toilet VS util-linux

This script uses the toilet and lolcat utils to generate messages that will grab your user’s attentionand the who util to find the tty and pts devices of logged-in users so it can send them said messages.

Ah, that "minimizing trust" thing makes a whole lot of sense. I do a similar thing. I try to stick exclusively to distro-default repos and only run other code if it's (1) something I can read through and understand myself, (2) something that's got a reasonable base of regular contributors, or (3) has appeared in a given form for many years in main-stream distros. (For example, Toilet isn't in my distro's repos, it would be cumbersome to read, and it's got a small contributor base, but it's been unchanged for years and has been in the Ubuntu repos during that time.)

There are su and runuser in util-linux (GPL-2.0) [1].

[1]: https://github.com/util-linux/util-linux/tree/master/login-u...

>It remained in the "getty" process for some time, well into the {Free,Net,Open}BSD era.

Still there in agetty: https://github.com/util-linux/util-linux/blob/master/term-ut... And, I imagine in other getty implementations.

TIOCSTI is irrelevant. When one is dropping privileges, in a system cron job or in a process supervised by one's favourite service management system, there is no terminal involved. TIOCSTI simply doesn't enter into the picture at all.

Only when one is in a terminal login session and using su to elevate / add privileges, does TIOCSTI become relevant. But no-one here is saying not to use su to add privileges.

People blame su, sudo, and (as the person at https://github.com/slicer69/doas/issues/110 did) doas for this feature of operating system kernels. The right thing to do with TIOCSTI it to just eliminate it from the kernel. OpenBSD did back in version 6.

Sadly, the argument from Alan Cox, Linux developer, when this was proposed years ago was that it should stay in Linux, and all of the programs like su, sudo, and doas should have even more things to do in the parent process that sticks around, namely pump I/O to and from a controlling pseudo-terminal that su/sudo/doas sets up for the shell subprocess, breaking (as the maintainer of OpenDoas pointed out) the long-standing notion that the child processes belong to the same terminal session and share things like a single getlogname() with the login shell.

6 years after https://www.openwall.com/lists/kernel-hardening/2017/05/10/3... and https://www.openwall.com/lists/oss-security/2017/06/03/9, there is no sign of anyone doing anything of the sort in any su or doas implementation. (It was briefly in one su implementation, but taken out in 2017 for being a "stupid hack": https://github.com/util-linux/util-linux/commit/23f75093264a...)

Fortunately, some six months ago Linux developers finally made TIOCSTI removable and the right course of action is available to those that want it: https://lore.kernel.org/lkml/20221228205726.rfevry7ud6gmttg5...

Huh, I will try this later. Bit confused by the instructions on the Archwiki but I think I can figure it out. Thanks so much for the help. Btw, it seems you were right on what was wrong. Good eyes.

So, this script serves as a pretty good wall replacement (wall will strip all escape/control sequences other than \007, by the way).

The login program (used for terminal logins) is part of the util-linux project: https://en.wikipedia.org/wiki/Util-linux

if anbody actually at Canonical is reading this and wants me (and others) to take snaps seriously, please consider submitting pull requests to some of the core cli tool projects impacted by the way you guys abuse the loop device mechanism. Something simple like the ability to export HIDE_SNAP_MOUNTS=1 that gets picked up by the impacted tools in util-linux (lsblk, mount, blkid, fdisk, etc) and gnu coreutils (du, df) and simply hides the lines related to loop device mounts would go a long way - preferably only the ones added by snap but even an option to hide all of them would be better than nothing.

Pick a different filesystem, or wait for this feature to land in util-linux.

Also a data format. Reasonably easy to find a spec (the wikipedia article should be sufficient to implement it). Also reasonably easy to find Free Software implementations, such as fdisk.