[pass] Comments in .gid-id files

Mike Selby mike.selby at mantlehosting.co.uk
Tue May 17 10:23:42 CEST 2016


Dear list

Forgive me if I am getting this wrong format wise or style wise, this being
the very first time I have submitted anything to an open source mailing
list.

It would be very handy if .git-id files could be commented when using pass
in a team setting like this :

```
CE29776A #Mike Selby
AB42F9B2 #Joe Bloggs
FAD0CB4B #AWS web servers
```

A patch to make that happen is :

```
diff --git a/tmp/pass.sh b/tmp/pass-new.sh
index 63be840..5c7037c 100644
--- a/tmp/pass.sh
+++ b/tmp/pass-new.sh
@@ -75,11 +75,13 @@ set_gpg_recipients() {
                exit 1
        fi

-       local gpg_id
-       while read -r gpg_id; do
-               GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
-               GPG_RECIPIENTS+=( "$gpg_id" )
-       done < "$current"
+        local gpg_id_full
+        local gpg_id
+        while read -r gpg_id_full; do
+                gpg_id="`/bin/echo $gpg_id_full | /bin/awk -F# '{print
$1}'` "
+                GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
+                GPG_RECIPIENTS+=( "$gpg_id" )
+        done < "$current"
 }

 reencrypt_path() {

```

This would help greatly with our documentation. We are using pass to
distribute secrets using CFEngine to a network of virtual machines each
with different privileges requiring different secrets.  Each virtual
machine image has a key pair generated when the image for a role is first
set up.  In our version control repository we need only list the public key
files from each image (for import to developer workstations) and have a
multi folder pass store with different .gpg-id files in each listing the
key ids of each image that should be granted access to the secrets in that
folder. Each image is thus delivered all the secrets by CFEngine for
simplicity but can only decrypt the ones it ought to.  It seems to work
quite nicely.

Thanks for your time.

Mike Selby

-- 










*22 Great Victoria Street, Belfast, BT2 7BA.Tel: +44 (0)2890 412 888Offices 
in London, Glasgow and Belfastmantlehosting.co.uk 
<http://mantlehosting.co.uk/> 
<http://mantlehosting.co.uk/>------------------------------Pensions Hosting 
Company Limited is a company registered in Northern Ireland with registered 
number NI 608643 whose registered office is at 22 Great Victoria Street, 
Belfast, BT2 7BA. VAT number 974 8252 79. This email and its attachments 
are confidential to the intended recipient. It may not be disclosed to or 
used by anyone other than the intended recipient, nor may it be copied in 
any way. If received in error please call Pensions Hosting Company Limited 
on +44 (0) 2890 412 888 quoting the name of the sender, then delete it from 
your system. Any views or opinions presented in this email are solely those 
of the author and do not necessarily represent those of Pensions Hosting 
Company Limited. Employees of Pensions Hosting Company Limited are 
expressly required not to make defamatory statements and not to infringe or 
authorize any infringement of copyright or any other legal right by email 
communications. Any such communication is contrary to Pensions Hosting 
Company Limited's policy and outside the scope of the employment of the 
individual concerned. The company will not accept any liability in respect 
of such communication, and the employee responsible will be personally 
liable for any damages or other liability arising. Email cannot be 
guaranteed to be secure or error-free as information could be intercepted, 
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. 
The recipient should check this email and any attachments for the presence 
of viruses. Pensions Hosting Company Limited accepts no liability for any 
errors or omissions in the contents of this message or for any damage 
caused by any virus transmitted by this email or for any loss or damage 
arising from the transmission or use of this email or 
attachments.------------------------------*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160517/89129e9c/attachment.html>


More information about the Password-Store mailing list