. If `NotAfter=` is `0`, no such check should take place. From 9f4606c3617bf47015c7bf9f63f5c44d9866ec1f Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Wed, 31 Dec 2025 10:59:25 -0500 Subject: [PATCH 3/4] docs/PASSWORD_AGENTS: document the `Silent=` field --- docs/PASSWORD_AGENTS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/PASSWORD_AGENTS.md b/docs/PASSWORD_AGENTS.md index 3bf4138ad0f..4badd8a5793 100644 --- a/docs/PASSWORD_AGENTS.md +++ b/docs/PASSWORD_AGENTS.md @@ -41,6 +41,7 @@ It is easy to write additional agents. The basic algorithm to follow looks like (Before asking your question use `kill(PID, 0)` and ignore the file if this returns `ESRCH`; there's no need to show the data of this field but if you want to you may) * `Echo=` specifies whether the input should be obscured. If this field is missing or is `Echo=0`, the input should not be shown as-is. +* `Silent=` specifies whether the input should have any indication. If this field is `Silent=1`, nothing should be printed for any input. * The socket to send the response to is configured via `Socket=` in the `[Ask]` section. It is a `AF_UNIX`/`SOCK_DGRAM` socket in the file system. * Ignore files where the time specified in the `NotAfter=` field in the `[Ask]` section is in the past. The time is specified in usecs, and refers to the `CLOCK_MONOTONIC` clock. If `NotAfter=` is `0`, no such check should take place. From 0d15b2304bd76459d338429e6a6ef1b08e8c1b0d Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Wed, 31 Dec 2025 10:59:41 -0500 Subject: [PATCH 4/4] docs/PASSWORD_AGENTS: document the `AcceptCached=` field --- docs/PASSWORD_AGENTS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/PASSWORD_AGENTS.md b/docs/PASSWORD_AGENTS.md index 4badd8a5793..7460409d1f4 100644 --- a/docs/PASSWORD_AGENTS.md +++ b/docs/PASSWORD_AGENTS.md @@ -42,6 +42,7 @@ It is easy to write additional agents. The basic algorithm to follow looks like there's no need to show the data of this field but if you want to you may) * `Echo=` specifies whether the input should be obscured. If this field is missing or is `Echo=0`, the input should not be shown as-is. * `Silent=` specifies whether the input should have any indication. If this field is `Silent=1`, nothing should be printed for any input. +* `AcceptCached=` specifies whether a cached password is acceptable or not. If this field is missing or is `AcceptCached=0`, the password should not be provided from a cache. * The socket to send the response to is configured via `Socket=` in the `[Ask]` section. It is a `AF_UNIX`/`SOCK_DGRAM` socket in the file system. * Ignore files where the time specified in the `NotAfter=` field in the `[Ask]` section is in the past. The time is specified in usecs, and refers to the `CLOCK_MONOTONIC` clock. If `NotAfter=` is `0`, no such check should take place.