On Tue, 2010-10-26 at 12:10 +0100, Mr Dash Four wrote: > >> In other words, when I execute this: > >> > >> /bin/plymouth ask-for-password --prompt "Enter your PIN" --command > >> "/usr/bin/pkcs11-tool -lry data --slot 2 --application-id 12" | > >> /sbin/cryptsetup luksOpen /dev/xxx --key-file=- > >> > > > > See attachment and use exactly the same quotation marks. > > > > ./x.sh --command '/usr/bin/pkcs11-tool -lp $PIN -ry data --slot 2 > > --application-id 12' > > > That's not really feasible because the pin is hard-coded in x.sh
Do not expect complete solutions to your problems. Instead you should fill in the missing parts yourself. > (I could have easily done without x.sh and just including the actual pin > instead of $PIN). The user needs to be prompted for that pin, but > without the message prompt as both the input as well as the output is piped. > > A better idea would be: > > =================== > #!/bin/sh > > read -rs pin > /usr/bin/pkcs11-tool -lp $pin -ry data --slot 2 --application-id 12 > ================= > > And therefore the final sequence would be: > > /bin/plymouth ask-for-password --prompt "Enter your PIN" --command > "/usr/bin/x.sh" | /sbin/cryptsetup luksOpen /dev/xxx --key-file=- > > Though I would prefer to have an additional option in pkcs11-tool rather > than use the extra shell script. I recompiled pkcs11-tool.c without the > prompt yesterday and it works, so I may prepare a small patch with this > additional feature later today. It would be much better to print the prompt on stderr. In example the Linux login programm does it that way. #tty /dev/pts/1 #login 2> /dev/pts/0 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
