[pass] [PATCH] Added 'rename' command

Matthieu Weber mweber at free.fr
Thu Apr 17 20:24:21 CEST 2014

On Thu 17.04.2014 at 08:34:05AM -0700, Brian Shore wrote:
> On Thu, Apr 17, 2014 at 6:27 AM, Matthieu Weber <mweber at free.fr> wrote:
> > pass mv is not about managing files, it is about changing the
> > meta-information of the password, namely its identifier. The fact that
> > it boils down to renaming a file is just a technicality. You can ditch
> > the "pass mv" shortcut if you want and provide only "pass rename" and
> > then it's not anymore about moving files, but about managing passwords.
> > That's exactly what pass is for. Maybe we can rename "pass mv" into
> > "pass rn" so that it doesn't sound like the shell's mv command?
> I think this is a reasonable argument.  But I'm probably not the only
> user of pass that doesn't put all information into the filesystem
> except for the password itself.  I even use it to store sensitive
> information that isn't passwords.
> I think we could avoid some of the file manager difficulties by
> letting pass tell us something about its configuration.

Is exposing the internals of a software any better than making said
software do more than the most fundamental operations? (this is not only
trolling, it is also a philosophical question).

> For example, if pass will tell us the prefix, we can easily stuff that
> into calls to the standard file tools:
>   # change `pass show foo/bar/baz`  to `pass show foo/moo/goo`
>   /bin/mv -v  $(pass --printconfig prefix)/foo/bar/baz $(pass
> --printconfig prefix)/foo/moo/goo

But as Jason pointed out, if the target directory has a different key
ID, then reencrypting the file is necessary. What about something like

   pass foo/bar |pass insert -m baz/quux && pass rm foo/bar

It does exactly what we want, including reencrypting the password.
If you remove the "pass rm foo/bar", you get an implementation for
"pass cp".

>   # find my ssh passwords even if they're scattered around the tree
>   /usr/bin/find $(pass --printconfig prefix) -name \*ssh\*

I would use 

  pass git ls-files \*ssh\*

Which makes the find option discussed elsewhere obsolete (at least for
this basic kind of operation ; find has a gazillion options that git
ls-files does not support ...)

>   # make a backup
>   /usr/bin/tar zcf pass.backup.$(date +Y%m%dT%H%M%S).tar.gz $(pass
> --printconfig prefix)

What about

  pass git archive -o pass.backup.$(date +Y%m%dT%H%M%S).tar.gz master

Again, this doesn't expose pass's internals too much, but I'm still a
bit wary about exposing the git repo. "pass git" is very useful for
hacking, but it feels dirty.
> Thoughts?

Well, none of this works if you don't use git. Is anyone using pass
without git?

 (~._.~)            Matthieu Weber - mweber at free.fr              (~._.~)
  ( ? )                http://weber.fi.eu.org/                    ( ? ) 
 ()- -()          public key id : 0x85CB340EFCD5E0B3             ()- -()
 (_)-(_) "Humor ist, wenn man trotzdem lacht (Otto J. Bierbaum)" (_)-(_)

More information about the Password-Store mailing list