<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi Steffen,<br>
<br>
I didn't consider using it. It sounds like a smart idea though. It
would be a totally different implementation of the same idea.
Simpler even. And that is a good thing™.<br>
<br>
Cheers,<br>
Tijn<br>
<br>
On 26-07-15 15:35, Steffen Vogel wrote:<br>
</div>
<blockquote
cite="mid:1164AAFD-CC68-4304-AFEC-A26745D50C3A@steffenvogel.de"
type="cite">
<pre wrap="">Hi,
this is a nice patch!
Did you considered to use git’s textconv support?
This should allow us to use „git blame“ to get the last commit which changed the password:
pass git blame -L 1,1 -p test.gpg | egrep ^committer-time
This can also be combined with the „—since“ switch.
To enable the textconv filter, you must add those config options to the repo:
.gitattributes:
*.gpg blame=gpg
.git/config:
[blame „gpg]
textconv = gpg —decrypt —no-tty
See: <a class="moz-txt-link-freetext" href="https://git.wiki.kernel.org/index.php/Textconv">https://git.wiki.kernel.org/index.php/Textconv</a>
Cheers,
Steffen
PS: do we use git textconv filters already in password-store?
—
Steffen Vogel
Robensstraße 69
52070 Aachen
Mail: <a class="moz-txt-link-abbreviated" href="mailto:post@steffenvogel.de">post@steffenvogel.de</a>
Mobil: +49 1575 7180927
Web: <a class="moz-txt-link-freetext" href="http://www.steffenvogel.de">http://www.steffenvogel.de</a>
Jabber: <a class="moz-txt-link-abbreviated" href="mailto:steffen.vogel@jabber.rwth-aachen.de">steffen.vogel@jabber.rwth-aachen.de</a>
</pre>
<blockquote type="cite">
<pre wrap="">Am 26.07.2015 um 14:10 schrieb Tijn Schuurmans <a class="moz-txt-link-rfc2396E" href="mailto:tijn.schuurmans@gmail.com"><tijn.schuurmans@gmail.com></a>:
- assume the password is stored in the first line of a password-file
- find the latest git revision that changes that line
- show all passwords by age
---
src/password-store.sh | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 56 insertions(+)
diff --git a/src/password-store.sh b/src/password-store.sh
index c85cc33..a1e0711 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -127,6 +127,45 @@ check_sneaky_paths() {
done
}
+git_revisions() {
+ [[ -d $GIT_DIR ]] || return
+ local path="$1"
+ local passfile="$path.gpg"
+ git log --format=%H -- $passfile
+}
+
+git_revision() {
+ [[ -d $GIT_DIR ]] || return
+ local path="$1"
+ local revision="$2"
+ local passfile="$path.gpg"
+ git show $revision:$passfile | $GPG -d "${GPG_OPTS[@]}" | head -n 1
+}
+
+oldest_password_change() {
+ [[ -d $GIT_DIR ]] || die "Error: the password store is not a git repository. Try \"$PROGRAM git init\"."
+ local path="$1"
+ check_sneaky_paths "$path"
+ git_revisions "$path" | while read revision
+ do
+ if [ -z "$password" ]; then
+ password="$(git_revision $path $revision)"
+ else
+ if [ password != "$(git_revision $path $revision)" ]; then
+ break
+ fi
+ fi
+ echo $revision
+ done | tail -n 1
+}
+
+password_ages() {
+ cd $PREFIX && find . -name "*.gpg" | sed 's/^\.\///' | sed 's/\.gpg$//' | while read path
+ do
+ cmd_age "$path"
+ done
+}
+
#
# END helper functions
#
@@ -257,6 +296,10 @@ cmd_usage() {
$PROGRAM git git-command-args...
If the password store is a git repository, execute a git command
specified by git-command-args.
+ $PROGRAM age pass-name
+ Show when a password last changed as an absolute unix timestamp and relatively in a human readable format.
+ $PROGRAM ages
+ Show password age for all passwords ordered from newest to oldest.
$PROGRAM help
Show this text.
$PROGRAM version
@@ -340,6 +383,17 @@ cmd_show() {
fi
}
+cmd_age() {
+ local path="$1"
+ check_sneaky_paths "$path"
+ local oldest=$(oldest_password_change "$path")
+ git show -s --format="%ct%x09%cr%x09"$path"" "$oldest"
+}
+
+cmd_ages() {
+ password_ages | sort -r
+}
+
cmd_find() {
[[ -z "$@" ]] && die "Usage: $PROGRAM $COMMAND pass-names..."
IFS="," eval 'echo "Search Terms: $*"'
@@ -590,6 +644,8 @@ case "$1" in
help|--help) shift; cmd_usage "$@" ;;
version|--version) shift; cmd_version "$@" ;;
show|ls|list) shift; cmd_show "$@" ;;
+ age) shift; cmd_age "$@" ;;
+ ages) shift; cmd_ages "$@" ;;
find|search) shift; cmd_find "$@" ;;
grep) shift; cmd_grep "$@" ;;
insert|add) shift; cmd_insert "$@" ;;
--
2.4.6
_______________________________________________
Password-Store mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
<a class="moz-txt-link-freetext" href="http://lists.zx2c4.com/mailman/listinfo/password-store">http://lists.zx2c4.com/mailman/listinfo/password-store</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Password-Store mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
<a class="moz-txt-link-freetext" href="http://lists.zx2c4.com/mailman/listinfo/password-store">http://lists.zx2c4.com/mailman/listinfo/password-store</a>
</pre>
</blockquote>
<br>
</body>
</html>