Crate motd

Source
Expand description

The motd crate exposes a mechanism for dumping the current MOTD on linux. In order to work around some issues with how pam_motd.so handles permissions, it must re-exec the current binary to make use of the LD_PRELOAD trick. You must make sure that your binary can handle this re-execing by registering motd::handle_reexec() in your main function. It is a no-op unless a few magic environment variables have been set, so you don’t need to worry about it impacting the way your binary behaves otherwise.

Your main should look like this:

fn main() {
    motd::handle_reexec();

    // ...
}

then elsewhere in your code you can call value to get the motd message like

let motd_resolver = motd::Resolver::new(motd::PamMotdResolutionStrategy::Auto)?;
let motd_msg = motd_resolver.value(motd::ArgResolutionStrategy::Auto)?;

By default, motd finds and calls the pam_motd.so file that is the source of truth implementation for motd resolution, but it also contains a pure rust reimplementation of the motd resolution logic. This implementation has the potential to diverge from the behavior of pam_motd.so, but it contains 0 unsafe rust and does a fairly good job. You can switch to this mode by disabling default features for the crate. This will make the so_finder argument to Resolver::new disapear and remove the need to register the handle_reexec handler in your main function. You can then use it like

let motd_resolver = motd::Resolver::new()?;
let motd_msg = motd_resolver.value(motd::ArgResolutionStrategy::Auto)?;

Structs§

Resolver
Resolver knows how to fetch the current motd by re-execing the current binary to get handle_reexec to call pam_motd.so.

Enums§

ArgResolutionStrategy
The strategy to use to determine which args should be passed to pam_motd.so. pam configuration often includes arguments to various pam modules, and pam_motd.so is one such module. You likely want to match the args that the config passes into the module.
Error
Errors encountered while resolving the message of the day.
PamMotdResolutionStrategy
Specifies the strategy to use in order to find the pam_motd.so file to interrogate for the motd message.

Functions§

handle_reexec
You MUST call this routine in the main function of the binary that uses the motd crate. In order to work around an issue where pam_motd.so thinks it is running as root, we use LD_PRELOAD to stub out some privilege juggling methods. To do this, the value() routine re-execs the current binary, and it is in this re-execd process that we actually load and call into pam_motd.so.