[p4] Perforce passwords

David Alban dalban at stubhub.com
Thu Nov 16 09:08:53 PST 2006 

Thanks Rusty and Matt for a pointer to "p4 login".  Definitely the
solution I needed!  Wish I had gotten your messages closer in time to
when you sent them...

-- 
David Alban <dalban at stubhub.com>
Release Engineering Tools
http://StubHub.com/

-----Original Message-----
From: perforce-user-bounces at perforce.com
[mailto:perforce-user-bounces at perforce.com] On Behalf Of David Alban
Sent: Wednesday, November 15, 2006 4:24 PM
To: perforce-user at perforce.com
Subject: Re: [p4] Perforce passwords

Since I sent the message below I decided I'd handle the init script as
follows.  (I'd still like to hear what others are doing, though.)

Here's what will happen when I call the init script with an argument of
"stop":

  define $super_user_passwd_file
  if $super_user_passwd_file doesn't exist, is not a regular file,
       or is not readable, complain and die
  set P4PASSWD to the contents of $super_user_passwd_file
  export P4PASSWD
  call p4 admin stop

The super user passwd file functionality will also be used if the init
script is called with an argument of "status" (for which I call p4
monitor show).  I don't think it's necessary to do this for an argument
of "start", though.

Then at least I can minimize the occurrence of a perforce super user
passwd to a single file readable only by the perforce super user (and
root).  It should then never show up in a shell command history file, or
in the process table.

And I wrote a program "pp4" (passworded p4) to execute p4 commands that
does:

  if user running this program is not the perforce super user then
    determine fully qualified path to $0
    su to perforce super user with:
       -c "/bin/bash $this_program $@"
    exit with the status of the su
  fi

  set P4PASSWD with contents of super useruper user passwd file
  p4 "$@"

This seems to work.

-- 
David Alban <dalban at stubhub.com>
Release Engineering Tools
http://StubHub.com/

-----Original Message-----
From: David Alban 
Sent: Wednesday, November 15, 2006 2:53 PM
To: perforce-user at perforce.com
Subject: Perforce passwords

Greetings,

As soon as I realized that user foo could log into perforce as user bar
and vice versa, of course I wanted perforce passwords to be used.
Especially for any perforce user who has super rights.

As soon as I set a password for user perforce, I could no longer execute
p4 commands from the command line without getting the complaint:

    Perforce password (P4PASSWD) invalid or unset.

I figured out that user perforce could indeed execute command lines if
its password was in the environment.

Yet I didn't want to execute this on the command line:

  export P4PASSWD=somepasswd

because I didn't want the password to show up in my .bash_history file.
So now when I want to run a command from the command line, I put the
following in a file:

  export P4PASSWD=somepasswd
  p4 some command ...

I then execute the file and subsequently delete it.

Can perforce be directed to prompt me for a password on the command
line?  Or be made to look for it on stdin?  gpg, for example, has the
option:

     --passphrase-fd n       Read the passphrase from file descriptor n.

If you specify "--passphrase-fd 0" gpg will look for the passphrase on
stdin.

I'm looking for a way to do command line commands without having the
password show up in a command history, in the process table, or in a
file.

Also, now my p4d init script can no longer stop p4d because of the same
issue.  I was simply calling p4 admin stop.  It seems my options are
now:

1.  Include an "export P4PASSWD=..." line in the init script before the
    call to p4 admin stop

2.  Write a script, say "p4-admin-stop" (below) and have the init script
    call it when it wants to stop the perforce server.

  #!/bin/bash

  # THIS FILE NEEDS *NOT* TO BE READABLE BY ANY USERS UNLESS THEY SHOULD
  # KNOW THE PERFORCE USER PASSWORD, WHICH IS BELOW!

  export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

  server_user=perforce
  server_user_passwd=somepasswd

  [[ $( id -un ) !=  "$server_user" ]] && {
    echo 1>&2 "${0##*/}: must be user '$server_user' to run $0"
    exit 255
  }

  export P4PASSWD="$server_user_passwd"
  p4 admin stop

(The init script would su to perforce before it would run this.)

If p4 had some kind of --passwd-fd or similar option (maybe even a
--get-pw-from-file option?), I could at least prompt the user for the
password if the init script was run interactively.

How do other folks deal with this?  I really am squeamish about having
the password of a perforce user that has super writes in a command
history file, in a script, or in the process table.

Is my understanding of the way passwords work correct?

Thanks,
David
-- 
David Alban <dalban at stubhub.com>
Release Engineering Tools
http://StubHub.com/

_______________________________________________
perforce-user mailing list  -  perforce-user at perforce.com
http://maillist.perforce.com/mailman/listinfo/perforce-user

More information about the perforce-user mailing list