initial checkin

+.*.swp

+SUBCOMMANDS = random \
+	      rand_printable \
+	      amngrdbinit \
+	      amngrdbdestroy \
+	      amngradd \
+	      amngrcreate \
+	      amngrcrypt \
+	      amngrdelete \
+	      amngrgen \
+	      amngrgetoldpass \
+	      amngrgetolduser \
+	      amngrgetpass \
+	      amngrgetuser \
+	      amngrid \
+	      amngrlist \
+	      amngrrename \
+	      amngrsearch
+
+PREFIX ?= /usr/local
+
+PROGRAM := accountmanager.sh
+
+all:
+
+.PHONY: clean install
+
+install_$(PROGRAM):
+	@install "$(PROGRAM)" "$(DESTDIR)/$(PREFIX)/bin/$(PROGRAM)"
+
+install_%:
+	@ln -s "$(realpath ${DESTDIR}/${PREFIX}/bin/$(PROGRAM))" \
+		"${DESTDIR}/$(PREFIX)/bin/$(subst install_,,$@)"
+
+install: install_$(PROGRAM) $(patsubst %,install_%,$(SUBCOMMANDS))
+
+clean:

+man
+===
+
+[NAME](#NAME)  
+ [SYNOPSIS](#SYNOPSIS)  
+ [DESCRIPTION](#DESCRIPTION)  
+ [OPTIONS](#OPTIONS)  
+ [ENVIRONMENT](#ENVIRONMENT)  
+ [DEPENDENCIES](#DEPENDENCIES)  
+ [SEE ALSO](#SEE%20ALSO)  
+ [BUGS](#BUGS)  
+ [AUTHOR](#AUTHOR)  
+ [COPYRIGHT](#COPYRIGHT)  
+
+------------------------------------------------------------------------
+
+NAME
+----
+
+accountmanager.sh − source all functionality into the current shell
+
+General purpose functions:  
+ random − create a non blocking stream of random data on stdout  
+ rand\_printable − create a random string a printable characters
+
+Database management functions:  
+ amngrdbinit − initialize the SQLite account database  
+ amngrdbdestroy − remove the SQLite account database
+
+Account management functions:  
+ amngradd − add an account credential to the database  
+ amngrcreate − create a new account credential to the database  
+ amngrcrypt − crypt the given data with GnuPG  
+ amngrdelete − delete an account  
+ amngrgen − generate a encrypted random passphrase  
+ amngrgetoldpass − copy previous password of account to X clipboard  
+ amngrgetolduser − copy previous username of account to X clipboard  
+ amngrgetpass − copy active password of account to X clipboard  
+ amngrgetuser − copy active username of account to X clipboard  
+ amngrid − write the database id of a given account name to stdout  
+ amngrlist − list all accounts  
+ amngrrename − rename an account  
+ amngrsearch − pattern search accounts
+
+SYNOPSIS
+--------
+
+source **${PATH}/accountmanager.sh**
+
+**random**
+
+**rand\_printable** \[*len*\]
+
+**amngrdbinit** \[*dbfile*\]
+
+**amngrdbdestroy** \[*dbfile*\]
+
+**amngradd -u** *username* **-p** *password* \[**-d** *description*\]
+\[**-D** *dbfile*\] \[**-r** *recipient*\] *account*
+
+**amngrcreate -u** *username* \[**-d** *description*\] \[**-D**
+*dbfile*\] \[**-r** *recipient*\] *account*
+
+**amngrcrypt** \[**-r** *recipient*\] *password*
+
+**amngrdelete** *account*
+
+**amngrgen** \[**-r** *recipient*\] \[*len*\]
+
+**amngrgetoldpass** *account*
+
+**amngrgetolduser** *account*
+
+**amngrgetpass** *account*
+
+**amngrgetuser** *account*
+
+**amngrid** *account*
+
+**amngrlist** \[**-s** *separator*\]
+
+**amngrrename** *old\_account new\_account*
+
+**amngrsearch** \[**-s** *separator*\] *pattern*
+
+DESCRIPTION
+-----------
+
+This file can either be source into the current shell or used as a
+standalone shell script via the provided symlinks. When used as
+standalone script it will detect the function to call by the content of
+**$0**.  
+ All *account* as well as all *username* arguments used below are
+limited to 128 characters. The *account* argument is always a unique
+string identifier for the account to manage. The *username* argument is
+the username part of a credential which is a (*username*, *password*)
+pair.
+
+<table>
+<colgroup>
+<col width="25%" />
+<col width="25%" />
+<col width="25%" />
+<col width="25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p><strong>random</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>Takes no arguments and connect a non blocking random source to stdout.</p></td>
+</tr>
+</tbody>
+</table>
+
+**rand\_printable** \[*len*\]
+
+Uses **random** to write a string of random printable characters to
+stdout. All control characters ASCII-0 to ASCII-37 as well as ASCII-177
+to 255, single and double quotes are filtered. The single and double
+quotes are filtered to prevent problems when they are used as string
+separators after shell expansion as in the SQL here documents used to
+communicate with the SQLite database.  
+ The optional *len* argument specifies the string length to be written
+and defaults to 512.
+
+**amngrdbinit** \[*dbfile*\]
+
+Create the SQLite database file. If the optional *dbfile* argument is
+given it specifies the fill path to the file to use, else the value of
+**$AMNGRDB** environment variable is used.
+
+**amngrdbdestroy** \[*dbfile*\]
+
+Deletes the SQLite database file. If the optional *dbfile* argument is
+given it specifies the fill path to the file to use, else the value of
+**$AMNGRDB** environment variable is used.
+
+**amngradd -u** *username* **-p** *password* \[**-d** *description*\]
+\[**-D** *dbfile*\] \[**-r** *  
+ recipient*\] *account*
+
+Adds an account credential and marks it as active. If the account
+already exist, the credential (*username* and *password*) is added to
+that account and the previously added credential is marked as old. If
+there was another even older credential that was already marked as old
+this will be marked as inactive and this becomes inaccessible with this
+tools (except for **amngrdelete**).  
+ The necessary option **-u** specifies the username to be stored with
+this credential pair.  
+ The also necessary option **-p** specifies the password to be stored
+and the length of *password* is not limited at all.  
+ With option **-d** one can add a *description* to the account entry.
+One can specify the *dbfile* with the option **-D** if that option is
+not given the **$AMNGRDB** environment variable is used.
+
+**amngrcreate -u** *username* \[**-d** *description*\] \[**-D**
+*dbfile*\] \[**-r** *recipient*\] *  
+ account*
+
+This will create a password with **amngrgen** and use that to add an
+credential via **amngradd**. (See there for options description)  
+ The added password will be copied to the X clipboard with
+**amngrgetpass** for further use.
+
+**amngrcrypt** \[**-r** *recipient*\] *password*
+
+Crypt the given plain text *password* with GnuPG and write it to
+stdout.  
+ The option **-r** specifies the recipient to use with the call to
+**gpg**. If it is not given the value of the **$AMNGRID** environment
+variable is used.
+
+**amngrdelete** *account*
+
+Remove the *account* and all credential associated to it.
+
+**amngrgen** \[**-r** *receipient*\] \[*len*\]
+
+Generate a password with **rand\_printable** and encrypt it via
+**amngrcrypt**. By default the password will be 10 characters long. That
+can be modified by the optional *len* argument.
+
+**amngrgetoldpass** *account*
+
+Read and decrypt the password associated with *account* that is flagged
+as old and store it into the X clipboard.
+
+**amngrgetolduser** *account*
+
+Read and decrypt the username associated with *account* that is flagged
+as old and store it into the X clipboard.
+
+**amngrgetpass** *account*
+
+Read and decrypt the password associated with *account* that is flagged
+as active and store it into the X clipboard.
+
+**amngrgetuser** *account*
+
+Read and decrypt the username associated with *account* that is flagged
+as active and store it into the X clipboard.
+
+**amngrid** *account*
+
+(This is primarily for internal use.) Get the database id associated to
+the given *account* argument.
+
+**amngrlist** \[**-s** *separator*\]
+
+List all accounts currently stored within the database the output will
+contain the name of the account, the username and the description
+delimited by a *separator* string that can be specified with the **-s**
+option. If the option is omitted the separator is " =&gt; ". Each row is
+one account.
+
+**amngrrename** *old\_account new\_account*
+
+Rename the account specified by *old\_account* to *new\_account*.
+
+**amngrsearch** \[**-s** *separator*\] *pattern*
+
+List accounts where *pattern* exists in either the account name, the
+username or the account description. The output is like the one
+described with **amngrlist**.
+
+OPTIONS
+-------
+
+The options are consistent over all sub commands. However not all sub
+commands use all options and some sub commands take arguments that other
+get per option. (See **DESCRIPTION**)
+
+<table>
+<colgroup>
+<col width="25%" />
+<col width="25%" />
+<col width="25%" />
+<col width="25%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p><strong>-u</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>The login username of the credential for the account.</p></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p><strong>-p</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>The plain text password of the credential for the account.</p></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p><strong>-d</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>The description for the account.</p></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p><strong>-D</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>Select the database file to use instead of the one defined in the <strong>$AMNGRDB</strong> environment variable.</p></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p><strong>-r</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>Select a recipient id for GnuPG encryption to use instead of the one defined in the <strong>$AMNGRID</strong> environment variable.</p></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p><strong>-s</strong></p></td>
+<td align="left"></td>
+<td align="left"><p>The column separator for the <strong>amngrlist</strong> and <strong>amngrsearchcommands.</strong></p></td>
+</tr>
+</tbody>
+</table>
+
+ENVIRONMENT
+-----------
+
+**AMNGRDB**
+
+The default SQLite database file to use. This will be created with
+**amngrdbinit** as long as the path to that file exists. This can be
+overruled with the **-D** command line option.
+
+**AMNGRID**
+
+The GnuPG recipient id to encrypt against. You should use one where you
+have both public and private key. Failure to do so will result in not
+decipherable data. This can be overruled with the **-r** command line
+option.
+
+**AMNGRPWLEN**
+
+The password length to be used when generating new passwords.
+
+DEPENDENCIES
+------------
+
+A set of POSIX compliant shell utilities including a POSIX compliant
+shell as well are needed to run this script.
+
+The functions within this script expect that all the needed tools can be
+found by the shell, usually that means that the current **$PATH**
+environment variable is set accordingly or that the tools are a shell
+internal.
+
+The existence of a reliable non blocking random source. By default this
+scripts use **$(cat /dev/urandom)** which can be changed by replacing
+the alias **random** with something useful for your system.
+
+For data storage **Sqlite &gt;= 3.6.19** is required. The version
+requirement comes from the use of foreign key constraints.
+
+To store the data within the X clipboard the **xclip** is needed.
+
+**The tools used are**
+
+<table>
+<colgroup>
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+</colgroup>
+<tbody>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>awk</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>basename</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>cat</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>dnsdomainname</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>echo</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>getopts</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>gpg</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>head</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>printf</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>rm</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>shift</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>SQLite3</strong> (&gt;= 3.6.19 for foreign key constraints)</p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>test</strong> and <strong>[</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="even">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>tr</strong></p></td>
+<td align="left"></td>
+</tr>
+<tr class="odd">
+<td align="left"></td>
+<td align="left"><p>•</p></td>
+<td align="left"></td>
+<td align="left"><p><strong>xclip</strong></p></td>
+<td align="left"></td>
+</tr>
+</tbody>
+</table>
+
+SEE ALSO
+--------
+
+gpg2(1), gpg-agent(1)
+
+BUGS
+----
+
+No known bugs.
+
+AUTHOR
+------
+
+Georg Hopp (georg@steffers.org.in)
+
+COPYRIGHT
+---------
+
+Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later
+&lt;http://gnu.org/licenses/gpl.html&gt;.  
+ This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law.
+
+------------------------------------------------------------------------

+#!/bin/sh
+
+AMNGRDB="${AMNGRDB:-${HOME}/.account.db}"
+AMNGRID="${AMNGRID:-${USER}@${HOSTNAME}}"
+AMNGRPWLEN="${AMNGRPWLEN:-10}"
+
+alias random="cat /dev/urandom"
+
+function rand_printable() {
+	if ! [[ "${1}" =~ "^[0-9]+$" ]]
+	then
+		printf "Usage: %s: [len]" "$0"
+	fi
+	echo -n "$(random | tr -dc ' !#-&(-~' | head -c${1:-512})"
+}
+
+function amngrdbinit() {
+	local DB="${1:-${AMNGRDB}}"
+
+	sqlite3 "${DB}" <<-EOD
+		PRAGMA foreign_keys = ON;
+		CREATE TABLE IF NOT EXISTS account (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		name VARCHAR(128) UNIQUE NOT NULL,
+		desc TEXT DEFAULT NULL);
+		CREATE TABLE IF NOT EXISTS cred (
+		id INTEGER PRIMARY KEY AUTOINCREMENT,
+		user VARCHAR(128) NOT NULL,
+		pass TEXT NOT NULL);
+		CREATE TABLE IF NOT EXISTS account_cred (
+		account_id INTEGER,
+		cred_id INTEGER,
+		state SMALLINT(1) NOT NULL,
+		FOREIGN KEY(account_id) REFERENCES account(id)
+		ON UPDATE CASCADE ON DELETE CASCADE,
+		FOREIGN KEY(cred_id) REFERENCES cred(id)
+		ON UPDATE CASCADE ON DELETE CASCADE);
+	EOD
+}
+
+function amngrdbdestroy() {
+	local DB="${1:-${AMNGRDB}}"
+	local CHECK
+
+	cat <<-EOT
+		WARNING: You are about to remove your account data. There is no way to
+		recover from this. Are you really shure you want to do this?
+	EOT
+	echo -n "[Yes|[No]]: " && read CHECK
+	CHECK="${CHECK:-No}"
+
+	test "${CHECK}" == "Yes" && rm -f "${AMNGRDB}"
+}
+
+function amngrid() {
+	local ACCOUNT_NAME="${1}"
+	echo "$(sqlite3 "${AMNGRDB}" <<-EOD
+		SELECT id FROM account WHERE name='${ACCOUNT_NAME}';
+	EOD
+	)"
+}
+
+function amngrcrypt() {
+	local PLAIN="${1}"
+	echo -n "${PLAIN}" | gpg -aeqr "${AMNGRID}"
+}
+
+function amngrgen() {
+	local LEN="${0:-${AMNGRPWLEN}}"
+	amngrcrypt "$(rand_printable "${LEN}")"
+}
+
+function amngradd() {
+	local ACCOUNT_NAME="${1}"
+	local USER="${2}"
+	local PASSWORD="$(amngrcrypt "${3}")"
+	local DESCRIPTION="${4:-NO DESCRIPTION}"
+	local ACCOUNT_ID="$(amngrid "${ACCOUNT_NAME}")"
+	local QUERY="$(cat <<-EOD
+		PRAGMA foreign_keys = ON;
+		BEGIN TRANSACTION;
+		INSERT INTO cred (user, pass)
+		VALUES ('${USER}', '${PASSWORD}');
+	EOD
+	)"
+
+	if [ -z "${ACCOUNT_ID}" ]
+	then
+		QUERY="$(cat <<-EOD
+			${QUERY}
+			INSERT INTO account (name, desc)
+			VALUES ('${ACCOUNT_NAME}', '${DESCRIPTION}');
+		EOD
+		)"
+	else
+		QUERY="$(cat <<-EOD
+			${QUERY}
+			UPDATE account_cred SET state=0
+			WHERE account_id=(SELECT id FROM account
+			WHERE name='${ACCOUNT_NAME}' AND state=2);
+			UPDATE account_cred SET state=2
+			WHERE account_id=(SELECT id FROM account
+			WHERE name='${ACCOUNT_NAME}' AND state=1);
+		EOD
+		)"
+	fi
+
+	QUERY="$(cat <<-EOD
+		${QUERY}
+		INSERT INTO account_cred (account_id, cred_id, state)
+		VALUES ((SELECT id FROM account WHERE name='${ACCOUNT_NAME}'),
+		(SELECT id FROM cred WHERE user='${USER}' AND pass='${PASSWORD}'),
+		1);
+		COMMIT TRANSACTION;
+	EOD
+	)"
+
+	sqlite3 "${AMNGRDB}" "${QUERY}"
+}
+
+function amngrcreate() {
+	local ACCOUNT_NAME="${1}"
+	local USER="${2}"
+	local DESCRIPTION="${3:-NO DESCRIPTION}"
+	local PASSWORD="$(rand_printable 10)"
+
+	amngradd "${ACCOUNT_NAME}" "${USER}" "${PASSWORD}" "${DESCRIPTION}"
+	amngrgetpass "${ACCOUNT_NAME}"
+}
+
+function amngrgetuser() {
+	local ACCOUNT_NAME="${1}"
+	local STATE="${2:-"1"}"
+
+	test "${STATE}" != "1" -a "${STATE}" != "2" && STATE="1"
+
+	sqlite3 "${AMNGRDB}" <<-EOD |\
+		awk 'NR>1{print p}{p=$0}END{ORS="";print}' | xclip -i
+		SELECT user FROM account
+		JOIN account_cred ON account.id=account_cred.account_id
+		JOIN cred ON cred.id=account_cred.cred_id
+		WHERE name='${ACCOUNT_NAME}' AND state=${STATE};
+	EOD
+}
+
+function amngrgetolduser() {
+	local ACCOUNT_NAME="${1}"
+	amngrgetuser "${ACCOUNT_NAME}" "2"
+}
+
+function amngrgetpass() {
+	local ACCOUNT_NAME="${1}"
+	local STATE="${2:-1}"
+
+	test "${STATE}" != "1" -a "${STATE}" != "2" && STATE="1"
+
+	sqlite3 "${AMNGRDB}" <<-EOD |\
+		awk 'NR>1{print p}{p=$0}END{ORS="";print}' | gpg -dq | xclip -i
+		SELECT pass FROM account
+		JOIN account_cred ON account.id=account_cred.account_id
+		JOIN cred ON cred.id=account_cred.cred_id
+		WHERE name='${ACCOUNT_NAME}' AND state=${STATE};
+	EOD
+}
+
+function amngrgetoldpass() {
+	local ACCOUNT_NAME="${1}"
+	amngrgetpass "${ACCOUNT_NAME}" "2"
+}
+
+function amngrrename() {
+	local OLD_NAME="${1}"
+	local NEW_NAME="${2}"
+
+	test -z "${OLD_NAME}" -o -z "${NEW_NAME}" && return 1
+
+	sqlite3 "${AMNGRDB}" <<-EOD
+		UPDATE account SET name='${NEW_NAME}'
+		WHERE name='${OLD_NAME}';
+	EOD
+}
+
+function amngrdelete() {
+	local ACCOUNT_NAME="${1}"
+
+	sqlite3 "${AMNGRDB}" <<-EOD
+		PRAGMA foreign_keys = ON;
+		BEGIN TRANSACTION;
+		DELETE FROM cred WHERE id IN (
+		SELECT cred_id FROM account
+		JOIN account_cred ON account.id=account_cred.account_id
+		WHERE name='${ACCOUNT_NAME}');
+		DELETE FROM account WHERE name='${ACCOUNT_NAME}';
+		COMMIT TRANSACTION;
+	EOD
+}
+
+function amngrlist() {
+	local SEPARATOR="${1:-" => "}"
+	sqlite3 -separator "${SEPARATOR}" "${AMNGRDB}" <<-EOD
+		SELECT name, user, desc FROM account
+		JOIN account_cred ON account.id=account_cred.account_id
+		JOIN cred ON cred.id=account_cred.cred_id
+		WHERE state=1;
+	EOD
+}
+
+function amngrsearch() {
+	local PATTERN
+	local DELIMITER=" => "
+	local USAGE="$(printf "Usage: %s: [-d delimiter] pattern" "$0")"
+
+	while getopts d: opt
+	do
+		case $opt in
+			d)
+				DELIMITER="${OPTARG}";;
+			?)
+				echo "${USAGE}"
+				exit 1;;
+		esac
+	done
+	shift $(($OPTIND-1))
+
+	if [ $# -lt 2 ]
+	then
+		echo "${USAGE}"
+		exit 1;;
+	fi
+
+	PATTERN="${1}"
+
+	sqlite3 -separator " => " "${AMNGRDB}" <<-EOD
+		SELECT name, user, desc FROM account
+		JOIN account_cred ON account.id=account_cred.account_id
+		JOIN cred ON cred.id=account_cred.cred_id
+		WHERE state=1 AND (
+		name LIKE '%${PATTERN}%' OR user LIKE '%${PATTERN}%' OR
+		desc LIKE '%${PATTERN}%');
+	EOD
+}
+
+case "$(basename -- "$0")" in
+	random) random;;
+	rand_printable) rand_printable;;
+
+	amngrdbinit) amngrdbinit;;
+	amngrdbdestroy) amngrdbdestroy;;
+
+	amngradd) amngradd "$@";;
+	amngrcreate) amngrcreate "$@";;
+	amngrcrypt) amngrcrypt "$@";;
+	amngrdelete) amngrdelete "$@";;
+	amngrgen) amngrgen "$@";;
+	amngrgetoldpass) amngrgetoldpass "$@";;
+	amngrgetolduser) amngrgetolduser "$@";;
+	amngrgetpass) amngrgetpass "$@";;
+	amngrgetuser) amngrgetuser "$@";;
+	amngrid) amngrid "$@";;
+	amngrlist) amngrlist;;
+	amngrrename) amngrrename "$@";;
+	amngrsearch) amngrsearch "$@";;
+
+	*) ;;
+esac
+
+# vim: set ft=sh ts=4 sw=4:

+.\" Man page for accountmanager.
+.\" Contact georg@steffers.org.in to correct errors or typos.
+.TH man 1 "25 Jan 2017" "0.1" \
+"accountmanager.sh: Shell tools for managing account credentials."
+.SH NAME
+accountmanager.sh \- source all functionality into the current shell
+
+General purpose functions:
+ random \- create a non blocking stream of random data on stdout
+ rand_printable \- create a random string a printable characters
+
+Database management functions:
+ amngrdbinit \- initialize the SQLite account database
+ amngrdbdestroy \- remove the SQLite account database
+
+Account management functions:
+ amngradd \- add an account credential to the database
+ amngrcreate \- create a new account credential to the database
+ amngrcrypt \- crypt the given data with GnuPG
+ amngrdelete \- delete an account
+ amngrgen \- generate a encrypted random passphrase
+ amngrgetoldpass \- copy previous password of account to X clipboard
+ amngrgetolduser \- copy previous username of account to X clipboard
+ amngrgetpass \- copy active password of account to X clipboard
+ amngrgetuser \- copy active username of account to X clipboard
+ amngrid \- write the database id of a given account name to stdout
+ amngrlist \- list all accounts
+ amngrrename \- rename an account
+ amngrsearch \- pattern search accounts
+.SH SYNOPSIS
+source
+.B ${PATH}/accountmanager.sh
+
+.B random
+
+.B rand_printable
+.RI [ len ]
+
+.B amngrdbinit
+.RI [ dbfile ]
+
+.B amngrdbdestroy
+.RI [ dbfile ]
+
+.B amngradd -u
+.I username
+.B -p
+.I password
+.RB [ -d
+.IR description ]
+.RB [ -D
+.IR dbfile ]
+.RB [ -r
+.IR recipient ]
+.I account
+
+.B amngrcreate -u
+.I username
+.RB [ -d
+.IR description ]
+.RB [ -D
+.IR dbfile ]
+.RB [ -r
+.IR recipient ]
+.I account
+
+.B amngrcrypt
+.RB [ -r
+.IR recipient ]
+.I password
+
+.B amngrdelete
+.I account
+
+.B amngrgen
+.RB [ -r
+.IR recipient ]
+.RI [ len ]
+
+.B amngrgetoldpass
+.I account
+
+.B amngrgetolduser
+.I account
+
+.B amngrgetpass
+.I account
+
+.B amngrgetuser
+.I account
+
+.B amngrid
+.I account
+
+.B amngrlist
+.RB [ -s
+.IR separator ]
+
+.B amngrrename
+.I old_account new_account
+
+.B amngrsearch
+.RB [ -s
+.IR separator ]
+.I pattern
+.SH DESCRIPTION
+ This file can either be source into the current shell or used as a
+standalone shell script via the provided symlinks. When used as standalone
+script it will detect the function to call by the content of \fB$0\fR.
+ All \fIaccount\fR as well as all \fIusername\fR arguments used below are
+limited to 128 characters. The \fIaccount\fR argument is always a unique
+string identifier for the account to manage. The \fIusername\fR argument is
+the username part of a credential which is a (\fIusername\fR, \fIpassword\fR)
+pair.
+.TP
+\fBrandom\fR
+ Takes no arguments and connect a non blocking random source to stdout.
+.TP
+\fBrand_printable\fR [\fIlen\fR]
+ Uses \fBrandom\fR to write a string of random printable characters to
+stdout. All control characters ASCII-0 to ASCII-37 as well as
+ASCII-177 to 255, single and double quotes are filtered. The single
+and double quotes are filtered to prevent problems when they are used
+as string separators after shell expansion as in the SQL here
+documents used to communicate with the SQLite database.
+ The optional \fIlen\fR argument specifies the string length to be written
+and defaults to 512.
+.TP
+\fBamngrdbinit\fR [\fIdbfile\fR]
+ Create the SQLite database file. If the optional \fIdbfile\fR argument is
+given it specifies the fill path to the file to use, else the value of
+\fB$AMNGRDB\fR environment variable is used.
+.TP
+\fBamngrdbdestroy\fR [\fIdbfile\fR]
+ Deletes the SQLite database file. If the optional \fIdbfile\fR argument
+is given it specifies the fill path to the file to use, else the value
+of \fB$AMNGRDB\fR environment variable is used.
+.TP
+\fBamngradd\fR \fB-u\fR \fIusername\fR \fB-p\fR \fIpassword\fR \
+[\fB-d\fR \fIdescription\fR] [\fB-D\fR \fIdbfile\fR] \
+[\fB-r\fR \fIrecipient\fR] \fIaccount\fR
+ Adds an account credential and marks it as active. If the account
+already exist, the credential (\fIusername\fR and \fIpassword\fR) is added to
+that account and the previously added credential is marked as old. If
+there was another even older credential that was already marked as old
+this will be marked as inactive and this becomes inaccessible with
+this tools (except for \fBamngrdelete\fR).
+ The necessary option \fB-u\fR specifies the username to be stored with
+this credential pair.
+ The also necessary option \fB-p\fR specifies the password to be stored
+and the length of \fIpassword\fR is not limited at all.
+ With option \fB-d\fR one can add a \fIdescription\fR to the account entry.
+One can specify the \fIdbfile\fR with the option \fB-D\fR if that option is
+not given the \fB$AMNGRDB\fR environment variable is used.
+.TP
+\fBamngrcreate\fR \fB-u\fR \fIusername\fR [\fB-d\fR \fIdescription\fR] \
+[\fB-D\fR \fIdbfile\fR] [\fB-r\fR \fIrecipient\fR] \fIaccount\fR
+ This will create a password with \fBamngrgen\fR and use that to add an
+credential via \fBamngradd\fR. (See there for options description)
+ The added password will be copied to the X clipboard with
+\fBamngrgetpass\fR for further use.
+.TP
+\fBamngrcrypt\fR [\fB-r\fR \fIrecipient\fR] \fIpassword\fR
+ Crypt the given plain text \fIpassword\fR with GnuPG and write it to
+stdout.
+ The option \fB-r\fR specifies the recipient to use with the call to
+\fBgpg\fR. If it is not given the value of the \fB$AMNGRID\fR environment
+variable is used.
+.TP
+\fBamngrdelete\fR \fIaccount\fR
+ Remove the \fIaccount\fR and all credential associated to it.
+.TP
+\fBamngrgen\fR [\fB-r\fR \fIreceipient\fR] [\fIlen\fR]
+ Generate a password with \fBrand_printable\fR and encrypt it via
+\fBamngrcrypt\fR. By default the password will be 10 characters long. That
+can be modified by the optional \fIlen\fR argument.
+.TP
+\fBamngrgetoldpass\fR \fIaccount\fR
+ Read and decrypt the password associated with \fIaccount\fR that is
+flagged as old and store it into the X clipboard.
+.TP
+\fBamngrgetolduser\fR \fIaccount\fR
+ Read and decrypt the username associated with \fIaccount\fR that is
+flagged as old and store it into the X clipboard.
+.TP
+\fBamngrgetpass\fR \fIaccount\fR
+ Read and decrypt the password associated with \fIaccount\fR that is
+flagged as active and store it into the X clipboard.
+.TP
+\fBamngrgetuser\fR \fIaccount\fR
+ Read and decrypt the username associated with \fIaccount\fR that is
+flagged as active and store it into the X clipboard.
+.TP
+\fBamngrid\fR \fIaccount\fR
+ (This is primarily for internal use.) Get the database id associated
+to the given \fIaccount\fR argument.
+.TP
+\fBamngrlist\fR [\fB-s\fR \fIseparator\fR]
+ List all accounts currently stored within the database the output
+will contain the name of the account, the username and the description
+delimited by a \fIseparator\fR string that can be specified with the
+\fB-s\fR option. If the option is omitted the separator is " => ". Each
+row is one account.
+.TP
+\fBamngrrename\fR \fIold_account\fR \fInew_account\fR
+ Rename the account specified by \fIold_account\fR to \fInew_account\fR.
+.TP
+\fBamngrsearch\fR [\fB-s\fR \fIseparator\fR] \fIpattern\fR
+ List accounts where \fIpattern\fR exists in either the account name, the
+username or the account description. The output is like the one
+described with \fBamngrlist\fR.
+.SH OPTIONS
+ The options are consistent over all sub commands. However not all sub commands
+use all options and some sub commands take arguments that other get per option.
+(See \fBDESCRIPTION\fR)
+.TP
+.B -u
+The login username of the credential for the account.
+.TP
+.B -p
+The plain text password of the credential for the account.
+.TP
+.B -d
+The description for the account.
+.TP
+.B -D
+Select the database file to use instead of the one defined in the
+\fB$AMNGRDB\fR environment variable.
+.TP
+.B -r
+Select a recipient id for GnuPG encryption to use instead of the one
+defined in the \fB$AMNGRID\fR environment variable.
+.TP
+.B -s
+The column separator for the \fBamngrlist\fR and \fBamngrsearch\R commands.
+.SH ENVIRONMENT
+.TP
+.B AMNGRDB
+ The default SQLite database file to use. This will be created with
+\fBamngrdbinit\fR as long as the path to that file exists. This can be
+overruled with the \fB-D\fR command line option.
+.TP
+.B AMNGRID
+ The GnuPG recipient id to encrypt against. You should use one where you have
+both public and private key. Failure to do so will result in not decipherable
+data. This can be overruled with the \fB-r\fR command line option.
+.TP
+.B AMNGRPWLEN
+ The password length to be used when generating new passwords.
+.SH DEPENDENCIES
+ A set of POSIX compliant shell utilities including a POSIX compliant shell
+as well are needed to run this script.
+
+ The functions within this script expect that all the needed tools
+can be found by the shell, usually that means that the current \fB$PATH\fR
+environment variable is set accordingly or that the tools are
+a shell internal.
+
+ The existence of a reliable non blocking random source. By default this
+scripts use \fB$(cat /dev/urandom)\fR which can be changed by replacing the
+alias \fBrandom\fR with something useful for your system.
+
+ For data storage \fBSqlite >= 3.6.19\fR is required. The version requirement
+comes from the use of foreign key constraints.
+
+ To store the data within the X clipboard the \fBxclip\fR is needed.
+
+.SS The tools used are
+.PD 0
+.IP \[bu] 2
+\fBawk\fR
+.IP \[bu]
+\fBbasename\fR
+.IP \[bu]
+\fBcat\fR
+.IP \[bu]
+\fBdnsdomainname\fR
+.IP \[bu]
+\fBecho\fR
+.IP \[bu]
+\fBgetopts\fR
+.IP \[bu]
+\fBgpg\fR
+.IP \[bu]
+\fBhead\fR
+.IP \[bu]
+\fBprintf\fR
+.IP \[bu]
+\fBrm\fR
+.IP \[bu]
+\fBshift\fR
+.IP \[bu]
+\fBSQLite3\fR (>= 3.6.19 for foreign key constraints)
+.IP \[bu]
+\fBtest\fR and \fB[\fR
+.IP \[bu]
+\fBtr\fR
+.IP \[bu]
+\fBxclip\fR
+.PD
+.SH SEE ALSO
+gpg2(1), gpg-agent(1)
+.SH BUGS
+No known bugs.
+.SH AUTHOR
+Georg Hopp (georg@steffers.org.in)
+.SH COPYRIGHT
+ Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later
+<http://gnu.org/licenses/gpl.html>.
+ This is free software: you are free to change and redistribute it. There is
+NO  WARRANTY, to the extent permitted by law.
+.\" vim: set ft=groff ts=4 sw=4:

+# man
+
+[NAME](#NAME)
+[SYNOPSIS](#SYNOPSIS)
+[DESCRIPTION](#DESCRIPTION)
+[OPTIONS](#OPTIONS)
+[ENVIRONMENT](#ENVIRONMENT)
+[DEPENDENCIES](#DEPENDENCIES)
+[SEE ALSO](#SEE ALSO)
+[BUGS](#BUGS)
+[AUTHOR](#AUTHOR)
+[COPYRIGHT](#COPYRIGHT)
+
+* * *
+
+## NAME<a name="NAME"></a>
+
+accountmanager.sh − source all functionality into the current shell
+
+General purpose functions:
+random − create a non blocking stream of random data on stdout
+rand_printable − create a random string a printable characters
+
+Database management functions:
+amngrdbinit − initialize the SQLite account database
+amngrdbdestroy − remove the SQLite account database
+
+Account management functions:
+amngradd − add an account credential to the database
+amngrcreate − create a new account credential to the database
+amngrcrypt − crypt the given data with GnuPG
+amngrdelete − delete an account
+amngrgen − generate a encrypted random passphrase
+amngrgetoldpass − copy previous password of account to X clipboard
+amngrgetolduser − copy previous username of account to X clipboard
+amngrgetpass − copy active password of account to X clipboard
+amngrgetuser − copy active username of account to X clipboard
+amngrid − write the database id of a given account name to stdout
+amngrlist − list all accounts
+amngrrename − rename an account
+amngrsearch − pattern search accounts
+
+## SYNOPSIS<a name="SYNOPSIS"></a>
+
+source **${PATH}/accountmanager.sh**
+
+**random**
+
+**rand_printable** [_len_]
+
+**amngrdbinit** [_dbfile_]
+
+**amngrdbdestroy** [_dbfile_]
+
+**amngradd -u** _username_ **-p** _password_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_] _account_
+
+**amngrcreate -u** _username_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_] _account_
+
+**amngrcrypt** [**-r** _recipient_] _password_
+
+**amngrdelete** _account_
+
+**amngrgen** [**-r** _recipient_] [_len_]
+
+**amngrgetoldpass** _account_
+
+**amngrgetolduser** _account_
+
+**amngrgetpass** _account_
+
+**amngrgetuser** _account_
+
+**amngrid** _account_
+
+**amngrlist** [**-s** _separator_]
+
+**amngrrename** _old_account new_account_
+
+**amngrsearch** [**-s** _separator_] _pattern_
+
+## DESCRIPTION<a name="DESCRIPTION"></a>
+
+This file can either be source into the current shell or used as a standalone shell script via the provided symlinks. When used as standalone script it will detect the function to call by the content of **$0**.
+All _account_ as well as all _username_ arguments used below are limited to 128 characters. The _account_ argument is always a unique string identifier for the account to manage. The _username_ argument is the username part of a credential which is a (_username_, _password_) pair.
+
+**random**
+
+ | 
+
+Takes no arguments and connect a non blocking random source to stdout.
+
+ |
+
+**rand_printable** [_len_]
+
+Uses **random** to write a string of random printable characters to stdout. All control characters ASCII-0 to ASCII-37 as well as ASCII-177 to 255, single and double quotes are filtered. The single and double quotes are filtered to prevent problems when they are used as string separators after shell expansion as in the SQL here documents used to communicate with the SQLite database.
+The optional _len_ argument specifies the string length to be written and defaults to 512.
+
+**amngrdbinit** [_dbfile_]
+
+Create the SQLite database file. If the optional _dbfile_ argument is given it specifies the fill path to the file to use, else the value of **$AMNGRDB** environment variable is used.
+
+**amngrdbdestroy** [_dbfile_]
+
+Deletes the SQLite database file. If the optional _dbfile_ argument is given it specifies the fill path to the file to use, else the value of **$AMNGRDB** environment variable is used.
+
+**amngradd -u** _username_ **-p** _password_ [**-d** _description_] [**-D** _dbfile_] [**-r**_
+recipient_] _account_
+
+Adds an account credential and marks it as active. If the account already exist, the credential (_username_ and _password_) is added to that account and the previously added credential is marked as old. If there was another even older credential that was already marked as old this will be marked as inactive and this becomes inaccessible with this tools (except for **amngrdelete**).
+The necessary option **-u** specifies the username to be stored with this credential pair.
+The also necessary option **-p** specifies the password to be stored and the length of _password_ is not limited at all.
+With option **-d** one can add a _description_ to the account entry. One can specify the _dbfile_ with the option **-D** if that option is not given the **$AMNGRDB** environment variable is used.
+
+**amngrcreate -u** _username_ [**-d** _description_] [**-D** _dbfile_] [**-r** _recipient_]_
+account_
+
+This will create a password with **amngrgen** and use that to add an credential via **amngradd**. (See there for options description)
+The added password will be copied to the X clipboard with **amngrgetpass** for further use.
+
+**amngrcrypt** [**-r** _recipient_] _password_
+
+Crypt the given plain text _password_ with GnuPG and write it to stdout.
+The option **-r** specifies the recipient to use with the call to **gpg**. If it is not given the value of the **$AMNGRID** environment variable is used.
+
+**amngrdelete** _account_
+
+Remove the _account_ and all credential associated to it.
+
+**amngrgen** [**-r** _receipient_] [_len_]
+
+Generate a password with **rand_printable** and encrypt it via **amngrcrypt**. By default the password will be 10 characters long. That can be modified by the optional _len_ argument.
+
+**amngrgetoldpass** _account_
+
+Read and decrypt the password associated with _account_ that is flagged as old and store it into the X clipboard.
+
+**amngrgetolduser** _account_
+
+Read and decrypt the username associated with _account_ that is flagged as old and store it into the X clipboard.
+
+**amngrgetpass** _account_
+
+Read and decrypt the password associated with _account_ that is flagged as active and store it into the X clipboard.
+
+**amngrgetuser** _account_
+
+Read and decrypt the username associated with _account_ that is flagged as active and store it into the X clipboard.
+
+**amngrid** _account_
+
+(This is primarily for internal use.) Get the database id associated to the given _account_ argument.
+
+**amngrlist** [**-s** _separator_]
+
+List all accounts currently stored within the database the output will contain the name of the account, the username and the description delimited by a _separator_ string that can be specified with the **-s** option. If the option is omitted the separator is " => ". Each row is one account.
+
+**amngrrename** _old_account new_account_
+
+Rename the account specified by _old_account_ to _new_account_.
+
+**amngrsearch** [**-s** _separator_] _pattern_
+
+List accounts where _pattern_ exists in either the account name, the username or the account description. The output is like the one described with **amngrlist**.
+
+## OPTIONS<a name="OPTIONS"></a>
+
+The options are consistent over all sub commands. However not all sub commands use all options and some sub commands take arguments that other get per option. (See **DESCRIPTION**)
+
+**-u**
+
+ | 
+
+The login username of the credential for the account.
+
+ |
+
+**-p**
+
+ | 
+
+The plain text password of the credential for the account.
+
+ |
+
+**-d**
+
+ | 
+
+The description for the account.
+
+ |
+
+**-D**
+
+ | 
+
+Select the database file to use instead of the one defined in the **$AMNGRDB** environment variable.
+
+ |
+
+**-r**
+
+ | 
+
+Select a recipient id for GnuPG encryption to use instead of the one defined in the **$AMNGRID** environment variable.
+
+ |
+
+**-s**
+
+ | 
+
+The column separator for the **amngrlist** and **amngrsearchcommands.**
+
+ |
+
+## ENVIRONMENT<a name="ENVIRONMENT"></a>
+
+**AMNGRDB**
+
+The default SQLite database file to use. This will be created with **amngrdbinit** as long as the path to that file exists. This can be overruled with the **-D** command line option.
+
+**AMNGRID**
+
+The GnuPG recipient id to encrypt against. You should use one where you have both public and private key. Failure to do so will result in not decipherable data. This can be overruled with the **-r** command line option.
+
+**AMNGRPWLEN**
+
+The password length to be used when generating new passwords.
+
+## DEPENDENCIES<a name="DEPENDENCIES"></a>
+
+A set of POSIX compliant shell utilities including a POSIX compliant shell as well are needed to run this script.
+
+The functions within this script expect that all the needed tools can be found by the shell, usually that means that the current **$PATH** environment variable is set accordingly or that the tools are a shell internal.
+
+The existence of a reliable non blocking random source. By default this scripts use **$(cat /dev/urandom)** which can be changed by replacing the alias **random** with something useful for your system.
+
+For data storage **Sqlite >= 3.6.19** is required. The version requirement comes from the use of foreign key constraints.
+
+To store the data within the X clipboard the **xclip** is needed.
+
+**The tools used are**
+
+•
+
+ | 
+
+**awk**
+
+ |
+
+•
+
+ | 
+
+**basename**
+
+ |
+
+•
+
+ | 
+
+**cat**
+
+ |
+
+•
+
+ | 
+
+**dnsdomainname**
+
+ |
+
+•
+
+ | 
+
+**echo**
+
+ |
+
+•
+
+ | 
+
+**getopts**
+
+ |
+
+•
+
+ | 
+
+**gpg**
+
+ |
+
+•
+
+ | 
+
+**head**
+
+ |
+
+•
+
+ | 
+
+**printf**
+
+ |
+
+•
+
+ | 
+
+**rm**
+
+ |
+
+•
+
+ | 
+
+**shift**
+
+ |
+
+•
+
+ | 
+
+**SQLite3** (>= 3.6.19 for foreign key constraints)
+
+ |
+
+•
+
+ | 
+
+**test** and **[**
+
+ |
+
+•
+
+ | 
+
+**tr**
+
+ |
+
+•
+
+ | 
+
+**xclip**
+
+ |
+
+## SEE ALSO<a name="SEE ALSO"></a>
+
+gpg2(1), gpg-agent(1)
+
+## BUGS<a name="BUGS"></a>
+
+No known bugs.
+
+## AUTHOR<a name="AUTHOR"></a>
+
+Georg Hopp (georg@steffers.org.in)
+
+## COPYRIGHT<a name="COPYRIGHT"></a>
+
+Copyright © 2017 Georg Hopp License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
+This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
+
+* * *