Commit 2d85102c6c99d075e071d3054ff3ff0bb54d3e7d
1 parent
cb85149b
Add ecryptfs management and some fixes
Showing
4 changed files
with
89 additions
and
17 deletions
ecryptfs.sh
0 → 100644
1 | +function key_exists() { | ||
2 | + /bin/keyctl list @u | /bin/grep -q "${1}" | ||
3 | + return $? | ||
4 | +} | ||
5 | + | ||
6 | +function insert_key() { | ||
7 | + local INSERT=/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring | ||
8 | + | ||
9 | + key_exists "${3}" || /bin/cat "${1}" | ${INSERT} "${2}" - | ||
10 | +} | ||
11 | + | ||
12 | +function insert_keypair() { | ||
13 | + local DATASIG="$(/bin/sed '1p;d' "${HOME}/.ecryptfs/${2}.sig")" | ||
14 | + local NAMESIG="$(/bin/sed '2p;d' "${HOME}/.ecryptfs/${2}.sig")" | ||
15 | + local DPF="${2}-passphrase" | ||
16 | + local NPF="${DPF}-fname" | ||
17 | + | ||
18 | + insert_key "${1}/${DPF}" "${HOME}/.ecryptfs/wrapped-${DPF}" "${DATASIG}" | ||
19 | + insert_key "${1}/${NPF}" "${HOME}/.ecryptfs/wrapped-${NPF}" "${NAMESIG}" | ||
20 | +} | ||
21 | + | ||
22 | +function is_ecryptfs() { | ||
23 | + /usr/bin/test "$(/usr/bin/stat -f -c '%T' "${1}")" = "ecryptfs" | ||
24 | + return $? | ||
25 | +} | ||
26 | + | ||
27 | +function mount_crypt() { | ||
28 | + local CONFIG="${HOME}/.ecryptfs/${1}.conf" | ||
29 | + local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")" | ||
30 | + | ||
31 | + is_ecryptfs "${MOUNTPOINT}" || /sbin/mount.ecryptfs_private "${1}" | ||
32 | +} | ||
33 | + | ||
34 | +function umount_crypt() { | ||
35 | + local CONFIG="${HOME}/.ecryptfs/${1}.conf" | ||
36 | + local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")" | ||
37 | + | ||
38 | + /bin/sync | ||
39 | + is_ecryptfs "${MOUNTPOINT}" && /sbin/umount.ecryptfs_private -d "${1}" | ||
40 | +} | ||
41 | + | ||
42 | +# vim: set ts=4 sw=4: |
@@ -3,28 +3,37 @@ SSH_ADD="/usr/bin/ssh-add" | @@ -3,28 +3,37 @@ SSH_ADD="/usr/bin/ssh-add" | ||
3 | 3 | ||
4 | export SSH_KEYGEN SSH_ADD | 4 | export SSH_KEYGEN SSH_ADD |
5 | 5 | ||
6 | -IDENTITY_FILE="/mnt/auth/ghopp/.ssh/ident" | 6 | +IDENTITY_FILE="${HOME}/.ssh/ident" |
7 | SSH_AGENT_FILE="${HOME}/.ssh/agent.info" | 7 | SSH_AGENT_FILE="${HOME}/.ssh/agent.info" |
8 | 8 | ||
9 | GPG_TTY=$(tty) | 9 | GPG_TTY=$(tty) |
10 | 10 | ||
11 | export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY | 11 | export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY |
12 | 12 | ||
13 | -alias ssh_init_github="ssh-add /mnt/auth/ghopp/.ssh/ident-github ~/.ssh/getcred_github.sh" | 13 | +alias ssh_init_github="ssh-add ${HOME}/.ssh/ident-github ${HOME}/.ssh/getcred_github.sh" |
14 | 14 | ||
15 | function ssh-keygen() { | 15 | function ssh-keygen() { |
16 | - ident="${1:-${IDENTITY_FILE}}" | 16 | + local ident="${1:-${IDENTITY_FILE}}" |
17 | ${SSH_KEYGEN} -f "${ident}" "$@" | 17 | ${SSH_KEYGEN} -f "${ident}" "$@" |
18 | } | 18 | } |
19 | 19 | ||
20 | function ssh-add() { | 20 | function ssh-add() { |
21 | - ident="${1:-${IDENTITY_FILE}}" | ||
22 | - ask_pass="${2:-${HOME}/.ssh/getcred.sh}" | 21 | + local ident="${1}" |
22 | + local ask_pass ident_file | ||
23 | + | ||
24 | + if [ "${ident}" ] | ||
25 | + then | ||
26 | + ask_pass="${HOME}/.ssh/getcred_${ident}.sh" | ||
27 | + ident_file="${HOME}/.ssh/ident-${ident}" | ||
28 | + else | ||
29 | + ask_pass="${HOME}/.ssh/getcred.sh" | ||
30 | + ident_file="${HOME}/.ssh/ident" | ||
31 | + fi | ||
23 | 32 | ||
24 | if [ '-' != "${ident:0:1}" ] | 33 | if [ '-' != "${ident:0:1}" ] |
25 | then | 34 | then |
26 | DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \ | 35 | DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \ |
27 | - ${SSH_ADD} ${ident} 2>/dev/null </dev/null | 36 | + ${SSH_ADD} ${ident_file} 2>/dev/null </dev/null |
28 | else | 37 | else |
29 | ${SSH_ADD} "$@" | 38 | ${SSH_ADD} "$@" |
30 | fi | 39 | fi |
@@ -59,28 +68,40 @@ function ssh-init-agent() { | @@ -59,28 +68,40 @@ function ssh-init-agent() { | ||
59 | } | 68 | } |
60 | 69 | ||
61 | function gpg-init-agent() { | 70 | function gpg-init-agent() { |
62 | - local FUSER="/bin/fuser" | 71 | + local AWK="/usr/bin/awk" |
72 | + local SED="/bin/sed" | ||
73 | + local LSOF="/usr/bin/lsof" | ||
63 | local CAT="/bin/cat" | 74 | local CAT="/bin/cat" |
64 | local PS="/bin/ps" | 75 | local PS="/bin/ps" |
65 | local ECHO="/bin/echo" | 76 | local ECHO="/bin/echo" |
66 | local CUT="/usr/bin/cut" | 77 | local CUT="/usr/bin/cut" |
67 | - local GPG_AGENT="/usr/bin/gpg-agent --daemon --allow-preset-passphrase" | 78 | + local GPG_AGENT="/usr/bin/gpg-agent" |
79 | + local GPG_AGENT_ARGS="--daemon --allow-preset-passphrase" | ||
68 | local GPG_PRESET="/usr/libexec/gpg-preset-passphrase" | 80 | local GPG_PRESET="/usr/libexec/gpg-preset-passphrase" |
69 | - local CREDDIR="/mnt/auth/ghopp/gnupg/" | 81 | + local CREDDIR="${1}" |
70 | local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30" | 82 | local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30" |
71 | local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" | 83 | local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" |
72 | 84 | ||
73 | - if ${FUSER} ${HOME}/.gnupg/S.gpg-agent >/dev/null 2>&1 | 85 | + export GPG_AGENT_SOCK="${RUNDIR}/gnupg/S.gpg-agent" |
86 | + local SOCK_OPEN_PID="$(test -e "${GPG_AGENT_SOCK}" &&\ | ||
87 | + ${LSOF} -F p ${GPG_AGENT_SOCK} | sed '/p/s/^.//;te;d;:e')" | ||
88 | + | ||
89 | + GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | ||
90 | + ${AWK} '/gpg-agent/{print $1}')" | ||
91 | + | ||
92 | + if [ "${SOCK_OPEN_PID}" -a "${GPG_AGENT_PID}" = "${SOCK_OPEN_PID}" ] | ||
74 | then | 93 | then |
75 | return | 94 | return |
76 | else | 95 | else |
77 | ${ECHO} -n "start gpg-agent ... " | 96 | ${ECHO} -n "start gpg-agent ... " |
78 | - ${GPG_AGENT} | 97 | + ${GPG_AGENT} ${GPG_AGENT_ARGS} |
79 | if [ 0 -eq $? ] | 98 | if [ 0 -eq $? ] |
80 | then | 99 | then |
81 | - ${ECHO} "OK" | ||
82 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} | 100 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} |
83 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} | 101 | ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} |
102 | + ${ECHO} "OK" | ||
103 | + export GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\ | ||
104 | + ${AWK} '/gpg-agent/{print $1}')" | ||
84 | else | 105 | else |
85 | ${ECHO} "FAILED" | 106 | ${ECHO} "FAILED" |
86 | fi | 107 | fi |
@@ -19,13 +19,17 @@ function rand() { | @@ -19,13 +19,17 @@ function rand() { | ||
19 | ${OD} -i | ${SED} '2d;s/^0\+ \+//' | 19 | ${OD} -i | ${SED} '2d;s/^0\+ \+//' |
20 | } | 20 | } |
21 | 21 | ||
22 | +function setroot() { | ||
23 | + DISPLAY=${1} /usr/bin/feh --bg-center ${2} | ||
24 | +} | ||
25 | + | ||
22 | function background() { | 26 | function background() { |
23 | local SED="/bin/sed" | 27 | local SED="/bin/sed" |
24 | local XRANDR="/usr/bin/xrandr" | 28 | local XRANDR="/usr/bin/xrandr" |
25 | local TEMPFILE="/bin/tempfile" | 29 | local TEMPFILE="/bin/tempfile" |
26 | local IDENTIFY="/usr/bin/identify" | 30 | local IDENTIFY="/usr/bin/identify" |
27 | local CONVERT="/usr/bin/convert" | 31 | local CONVERT="/usr/bin/convert" |
28 | - local SETROOT="/usr/bin/xsri" | 32 | + local SETROOT="/usr/bin/feh" |
29 | local ECHO="/bin/echo" | 33 | local ECHO="/bin/echo" |
30 | local EXPR="/usr/bin/expr" | 34 | local EXPR="/usr/bin/expr" |
31 | local WC="/usr/bin/wc" | 35 | local WC="/usr/bin/wc" |
@@ -39,7 +43,7 @@ function background() { | @@ -39,7 +43,7 @@ function background() { | ||
39 | s/ //g | 43 | s/ //g |
40 | s/^.*ent\([0-9x]*\).*$/\1/ | 44 | s/^.*ent\([0-9x]*\).*$/\1/ |
41 | } | 45 | } |
42 | - / conn/s/^.*cted \([^ ]*\).*$/\1/ | 46 | + / conn/s/^.*cted[^0-9]*\([0-9x+]*\).*$/\1/ |
43 | t | 47 | t |
44 | d' | 48 | d' |
45 | 49 | ||
@@ -59,7 +63,7 @@ function background() { | @@ -59,7 +63,7 @@ function background() { | ||
59 | img=`rand` | 63 | img=`rand` |
60 | img=`${EXPR} ${img} % ${N_BGS} + 1` | 64 | img=`${EXPR} ${img} % ${N_BGS} + 1` |
61 | img="${BGDIR}/`${ECHO} "${BGS}" | ${SED} ${img}'p;d'`" | 65 | img="${BGDIR}/`${ECHO} "${BGS}" | ${SED} ${img}'p;d'`" |
62 | - | 66 | + |
63 | size=${res%%+*} | 67 | size=${res%%+*} |
64 | ofs=${res#*+*} | 68 | ofs=${res#*+*} |
65 | ofs_x=${ofs%%+*} | 69 | ofs_x=${ofs%%+*} |
@@ -91,7 +95,7 @@ function background() { | @@ -91,7 +95,7 @@ function background() { | ||
91 | 95 | ||
92 | img=`${TEMPFILE} -s '.jpg'` | 96 | img=`${TEMPFILE} -s '.jpg'` |
93 | eval "${CONVERT} ${cmd} ${img}" | 97 | eval "${CONVERT} ${cmd} ${img}" |
94 | - DISPLAY=${MYDISP} ${SETROOT} --emblem="${img}" --set 2>/dev/null | 98 | + setroot "${MYDISP}" "${img}" |
95 | rm ${img} | 99 | rm ${img} |
96 | } | 100 | } |
97 | 101 |
@@ -8,6 +8,11 @@ function rand_printable() { | @@ -8,6 +8,11 @@ function rand_printable() { | ||
8 | ${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`" | 8 | ${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`" |
9 | } | 9 | } |
10 | 10 | ||
11 | -test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@" | 11 | +if [ -n "${ZSH_EVAL_CONTEXT}" ] |
12 | +then | ||
13 | + test "${ZSH_EVAL_CONTEXT}" = "toplevel" && rand_printable "$@" | ||
14 | +else | ||
15 | + test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@" | ||
16 | +fi | ||
12 | 17 | ||
13 | # vim: set ft=sh ts=4 sw=4: | 18 | # vim: set ft=sh ts=4 sw=4: |
Please
register
or
login
to post a comment