ghopp
/
shell_tools
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add ecryptfs management and some fixes

master
Georg Hopp 8 years ago
parent
cb85149b85
commit
2d85102c6c
Signed by: ghopp GPG Key ID: 4C5D226768784538
4 changed files with 89 additions and 17 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 42
      ecryptfs.sh
  2. 45
      keymanagement.sh
  3. 10
      tools/background
  4. 7
      tools/rand_printable

42
ecryptfs.sh
View File

@ -0,0 +1,42 @@
function key_exists() {
/bin/keyctl list @u | /bin/grep -q "${1}"
return $?
}
function insert_key() {
local INSERT=/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring
key_exists "${3}" || /bin/cat "${1}" | ${INSERT} "${2}" -
}
function insert_keypair() {
local DATASIG="$(/bin/sed '1p;d' "${HOME}/.ecryptfs/${2}.sig")"
local NAMESIG="$(/bin/sed '2p;d' "${HOME}/.ecryptfs/${2}.sig")"
local DPF="${2}-passphrase"
local NPF="${DPF}-fname"
insert_key "${1}/${DPF}" "${HOME}/.ecryptfs/wrapped-${DPF}" "${DATASIG}"
insert_key "${1}/${NPF}" "${HOME}/.ecryptfs/wrapped-${NPF}" "${NAMESIG}"
}
function is_ecryptfs() {
/usr/bin/test "$(/usr/bin/stat -f -c '%T' "${1}")" = "ecryptfs"
return $?
}
function mount_crypt() {
local CONFIG="${HOME}/.ecryptfs/${1}.conf"
local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")"
is_ecryptfs "${MOUNTPOINT}" || /sbin/mount.ecryptfs_private "${1}"
}
function umount_crypt() {
local CONFIG="${HOME}/.ecryptfs/${1}.conf"
local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")"
/bin/sync
is_ecryptfs "${MOUNTPOINT}" && /sbin/umount.ecryptfs_private -d "${1}"
}
# vim: set ts=4 sw=4:

45
keymanagement.sh
View File

@ -3,28 +3,37 @@ SSH_ADD="/usr/bin/ssh-add"
export SSH_KEYGEN SSH_ADD export SSH_KEYGEN SSH_ADD
IDENTITY_FILE="/mnt/auth/ghopp/.ssh/ident"
IDENTITY_FILE="${HOME}/.ssh/ident"
SSH_AGENT_FILE="${HOME}/.ssh/agent.info" SSH_AGENT_FILE="${HOME}/.ssh/agent.info"
GPG_TTY=$(tty) GPG_TTY=$(tty)
export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY
alias ssh_init_github="ssh-add /mnt/auth/ghopp/.ssh/ident-github ~/.ssh/getcred_github.sh"
alias ssh_init_github="ssh-add ${HOME}/.ssh/ident-github ${HOME}/.ssh/getcred_github.sh"
function ssh-keygen() { function ssh-keygen() {
ident="${1:-${IDENTITY_FILE}}"
local ident="${1:-${IDENTITY_FILE}}"
${SSH_KEYGEN} -f "${ident}" "$@" ${SSH_KEYGEN} -f "${ident}" "$@"
} }
function ssh-add() { function ssh-add() {
ident="${1:-${IDENTITY_FILE}}"
ask_pass="${2:-${HOME}/.ssh/getcred.sh}"
local ident="${1}"
local ask_pass ident_file
if [ "${ident}" ]
then
ask_pass="${HOME}/.ssh/getcred_${ident}.sh"
ident_file="${HOME}/.ssh/ident-${ident}"
else
ask_pass="${HOME}/.ssh/getcred.sh"
ident_file="${HOME}/.ssh/ident"
fi
if [ '-' != "${ident:0:1}" ] if [ '-' != "${ident:0:1}" ]
then then
DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \ DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \
${SSH_ADD} ${ident} 2>/dev/null </dev/null
${SSH_ADD} ${ident_file} 2>/dev/null </dev/null
else else
${SSH_ADD} "$@" ${SSH_ADD} "$@"
fi fi
@ -59,28 +68,40 @@ function ssh-init-agent() {
} }
function gpg-init-agent() { function gpg-init-agent() {
local FUSER="/bin/fuser"
local AWK="/usr/bin/awk"
local SED="/bin/sed"
local LSOF="/usr/bin/lsof"
local CAT="/bin/cat" local CAT="/bin/cat"
local PS="/bin/ps" local PS="/bin/ps"
local ECHO="/bin/echo" local ECHO="/bin/echo"
local CUT="/usr/bin/cut" local CUT="/usr/bin/cut"
local GPG_AGENT="/usr/bin/gpg-agent --daemon --allow-preset-passphrase"
local GPG_AGENT="/usr/bin/gpg-agent"
local GPG_AGENT_ARGS="--daemon --allow-preset-passphrase"
local GPG_PRESET="/usr/libexec/gpg-preset-passphrase" local GPG_PRESET="/usr/libexec/gpg-preset-passphrase"
local CREDDIR="/mnt/auth/ghopp/gnupg/"
local CREDDIR="${1}"
local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30" local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30"
local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A" local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A"
if ${FUSER} ${HOME}/.gnupg/S.gpg-agent >/dev/null 2>&1
export GPG_AGENT_SOCK="${RUNDIR}/gnupg/S.gpg-agent"
local SOCK_OPEN_PID="$(test -e "${GPG_AGENT_SOCK}" &&\
${LSOF} -F p ${GPG_AGENT_SOCK} | sed '/p/s/^.//;te;d;:e')"
GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\
${AWK} '/gpg-agent/{print $1}')"
if [ "${SOCK_OPEN_PID}" -a "${GPG_AGENT_PID}" = "${SOCK_OPEN_PID}" ]
then then
return return
else else
${ECHO} -n "start gpg-agent ... " ${ECHO} -n "start gpg-agent ... "
${GPG_AGENT}
${GPG_AGENT} ${GPG_AGENT_ARGS}
if [ 0 -eq $? ] if [ 0 -eq $? ]
then then
${ECHO} "OK"
${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP} ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP}
${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP} ${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP}
${ECHO} "OK"
export GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\
${AWK} '/gpg-agent/{print $1}')"
else else
${ECHO} "FAILED" ${ECHO} "FAILED"
fi fi

10
tools/background
View File

@ -19,13 +19,17 @@ function rand() {
${OD} -i | ${SED} '2d;s/^0\+ \+//' ${OD} -i | ${SED} '2d;s/^0\+ \+//'
} }
function setroot() {
DISPLAY=${1} /usr/bin/feh --bg-center ${2}
}
function background() { function background() {
local SED="/bin/sed" local SED="/bin/sed"
local XRANDR="/usr/bin/xrandr" local XRANDR="/usr/bin/xrandr"
local TEMPFILE="/bin/tempfile" local TEMPFILE="/bin/tempfile"
local IDENTIFY="/usr/bin/identify" local IDENTIFY="/usr/bin/identify"
local CONVERT="/usr/bin/convert" local CONVERT="/usr/bin/convert"
local SETROOT="/usr/bin/xsri"
local SETROOT="/usr/bin/feh"
local ECHO="/bin/echo" local ECHO="/bin/echo"
local EXPR="/usr/bin/expr" local EXPR="/usr/bin/expr"
local WC="/usr/bin/wc" local WC="/usr/bin/wc"
@ -39,7 +43,7 @@ function background() {
s/ //g s/ //g
s/^.*ent\([0-9x]*\).*$/\1/ s/^.*ent\([0-9x]*\).*$/\1/
} }
/ conn/s/^.*cted \([^ ]*\).*$/\1/
/ conn/s/^.*cted[^0-9]*\([0-9x+]*\).*$/\1/
t t
d' d'
@ -91,7 +95,7 @@ function background() {
img=`${TEMPFILE} -s '.jpg'` img=`${TEMPFILE} -s '.jpg'`
eval "${CONVERT} ${cmd} ${img}" eval "${CONVERT} ${cmd} ${img}"
DISPLAY=${MYDISP} ${SETROOT} --emblem="${img}" --set 2>/dev/null
setroot "${MYDISP}" "${img}"
rm ${img} rm ${img}
} }

7
tools/rand_printable
View File

@ -8,6 +8,11 @@ function rand_printable() {
${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`" ${ECHO} -n "`</dev/urandom ${TR} -dc \ -\&\(-~ | ${HEAD} -c${1:-512}`"
} }
test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@"
if [ -n "${ZSH_EVAL_CONTEXT}" ]
then
test "${ZSH_EVAL_CONTEXT}" = "toplevel" && rand_printable "$@"
else
test "X$(basename -- "$0")" = "Xrand_printable" && rand_printable "$@"
fi
# vim: set ft=sh ts=4 sw=4: # vim: set ft=sh ts=4 sw=4:
Write Preview
Loading…
Cancel
Save