1fb57dc568
PR: ports/172916 Submitted by: milki <milki@rescomp.berkeley.edu> (maintainer) Feature safe: yes
383 lines
13 KiB
Diff
383 lines
13 KiB
Diff
diff --git README README
|
|
index 47ed64b..65a041e 100644
|
|
--- README
|
|
+++ README
|
|
@@ -17,8 +17,6 @@ Depends on:
|
|
http://www.gnu.org/software/bash/
|
|
- GnuPG2
|
|
http://www.gnupg.org/
|
|
-- git
|
|
- http://www.git-scm.com/
|
|
- xclip
|
|
http://sourceforge.net/projects/xclip/
|
|
- pwgen
|
|
diff --git contrib/pass.bash-completion contrib/pass.bash-completion
|
|
index d0ef012..5cf6550 100644
|
|
--- contrib/pass.bash-completion
|
|
+++ contrib/pass.bash-completion
|
|
@@ -48,7 +48,7 @@ _pass()
|
|
{
|
|
COMPREPLY=()
|
|
local cur="${COMP_WORDS[COMP_CWORD]}"
|
|
- local commands="init ls show insert generate edit rm git help version"
|
|
+ local commands="init ls show insert generate edit rm help version"
|
|
if [[ $COMP_CWORD -gt 1 ]]; then
|
|
case "${COMP_WORDS[1]}" in
|
|
init)
|
|
@@ -74,9 +74,6 @@ _pass()
|
|
COMPREPLY+=($(compgen -W "-r --recursive -f --force" -- ${cur}))
|
|
_pass_complete_entries
|
|
;;
|
|
- git)
|
|
- COMPREPLY+=($(compgen -W "init push pull config log reflog" -- ${cur}))
|
|
- ;;
|
|
esac
|
|
else
|
|
COMPREPLY+=($(compgen -W "${commands}" -- ${cur}))
|
|
diff --git contrib/pass.fish-completion contrib/pass.fish-completion
|
|
index 9130d1f..e692595 100644
|
|
--- contrib/pass.fish-completion
|
|
+++ contrib/pass.fish-completion
|
|
@@ -96,9 +96,3 @@ complete -c $PROG -f -A -n '__fish_pass_needs_command' -s c -l clip -d 'Put pass
|
|
complete -c $PROG -f -A -n '__fish_pass_needs_command' -a "(__fish_pass_print_entries)"
|
|
complete -c $PROG -f -A -n '__fish_pass_uses_command -c' -a "(__fish_pass_print_entries)"
|
|
complete -c $PROG -f -A -n '__fish_pass_uses_command --clip' -a "(__fish_pass_print_entries)"
|
|
-
|
|
-complete -c $PROG -f -A -n '__fish_pass_needs_command' -a git -d 'Command: execute a git command'
|
|
-complete -c $PROG -f -A -n '__fish_pass_uses_command git' -a 'init' -d 'Initialize git repository'
|
|
-complete -c $PROG -f -A -n '__fish_pass_uses_command git' -a 'push' -d 'Push changes to remote repo'
|
|
-complete -c $PROG -f -A -n '__fish_pass_uses_command git' -a 'pull' -d 'Pull changes from remote repo'
|
|
-complete -c $PROG -f -A -n '__fish_pass_uses_command git' -a 'log' -d 'View changelog'
|
|
diff --git contrib/pass.zsh-completion contrib/pass.zsh-completion
|
|
index 848bc67..76124ae 100644
|
|
--- contrib/pass.zsh-completion
|
|
+++ contrib/pass.zsh-completion
|
|
@@ -51,18 +51,6 @@ _pass () {
|
|
"--recursive[recursively delete]"
|
|
_pass_complete_entries_with_subdirs
|
|
;;
|
|
- git)
|
|
- local -a subcommands
|
|
- subcommands=(
|
|
- "init:Initialize git repository"
|
|
- "push:Push to remote repository"
|
|
- "pull:Pull from remote repository"
|
|
- "config:Show git config"
|
|
- "log:Show git log"
|
|
- "reflog:Show git reflog"
|
|
- )
|
|
- _describe -t commands 'pass git' subcommands
|
|
- ;;
|
|
show|*)
|
|
_pass_cmd_show
|
|
;;
|
|
@@ -77,7 +65,6 @@ _pass () {
|
|
"generate:Generate a new password using pwgen"
|
|
"edit:Edit a password with \$EDITOR"
|
|
"rm:Remove the password"
|
|
- "git:Call git on the password store"
|
|
"version:Output version information"
|
|
"help:Output help message"
|
|
)
|
|
@@ -98,7 +85,7 @@ _pass_cmd_show () {
|
|
_pass_complete_entries_helper () {
|
|
local IFS=$'\n'
|
|
local prefix="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
|
|
- _values -C 'passwords' $(find "$prefix" \( -name .git -o -name .gpg-id \) -prune -o $@ -print | sed -e "s#${prefix}.##" -e 's#\.gpg##' | sort)
|
|
+ _values -C 'passwords' $(find "$prefix" -name .gpg-id -prune -o $@ -print | sed -e "s#${prefix}.##" -e 's#\.gpg##' | sort)
|
|
}
|
|
|
|
_pass_complete_entries_with_subdirs () {
|
|
diff --git man/pass.1 man/pass.1
|
|
index efb5d9b..4ddc90d 100644
|
|
--- man/pass.1
|
|
+++ man/pass.1
|
|
@@ -33,13 +33,6 @@ or
|
|
depending on the type of specifier in ARGS. Otherwise COMMAND must be one of
|
|
the valid commands listed below.
|
|
|
|
-Several of the commands below rely on or provide additional functionality if
|
|
-the password store directory is also a git repository. If the password store
|
|
-directory is a git repository, all password store modification commands will
|
|
-cause a corresponding git commit. See the \fIEXTENDED GIT EXAMPLE\fP section
|
|
-for a detailed description using \fBinit\fP and
|
|
-.BR git (1).
|
|
-
|
|
The \fBinit\fP command must be run before other commands in order to initialize
|
|
the password store with the correct gpg key id. Passwords are encrypting using
|
|
the gpg key set with \fBinit\fP.
|
|
@@ -109,13 +102,6 @@ alternatively named \fBremove\fP or \fBdelete\fP. If \fI--recursive\fP or \fI-r\
|
|
is specified, delete pass-name recursively if it is a directory. If \fI--force\fP
|
|
or \fI-f\fP is specified, do not interactively prompt before removal.
|
|
.TP
|
|
-\fBgit\fP \fIgit-command-args\fP...
|
|
-If the password store is a git repository, pass \fIgit-command-args\fP as arguments to
|
|
-.BR git (1)
|
|
-using the password store as the git repository. If \fIgit-command-args\fP is \fBinit\fP,
|
|
-in addition to initializing the git repository, add the current contents of the password
|
|
-store to the repository in an initial commit.
|
|
-.TP
|
|
\fBhelp\fP
|
|
Show usage message.
|
|
.TP
|
|
@@ -221,99 +207,6 @@ rm: remove regular file \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz
|
|
.br
|
|
removed \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg\[u2019]
|
|
|
|
-.SH EXTENDED GIT EXAMPLE
|
|
-Here, we initialize new password store, create a git repository, and then manipulate and sync passwords. Make note of the arguments to the first call of \fBpass git push\fP; consult
|
|
-.BR git-push (1)
|
|
-for more information.
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass init Jason@zx2c4.com
|
|
-.br
|
|
-mkdir: created directory \[u2018]/home/zx2c4/.password-store\[u2019]
|
|
-.br
|
|
-Password store initialized for Jason@zx2c4.com.
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass git init
|
|
-.br
|
|
-Initialized empty Git repository in /home/zx2c4/.password-store/.git/
|
|
-.br
|
|
-[master (root-commit) 998c8fd] Added current contents of password store.
|
|
-.br
|
|
- 1 file changed, 1 insertion(+)
|
|
-.br
|
|
- create mode 100644 .gpg-id
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass generate Amazon/amazonemail@email.com 21
|
|
-.br
|
|
-mkdir: created directory \[u2018]/home/zx2c4/.password-store/Amazon\[u2019]
|
|
-.br
|
|
-[master 30fdc1e] Added generated password for Amazon/amazonemail@email.com to store.
|
|
-.br
|
|
-1 file changed, 0 insertions(+), 0 deletions(-)
|
|
-.br
|
|
-create mode 100644 Amazon/amazonemail@email.com.gpg
|
|
-.br
|
|
-The generated password to Amazon/amazonemail@email.com is:
|
|
-.br
|
|
-<5m,_BrZY`antNDxKN<0A
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass git push -u --all
|
|
-.br
|
|
-Counting objects: 4, done.
|
|
-.br
|
|
-Delta compression using up to 2 threads.
|
|
-.br
|
|
-Compressing objects: 100% (3/3), done.
|
|
-.br
|
|
-Writing objects: 100% (4/4), 921 bytes, done.
|
|
-.br
|
|
-Total 4 (delta 0), reused 0 (delta 0)
|
|
-.br
|
|
-To kexec.com:pass-store
|
|
-.br
|
|
-* [new branch] master -> master
|
|
-.br
|
|
-Branch master set up to track remote branch master from origin.
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass insert Amazon/otheraccount@email.com
|
|
-.br
|
|
-Enter password for Amazon/otheraccount@email.com: som3r3a11yb1gp4ssw0rd!!88**
|
|
-.br
|
|
-[master b9b6746] Added given password for Amazon/otheraccount@email.com to store.
|
|
-.br
|
|
-1 file changed, 0 insertions(+), 0 deletions(-)
|
|
-.br
|
|
-create mode 100644 Amazon/otheraccount@email.com.gpg
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass rm Amazon/amazonemail@email.com
|
|
-.br
|
|
-rm: remove regular file \[u2018]/home/zx2c4/.password-store/Amazon/amazonemail@email.com.gpg\[u2019]? y
|
|
-.br
|
|
-removed \[u2018]/home/zx2c4/.password-store/Amazon/amazonemail@email.com.gpg\[u2019]
|
|
-.br
|
|
-rm 'Amazon/amazonemail@email.com.gpg'
|
|
-.br
|
|
-[master 288b379] Removed Amazon/amazonemail@email.com from store.
|
|
-.br
|
|
-1 file changed, 0 insertions(+), 0 deletions(-)
|
|
-.br
|
|
-delete mode 100644 Amazon/amazonemail@email.com.gpg
|
|
-
|
|
-.B zx2c4@laptop ~ $ pass git push
|
|
-.br
|
|
-Counting objects: 9, done.
|
|
-.br
|
|
-Delta compression using up to 2 threads.
|
|
-.br
|
|
-Compressing objects: 100% (5/5), done.
|
|
-.br
|
|
-Writing objects: 100% (7/7), 1.25 KiB, done.
|
|
-.br
|
|
-Total 7 (delta 0), reused 0 (delta 0)
|
|
-.br
|
|
-To kexec.com:pass-store
|
|
-
|
|
.SH FILES
|
|
|
|
.TP
|
|
@@ -333,18 +226,12 @@ Overrides the default password storage directory.
|
|
.I PASSWORD_STORE_KEY
|
|
Overrides the default gpg key identification set by \fBinit\fP.
|
|
.TP
|
|
-.I PASSWORD_STORE_GIT
|
|
-Overrides the default root of the git repository, which is helpful if
|
|
-\fIPASSWORD_STORE_DIR\fP is temporarily set to a sub-directory of the default
|
|
-password store.
|
|
-.TP
|
|
.I EDITOR
|
|
The location of the text editor used by \fBedit\fP.
|
|
|
|
.SH SEE ALSO
|
|
.BR gpg2 (1),
|
|
.BR pwgen (1),
|
|
-.BR git (1),
|
|
.BR xclip (1).
|
|
|
|
.SH AUTHOR
|
|
diff --git src/password-store.sh src/password-store.sh
|
|
index 26a4bd0..cc9dd22 100755
|
|
--- src/password-store.sh
|
|
+++ src/password-store.sh
|
|
@@ -1,4 +1,4 @@
|
|
-#!/bin/bash
|
|
+#!/usr/local/bin/bash
|
|
|
|
# Copyright (C) 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
|
# This file is licensed under the GPLv2+. Please see COPYING for more information.
|
|
@@ -7,12 +7,8 @@ umask 077
|
|
|
|
PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
|
|
ID="$PREFIX/.gpg-id"
|
|
-GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
|
|
GPG_OPTS="--quiet --yes --batch"
|
|
|
|
-export GIT_DIR
|
|
-export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
|
|
-
|
|
version() {
|
|
cat <<_EOF
|
|
|-----------------------|
|
|
@@ -50,9 +46,6 @@ Usage:
|
|
Prompt before overwriting existing password unless forced.
|
|
$program rm [--recursive,-r] [--force,-f] pass-name
|
|
Remove existing password or directory, optionally forcefully.
|
|
- $program git git-command-args...
|
|
- If the password store is a git repository, execute a git command
|
|
- specified by git-command-args.
|
|
$program help
|
|
Show this text.
|
|
$program version
|
|
@@ -63,16 +56,10 @@ _EOF
|
|
}
|
|
is_command() {
|
|
case "$1" in
|
|
- init|ls|list|show|insert|edit|generate|remove|rm|delete|git|help|--help|version|--version) return 0 ;;
|
|
+ init|ls|list|show|insert|edit|generate|remove|rm|delete|help|--help|version|--version) return 0 ;;
|
|
*) return 1 ;;
|
|
esac
|
|
}
|
|
-git_add_file() {
|
|
- [[ -d $GIT_DIR ]] || return
|
|
- git add "$1" || return
|
|
- [[ -n $(git status --porcelain "$1") ]] || return
|
|
- git commit -m "$2"
|
|
-}
|
|
yesno() {
|
|
read -p "$1 [y/N] " response
|
|
[[ $response == "y" || $response == "Y" ]] || exit 1
|
|
@@ -108,20 +95,20 @@ clip() {
|
|
echo "Copied $2 to clipboard. Will clear in 45 seconds."
|
|
}
|
|
tmpdir() {
|
|
- if [[ -d /dev/shm && -w /dev/shm && -x /dev/shm ]]; then
|
|
- tmp_dir="$(TMPDIR=/dev/shm mktemp -t "$template" -d)"
|
|
+ ramdisk="/var/tmp/password-store.ramdisk"
|
|
+ if [[ -d $ramdisk && -d $ramdisk && -d $ramdisk ]]; then
|
|
+ tmp_dir="$(TMPDIR=$ramdisk mktemp -t "$template" -d)"
|
|
else
|
|
- yesno "$(echo "Your system does not have /dev/shm, which means that it may"
|
|
- echo "be difficult to entirely erase the temporary non-encrypted"
|
|
- echo "password file after editing. Are you sure you would like to"
|
|
- echo -n "continue?")"
|
|
+ yesno "$(echo "A ramdisk does not exist at $ramdisk, which means that it may"
|
|
+ echo "be difficult to entirely erase the temporary non-encrypted"
|
|
+ echo "password file after editing. Are you sure you would like to"
|
|
+ echo -n "continue?")"
|
|
+
|
|
tmp_dir="$(mktemp -t "$template" -d)"
|
|
fi
|
|
-
|
|
}
|
|
-GETOPT="getopt"
|
|
|
|
-# source /path/to/platform-defined-functions
|
|
+GETOPT="/usr/local/bin/getopt"
|
|
#
|
|
# END Platform definable
|
|
#
|
|
@@ -155,14 +142,12 @@ case "$command" in
|
|
mkdir -v -p "$PREFIX"
|
|
echo "$gpg_id" > "$ID"
|
|
echo "Password store initialized for $gpg_id."
|
|
- git_add_file "$ID" "Set GPG id to $gpg_id."
|
|
|
|
if [[ $reencrypt -eq 1 ]]; then
|
|
find "$PREFIX" -iname '*.gpg' | while read passfile; do
|
|
gpg2 -d $GPG_OPTS "$passfile" | gpg2 -e -r "$gpg_id" -o "$passfile.new" $GPG_OPTS &&
|
|
mv -v "$passfile.new" "$passfile"
|
|
done
|
|
- git_add_file "$PREFIX" "Reencrypted entire store using new GPG id $gpg_id."
|
|
fi
|
|
exit 0
|
|
;;
|
|
@@ -276,7 +261,6 @@ case "$command" in
|
|
read -r -p "Enter password for $path: " -e password
|
|
gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
|
|
fi
|
|
- git_add_file "$passfile" "Added given password for $path to store."
|
|
;;
|
|
edit)
|
|
if [[ $# -ne 1 ]]; then
|
|
@@ -304,7 +288,6 @@ case "$command" in
|
|
echo "GPG encryption failed. Retrying."
|
|
sleep 1
|
|
done
|
|
- git_add_file "$passfile" "$action password for $path using ${EDITOR:-vi}."
|
|
;;
|
|
generate)
|
|
clip=0
|
|
@@ -339,7 +322,6 @@ case "$command" in
|
|
pass="$(pwgen -s $symbols $length 1)"
|
|
[[ -n $pass ]] || exit 1
|
|
gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
|
|
- git_add_file "$passfile" "Added generated password for $path to store."
|
|
|
|
if [[ $clip -eq 0 ]]; then
|
|
echo "The generated password to $path is:"
|
|
@@ -378,21 +360,6 @@ case "$command" in
|
|
[[ $force -eq 1 ]] || yesno "Are you sure you would like to delete $path?"
|
|
|
|
rm $recursive -f -v "$passfile"
|
|
- if [[ -d $GIT_DIR && ! -e $passfile ]]; then
|
|
- git rm -qr "$passfile"
|
|
- git commit -m "Removed $path from store."
|
|
- fi
|
|
- ;;
|
|
- git)
|
|
- if [[ $1 == "init" ]]; then
|
|
- git "$@" || exit 1
|
|
- git_add_file "$PREFIX" "Added current contents of password store."
|
|
- elif [[ -d $GIT_DIR ]]; then
|
|
- exec git "$@"
|
|
- else
|
|
- echo "Error: the password store is not a git repository."
|
|
- exit 1
|
|
- fi
|
|
;;
|
|
*)
|
|
usage
|