Crate motd

source ·
Expand description

The motd crate exposes a mechanism for dumping the current MOTD on linux. In order to work around some issues with how pam_motd.so handles permissions, it must re-exec the current binary to make use of the LD_PRELOAD trick. You must make sure that your binary can handle this re-execing by registering motd::handle_reexec() in your main function. It is a no-op unless a few magic environment variables have been set, so you don’t need to worry about it impacting the way your binary behaves otherwise.

Your main should look like this:

fn main() {
    motd::handle_reexec();

    // ...
}

then elsewhere in your code you can call value to get the motd message like

let motd_resolver = motd::Resolver::new(motd::PamMotdResolutionStrategy::Auto)?;
let motd_msg = motd_resolver.value(motd::ArgResolutionStrategy::Auto)?;

By default, motd finds and calls the pam_motd.so file that is the source of truth implementation for motd resolution, but it also contains a pure rust reimplementation of the motd resolution logic. This implementation has the potential to diverge from the behavior of pam_motd.so, but it contains 0 unsafe rust and does a fairly good job. You can switch to this mode by disabling default features for the crate. This will make the so_finder argument to Resolver::new disapear and remove the need to register the handle_reexec handler in your main function. You can then use it like

let motd_resolver = motd::Resolver::new()?;
let motd_msg = motd_resolver.value(motd::ArgResolutionStrategy::Auto)?;

Structs§

  • Resolver
    Resolver knows how to fetch the current motd by re-execing the current binary to get handle_reexec to call pam_motd.so.

Enums§

  • ArgResolutionStrategy
    The strategy to use to determine which args should be passed to pam_motd.so. pam configuration often includes arguments to various pam modules, and pam_motd.so is one such module. You likely want to match the args that the config passes into the module.
  • Error
    Errors encountered while resolving the message of the day.
  • PamMotdResolutionStrategy
    Specifies the strategy to use in order to find the pam_motd.so file to interrogate for the motd message.

Functions§

  • handle_reexec
    You MUST call this routine in the main function of the binary that uses the motd crate. In order to work around an issue where pam_motd.so thinks it is running as root, we use LD_PRELOAD to stub out some privilege juggling methods. To do this, the value() routine re-execs the current binary, and it is in this re-execd process that we actually load and call into pam_motd.so.