[PATCH] Check command to ensure basic sanity

Wed Nov 22 23:22:30 CET 2017

I like this idea. If it gets implemented in the core, it would be nice
if other commands, such as show, recommend running it on failure.
Otherwise, it can be easily implemented as addon.

On 11/22/2017 04:56 PM, Jaseem Abid wrote:
> I recently noticed that I could not decrypt some files in the password store
> because I no longer had access to the keys. I also had some corrupt files. This
> command adds some basic sanity checks to the password store and prints out files
> it cannot successfully decrypt.
>
> Exits 0 if everything is OK. Prints failed files and then exists with 1
> otherwise. Takes no arguments.
>
> Code adapted from grep command with minor modifications.
>
> If the basic approach is OK, I'll be happy to add tests, completion and
> documentation.
>
> Sample run:
>
>     $ pass check
>     $ echo $?
>     0
>     $ touch ~/.password-store/junk.gpg
>     $ pass check
>     x junk
>     $ echo $?
>     1
>
> Signed-off-by: Jaseem Abid <jaseemabid at gmail.com>
> ---
>  src/password-store.sh | 20 ++++++++++++++++++++
>  1 file changed, 20 insertions(+)
>
> diff --git a/src/password-store.sh b/src/password-store.sh
> index b86631d..d655605 100755
> --- a/src/password-store.sh
> +++ b/src/password-store.sh
> @@ -410,6 +410,25 @@ cmd_grep() {
>  	done < <(find -L "$PREFIX" -path '*/.git' -prune -o -iname '*.gpg' -print0)
>  }
>  
> +cmd_check() {
> +	[[ $# -ne 0 ]] && die "Usage: $PROGRAM $COMMAND"
> +	local passfile ok=0
> +	while read -r -d "" passfile; do
> +		$($GPG -d "${GPG_OPTS[@]}" "$passfile" > /dev/null 2>&1)
> +        # Decryption failed
> +        if [[ $? -ne 0 ]]; then
> +            ok=1
> +		    passfile="${passfile%.gpg}"
> +		    passfile="${passfile#$PREFIX/}"
> +		    local passfile_dir="${passfile%/*}/"
> +		    [[ $passfile_dir == "${passfile}/" ]] && passfile_dir=""
> +		    passfile="${passfile##*/}"
> +		    printf "\e[91m✘ \e[94m%s\e[1m%s\e[0m\n" "$passfile_dir" "$passfile"
> +        fi
> +	done < <(find -L "$PREFIX" -path '*/.git' -prune -o -iname '*.gpg' -print0)
> +	[[ $ok -ne 0 ]] && exit 1
> +}
> +
>  cmd_insert() {
>  	local opts multiline=0 noecho=1 force=0
>  	opts="$($GETOPT -o mef -l multiline,echo,force -n "$PROGRAM" -- "$@")"
> @@ -686,6 +705,7 @@ case "$1" in
>  	show|ls|list) shift;		cmd_show "$@" ;;
>  	find|search) shift;		cmd_find "$@" ;;
>  	grep) shift;			cmd_grep "$@" ;;
> +	check) shift;			cmd_check "$@" ;;
>  	insert|add) shift;		cmd_insert "$@" ;;
>  	edit) shift;			cmd_edit "$@" ;;
>  	generate) shift;		cmd_generate "$@" ;;

-- 
HacKan || Iván
GPG: 0x35710D312FDE468B