0

This is a spin-off from other post.

This command retrieves a password from keepassxc, prints it as stdin to an openconnect (for VPN connection) command, and the process goes to the background.

sh -c 'pass=$(keepassxc-cli show -a password my_keepass_DB my_ENTRY) && printf "%s\n" "$pass" | sudo openconnect --background --protocol=gp https://my.url --user=my_NAME --passwd-on-stdin'

Now, I would like to bind this command to a key using .xbindkeysrc, for which we need to prepend gnome-terminal -- (and double-quote the whole line):

"gnome-terminal -- sh -c 'pass=$(keepassxc-cli show -a password my_keepass_DB my_ENTRY) && printf "%s\n" "$pass" | sudo openconnect --background --protocol=gp https://my.url --user=my_NAME --passwd-on-stdin'"

But it seems that openconnect --background fails to keep running in a terminal that's closed; namely there is an problem with vpnc-script, shown in lines 2,5-7:

enter image description here

Question: How to run this command within a terminal that exits after the command is run, so that openconnect keeps running in the background?

Miguel
  • 356
  • 1
  • 15
  • put a `&` at the end? – Jetchisel Mar 30 '23 at 09:48
  • No, none of these work: `... --passwd-on-stdin $'"`, `... --passwd-on-stdin' & "`, nor `... --passwd-on-stdin'" &` – Miguel Mar 30 '23 at 10:06
  • You get an EPIPE when you read or write to any file descriptors open to a dead terminal. Use `my.log 2>&1 & disown -h "$!"` and that replaces all of stidn, stdout, and stderr. No file descriptors open, and the disown prevents the SIGHUP from being forwarded by the shell. (You'll want to change `sh -c` to `bash -c` to make `disown` available, though). – Charles Duffy Mar 31 '23 at 16:51
  • Mind, you don't even strictly need the `disown` in the first place for a shell started with `sh -c` or `bash -c`, since HUP forwarding is only on-by-default for _interactive_ shells; generally the redirection is enough. – Charles Duffy Mar 31 '23 at 16:55
  • That said, for a program that needs to prompt the user for passwords, can write informative logs, &c., and that generally makes sense to run interactively, in practice I'd probably use `screen` or `tmux` instead to have a "terminal" that stays running and can be reattached to even after you close the gnome-terminal it was started inside of. – Charles Duffy Mar 31 '23 at 16:56
  • @CharlesDuffy I tried `gnome-terminal -- sh -c 'pass=... | sudo openconnect --background ... --passwd-on-stdin < /dev/null > /tmp/openconnect.log 2>&1'` and it returns `fgets (stdin): No such file or directory`. Also tried variations without the `< /dev/null` part (it returns SIGHUP error again), and with `bash -c '... disown -h "$!"'` (doesn't do anything) – Miguel Apr 02 '23 at 14:39
  • I have a lot of trouble believing "No such file or directory", unless you're running in a chroot or container that doesn't have `/dev/null`. Though `--passwd-on-stdin – Charles Duffy Apr 03 '23 at 16:25

0 Answers0