[pass] Multiple keys per repo

Santiago Borrazás sanbor at gmail.com
Mon Dec 3 18:29:29 CET 2012 

G i

S

On 03/12/2012, at 11:54, David Sklar <david.sklar at gmail.com> wrote:

> Hi, Jason. The answer to both your questions is "Yes" (accompanied by a
> "why didn't you check your patch more carefully?! stern admonishment
> addressed to myself.) I got a little wrapped around the axle manually
> subbing in and out the platform-specific code so I could do the editing
> right in my git repo.
> 
> I will noodle around if there's an invocation of "find" that would
> produce the same result more concisely, that might help. The init option
> would be convenient (Or at least some way to provide a shortcut for
> "echo SOMEID >> $PREFIX/SOMEPLACE/.gpgid && git add
> $PREFIX/SOMEPLACE/.gpgid && git commit -m "Added SOMEID at SOMEPLACE",
> although those steps can certainly be accomplished manually.
> 
> David
> 
> 
> On 12/2/12 11:21 AM, Jason A. Donenfeld wrote:
>> Hi David,
>> 
>> This is a cool idea. I'd be up for considering it, if we can get the
>> code minimal and simple enough. Right now it's a bit large and there
>> are a couple of issues:
>> 
>> +set_gpg_id() {
>> + if [[ -f "$1/.gpg-id" ]]; then
>> +     ID="$(head -n 1 "$1/.gpg-id")"
>> +     return 0
>> + else
>> +   if [[ "$(dirname $1)" == "." ]]; then
>> 
>> Shouldn't this only walk outward enough to the point where dirname $1
>> == dirname $PREFIX?
>> 
>> 
>> +     return -1
>> +   else
>> +     find_id "$(dirname $1)"
>> 
>> Did you mean set_gpg_id here?
>> 
>> +   fi
>> + fi
>> +}
>> 
>> I suppose we'd also need a nice option in init too for this.
>> 
>> Bah, it's looking a bit overkill, but still kind of nice. What's the list think?
>> 
>> Jason
>> 
>> On Thu, Nov 29, 2012 at 7:40 PM, David Sklar <david.sklar at gmail.com> wrote:
>>> 
>>> I would find it convenient to combine multiple data sources in one repo
>>> (e.g. work stuff and personal stuff) which should be encrypted by
>>> different keys.
>>> 
>>> I put together the attached patch which allows for .gpg-id files in
>>> subdirectories of the repo. Deepest one wins, ala Apache httpd .htaccess
>>> files.
>>> 
>>> And then I saw
>>> http://lists.zx2c4.com/pipermail/password-store-zx2c4.com/2012-September/000014.html
>>> and the env var solution. :)
>>> 
>>> Any interest in multiple keys per repo?
>>> 
>>> David
>>> 
>>> 
>>> _______________________________________________
>>> Password-Store mailing list
>>> Password-Store at lists.zx2c4.com
>>> http://lists.zx2c4.com/listinfo.cgi/password-store-zx2c4.com
>>> 
> 
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> http://lists.zx2c4.com/listinfo.cgi/password-store-zx2c4.com

More information about the Password-Store mailing list