[pass] [PATCH] Added 'rename' command

Tobias V. Langhoff tobias at langhoff.no
Thu Apr 17 22:50:31 CEST 2014

On Thu, Apr 17, 2014 at 9:05 PM, Brian Shore <brian at networkredux.com> wrote:
> On Thu, Apr 17, 2014 at 11:24 AM, Matthieu Weber <mweber at free.fr> wrote:
>> On Thu 17.04.2014 at 08:34:05AM -0700, Brian Shore wrote:
>>> On Thu, Apr 17, 2014 at 6:27 AM, Matthieu Weber <mweber at free.fr> wrote:
>>> > pass mv is not about managing files, it is about changing the
>>> > meta-information of the password, namely its identifier. The fact that
>>> > it boils down to renaming a file is just a technicality. You can ditch
>>> > the "pass mv" shortcut if you want and provide only "pass rename" and
>>> > then it's not anymore about moving files, but about managing passwords.
>>> > That's exactly what pass is for. Maybe we can rename "pass mv" into
>>> > "pass rn" so that it doesn't sound like the shell's mv command?
>>> I think we could avoid some of the file manager difficulties by
>>> letting pass tell us something about its configuration.
>> Is exposing the internals of a software any better than making said
>> software do more than the most fundamental operations? (this is not only
>> trolling, it is also a philosophical question).
> That depends.  Exposing something in a controlled and consistent way
> is useful.  This is why accessor and mutator methods for changing an
> object's internal state is preferred over direct access to member
> fields.  We let the object directly manage the internal state, we let
> pass directly manage its guts too.  But pass isn't prohibited from
> telling us where are passwords are stored.
> As far as exceeding the most fundamental operations, this is a
> continuum.  Useful tools often do more than the most fundamental
> operations, they often also do composite operations that are difficult
> to do right (e.g. if a series of operations must be performed in a
> specific order), operations that are very frequently used (but
> trivially composed of fundamental operations), etc.  We just need to
> find a balance between minimalism and efficient usability.
>>> For example, if pass will tell us the prefix, we can easily stuff that
>>> into calls to the standard file tools:
>>>   # change `pass show foo/bar/baz`  to `pass show foo/moo/goo`
>>>   /bin/mv -v  $(pass --printconfig prefix)/foo/bar/baz $(pass
>>> --printconfig prefix)/foo/moo/goo
>> But as Jason pointed out, if the target directory has a different key
>> ID, then reencrypting the file is necessary. What about something like
>>    pass foo/bar |pass insert -m baz/quux && pass rm foo/bar
> Works for me.
>> What about
>>   pass git archive -o pass.backup.$(date +Y%m%dT%H%M%S).tar.gz master
>> Again, this doesn't expose pass's internals too much, but I'm still a
>> bit wary about exposing the git repo. "pass git" is very useful for
>> hacking, but it feels dirty.
>>> Thoughts?
>> Well, none of this works if you don't use git. Is anyone using pass
>> without git?
> I'm not currently using git to back pass.  I do think using `pass git`
> to update or search the filesystem feels very dirty.  I think git
> belongs in the background; even if I were using git with pass, I
> wouldn't want to use pass to manage the git repo.  In contrast, I
> think using git(1) directly to manage the repo holding the password
> store is fine (although slightly inconvenient if you have to lookup
> the prefix or something).

Interesting, that's completely opposite of how I use pass and git. OK,
not completely; I agree that using `pass git to update and search
feels dirty, and I think git belongs in the background. For that
reason, I prefer using pass directly to manage the git repo, among
other things to make the commit history consistent. Using git(1)
directly on the password store feels inherently dirty to me -- the git
repo is an extension of the password store, not the other way around.
This has little practical bearing, only philosophical, of course, but
one time I added a password I actually didn't want stored, I did `pass
git reset --hard HEAD~1` and had to take a shower afterwards.

Tobias V. Langhoff

More information about the Password-Store mailing list