This file is indexed.

/usr/share/apache2/ask-for-passphrase is in apache2.2-common 2.2.22-1ubuntu1.11.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
#
#    ask-for-passphrase - designed to be used by SSLPassPhraseDialog exec:
#
#    Copyright Canonical, Ltd. 2010, All Rights Reserved
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

sitename=$1
keytype=$2

prompt="Apache needs to decrypt your SSL Keys for $sitename ($keytype)
Please enter passphrase:"
tty=`tty`
if [ "$tty" = "not a tty" ] ; then
    # Apache gives us a pipe for stdin, but we want to
    # talk to apache's terminal.
    tty=`tty < /proc/${PPID}/fd/0`
    if [ "$tty" = "not a tty" ] ; then
        if [ -x /bin/plymouth ] && plymouth --ping ; then
            echo $prompt | logger
            exec plymouth ask-for-password --prompt="$prompt"
        else
            logger -p daemon.err -t apache2 "No way to ask user for passphrase"
            exit 1
        fi
    fi
    # We must not print anything on stdout except the passphrase
    read -s -p "$prompt" passphrase > $tty 2>&1 < $tty
    echo $passphrase
fi