Commit 83d7e0ff02ff2e45b3c3cfae936656efeb95e68f

Authored by Georg Hopp
0 parents

initial checkin

  1 +.*.swp
  1 +SUBCOMMANDS = random \
  2 + rand_printable \
  3 + amngrdbinit \
  4 + amngrdbdestroy \
  5 + amngradd \
  6 + amngrcreate \
  7 + amngrcrypt \
  8 + amngrdelete \
  9 + amngrgen \
  10 + amngrgetoldpass \
  11 + amngrgetolduser \
  12 + amngrgetpass \
  13 + amngrgetuser \
  14 + amngrid \
  15 + amngrlist \
  16 + amngrrename \
  17 + amngrsearch
  18 +
  19 +PREFIX ?= /usr/local
  20 +
  21 +PROGRAM := accountmanager.sh
  22 +
  23 +all:
  24 +
  25 +.PHONY: clean install
  26 +
  27 +install_$(PROGRAM):
  28 + @install "$(PROGRAM)" "$(DESTDIR)/$(PREFIX)/bin/$(PROGRAM)"
  29 +
  30 +install_%:
  31 + @ln -s "$(realpath ${DESTDIR}/${PREFIX}/bin/$(PROGRAM))" \
  32 + "${DESTDIR}/$(PREFIX)/bin/$(subst install_,,$@)"
  33 +
  34 +install: install_$(PROGRAM) $(patsubst %,install_%,$(SUBCOMMANDS))
  35 +
  36 +clean:
  1 +man
  2 +===
  3 +
  4 +[NAME](#NAME)
  5 + [SYNOPSIS](#SYNOPSIS)
  6 + [DESCRIPTION](#DESCRIPTION)
  7 + [OPTIONS](#OPTIONS)
  8 + [ENVIRONMENT](#ENVIRONMENT)
  9 + [DEPENDENCIES](#DEPENDENCIES)
  10 + [SEE ALSO](#SEE%20ALSO)
  11 + [BUGS](#BUGS)
  12 + [AUTHOR](#AUTHOR)
  13 + [COPYRIGHT](#COPYRIGHT)
  14 +
  15 +------------------------------------------------------------------------
  16 +
  17 +NAME
  18 +----
  19 +
  20 +accountmanager.sh − source all functionality into the current shell
  21 +
  22 +General purpose functions:
  23 + random − create a non blocking stream of random data on stdout
  24 + rand\_printable − create a random string a printable characters
  25 +
  26 +Database management functions:
  27 + amngrdbinit − initialize the SQLite account database
  28 + amngrdbdestroy − remove the SQLite account database
  29 +
  30 +Account management functions:
  31 + amngradd − add an account credential to the database
  32 + amngrcreate − create a new account credential to the database
  33 + amngrcrypt − crypt the given data with GnuPG
  34 + amngrdelete − delete an account
  35 + amngrgen − generate a encrypted random passphrase
  36 + amngrgetoldpass − copy previous password of account to X clipboard
  37 + amngrgetolduser − copy previous username of account to X clipboard
  38 + amngrgetpass − copy active password of account to X clipboard
  39 + amngrgetuser − copy active username of account to X clipboard
  40 + amngrid − write the database id of a given account name to stdout
  41 + amngrlist − list all accounts
  42 + amngrrename − rename an account
  43 + amngrsearch − pattern search accounts
  44 +
  45 +SYNOPSIS
  46 +--------
  47 +
  48 +source **${PATH}/accountmanager.sh**
  49 +
  50 +**random**
  51 +
  52 +**rand\_printable** \[*len*\]
  53 +
  54 +**amngrdbinit** \[*dbfile*\]
  55 +
  56 +**amngrdbdestroy** \[*dbfile*\]
  57 +
  58 +**amngradd -u** *username* **-p** *password* \[**-d** *description*\]
  59 +\[**-D** *dbfile*\] \[**-r** *recipient*\] *account*
  60 +
  61 +**amngrcreate -u** *username* \[**-d** *description*\] \[**-D**
  62 +*dbfile*\] \[**-r** *recipient*\] *account*
  63 +
  64 +**amngrcrypt** \[**-r** *recipient*\] *password*
  65 +
  66 +**amngrdelete** *account*
  67 +
  68 +**amngrgen** \[**-r** *recipient*\] \[*len*\]
  69 +
  70 +**amngrgetoldpass** *account*
  71 +
  72 +**amngrgetolduser** *account*
  73 +
  74 +**amngrgetpass** *account*
  75 +
  76 +**amngrgetuser** *account*
  77 +
  78 +**amngrid** *account*
  79 +
  80 +**amngrlist** \[**-s** *separator*\]
  81 +
  82 +**amngrrename** *old\_account new\_account*
  83 +
  84 +**amngrsearch** \[**-s** *separator*\] *pattern*
  85 +
  86 +DESCRIPTION
  87 +-----------
  88 +
  89 +This file can either be source into the current shell or used as a
  90 +standalone shell script via the provided symlinks. When used as
  91 +standalone script it will detect the function to call by the content of
  92 +**$0**.
  93 + All *account* as well as all *username* arguments used below are
  94 +limited to 128 characters. The *account* argument is always a unique
  95 +string identifier for the account to manage. The *username* argument is
  96 +the username part of a credential which is a (*username*, *password*)
  97 +pair.
  98 +
  99 +<table>
  100 +<colgroup>
  101 +<col width="25%" />
  102 +<col width="25%" />
  103 +<col width="25%" />
  104 +<col width="25%" />
  105 +</colgroup>
  106 +<tbody>
  107 +<tr class="odd">
  108 +<td align="left"></td>
  109 +<td align="left"><p><strong>random</strong></p></td>
  110 +<td align="left"></td>
  111 +<td align="left"><p>Takes no arguments and connect a non blocking random source to stdout.</p></td>
  112 +</tr>
  113 +</tbody>
  114 +</table>
  115 +
  116 +**rand\_printable** \[*len*\]
  117 +
  118 +Uses **random** to write a string of random printable characters to
  119 +stdout. All control characters ASCII-0 to ASCII-37 as well as ASCII-177
  120 +to 255, single and double quotes are filtered. The single and double
  121 +quotes are filtered to prevent problems when they are used as string
  122 +separators after shell expansion as in the SQL here documents used to
  123 +communicate with the SQLite database.
  124 + The optional *len* argument specifies the string length to be written
  125 +and defaults to 512.
  126 +
  127 +**amngrdbinit** \[*dbfile*\]
  128 +
  129 +Create the SQLite database file. If the optional *dbfile* argument is
  130 +given it specifies the fill path to the file to use, else the value of
  131 +**$AMNGRDB** environment variable is used.
  132 +
  133 +**amngrdbdestroy** \[*dbfile*\]
  134 +
  135 +Deletes the SQLite database file. If the optional *dbfile* argument is
  136 +given it specifies the fill path to the file to use, else the value of
  137 +**$AMNGRDB** environment variable is used.
  138 +
  139 +**amngradd -u** *username* **-p** *password* \[**-d** *description*\]
  140 +\[**-D** *dbfile*\] \[**-r** *
  141 + recipient*\] *account*
  142 +
  143 +Adds an account credential and marks it as active. If the account
  144 +already exist, the credential (*username* and *password*) is added to
  145 +that account and the previously added credential is marked as old. If
  146 +there was another even older credential that was already marked as old
  147 +this will be marked as inactive and this becomes inaccessible with this
  148 +tools (except for **amngrdelete**).
  149 + The necessary option **-u** specifies the username to be stored with
  150 +this credential pair.
  151 + The also necessary option **-p** specifies the password to be stored
  152 +and the length of *password* is not limited at all.
  153 + With option **-d** one can add a *description* to the account entry.
  154 +One can specify the *dbfile* with the option **-D** if that option is
  155 +not given the **$AMNGRDB** environment variable is used.
  156 +
  157 +**amngrcreate -u** *username* \[**-d** *description*\] \[**-D**
  158 +*dbfile*\] \[**-r** *recipient*\] *
  159 + account*
  160 +
  161 +This will create a password with **amngrgen** and use that to add an
  162 +credential via **amngradd**. (See there for options description)
  163 + The added password will be copied to the X clipboard with
  164 +**amngrgetpass** for further use.
  165 +
  166 +**amngrcrypt** \[**-r** *recipient*\] *password*
  167 +
  168 +Crypt the given plain text *password* with GnuPG and write it to
  169 +stdout.
  170 + The option **-r** specifies the recipient to use with the call to
  171 +**gpg**. If it is not given the value of the **$AMNGRID** environment
  172 +variable is used.
  173 +
  174 +**amngrdelete** *account*
  175 +
  176 +Remove the *account* and all credential associated to it.
  177 +
  178 +**amngrgen** \[**-r** *receipient*\] \[*len*\]
  179 +
  180 +Generate a password with **rand\_printable** and encrypt it via
  181 +**amngrcrypt**. By default the password will be 10 characters long. That
  182 +can be modified by the optional *len* argument.
  183 +
  184 +**amngrgetoldpass** *account*
  185 +
  186 +Read and decrypt the password associated with *account* that is flagged
  187 +as old and store it into the X clipboard.
  188 +
  189 +**amngrgetolduser** *account*
  190 +
  191 +Read and decrypt the username associated with *account* that is flagged
  192 +as old and store it into the X clipboard.
  193 +
  194 +**amngrgetpass** *account*
  195 +
  196 +Read and decrypt the password associated with *account* that is flagged
  197 +as active and store it into the X clipboard.
  198 +
  199 +**amngrgetuser** *account*
  200 +
  201 +Read and decrypt the username associated with *account* that is flagged
  202 +as active and store it into the X clipboard.
  203 +
  204 +**amngrid** *account*
  205 +
  206 +(This is primarily for internal use.) Get the database id associated to
  207 +the given *account* argument.
  208 +
  209 +**amngrlist** \[**-s** *separator*\]
  210 +
  211 +List all accounts currently stored within the database the output will
  212 +contain the name of the account, the username and the description
  213 +delimited by a *separator* string that can be specified with the **-s**
  214 +option. If the option is omitted the separator is " =&gt; ". Each row is
  215 +one account.
  216 +
  217 +**amngrrename** *old\_account new\_account*
  218 +
  219 +Rename the account specified by *old\_account* to *new\_account*.
  220 +
  221 +**amngrsearch** \[**-s** *separator*\] *pattern*
  222 +
  223 +List accounts where *pattern* exists in either the account name, the
  224 +username or the account description. The output is like the one
  225 +described with **amngrlist**.
  226 +
  227 +OPTIONS
  228 +-------
  229 +
  230 +The options are consistent over all sub commands. However not all sub
  231 +commands use all options and some sub commands take arguments that other
  232 +get per option. (See **DESCRIPTION**)
  233 +
  234 +<table>
  235 +<colgroup>
  236 +<col width="25%" />
  237 +<col width="25%" />
  238 +<col width="25%" />
  239 +<col width="25%" />
  240 +</colgroup>
  241 +<tbody>
  242 +<tr class="odd">
  243 +<td align="left"></td>
  244 +<td align="left"><p><strong>-u</strong></p></td>
  245 +<td align="left"></td>
  246 +<td align="left"><p>The login username of the credential for the account.</p></td>
  247 +</tr>
  248 +<tr class="even">
  249 +<td align="left"></td>
  250 +<td align="left"><p><strong>-p</strong></p></td>
  251 +<td align="left"></td>
  252 +<td align="left"><p>The plain text password of the credential for the account.</p></td>
  253 +</tr>
  254 +<tr class="odd">
  255 +<td align="left"></td>
  256 +<td align="left"><p><strong>-d</strong></p></td>
  257 +<td align="left"></td>
  258 +<td align="left"><p>The description for the account.</p></td>
  259 +</tr>
  260 +<tr class="even">
  261 +<td align="left"></td>
  262 +<td align="left"><p><strong>-D</strong></p></td>
  263 +<td align="left"></td>
  264 +<td align="left"><p>Select the database file to use instead of the one defined in the <strong>$AMNGRDB</strong> environment variable.</p></td>
  265 +</tr>
  266 +<tr class="odd">
  267 +<td align="left"></td>
  268 +<td align="left"><p><strong>-r</strong></p></td>
  269 +<td align="left"></td>
  270 +<td align="left"><p>Select a recipient id for GnuPG encryption to use instead of the one defined in the <strong>$AMNGRID</strong> environment variable.</p></td>
  271 +</tr>
  272 +<tr class="even">
  273 +<td align="left"></td>
  274 +<td align="left"><p><strong>-s</strong></p></td>
  275 +<td align="left"></td>
  276 +<td align="left"><p>The column separator for the <strong>amngrlist</strong> and <strong>amngrsearchcommands.</strong></p></td>
  277 +</tr>
  278 +</tbody>
  279 +</table>
  280 +
  281 +ENVIRONMENT
  282 +-----------
  283 +
  284 +**AMNGRDB**
  285 +
  286 +The default SQLite database file to use. This will be created with
  287 +**amngrdbinit** as long as the path to that file exists. This can be
  288 +overruled with the **-D** command line option.
  289 +
  290 +**AMNGRID**
  291 +
  292 +The GnuPG recipient id to encrypt against. You should use one where you
  293 +have both public and private key. Failure to do so will result in not
  294 +decipherable data. This can be overruled with the **-r** command line
  295 +option.
  296 +
  297 +**AMNGRPWLEN**
  298 +
  299 +The password length to be used when generating new passwords.
  300 +
  301 +DEPENDENCIES
  302 +------------
  303 +
  304 +A set of POSIX compliant shell utilities including a POSIX compliant
  305 +shell as well are needed to run this script.
  306 +
  307 +The functions within this script expect that all the needed tools can be
  308 +found by the shell, usually that means that the current **$PATH**
  309 +environment variable is set accordingly or that the tools are a shell
  310 +internal.
  311 +
  312 +The existence of a reliable non blocking random source. By default this
  313 +scripts use **$(cat /dev/urandom)** which can be changed by replacing
  314 +the alias **random** with something useful for your system.
  315 +
  316 +For data storage **Sqlite &gt;= 3.6.19** is required. The version
  317 +requirement comes from the use of foreign key constraints.
  318 +
  319 +To store the data within the X clipboard the **xclip** is needed.
  320 +
  321 +**The tools used are**
  322 +
  323 +<table>
  324 +<colgroup>
  325 +<col width="20%" />
  326 +<col width="20%" />
  327 +<col width="20%" />
  328 +<col width="20%" />
  329 +<col width="20%" />
  330 +</colgroup>
  331 +<tbody>
  332 +<tr class="odd">
  333 +<td align="left"></td>
  334 +<td align="left"><p></p></td>
  335 +<td align="left"></td>
  336 +<td align="left"><p><strong>awk</strong></p></td>
  337 +<td align="left"></td>
  338 +</tr>
  339 +<tr class="even">
  340 +<td align="left"></td>
  341 +<td align="left"><p></p></td>
  342 +<td align="left"></td>
  343 +<td align="left"><p><strong>basename</strong></p></td>
  344 +<td align="left"></td>
  345 +</tr>
  346 +<tr class="odd">
  347 +<td align="left"></td>
  348 +<td align="left"><p></p></td>
  349 +<td align="left"></td>
  350 +<td align="left"><p><strong>cat</strong></p></td>
  351 +<td align="left"></td>
  352 +</tr>
  353 +<tr class="even">
  354 +<td align="left"></td>
  355 +<td align="left"><p></p></td>
  356 +<td align="left"></td>
  357 +<td align="left"><p><strong>dnsdomainname</strong></p></td>
  358 +<td align="left"></td>
  359 +</tr>
  360 +<tr class="odd">
  361 +<td align="left"></td>
  362 +<td align="left"><p></p></td>
  363 +<td align="left"></td>
  364 +<td align="left"><p><strong>echo</strong></p></td>
  365 +<td align="left"></td>
  366 +</tr>
  367 +<tr class="even">
  368 +<td align="left"></td>
  369 +<td align="left"><p></p></td>
  370 +<td align="left"></td>
  371 +<td align="left"><p><strong>getopts</strong></p></td>
  372 +<td align="left"></td>
  373 +</tr>
  374 +<tr class="odd">
  375 +<td align="left"></td>
  376 +<td align="left"><p></p></td>
  377 +<td align="left"></td>
  378 +<td align="left"><p><strong>gpg</strong></p></td>
  379 +<td align="left"></td>
  380 +</tr>
  381 +<tr class="even">
  382 +<td align="left"></td>
  383 +<td align="left"><p></p></td>
  384 +<td align="left"></td>
  385 +<td align="left"><p><strong>head</strong></p></td>
  386 +<td align="left"></td>
  387 +</tr>
  388 +<tr class="odd">
  389 +<td align="left"></td>
  390 +<td align="left"><p></p></td>
  391 +<td align="left"></td>
  392 +<td align="left"><p><strong>printf</strong></p></td>
  393 +<td align="left"></td>
  394 +</tr>
  395 +<tr class="even">
  396 +<td align="left"></td>
  397 +<td align="left"><p></p></td>
  398 +<td align="left"></td>
  399 +<td align="left"><p><strong>rm</strong></p></td>
  400 +<td align="left"></td>
  401 +</tr>
  402 +<tr class="odd">
  403 +<td align="left"></td>
  404 +<td align="left"><p></p></td>
  405 +<td align="left"></td>
  406 +<td align="left"><p><strong>shift</strong></p></td>
  407 +<td align="left"></td>
  408 +</tr>
  409 +<tr class="even">
  410 +<td align="left"></td>
  411 +<td align="left"><p></p></td>
  412 +<td align="left"></td>
  413 +<td align="left"><p><strong>SQLite3</strong> (&gt;= 3.6.19 for foreign key constraints)</p></td>
  414 +<td align="left"></td>
  415 +</tr>
  416 +<tr class="odd">
  417 +<td align="left"></td>
  418 +<td align="left"><p></p></td>
  419 +<td align="left"></td>
  420 +<td align="left"><p><strong>test</strong> and <strong>[</strong></p></td>
  421 +<td align="left"></td>
  422 +</tr>
  423 +<tr class="even">
  424 +<td align="left"></td>
  425 +<td align="left"><p></p></td>
  426 +<td align="left"></td>
  427 +<td align="left"><p><strong>tr</strong></p></td>
  428 +<td align="left"></td>
  429 +</tr>
  430 +<tr class="odd">
  431 +<td align="left"></td>
  432 +<td align="left"><p></p></td>
  433 +<td align="left"></td>
  434 +<td align="left"><p><strong>xclip</strong></p></td>
  435 +<td align="left"></td>
  436 +</tr>
  437 +</tbody>
  438 +</table>
  439 +
  440 +SEE ALSO
  441 +--------
  442 +
  443 +gpg2(1), gpg-agent(1)
  444 +
  445 +BUGS
  446 +----
  447 +
  448 +No known bugs.
  449 +
  450 +AUTHOR
  451 +------
  452 +
  453 +Georg Hopp (georg@steffers.org.in)
  454 +
  455 +COPYRIGHT
  456 +---------
  457 +
  458 +Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later
  459 +&lt;http://gnu.org/licenses/gpl.html&gt;.
  460 + This is free software: you are free to change and redistribute it.
  461 +There is NO WARRANTY, to the extent permitted by law.
  462 +
  463 +------------------------------------------------------------------------
  1 +#!/bin/sh
  2 +
  3 +AMNGRDB="${AMNGRDB:-${HOME}/.account.db}"
  4 +AMNGRID="${AMNGRID:-${USER}@${HOSTNAME}}"
  5 +AMNGRPWLEN="${AMNGRPWLEN:-10}"
  6 +
  7 +alias random="cat /dev/urandom"
  8 +
  9 +function rand_printable() {
  10 + if ! [[ "${1}" =~ "^[0-9]+$" ]]
  11 + then
  12 + printf "Usage: %s: [len]" "$0"
  13 + fi
  14 + echo -n "$(random | tr -dc ' !#-&(-~' | head -c${1:-512})"
  15 +}
  16 +
  17 +function amngrdbinit() {
  18 + local DB="${1:-${AMNGRDB}}"
  19 +
  20 + sqlite3 "${DB}" <<-EOD
  21 + PRAGMA foreign_keys = ON;
  22 + CREATE TABLE IF NOT EXISTS account (
  23 + id INTEGER PRIMARY KEY AUTOINCREMENT,
  24 + name VARCHAR(128) UNIQUE NOT NULL,
  25 + desc TEXT DEFAULT NULL);
  26 + CREATE TABLE IF NOT EXISTS cred (
  27 + id INTEGER PRIMARY KEY AUTOINCREMENT,
  28 + user VARCHAR(128) NOT NULL,
  29 + pass TEXT NOT NULL);
  30 + CREATE TABLE IF NOT EXISTS account_cred (
  31 + account_id INTEGER,
  32 + cred_id INTEGER,
  33 + state SMALLINT(1) NOT NULL,
  34 + FOREIGN KEY(account_id) REFERENCES account(id)
  35 + ON UPDATE CASCADE ON DELETE CASCADE,
  36 + FOREIGN KEY(cred_id) REFERENCES cred(id)
  37 + ON UPDATE CASCADE ON DELETE CASCADE);
  38 + EOD
  39 +}
  40 +
  41 +function amngrdbdestroy() {
  42 + local DB="${1:-${AMNGRDB}}"
  43 + local CHECK
  44 +
  45 + cat <<-EOT
  46 + WARNING: You are about to remove your account data. There is no way to
  47 + recover from this. Are you really shure you want to do this?
  48 + EOT
  49 + echo -n "[Yes|[No]]: " && read CHECK
  50 + CHECK="${CHECK:-No}"
  51 +
  52 + test "${CHECK}" == "Yes" && rm -f "${AMNGRDB}"
  53 +}
  54 +
  55 +function amngrid() {
  56 + local ACCOUNT_NAME="${1}"
  57 + echo "$(sqlite3 "${AMNGRDB}" <<-EOD
  58 + SELECT id FROM account WHERE name='${ACCOUNT_NAME}';
  59 + EOD
  60 + )"
  61 +}
  62 +
  63 +function amngrcrypt() {
  64 + local PLAIN="${1}"
  65 + echo -n "${PLAIN}" | gpg -aeqr "${AMNGRID}"
  66 +}
  67 +
  68 +function amngrgen() {
  69 + local LEN="${0:-${AMNGRPWLEN}}"
  70 + amngrcrypt "$(rand_printable "${LEN}")"
  71 +}
  72 +
  73 +function amngradd() {
  74 + local ACCOUNT_NAME="${1}"
  75 + local USER="${2}"
  76 + local PASSWORD="$(amngrcrypt "${3}")"
  77 + local DESCRIPTION="${4:-NO DESCRIPTION}"
  78 + local ACCOUNT_ID="$(amngrid "${ACCOUNT_NAME}")"
  79 + local QUERY="$(cat <<-EOD
  80 + PRAGMA foreign_keys = ON;
  81 + BEGIN TRANSACTION;
  82 + INSERT INTO cred (user, pass)
  83 + VALUES ('${USER}', '${PASSWORD}');
  84 + EOD
  85 + )"
  86 +
  87 + if [ -z "${ACCOUNT_ID}" ]
  88 + then
  89 + QUERY="$(cat <<-EOD
  90 + ${QUERY}
  91 + INSERT INTO account (name, desc)
  92 + VALUES ('${ACCOUNT_NAME}', '${DESCRIPTION}');
  93 + EOD
  94 + )"
  95 + else
  96 + QUERY="$(cat <<-EOD
  97 + ${QUERY}
  98 + UPDATE account_cred SET state=0
  99 + WHERE account_id=(SELECT id FROM account
  100 + WHERE name='${ACCOUNT_NAME}' AND state=2);
  101 + UPDATE account_cred SET state=2
  102 + WHERE account_id=(SELECT id FROM account
  103 + WHERE name='${ACCOUNT_NAME}' AND state=1);
  104 + EOD
  105 + )"
  106 + fi
  107 +
  108 + QUERY="$(cat <<-EOD
  109 + ${QUERY}
  110 + INSERT INTO account_cred (account_id, cred_id, state)
  111 + VALUES ((SELECT id FROM account WHERE name='${ACCOUNT_NAME}'),
  112 + (SELECT id FROM cred WHERE user='${USER}' AND pass='${PASSWORD}'),
  113 + 1);
  114 + COMMIT TRANSACTION;
  115 + EOD
  116 + )"
  117 +
  118 + sqlite3 "${AMNGRDB}" "${QUERY}"
  119 +}
  120 +
  121 +function amngrcreate() {
  122 + local ACCOUNT_NAME="${1}"
  123 + local USER="${2}"
  124 + local DESCRIPTION="${3:-NO DESCRIPTION}"
  125 + local PASSWORD="$(rand_printable 10)"
  126 +
  127 + amngradd "${ACCOUNT_NAME}" "${USER}" "${PASSWORD}" "${DESCRIPTION}"
  128 + amngrgetpass "${ACCOUNT_NAME}"
  129 +}
  130 +
  131 +function amngrgetuser() {
  132 + local ACCOUNT_NAME="${1}"
  133 + local STATE="${2:-"1"}"
  134 +
  135 + test "${STATE}" != "1" -a "${STATE}" != "2" && STATE="1"
  136 +
  137 + sqlite3 "${AMNGRDB}" <<-EOD |\
  138 + awk 'NR>1{print p}{p=$0}END{ORS="";print}' | xclip -i
  139 + SELECT user FROM account
  140 + JOIN account_cred ON account.id=account_cred.account_id
  141 + JOIN cred ON cred.id=account_cred.cred_id
  142 + WHERE name='${ACCOUNT_NAME}' AND state=${STATE};
  143 + EOD
  144 +}
  145 +
  146 +function amngrgetolduser() {
  147 + local ACCOUNT_NAME="${1}"
  148 + amngrgetuser "${ACCOUNT_NAME}" "2"
  149 +}
  150 +
  151 +function amngrgetpass() {
  152 + local ACCOUNT_NAME="${1}"
  153 + local STATE="${2:-1}"
  154 +
  155 + test "${STATE}" != "1" -a "${STATE}" != "2" && STATE="1"
  156 +
  157 + sqlite3 "${AMNGRDB}" <<-EOD |\
  158 + awk 'NR>1{print p}{p=$0}END{ORS="";print}' | gpg -dq | xclip -i
  159 + SELECT pass FROM account
  160 + JOIN account_cred ON account.id=account_cred.account_id
  161 + JOIN cred ON cred.id=account_cred.cred_id
  162 + WHERE name='${ACCOUNT_NAME}' AND state=${STATE};
  163 + EOD
  164 +}
  165 +
  166 +function amngrgetoldpass() {
  167 + local ACCOUNT_NAME="${1}"
  168 + amngrgetpass "${ACCOUNT_NAME}" "2"
  169 +}
  170 +
  171 +function amngrrename() {
  172 + local OLD_NAME="${1}"
  173 + local NEW_NAME="${2}"
  174 +
  175 + test -z "${OLD_NAME}" -o -z "${NEW_NAME}" && return 1
  176 +
  177 + sqlite3 "${AMNGRDB}" <<-EOD
  178 + UPDATE account SET name='${NEW_NAME}'
  179 + WHERE name='${OLD_NAME}';
  180 + EOD
  181 +}
  182 +
  183 +function amngrdelete() {
  184 + local ACCOUNT_NAME="${1}"
  185 +
  186 + sqlite3 "${AMNGRDB}" <<-EOD
  187 + PRAGMA foreign_keys = ON;
  188 + BEGIN TRANSACTION;
  189 + DELETE FROM cred WHERE id IN (
  190 + SELECT cred_id FROM account
  191 + JOIN account_cred ON account.id=account_cred.account_id
  192 + WHERE name='${ACCOUNT_NAME}');
  193 + DELETE FROM account WHERE name='${ACCOUNT_NAME}';
  194 + COMMIT TRANSACTION;
  195 + EOD
  196 +}
  197 +
  198 +function amngrlist() {
  199 + local SEPARATOR="${1:-" => "}"
  200 + sqlite3 -separator "${SEPARATOR}" "${AMNGRDB}" <<-EOD
  201 + SELECT name, user, desc FROM account
  202 + JOIN account_cred ON account.id=account_cred.account_id
  203 + JOIN cred ON cred.id=account_cred.cred_id
  204 + WHERE state=1;
  205 + EOD
  206 +}
  207 +
  208 +function amngrsearch() {
  209 + local PATTERN
  210 + local DELIMITER=" => "
  211 + local USAGE="$(printf "Usage: %s: [-d delimiter] pattern" "$0")"
  212 +
  213 + while getopts d: opt
  214 + do
  215 + case $opt in
  216 + d)
  217 + DELIMITER="${OPTARG}";;
  218 + ?)
  219 + echo "${USAGE}"
  220 + exit 1;;
  221 + esac
  222 + done
  223 + shift $(($OPTIND-1))
  224 +
  225 + if [ $# -lt 2 ]
  226 + then
  227 + echo "${USAGE}"
  228 + exit 1;;
  229 + fi
  230 +
  231 + PATTERN="${1}"
  232 +
  233 + sqlite3 -separator " => " "${AMNGRDB}" <<-EOD
  234 + SELECT name, user, desc FROM account
  235 + JOIN account_cred ON account.id=account_cred.account_id
  236 + JOIN cred ON cred.id=account_cred.cred_id
  237 + WHERE state=1 AND (
  238 + name LIKE '%${PATTERN}%' OR user LIKE '%${PATTERN}%' OR
  239 + desc LIKE '%${PATTERN}%');
  240 + EOD
  241 +}
  242 +
  243 +case "$(basename -- "$0")" in
  244 + random) random;;
  245 + rand_printable) rand_printable;;
  246 +
  247 + amngrdbinit) amngrdbinit;;
  248 + amngrdbdestroy) amngrdbdestroy;;
  249 +
  250 + amngradd) amngradd "$@";;
  251 + amngrcreate) amngrcreate "$@";;
  252 + amngrcrypt) amngrcrypt "$@";;
  253 + amngrdelete) amngrdelete "$@";;
  254 + amngrgen) amngrgen "$@";;
  255 + amngrgetoldpass) amngrgetoldpass "$@";;
  256 + amngrgetolduser) amngrgetolduser "$@";;
  257 + amngrgetpass) amngrgetpass "$@";;
  258 + amngrgetuser) amngrgetuser "$@";;
  259 + amngrid) amngrid "$@";;
  260 + amngrlist) amngrlist;;
  261 + amngrrename) amngrrename "$@";;
  262 + amngrsearch) amngrsearch "$@";;
  263 +
  264 + *) ;;
  265 +esac
  266 +
  267 +# vim: set ft=sh ts=4 sw=4:
  1 +.\" Man page for accountmanager.
  2 +.\" Contact georg@steffers.org.in to correct errors or typos.
  3 +.TH man 1 "25 Jan 2017" "0.1" \
  4 +"accountmanager.sh: Shell tools for managing account credentials."
  5 +.SH NAME
  6 +accountmanager.sh \- source all functionality into the current shell
  7 +
  8 +General purpose functions:
  9 + random \- create a non blocking stream of random data on stdout
  10 + rand_printable \- create a random string a printable characters
  11 +
  12 +Database management functions:
  13 + amngrdbinit \- initialize the SQLite account database
  14 + amngrdbdestroy \- remove the SQLite account database
  15 +
  16 +Account management functions:
  17 + amngradd \- add an account credential to the database
  18 + amngrcreate \- create a new account credential to the database
  19 + amngrcrypt \- crypt the given data with GnuPG
  20 + amngrdelete \- delete an account
  21 + amngrgen \- generate a encrypted random passphrase
  22 + amngrgetoldpass \- copy previous password of account to X clipboard
  23 + amngrgetolduser \- copy previous username of account to X clipboard
  24 + amngrgetpass \- copy active password of account to X clipboard
  25 + amngrgetuser \- copy active username of account to X clipboard
  26 + amngrid \- write the database id of a given account name to stdout
  27 + amngrlist \- list all accounts
  28 + amngrrename \- rename an account
  29 + amngrsearch \- pattern search accounts
  30 +.SH SYNOPSIS
  31 +source
  32 +.B ${PATH}/accountmanager.sh
  33 +
  34 +.B random
  35 +
  36 +.B rand_printable
  37 +.RI [ len ]
  38 +
  39 +.B amngrdbinit
  40 +.RI [ dbfile ]
  41 +
  42 +.B amngrdbdestroy
  43 +.RI [ dbfile ]
  44 +
  45 +.B amngradd -u
  46 +.I username
  47 +.B -p
  48 +.I password
  49 +.RB [ -d
  50 +.IR description ]
  51 +.RB [ -D
  52 +.IR dbfile ]
  53 +.RB [ -r
  54 +.IR recipient ]
  55 +.I account
  56 +
  57 +.B amngrcreate -u
  58 +.I username
  59 +.RB [ -d
  60 +.IR description ]
  61 +.RB [ -D
  62 +.IR dbfile ]
  63 +.RB [ -r
  64 +.IR recipient ]
  65 +.I account
  66 +
  67 +.B amngrcrypt
  68 +.RB [ -r
  69 +.IR recipient ]
  70 +.I password
  71 +
  72 +.B amngrdelete
  73 +.I account
  74 +
  75 +.B amngrgen
  76 +.RB [ -r
  77 +.IR recipient ]
  78 +.RI [ len ]
  79 +
  80 +.B amngrgetoldpass
  81 +.I account
  82 +
  83 +.B amngrgetolduser
  84 +.I account
  85 +
  86 +.B amngrgetpass
  87 +.I account
  88 +
  89 +.B amngrgetuser
  90 +.I account
  91 +
  92 +.B amngrid
  93 +.I account
  94 +
  95 +.B amngrlist
  96 +.RB [ -s
  97 +.IR separator ]
  98 +
  99 +.B amngrrename
  100 +.I old_account new_account
  101 +
  102 +.B amngrsearch
  103 +.RB [ -s
  104 +.IR separator ]
  105 +.I pattern
  106 +.SH DESCRIPTION
  107 + This file can either be source into the current shell or used as a
  108 +standalone shell script via the provided symlinks. When used as standalone
  109 +script it will detect the function to call by the content of \fB$0\fR.
  110 + All \fIaccount\fR as well as all \fIusername\fR arguments used below are
  111 +limited to 128 characters. The \fIaccount\fR argument is always a unique
  112 +string identifier for the account to manage. The \fIusername\fR argument is
  113 +the username part of a credential which is a (\fIusername\fR, \fIpassword\fR)
  114 +pair.
  115 +.TP
  116 +\fBrandom\fR
  117 + Takes no arguments and connect a non blocking random source to stdout.
  118 +.TP
  119 +\fBrand_printable\fR [\fIlen\fR]
  120 + Uses \fBrandom\fR to write a string of random printable characters to
  121 +stdout. All control characters ASCII-0 to ASCII-37 as well as
  122 +ASCII-177 to 255, single and double quotes are filtered. The single
  123 +and double quotes are filtered to prevent problems when they are used
  124 +as string separators after shell expansion as in the SQL here
  125 +documents used to communicate with the SQLite database.
  126 + The optional \fIlen\fR argument specifies the string length to be written
  127 +and defaults to 512.
  128 +.TP
  129 +\fBamngrdbinit\fR [\fIdbfile\fR]
  130 + Create the SQLite database file. If the optional \fIdbfile\fR argument is
  131 +given it specifies the fill path to the file to use, else the value of
  132 +\fB$AMNGRDB\fR environment variable is used.
  133 +.TP
  134 +\fBamngrdbdestroy\fR [\fIdbfile\fR]
  135 + Deletes the SQLite database file. If the optional \fIdbfile\fR argument
  136 +is given it specifies the fill path to the file to use, else the value
  137 +of \fB$AMNGRDB\fR environment variable is used.
  138 +.TP
  139 +\fBamngradd\fR \fB-u\fR \fIusername\fR \fB-p\fR \fIpassword\fR \
  140 +[\fB-d\fR \fIdescription\fR] [\fB-D\fR \fIdbfile\fR] \
  141 +[\fB-r\fR \fIrecipient\fR] \fIaccount\fR
  142 + Adds an account credential and marks it as active. If the account
  143 +already exist, the credential (\fIusername\fR and \fIpassword\fR) is added to
  144 +that account and the previously added credential is marked as old. If
  145 +there was another even older credential that was already marked as old
  146 +this will be marked as inactive and this becomes inaccessible with
  147 +this tools (except for \fBamngrdelete\fR).
  148 + The necessary option \fB-u\fR specifies the username to be stored with
  149 +this credential pair.
  150 + The also necessary option \fB-p\fR specifies the password to be stored
  151 +and the length of \fIpassword\fR is not limited at all.
  152 + With option \fB-d\fR one can add a \fIdescription\fR to the account entry.
  153 +One can specify the \fIdbfile\fR with the option \fB-D\fR if that option is
  154 +not given the \fB$AMNGRDB\fR environment variable is used.
  155 +.TP
  156 +\fBamngrcreate\fR \fB-u\fR \fIusername\fR [\fB-d\fR \fIdescription\fR] \
  157 +[\fB-D\fR \fIdbfile\fR] [\fB-r\fR \fIrecipient\fR] \fIaccount\fR
  158 + This will create a password with \fBamngrgen\fR and use that to add an
  159 +credential via \fBamngradd\fR. (See there for options description)
  160 + The added password will be copied to the X clipboard with
  161 +\fBamngrgetpass\fR for further use.
  162 +.TP
  163 +\fBamngrcrypt\fR [\fB-r\fR \fIrecipient\fR] \fIpassword\fR
  164 + Crypt the given plain text \fIpassword\fR with GnuPG and write it to
  165 +stdout.
  166 + The option \fB-r\fR specifies the recipient to use with the call to
  167 +\fBgpg\fR. If it is not given the value of the \fB$AMNGRID\fR environment
  168 +variable is used.
  169 +.TP
  170 +\fBamngrdelete\fR \fIaccount\fR
  171 + Remove the \fIaccount\fR and all credential associated to it.
  172 +.TP
  173 +\fBamngrgen\fR [\fB-r\fR \fIreceipient\fR] [\fIlen\fR]
  174 + Generate a password with \fBrand_printable\fR and encrypt it via
  175 +\fBamngrcrypt\fR. By default the password will be 10 characters long. That
  176 +can be modified by the optional \fIlen\fR argument.
  177 +.TP
  178 +\fBamngrgetoldpass\fR \fIaccount\fR
  179 + Read and decrypt the password associated with \fIaccount\fR that is
  180 +flagged as old and store it into the X clipboard.
  181 +.TP
  182 +\fBamngrgetolduser\fR \fIaccount\fR
  183 + Read and decrypt the username associated with \fIaccount\fR that is
  184 +flagged as old and store it into the X clipboard.
  185 +.TP
  186 +\fBamngrgetpass\fR \fIaccount\fR
  187 + Read and decrypt the password associated with \fIaccount\fR that is
  188 +flagged as active and store it into the X clipboard.
  189 +.TP
  190 +\fBamngrgetuser\fR \fIaccount\fR
  191 + Read and decrypt the username associated with \fIaccount\fR that is
  192 +flagged as active and store it into the X clipboard.
  193 +.TP
  194 +\fBamngrid\fR \fIaccount\fR
  195 + (This is primarily for internal use.) Get the database id associated
  196 +to the given \fIaccount\fR argument.
  197 +.TP
  198 +\fBamngrlist\fR [\fB-s\fR \fIseparator\fR]
  199 + List all accounts currently stored within the database the output
  200 +will contain the name of the account, the username and the description
  201 +delimited by a \fIseparator\fR string that can be specified with the
  202 +\fB-s\fR option. If the option is omitted the separator is " => ". Each
  203 +row is one account.
  204 +.TP
  205 +\fBamngrrename\fR \fIold_account\fR \fInew_account\fR
  206 + Rename the account specified by \fIold_account\fR to \fInew_account\fR.
  207 +.TP
  208 +\fBamngrsearch\fR [\fB-s\fR \fIseparator\fR] \fIpattern\fR
  209 + List accounts where \fIpattern\fR exists in either the account name, the
  210 +username or the account description. The output is like the one
  211 +described with \fBamngrlist\fR.
  212 +.SH OPTIONS
  213 + The options are consistent over all sub commands. However not all sub commands
  214 +use all options and some sub commands take arguments that other get per option.
  215 +(See \fBDESCRIPTION\fR)
  216 +.TP
  217 +.B -u
  218 +The login username of the credential for the account.
  219 +.TP
  220 +.B -p
  221 +The plain text password of the credential for the account.
  222 +.TP
  223 +.B -d
  224 +The description for the account.
  225 +.TP
  226 +.B -D
  227 +Select the database file to use instead of the one defined in the
  228 +\fB$AMNGRDB\fR environment variable.
  229 +.TP
  230 +.B -r
  231 +Select a recipient id for GnuPG encryption to use instead of the one
  232 +defined in the \fB$AMNGRID\fR environment variable.
  233 +.TP
  234 +.B -s
  235 +The column separator for the \fBamngrlist\fR and \fBamngrsearch\R commands.
  236 +.SH ENVIRONMENT
  237 +.TP
  238 +.B AMNGRDB
  239 + The default SQLite database file to use. This will be created with
  240 +\fBamngrdbinit\fR as long as the path to that file exists. This can be
  241 +overruled with the \fB-D\fR command line option.
  242 +.TP
  243 +.B AMNGRID
  244 + The GnuPG recipient id to encrypt against. You should use one where you have
  245 +both public and private key. Failure to do so will result in not decipherable
  246 +data. This can be overruled with the \fB-r\fR command line option.
  247 +.TP
  248 +.B AMNGRPWLEN
  249 + The password length to be used when generating new passwords.
  250 +.SH DEPENDENCIES
  251 + A set of POSIX compliant shell utilities including a POSIX compliant shell
  252 +as well are needed to run this script.
  253 +
  254 + The functions within this script expect that all the needed tools
  255 +can be found by the shell, usually that means that the current \fB$PATH\fR
  256 +environment variable is set accordingly or that the tools are
  257 +a shell internal.
  258 +
  259 + The existence of a reliable non blocking random source. By default this
  260 +scripts use \fB$(cat /dev/urandom)\fR which can be changed by replacing the
  261 +alias \fBrandom\fR with something useful for your system.
  262 +
  263 + For data storage \fBSqlite >= 3.6.19\fR is required. The version requirement
  264 +comes from the use of foreign key constraints.
  265 +
  266 + To store the data within the X clipboard the \fBxclip\fR is needed.
  267 +
  268 +.SS The tools used are
  269 +.PD 0
  270 +.IP \[bu] 2
  271 +\fBawk\fR
  272 +.IP \[bu]
  273 +\fBbasename\fR
  274 +.IP \[bu]
  275 +\fBcat\fR
  276 +.IP \[bu]
  277 +\fBdnsdomainname\fR
  278 +.IP \[bu]
  279 +\fBecho\fR
  280 +.IP \[bu]
  281 +\fBgetopts\fR
  282 +.IP \[bu]
  283 +\fBgpg\fR
  284 +.IP \[bu]
  285 +\fBhead\fR
  286 +.IP \[bu]
  287 +\fBprintf\fR
  288 +.IP \[bu]
  289 +\fBrm\fR
  290 +.IP \[bu]
  291 +\fBshift\fR
  292 +.IP \[bu]
  293 +\fBSQLite3\fR (>= 3.6.19 for foreign key constraints)
  294 +.IP \[bu]
  295 +\fBtest\fR and \fB[\fR
  296 +.IP \[bu]
  297 +\fBtr\fR
  298 +.IP \[bu]
  299 +\fBxclip\fR
  300 +.PD
  301 +.SH SEE ALSO
  302 +gpg2(1), gpg-agent(1)
  303 +.SH BUGS
  304 +No known bugs.
  305 +.SH AUTHOR
  306 +Georg Hopp (georg@steffers.org.in)
  307 +.SH COPYRIGHT
  308 + Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later
  309 +<http://gnu.org/licenses/gpl.html>.
  310 + This is free software: you are free to change and redistribute it. There is
  311 +NO WARRANTY, to the extent permitted by law.
  312 +.\" vim: set ft=groff ts=4 sw=4:
  1 +# man
  2 +
  3 +[NAME](#NAME)
  4 +[SYNOPSIS](#SYNOPSIS)
  5 +[DESCRIPTION](#DESCRIPTION)
  6 +[OPTIONS](#OPTIONS)
  7 +[ENVIRONMENT](#ENVIRONMENT)
  8 +[DEPENDENCIES](#DEPENDENCIES)
  9 +[SEE ALSO](#SEE ALSO)
  10 +[BUGS](#BUGS)
  11 +[AUTHOR](#AUTHOR)
  12 +[COPYRIGHT](#COPYRIGHT)
  13 +
  14 +* * *
  15 +
  16 +## NAME<a name="NAME"></a>
  17 +
  18 +accountmanager.sh − source all functionality into the current shell
  19 +
  20 +General purpose functions:
  21 +random − create a non blocking stream of random data on stdout
  22 +rand_printable − create a random string a printable characters
  23 +
  24 +Database management functions:
  25 +amngrdbinit − initialize the SQLite account database
  26 +amngrdbdestroy − remove the SQLite account database
  27 +
  28 +Account management functions:
  29 +amngradd − add an account credential to the database
  30 +amngrcreate − create a new account credential to the database
  31 +amngrcrypt − crypt the given data with GnuPG
  32 +amngrdelete − delete an account
  33 +amngrgen − generate a encrypted random passphrase
  34 +amngrgetoldpass − copy previous password of account to X clipboard
  35 +amngrgetolduser − copy previous username of account to X clipboard
  36 +amngrgetpass − copy active password of account to X clipboard
  37 +amngrgetuser − copy active username of account to X clipboard
  38 +amngrid − write the database id of a given account name to stdout
  39 +amngrlist − list all accounts
  40 +amngrrename − rename an account
  41 +amngrsearch − pattern search accounts
  42 +
  43 +## SYNOPSIS<a name="SYNOPSIS"></a>
  44 +
  45 +source **${PATH}/accountmanager.sh**
  46 +
  47 +**random**
  48 +
  49 +**rand_printable** [_len_]
  50 +
  51 +**amngrdbinit** [_dbfile_]
  52 +
  53 +**amngrdbdestroy** [_dbfile_]
  54 +
  55 +**amngradd -u** _username_ **-p** _password_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_] _account_
  56 +
  57 +**amngrcreate -u** _username_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_] _account_
  58 +
  59 +**amngrcrypt** [**-r** _recipient_] _password_
  60 +
  61 +**amngrdelete** _account_
  62 +
  63 +**amngrgen** [**-r** _recipient_] [_len_]
  64 +
  65 +**amngrgetoldpass** _account_
  66 +
  67 +**amngrgetolduser** _account_
  68 +
  69 +**amngrgetpass** _account_
  70 +
  71 +**amngrgetuser** _account_
  72 +
  73 +**amngrid** _account_
  74 +
  75 +**amngrlist** [**-s** _separator_]
  76 +
  77 +**amngrrename** _old_account new_account_
  78 +
  79 +**amngrsearch** [**-s** _separator_] _pattern_
  80 +
  81 +## DESCRIPTION<a name="DESCRIPTION"></a>
  82 +
  83 +This file can either be source into the current shell or used as a standalone shell script via the provided symlinks. When used as standalone script it will detect the function to call by the content of **$0**.
  84 +All _account_ as well as all _username_ arguments used below are limited to 128 characters. The _account_ argument is always a unique string identifier for the account to manage. The _username_ argument is the username part of a credential which is a (_username_, _password_) pair.
  85 +
  86 +**random**
  87 +
  88 + |
  89 +
  90 +Takes no arguments and connect a non blocking random source to stdout.
  91 +
  92 + |
  93 +
  94 +**rand_printable** [_len_]
  95 +
  96 +Uses **random** to write a string of random printable characters to stdout. All control characters ASCII-0 to ASCII-37 as well as ASCII-177 to 255, single and double quotes are filtered. The single and double quotes are filtered to prevent problems when they are used as string separators after shell expansion as in the SQL here documents used to communicate with the SQLite database.
  97 +The optional _len_ argument specifies the string length to be written and defaults to 512.
  98 +
  99 +**amngrdbinit** [_dbfile_]
  100 +
  101 +Create the SQLite database file. If the optional _dbfile_ argument is given it specifies the fill path to the file to use, else the value of **$AMNGRDB** environment variable is used.
  102 +
  103 +**amngrdbdestroy** [_dbfile_]
  104 +
  105 +Deletes the SQLite database file. If the optional _dbfile_ argument is given it specifies the fill path to the file to use, else the value of **$AMNGRDB** environment variable is used.
  106 +
  107 +**amngradd -u** _username_ **-p** _password_ [**-d** _description_] [**-D** _dbfile_] [**-r**_
  108 +recipient_] _account_
  109 +
  110 +Adds an account credential and marks it as active. If the account already exist, the credential (_username_ and _password_) is added to that account and the previously added credential is marked as old. If there was another even older credential that was already marked as old this will be marked as inactive and this becomes inaccessible with this tools (except for **amngrdelete**).
  111 +The necessary option **-u** specifies the username to be stored with this credential pair.
  112 +The also necessary option **-p** specifies the password to be stored and the length of _password_ is not limited at all.
  113 +With option **-d** one can add a _description_ to the account entry. One can specify the _dbfile_ with the option **-D** if that option is not given the **$AMNGRDB** environment variable is used.
  114 +
  115 +**amngrcreate -u** _username_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_]_
  116 +account_
  117 +
  118 +This will create a password with **amngrgen** and use that to add an credential via **amngradd**. (See there for options description)
  119 +The added password will be copied to the X clipboard with **amngrgetpass** for further use.
  120 +
  121 +**amngrcrypt** [**-r** _recipient_] _password_
  122 +
  123 +Crypt the given plain text _password_ with GnuPG and write it to stdout.
  124 +The option **-r** specifies the recipient to use with the call to **gpg**. If it is not given the value of the **$AMNGRID** environment variable is used.
  125 +
  126 +**amngrdelete** _account_
  127 +
  128 +Remove the _account_ and all credential associated to it.
  129 +
  130 +**amngrgen** [**-r** _receipient_] [_len_]
  131 +
  132 +Generate a password with **rand_printable** and encrypt it via **amngrcrypt**. By default the password will be 10 characters long. That can be modified by the optional _len_ argument.
  133 +
  134 +**amngrgetoldpass** _account_
  135 +
  136 +Read and decrypt the password associated with _account_ that is flagged as old and store it into the X clipboard.
  137 +
  138 +**amngrgetolduser** _account_
  139 +
  140 +Read and decrypt the username associated with _account_ that is flagged as old and store it into the X clipboard.
  141 +
  142 +**amngrgetpass** _account_
  143 +
  144 +Read and decrypt the password associated with _account_ that is flagged as active and store it into the X clipboard.
  145 +
  146 +**amngrgetuser** _account_
  147 +
  148 +Read and decrypt the username associated with _account_ that is flagged as active and store it into the X clipboard.
  149 +
  150 +**amngrid** _account_
  151 +
  152 +(This is primarily for internal use.) Get the database id associated to the given _account_ argument.
  153 +
  154 +**amngrlist** [**-s** _separator_]
  155 +
  156 +List all accounts currently stored within the database the output will contain the name of the account, the username and the description delimited by a _separator_ string that can be specified with the **-s** option. If the option is omitted the separator is " => ". Each row is one account.
  157 +
  158 +**amngrrename** _old_account new_account_
  159 +
  160 +Rename the account specified by _old_account_ to _new_account_.
  161 +
  162 +**amngrsearch** [**-s** _separator_] _pattern_
  163 +
  164 +List accounts where _pattern_ exists in either the account name, the username or the account description. The output is like the one described with **amngrlist**.
  165 +
  166 +## OPTIONS<a name="OPTIONS"></a>
  167 +
  168 +The options are consistent over all sub commands. However not all sub commands use all options and some sub commands take arguments that other get per option. (See **DESCRIPTION**)
  169 +
  170 +**-u**
  171 +
  172 + |
  173 +
  174 +The login username of the credential for the account.
  175 +
  176 + |
  177 +
  178 +**-p**
  179 +
  180 + |
  181 +
  182 +The plain text password of the credential for the account.
  183 +
  184 + |
  185 +
  186 +**-d**
  187 +
  188 + |
  189 +
  190 +The description for the account.
  191 +
  192 + |
  193 +
  194 +**-D**
  195 +
  196 + |
  197 +
  198 +Select the database file to use instead of the one defined in the **$AMNGRDB** environment variable.
  199 +
  200 + |
  201 +
  202 +**-r**
  203 +
  204 + |
  205 +
  206 +Select a recipient id for GnuPG encryption to use instead of the one defined in the **$AMNGRID** environment variable.
  207 +
  208 + |
  209 +
  210 +**-s**
  211 +
  212 + |
  213 +
  214 +The column separator for the **amngrlist** and **amngrsearchcommands.**
  215 +
  216 + |
  217 +
  218 +## ENVIRONMENT<a name="ENVIRONMENT"></a>
  219 +
  220 +**AMNGRDB**
  221 +
  222 +The default SQLite database file to use. This will be created with **amngrdbinit** as long as the path to that file exists. This can be overruled with the **-D** command line option.
  223 +
  224 +**AMNGRID**
  225 +
  226 +The GnuPG recipient id to encrypt against. You should use one where you have both public and private key. Failure to do so will result in not decipherable data. This can be overruled with the **-r** command line option.
  227 +
  228 +**AMNGRPWLEN**
  229 +
  230 +The password length to be used when generating new passwords.
  231 +
  232 +## DEPENDENCIES<a name="DEPENDENCIES"></a>
  233 +
  234 +A set of POSIX compliant shell utilities including a POSIX compliant shell as well are needed to run this script.
  235 +
  236 +The functions within this script expect that all the needed tools can be found by the shell, usually that means that the current **$PATH** environment variable is set accordingly or that the tools are a shell internal.
  237 +
  238 +The existence of a reliable non blocking random source. By default this scripts use **$(cat /dev/urandom)** which can be changed by replacing the alias **random** with something useful for your system.
  239 +
  240 +For data storage **Sqlite >= 3.6.19** is required. The version requirement comes from the use of foreign key constraints.
  241 +
  242 +To store the data within the X clipboard the **xclip** is needed.
  243 +
  244 +**The tools used are**
  245 +
  246 +
  247 +
  248 + |
  249 +
  250 +**awk**
  251 +
  252 + |
  253 +
  254 +
  255 +
  256 + |
  257 +
  258 +**basename**
  259 +
  260 + |
  261 +
  262 +
  263 +
  264 + |
  265 +
  266 +**cat**
  267 +
  268 + |
  269 +
  270 +
  271 +
  272 + |
  273 +
  274 +**dnsdomainname**
  275 +
  276 + |
  277 +
  278 +
  279 +
  280 + |
  281 +
  282 +**echo**
  283 +
  284 + |
  285 +
  286 +
  287 +
  288 + |
  289 +
  290 +**getopts**
  291 +
  292 + |
  293 +
  294 +
  295 +
  296 + |
  297 +
  298 +**gpg**
  299 +
  300 + |
  301 +
  302 +
  303 +
  304 + |
  305 +
  306 +**head**
  307 +
  308 + |
  309 +
  310 +
  311 +
  312 + |
  313 +
  314 +**printf**
  315 +
  316 + |
  317 +
  318 +
  319 +
  320 + |
  321 +
  322 +**rm**
  323 +
  324 + |
  325 +
  326 +
  327 +
  328 + |
  329 +
  330 +**shift**
  331 +
  332 + |
  333 +
  334 +
  335 +
  336 + |
  337 +
  338 +**SQLite3** (>= 3.6.19 for foreign key constraints)
  339 +
  340 + |
  341 +
  342 +
  343 +
  344 + |
  345 +
  346 +**test** and **[**
  347 +
  348 + |
  349 +
  350 +
  351 +
  352 + |
  353 +
  354 +**tr**
  355 +
  356 + |
  357 +
  358 +
  359 +
  360 + |
  361 +
  362 +**xclip**
  363 +
  364 + |
  365 +
  366 +## SEE ALSO<a name="SEE ALSO"></a>
  367 +
  368 +gpg2(1), gpg-agent(1)
  369 +
  370 +## BUGS<a name="BUGS"></a>
  371 +
  372 +No known bugs.
  373 +
  374 +## AUTHOR<a name="AUTHOR"></a>
  375 +
  376 +Georg Hopp (georg@steffers.org.in)
  377 +
  378 +## COPYRIGHT<a name="COPYRIGHT"></a>
  379 +
  380 +Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
  381 +This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
  382 +
  383 +* * *
Please register or login to post a comment