mirror of
https://github.com/gaschz/qubes-pass.git
synced 2025-03-01 14:22:31 +01:00
101 lines
2.5 KiB
Bash
101 lines
2.5 KiB
Bash
#!/bin/bash
|
|
#
|
|
# xterm-256color seems to be the qubes default
|
|
# for gnome-term and Xterm
|
|
#
|
|
# FIXME: the correct fix is to transmit the TERM
|
|
# variable from the client in the send_args()
|
|
# function of qvm-pass.
|
|
#
|
|
export TERM="xterm-256color"
|
|
|
|
set -e
|
|
set -o pipefail
|
|
|
|
read -n 4096 cmd
|
|
cmd=$(echo "$cmd" | base64 -d)
|
|
|
|
if [ "$cmd" == "init" ] ; then
|
|
|
|
if test -f "$HOME"/.password-store/.gpg-id ; then
|
|
key=$(cat "$HOME"/.password-store/.gpg-id)
|
|
echo "Not creating -- password store already exists and uses GPG key $key." >&2
|
|
exit 8
|
|
fi
|
|
|
|
keys=()
|
|
while read -n 128 key ; do
|
|
key=$(echo "$key" | base64 -d)
|
|
keys+=("$key")
|
|
done
|
|
|
|
pass init "${keys[@]}"
|
|
echo "Do not forget to back up your password store regularly." >&2
|
|
echo "To back up your password store, back up the entire $HOSTNAME VM using Qubes backup." >&2
|
|
echo "Key files to backup: $HOME/.password-store and $HOME/.gnupg2" >&2
|
|
|
|
elif [ "$cmd" == "generate" ] ; then
|
|
|
|
read -n 4096 entry
|
|
read -n 4096 nosymbols
|
|
read -n 4096 numchars
|
|
entry=$(echo "$entry" | base64 -d)
|
|
nosymbols=$(echo "$nosymbols" | base64 -d)
|
|
numchars=$(echo "$numchars" | base64 -d)
|
|
|
|
logger -t ruddo.PassManage "creating password entry $entry"
|
|
ret=0
|
|
if [ "$nosymbols" == "1" ] ; then
|
|
pass generate -n -f -- "$entry" "$numchars" || ret=$?
|
|
else
|
|
pass generate -f -- "$entry" "$numchars" || ret=$?
|
|
fi
|
|
if [ "$ret" != "0" ] ; then
|
|
logger -t ruddo.PassManage "Password generation failed: $out" >&2
|
|
exit "$ret"
|
|
fi
|
|
|
|
elif [ "$cmd" == "insert" ] ; then
|
|
|
|
read -n 4096 entry
|
|
read -n 4096 multiline
|
|
entry=$(echo "$entry" | base64 -d)
|
|
multiline=$(echo "$multiline" | base64 -d)
|
|
|
|
logger -t ruddo.PassManage "creating password entry $entry"
|
|
|
|
if [ "$multiline" == "1" ] ; then
|
|
base64 -d - | pass insert --multiline --force -- "$entry" | (egrep -v '(when finished:|^$)' || true)
|
|
else
|
|
base64 -d - | pass insert -e --force -- "$entry"
|
|
fi
|
|
|
|
elif [ "$cmd" == "rm" ] ; then
|
|
|
|
read -n 4096 entry
|
|
entry=$(echo "$entry" | base64 -d)
|
|
|
|
logger -t ruddo.PassManage "removing password entry $entry"
|
|
|
|
pass rm -- "$entry"
|
|
|
|
elif [ "$cmd" == "mv" -o "$cmd" == "cp" ] ; then
|
|
|
|
read -n 4096 entry
|
|
entry=$(echo "$entry" | base64 -d)
|
|
read -n 4096 newentry
|
|
newentry=$(echo "$newentry" | base64 -d)
|
|
read -n 4096 force
|
|
force=$(echo "$force" | base64 -d)
|
|
if [ "$force" == "1" ] ; then
|
|
force=-f
|
|
else
|
|
force=
|
|
fi
|
|
|
|
logger -t ruddo.PassManage "$cmd password entry $entry to $entry"
|
|
|
|
pass "$cmd" $f -- "$entry" "$newentry"
|
|
|
|
fi
|