[pass] [PATCH 1/2] Add compatibility for OpenBSD

David Dahlberg david.dahlberg at fkie.fraunhofer.de
Mon May 11 14:30:04 CEST 2015 

From: David Dahlberg <dah at etzel.fkie.fraunhofer.de>

---
 Makefile                | 17 +++++++++--------
 src/password-store.sh   | 24 +++++++++++++-----------
 src/platform/openbsd.sh | 41 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+), 19 deletions(-)
 create mode 100644 src/platform/openbsd.sh

diff --git a/Makefile b/Makefile
index 7546fa9..b8aacb9 100644
--- a/Makefile
+++ b/Makefile
@@ -5,6 +5,7 @@ LIBDIR ?= $(PREFIX)/lib
 MANDIR ?= $(PREFIX)/share/man
 
 PLATFORMFILE := src/platform/$(shell uname | cut -d _ -f 1 | tr '[:upper:]' '[:lower:]').sh
+VERBOSE ?= -v
 
 BASHCOMP_PATH ?= $(DESTDIR)$(PREFIX)/share/bash-completion/completions
 ZSHCOMP_PATH ?= $(DESTDIR)$(PREFIX)/share/zsh/site-functions
@@ -29,28 +30,28 @@ all:
 	@echo "Password store is a shell script, so there is nothing to do. Try \"make install\" instead."
 
 install-common:
-	@install -v -d "$(DESTDIR)$(MANDIR)/man1" && install -m 0644 -v man/pass.1 "$(DESTDIR)$(MANDIR)/man1/pass.1"
+	@install $(VERBOSE) -d "$(DESTDIR)$(MANDIR)/man1" && install -m 0644 $(VERBOSE) man/pass.1 "$(DESTDIR)$(MANDIR)/man1/pass.1"
 
-	@[ "$(FORCE_BASHCOMP)" = "1" ] && install -v -d "$(BASHCOMP_PATH)" && install -m 0644 -v src/completion/pass.bash-completion "$(BASHCOMP_PATH)/pass" || true
-	@[ "$(FORCE_ZSHCOMP)" = "1" ] && install -v -d "$(ZSHCOMP_PATH)" && install -m 0644 -v src/completion/pass.zsh-completion "$(ZSHCOMP_PATH)/_pass" || true
-	@[ "$(FORCE_FISHCOMP)" = "1" ] && install -v -d "$(FISHCOMP_PATH)" && install -m 0644 -v src/completion/pass.fish-completion "$(FISHCOMP_PATH)/pass.fish" || true
+	@[ "$(FORCE_BASHCOMP)" = "1" ] && install $(VERBOSE) -d "$(BASHCOMP_PATH)" && install -m 0644 $(VERBOSE) src/completion/pass.bash-completion "$(BASHCOMP_PATH)/pass" || true
+	@[ "$(FORCE_ZSHCOMP)" = "1" ] && install $(VERBOSE) -d "$(ZSHCOMP_PATH)" && install -m 0644 $(VERBOSE) src/completion/pass.zsh-completion "$(ZSHCOMP_PATH)/_pass" || true
+	@[ "$(FORCE_FISHCOMP)" = "1" ] && install $(VERBOSE) -d "$(FISHCOMP_PATH)" && install -m 0644 $(VERBOSE) src/completion/pass.fish-completion "$(FISHCOMP_PATH)/pass.fish" || true
 
 
 ifneq ($(strip $(wildcard $(PLATFORMFILE))),)
 install: install-common
-	@install -v -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 -v "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh"
-	@install -v -d "$(DESTDIR)$(BINDIR)/"
+	@install $(VERBOSE) -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 $(VERBOSE) "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh"
+	@install $(VERBOSE) -d "$(DESTDIR)$(BINDIR)/"
 	sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(DESTDIR)$(LIBDIR)/password-store/platform.sh":' src/password-store.sh > "$(DESTDIR)$(BINDIR)/pass"
 	@chmod 0755 "$(DESTDIR)$(BINDIR)/pass"
 else
 install: install-common
-	@install -v -d "$(DESTDIR)$(BINDIR)/"
+	@install $(VERBOSE) -d "$(DESTDIR)$(BINDIR)/"
 	sed '/PLATFORM_FUNCTION_FILE/d' src/password-store.sh > "$(DESTDIR)$(BINDIR)/pass"
 	@chmod 0755 "$(DESTDIR)$(BINDIR)/pass"
 endif
 
 uninstall:
-	@rm -vrf \
+	@rm $(VERBOSE) -rf \
 		"$(DESTDIR)$(BINDIR)/pass" \
 		"$(DESTDIR)$(LIBDIR)/password-store/" \
 		"$(DESTDIR)$(MANDIR)/man1/pass.1" \
diff --git a/src/password-store.sh b/src/password-store.sh
index 47f7ffa..1092c7e 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -184,6 +184,8 @@ tmpdir() {
 }
 GETOPT="getopt"
 SHRED="shred -f -z"
+VERBOSE="-v"
+COLORGREP="grep --color=always"
 
 source "$(dirname "$0")/platform/$(uname | cut -d _ -f 1 | tr '[:upper:]' '[:lower:]').sh" 2>/dev/null # PLATFORM_FUNCTION_FILE
 
@@ -275,14 +277,14 @@ cmd_init() {
 
 	if [[ $# -eq 1 && -z $1 ]]; then
 		[[ ! -f "$gpg_id" ]] && die "Error: $gpg_id does not exist and so cannot be removed."
-		rm -v -f "$gpg_id" || exit 1
+		rm $VERBOSE -f "$gpg_id" || exit 1
 		if [[ -d $GIT_DIR ]]; then
 			git rm -qr "$gpg_id"
 			git_commit "Deinitialize ${gpg_id}."
 		fi
 		rmdir -p "${gpg_id%/*}" 2>/dev/null
 	else
-		mkdir -v -p "$PREFIX/$id_path"
+		mkdir $VERBOSE -p "$PREFIX/$id_path"
 		printf "%s\n" "$@" > "$gpg_id"
 		local id_print="$(printf "%s, " "$@")"
 		echo "Password store initialized for ${id_print%, }"
@@ -341,7 +343,7 @@ cmd_grep() {
 	[[ $# -ne 1 ]] && die "Usage: $PROGRAM $COMMAND search-string"
 	local search="$1" passfile grepresults
 	while read -r -d "" passfile; do
-		grepresults="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | grep --color=always "$search")"
+		grepresults="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | $COLORGREP "$search")"
 		[ $? -ne 0 ] && continue
 		passfile="${passfile%.gpg}"
 		passfile="${passfile#$PREFIX/}"
@@ -372,7 +374,7 @@ cmd_insert() {
 
 	[[ $force -eq 0 && -e $passfile ]] && yesno "An entry already exists for $path. Overwrite it?"
 
-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir $VERBOSE -p "$PREFIX/$(dirname "$path")"
 	set_gpg_recipients "$(dirname "$path")"
 
 	if [[ $multiline -eq 1 ]]; then
@@ -406,12 +408,12 @@ cmd_edit() {
 
 	local path="$1"
 	check_sneaky_paths "$path"
-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir $VERBOSE -p "$PREFIX/$(dirname "$path")"
 	set_gpg_recipients "$(dirname "$path")"
 	local passfile="$PREFIX/$path.gpg"
 
 	tmpdir #Defines $SECURE_TMPDIR
-	local tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXX")-${path//\//-}.txt"
+	local tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXXX")-${path//\//-}.txt"
 
 
 	local action="Add"
@@ -446,7 +448,7 @@ cmd_generate() {
 	local length="$2"
 	check_sneaky_paths "$path"
 	[[ ! $length =~ ^[0-9]+$ ]] && die "Error: pass-length \"$length\" must be a number."
-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir $VERBOSE -p "$PREFIX/$(dirname "$path")"
 	set_gpg_recipients "$(dirname "$path")"
 	local passfile="$PREFIX/$path.gpg"
 
@@ -498,7 +500,7 @@ cmd_delete() {
 
 	[[ $force -eq 1 ]] || yesno "Are you sure you would like to delete $path?"
 
-	rm $recursive -f -v "$passfile"
+	rm $recursive $VERBOSE -f "$passfile"
 	if [[ -d $GIT_DIR && ! -e $passfile ]]; then
 		git rm -qr "$passfile"
 		git_commit "Remove $path from store."
@@ -529,14 +531,14 @@ cmd_copy_move() {
 		[[ ! -f $old_path ]] && die "Error: $1 is not in the password store."
 	fi
 
-	mkdir -p -v "${new_path%/*}"
+	mkdir $VERBOSE -p "${new_path%/*}"
 	[[ -d $old_path || -d $new_path || $new_path =~ /$ ]] || new_path="${new_path}.gpg"
 
 	local interactive="-i"
 	[[ ! -t 0 || $force -eq 1 ]] && interactive="-f"
 
 	if [[ $move -eq 1 ]]; then
-		mv $interactive -v "$old_path" "$new_path" || exit 1
+		mv $interactive $VERBOSE "$old_path" "$new_path" || exit 1
 		[[ -e "$new_path" ]] && reencrypt_path "$new_path"
 
 		if [[ -d $GIT_DIR && ! -e $old_path ]]; then
@@ -545,7 +547,7 @@ cmd_copy_move() {
 		fi
 		rmdir -p "$old_dir" 2>/dev/null
 	else
-		cp $interactive -r -v "$old_path" "$new_path" || exit 1
+		cp $interactive $VERBOSE -r "$old_path" "$new_path" || exit 1
 		[[ -e "$new_path" ]] && reencrypt_path "$new_path"
 		git_add_file "$new_path" "Copy ${1} to ${2}."
 	fi
diff --git a/src/platform/openbsd.sh b/src/platform/openbsd.sh
new file mode 100644
index 0000000..ac8ba06
--- /dev/null
+++ b/src/platform/openbsd.sh
@@ -0,0 +1,41 @@
+# Copyright (C) 2012 Jonathan Chu <milki at rescomp.berkeley.edu>. All Rights Reserved.
+# This file is licensed under the GPLv2+. Please see COPYING for more information.
+
+tmpdir() {
+        [[ -n $SECURE_TMPDIR ]] && return
+        local warn=1
+        [[ $1 == "nowarn" ]] && warn=0
+	local template="$PROGRAM.XXXXXXXXXXXXX"
+	if [ "`sysctl -n kern.usermount`" == 1 ]; then
+                SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+                mount -t tmpfs -o -s16M tmpfs "$SECURE_TMPDIR" || die "Error: could not create tmpfs."
+                unmount_tmpdir() {
+                         [[ -n $SECURE_TMPDIR && -d $SECURE_TMPDIR ]] || return
+                         umount "$SECURE_TMPDIR"
+                         rm -rf "$SECURE_TMPDIR"
+                }
+                trap unmount_tmpdir INT TERM EXIT
+        else
+                [[ $warn -eq 1 ]] && yesno "$(cat <<-_EOF
+		The sysctl kern.usermount is disabled, therefore it is not
+		possible to create a tmpfs for temporary storage of files 
+		in memory. 
+		This means that it may be difficult to entirely erase 
+		the temporary non-encrypted password file after editing. 
+
+		Are you sure you would like to continue?
+		_EOF
+		)"
+                SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+                shred_tmpfile() {
+                        find "$SECURE_TMPDIR" -type f -exec $SHRED {} +
+                        rm -rf "$SECURE_TMPDIR"
+                }
+                trap shred_tmpfile INT TERM EXIT
+        fi
+}
+
+GETOPT="gnugetopt"
+SHRED="rm -P -f"
+VERBOSE=""
+COLORGREP="grep"
-- 
2.1.4

More information about the Password-Store mailing list