Commit 2d85102c6c99d075e071d3054ff3ff0bb54d3e7d
1 parent
cb85149b
Add ecryptfs management and some fixes
Showing
4 changed files
with
89 additions
and
17 deletions
ecryptfs.sh
0 → 100644
| 1 | +function key_exists() { | ||
| 2 | + /bin/keyctl list @u | /bin/grep -q "${1}" | ||
| 3 | + return $? | ||
| 4 | +} | ||
| 5 | + | ||
| 6 | +function insert_key() { | ||
| 7 | + local INSERT=/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring | ||
| 8 | + | ||
| 9 | + key_exists "${3}" || /bin/cat "${1}" | ${INSERT} "${2}" - | ||
| 10 | +} | ||
| 11 | + | ||
| 12 | +function insert_keypair() { | ||
| 13 | + local DATASIG="$(/bin/sed '1p;d' "${HOME}/.ecryptfs/${2}.sig")" | ||
| 14 | + local NAMESIG="$(/bin/sed '2p;d' "${HOME}/.ecryptfs/${2}.sig")" | ||
| 15 | + local DPF="${2}-passphrase" | ||
| 16 | + local NPF="${DPF}-fname" | ||
| 17 | + | ||
| 18 | + insert_key "${1}/${DPF}" "${HOME}/.ecryptfs/wrapped-${DPF}" "${DATASIG}" | ||
| 19 | + insert_key "${1}/${NPF}" "${HOME}/.ecryptfs/wrapped-${NPF}" "${NAMESIG}" | ||
| 20 | +} | ||
| 21 | + | ||
| 22 | +function is_ecryptfs() { | ||
| 23 | + /usr/bin/test "$(/usr/bin/stat -f -c '%T' "${1}")" = "ecryptfs" | ||
| 24 | + return $? | ||
| 25 | +} | ||
| 26 | + | ||
| 27 | +function mount_crypt() { | ||
| 28 | + local CONFIG="${HOME}/.ecryptfs/${1}.conf" | ||
| 29 | + local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")" | ||
| 30 | + | ||
| 31 | + is_ecryptfs "${MOUNTPOINT}" || /sbin/mount.ecryptfs_private "${1}" | ||
| 32 | +} | ||
| 33 | + | ||
| 34 | +function umount_crypt() { | ||
| 35 | + local CONFIG="${HOME}/.ecryptfs/${1}.conf" | ||
| 36 | + local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")" | ||
| 37 | + | ||
| 38 | + /bin/sync | ||
| 39 | + is_ecryptfs "${MOUNTPOINT}" && /sbin/umount.ecryptfs_private -d "${1}" | ||
| 40 | +} | ||
| 41 | + | ||
| 42 | +# vim: set ts=4 sw=4: |
| @@ -3,28 +3,37 @@ SSH_ADD="/usr/bin/ssh-add" | @@ -3,28 +3,37 @@ SSH_ADD="/usr/bin/ssh-add" | ||
| 3 | 3 | ||
| 4 | export SSH_KEYGEN SSH_ADD | 4 | export SSH_KEYGEN SSH_ADD |
| 5 | 5 | ||
| 6 | -IDENTITY_FILE="/mnt/auth/ghopp/.ssh/ident" | 6 | +IDENTITY_FILE="${HOME}/.ssh/ident" |
| 7 | SSH_AGENT_FILE="${HOME}/.ssh/agent.info" | 7 | SSH_AGENT_FILE="${HOME}/.ssh/agent.info" |
| 8 | 8 | ||
| 9 | GPG_TTY=$(tty) | 9 | GPG_TTY=$(tty) |
| 10 | 10 | ||
| 11 | export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY | 11 | export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY |
| 12 | 12 | ||
| 13 | -alias ssh_init_github="ssh-add /mnt/auth/ghopp/.ssh/ident-github ~/.ssh/getcred_github.sh" | 13 | +alias ssh_init_github="ssh-add ${HOME}/.ssh/ident-github ${HOME}/.ssh/getcred_github.sh" |
| 14 | 14 | ||
| 15 | function ssh-keygen() { | 15 | function ssh-keygen() { |
| 16 | - ident="${1:-${IDENTITY_FILE}}" | 16 | + local ident="${1:-${IDENTITY_FILE}}" |
| 17 | ${SSH_KEYGEN} -f "${ident}" "$@" | 17 | ${SSH_KEYGEN} -f "${ident}" "$@" |
| 18 | } | 18 | } |
| 19 | 19 | ||
| 20 | function ssh-add() { | 20 | function ssh-add() { |
| 21 | - ident="${1:-${IDENTITY_FILE}}" | ||
| 22 | - ask_pass="${2:-${HOME}/.ssh/getcred.sh}" | 21 | + local ident="${1}" |
| 22 | + local ask_pass ident_file | ||
| 23 | + | ||
| 24 | + if [ "${ident}" ] | ||
| 25 | + then | ||
| 26 | + ask_pass="${HOME}/.ssh/getcred_${ident}.sh" | ||
| 27 | + ident_file="${HOME}/.ssh/ident-${ident}" | ||
| 28 | + else | ||
| 29 | + ask_pass="${HOME}/.ssh/getcred.sh" | ||
| 30 | + ident_file="${HOME}/.ssh/ident" | ||
| 31 | + fi | ||
| 23 | 32 | ||
| 24 | if [ '-' != "${ident:0:1}" ] | 33 | if [ '-' != "${ident:0:1}" ] |
| 25 | then | 34 | then |
| 26 | DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \ | 35 | DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \ |
| 27 | - ${SSH_ADD} ${ident} 2>/dev/null </dev/null | 36 | + ${SSH_ADD} ${ident_file} 2>/dev/null </dev/null |
| 28 | else | 37 | else |
| 29 | ${SSH_ADD} "$@" | 38 | ${SSH_ADD} "$@" |
| 30 | fi | 39 | fi |
| @@ -59,28 +68,40 @@ function ssh-init-agent() { | @@ -59,28 +68,40 @@ function ssh-init-agent() { | ||
| 59 | } | 68 | } |
| 60 | 69 | ||
| 61 | function gpg-init-agent() { | 70 | function gpg-init-agent() { |
| 62 | - local FUSER="/bin/fuser" | 71 | + local AWK="/usr/bin/awk" |
| 72 | + local SED="/bin/sed" | ||
| 73 | + local LSOF="/usr/bin/lsof" | ||
| 63 | local CAT="/bin/cat" | 74 | local CAT="/bin/cat" |
| 64 | local PS="/bin/ps" | 75 | local PS="/bin/ps" |
| 65 | local ECHO="/bin/echo" | 76 | local ECHO="/bin/echo" |
| 66 | local CUT="/usr/bin/cut" | 77 | local CUT="/usr/bin/cut" |
| 67 | - local GPG_AGENT="/usr/bin/gpg-agent --daemon --allow-preset-passphrase" | 78 | + local GPG_AGENT="/usr/bin/gpg-agent" |
| 79 | + local GPG_AGENT_ARGS="--daemon --allow-preset-passphrase" | ||
| 68 | local GPG_PRESET="/usr/libexec/gpg-preset-passphrase" | 80 | local GPG_PRESET="/usr/libexec/gpg-preset-passphrase" |
| 69 | - local CREDDIR="/mnt/auth/ghopp/gnupg/" | 81 | + local CREDDIR="${1}" |
| 70 | local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30" | 82 | local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30" |
| 71 | local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" | 83 | local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" |
| 72 | 84 | ||
| 73 | - if ${FUSER} ${HOME}/.gnupg/S.gpg-agent >/dev/null 2>&1 | 85 | + export GPG_AGENT_SOCK="${RUNDIR}/gnupg/S.gpg-agent" |
| 86 | + local SOCK_OPEN_PID="$(test -e "${GPG_AGENT_SOCK}" &&\ | ||
| 87 | + ${LSOF} -F p ${GPG_AGENT_SOCK} | sed '/p/s/^.//;te;d;:e')" | ||
| 88 | + | ||
| 89 | + GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | ||
| 90 | + ${AWK} '/gpg-agent/{print $1}')" | ||
| 91 | + | ||
| 92 | + if [ "${SOCK_OPEN_PID}" -a "${GPG_AGENT_PID}" = "${SOCK_OPEN_PID}" ] | ||
| 74 | then | 93 | then |
| 75 | return | 94 | return |
| 76 | else | 95 | else |
| 77 | ${ECHO} -n "start gpg-agent ... " | 96 | ${ECHO} -n "start gpg-agent ... " |
| 78 | - ${GPG_AGENT} | 97 | + ${GPG_AGENT} ${GPG_AGENT_ARGS} |
| 79 | if [ 0 -eq $? ] | 98 | if [ 0 -eq $? ] |
| 80 | then | 99 | then |
| 81 | - ${ECHO} "OK" | ||
| 82 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} | 100 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} |
| 83 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} | 101 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} |
| 102 | + ${ECHO} "OK" | ||
| 103 | + export GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | ||
| 104 | + ${AWK} '/gpg-agent/{print $1}')" | ||
| 84 | else | 105 | else |
| 85 | ${ECHO} "FAILED" | 106 | ${ECHO} "FAILED" |
| 86 | fi | 107 | fi |
| @@ -19,13 +19,17 @@ function rand() { | @@ -19,13 +19,17 @@ function rand() { | ||
| 19 | ${OD} -i | ${SED} '2d;s/^0\+ \+//' | 19 | ${OD} -i | ${SED} '2d;s/^0\+ \+//' |
| 20 | } | 20 | } |
| 21 | 21 | ||
| 22 | +function setroot() { | ||
| 23 | + DISPLAY=${1} /usr/bin/feh --bg-center ${2} | ||
| 24 | +} | ||
| 25 | + | ||
| 22 | function background() { | 26 | function background() { |
| 23 | local SED="/bin/sed" | 27 | local SED="/bin/sed" |
| 24 | local XRANDR="/usr/bin/xrandr" | 28 | local XRANDR="/usr/bin/xrandr" |
| 25 | local TEMPFILE="/bin/tempfile" | 29 | local TEMPFILE="/bin/tempfile" |
| 26 | local IDENTIFY="/usr/bin/identify" | 30 | local IDENTIFY="/usr/bin/identify" |
| 27 | local CONVERT="/usr/bin/convert" | 31 | local CONVERT="/usr/bin/convert" |
| 28 | - local SETROOT="/usr/bin/xsri" | 32 | + local SETROOT="/usr/bin/feh" |
| 29 | local ECHO="/bin/echo" | 33 | local ECHO="/bin/echo" |
| 30 | local EXPR="/usr/bin/expr" | 34 | local EXPR="/usr/bin/expr" |
| 31 | local WC="/usr/bin/wc" | 35 | local WC="/usr/bin/wc" |
| @@ -39,7 +43,7 @@ function background() { | @@ -39,7 +43,7 @@ function background() { | ||
| 39 | s/ //g | 43 | s/ //g |
| 40 | s/^.*ent\([0-9x]*\).*$/\1/ | 44 | s/^.*ent\([0-9x]*\).*$/\1/ |
| 41 | } | 45 | } |
| 42 | - / conn/s/^.*cted \([^ ]*\).*$/\1/ | 46 | + / conn/s/^.*cted[^0-9]*\([0-9x+]*\).*$/\1/ |
| 43 | t | 47 | t |
| 44 | d' | 48 | d' |
| 45 | 49 | ||
| @@ -59,7 +63,7 @@ function background() { | @@ -59,7 +63,7 @@ function background() { | ||
| 59 | img=`rand` | 63 | img=`rand` |
| 60 | img=`${EXPR} ${img} % ${N_BGS} + 1` | 64 | img=`${EXPR} ${img} % ${N_BGS} + 1` |
| 61 | img="${BGDIR}/`${ECHO} "${BGS}" | ${SED} ${img}'p;d'`" | 65 | img="${BGDIR}/`${ECHO} "${BGS}" | ${SED} ${img}'p;d'`" |
| 62 | - | 66 | + |
| 63 | size=${res%%+*} | 67 | size=${res%%+*} |
| 64 | ofs=${res#*+*} | 68 | ofs=${res#*+*} |
| 65 | ofs_x=${ofs%%+*} | 69 | ofs_x=${ofs%%+*} |
| @@ -91,7 +95,7 @@ function background() { | @@ -91,7 +95,7 @@ function background() { | ||
| 91 | 95 | ||
| 92 | img=`${TEMPFILE} -s '.jpg'` | 96 | img=`${TEMPFILE} -s '.jpg'` |
| 93 | eval "${CONVERT} ${cmd} ${img}" | 97 | eval "${CONVERT} ${cmd} ${img}" |
| 94 | - DISPLAY=${MYDISP} ${SETROOT} --emblem="${img}" --set 2>/dev/null | 98 | + setroot "${MYDISP}" "${img}" |
| 95 | rm ${img} | 99 | rm ${img} |
| 96 | } | 100 | } |
| 97 | 101 |
| @@ -8,6 +8,11 @@ function rand_printable() { | @@ -8,6 +8,11 @@ function rand_printable() { | ||
| 8 | ${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`" | 8 | ${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`" |
| 9 | } | 9 | } |
| 10 | 10 | ||
| 11 | -test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@" | 11 | +if [ -n "${ZSH_EVAL_CONTEXT}" ] |
| 12 | +then | ||
| 13 | + test "${ZSH_EVAL_CONTEXT}" = "toplevel" && rand_printable "$@" | ||
| 14 | +else | ||
| 15 | + test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@" | ||
| 16 | +fi | ||
| 12 | 17 | ||
| 13 | # vim: set ft=sh ts=4 sw=4: | 18 | # vim: set ft=sh ts=4 sw=4: |
Please
register
or
login
to post a comment