From 2c7v7czk85j3 at protonmail.com Thu Apr 1 17:54:56 2021 From: 2c7v7czk85j3 at protonmail.com (Valera Rozuvan) Date: Thu, 01 Apr 2021 17:54:56 +0000 Subject: How to make pass read input from Bash ENV variable? Message-ID: Hi! I am struggling to find a way to save/edit a password with `pass` that is stored in an ENV variable. I am also not finding an option in `pass` man page on how to do this. What comes to my mind is something like this: $ PASS="1234567890" $ echo $PASS | pass insert my_pass But after running the above 2 commands, I get an error when I try to retrieve the password: $ pass my_pass Error: my_pass is not in the password store. ---------- Is there a way to do this? Or maybe the only way is to hack on `pass` and add a command line option to make it read from a Linux pipe? Regards, Valera Rozuvan From 2c7v7czk85j3 at protonmail.com Thu Apr 1 18:48:50 2021 From: 2c7v7czk85j3 at protonmail.com (Valera Rozuvan) Date: Thu, 01 Apr 2021 18:48:50 +0000 Subject: How to make pass read input from Bash ENV variable? In-Reply-To: References: Message-ID: <7Mz15_JmGuvkBwOAngsmlDcrD5Jjuh3TiMvbnwOpc0jXiEZPQ4NyF2GrwUpQ7syZF_GD_3l4LLjolJsTui6Ghuo67hO7mi5mEIzw16e0XDE=@protonmail.com> Hi S?ndor, You write: > The command is wrong I think. > > Shouldn't it be? > pass show my_pass However, from the man page: "If no COMMAND is specified, COMMAND defaults to either show or ls, depending on the type of specifier in ARGS." ---------- For my original question, I got help elsewhere and the solution is to include the `-m` option, like so: $ echo "Hello, world!" | pass insert -m my_pass $ pass my_pass Hello, world! ---------- Regards, Valera Rozuvan From max+passwordstore at familie-goerner.eu Fri Apr 2 07:43:31 2021 From: max+passwordstore at familie-goerner.eu (Max =?iso-8859-1?Q?G=F6rner?=) Date: Fri, 2 Apr 2021 09:43:31 +0200 Subject: How to make pass read input from Bash ENV variable? In-Reply-To: References: Message-ID: >$ PASS="1234567890" >$ echo $PASS | pass insert my_pass Your problem is that pass expects the password two times but you provide it only once. A solution would be to be `yes`: $ PASS="super-secure" $ yes "${PASS}" | pass insert my_pass I hope this helps. Regards Max G?rner From 2c7v7czk85j3 at protonmail.com Fri Apr 2 08:00:27 2021 From: 2c7v7czk85j3 at protonmail.com (Valera Rozuvan) Date: Fri, 02 Apr 2021 08:00:27 +0000 Subject: How to make pass read input from Bash ENV variable? In-Reply-To: References: Message-ID: On Friday, April 2, 2021 10:43 AM, Max G?rner wrote: > A solution would be to be `yes`: > > $ PASS="super-secure" > $ yes "${PASS}" | pass insert my_pass > > I hope this helps. Thank you Max. So, now I know that it is possible, and there are 2 ways to do this: $ PASS="super-secure-1" $ yes "${PASS}" | pass insert my_pass > /dev/null 2>&1 $ pass my_pass super-secure-1 $ PASS="super-secure-2" $ echo "${PASS}" | pass insert -m my_pass > /dev/null 2>&1 $ pass my_pass super-secure-2 Note that I am using "> /dev/null 2>&1" to suppress extra empty lines in the output. Regards, Valera Rozuvan From ramses0 at yahoo.com Fri Apr 2 17:20:25 2021 From: ramses0 at yahoo.com (Robert Ames) Date: Fri, 2 Apr 2021 17:20:25 +0000 (UTC) Subject: Fw: [PATCH] Print full paths in pipeline / non-interactive usage In-Reply-To: <574068210.1019777.1616980408161@mail.yahoo.com> References: <1685964586.2440255.1563609052450.ref@mail.yahoo.com> <1685964586.2440255.1563609052450@mail.yahoo.com> <574068210.1019777.1616980408161@mail.yahoo.com> Message-ID: <542237279.156246.1617384025187@mail.yahoo.com> re: non-interactive usage, resurrecting this patch (with tests) from 2019. I run it locally (as I am constantly `pass show | grep ...`-ing) and have had no issues with it since developing it. --Robert Begin forwarded message: On Saturday, July 20, 2019, 2:50 AM, Robert Ames wrote: > When working with nested password directories / structures, it's a pain to pick out a particular password key/identifier for copy/paste.? This patch (and test) is the beginning of teaching pass about interactive v. non-interactive usage so that `pass ls` will print fully qualified identifiers when in non-interactive mode. > > The gist of it is captured below, and similar behavior can be seen in the `lastpass-cli` tool (not that lastpass is a great example of what to do in general, but it's very handy to have access to the fully qualified password identifiers). > > https://github.com/lastpass/lastpass-cli/blob/master/cmd-ls.c#L287-L288 > > $ ./src/password-store.sh ls > Password Store > ??? xxxxxxxx > ??? ??? xxxxx.xxx > ??? xxxxx > ??? ??? xxxxxxxxxxxxx.xxx > ??? ??? xxxxxxx.xxx > ??? ??? xxxxxxx.xxx > ??? ??? xxxxxxxxx.xxx > ??? ??? xxxxxxxxxxxxxxxxxxx.xxx > ??? ??? xxxxxxxx.xxx > ??? ??? xx.xx-xxxxxxxx > ??? ??? xx.xxxxx.xxx > ??? ??? ??? xxx-xxx > ??? ??? xxxxxxx.xxx > ??? ??? xxxxxxxx > ??? ??? ??? xxxxxx-xxxxx > ??? ??? ??? xxxxx-xxxxx-xxxxxxxx > ??? ??? ??? xxxxx-xxxxx-xxxxxxx > ??? ??? xxxxxx.xxx > > $ ./src/password-store.sh ls | cat > xxxxxxxx/xxxxx.xxx > xxxxx/xxxxxxx.xxx > xxxxx/xx.xxxxx.xxx/xxx-xxx > xxxxx/xxxxxxx.xxx > xxxxx/xxxxxxx.xxx > xxxxx/xxxxxxxx.xxx > xxxxx/xx.xx-xxxxxxxx > xxxxx/xxxxxxxxxxxxx.xxx > xxxxx/xxxxxxxxx.xxx > xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxxx > xxxxx/xxxxxxxx/xxxxxx-xxxxx > xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxx > xxxxx/xxxxxx.xxx > xxxxx/xxxxxxxxxxxxxxxxxxx.xxx > > $ ./src/password-store.sh ls | while read id ; do echo "--==[[ $id ]]==--" ; echo ./src/password-store.sh show $id ; done > --==[[ xxxxxxxx/xxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxxxxx/xxxxx.xxx > --==[[ xxxxx/xxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxx.xxx > --==[[ xxxxx/xx.xxxxx.xxx/xxx-xxx ]]==-- > ./src/password-store.sh show xxxxx/xx.xxxxx.xxx/xxx-xxx > --==[[ xxxxx/xxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxx.xxx > --==[[ xxxxx/xxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxx.xxx > --==[[ xxxxx/xxxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxx.xxx > --==[[ xxxxx/xx.xx-xxxxxxxx ]]==-- > ./src/password-store.sh show xxxxx/xx.xx-xxxxxxxx > --==[[ xxxxx/xxxxxxxxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxxxxxxx.xxx > --==[[ xxxxx/xxxxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxxx.xxx > --==[[ xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxxx > --==[[ xxxxx/xxxxxxxx/xxxxxx-xxxxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxx/xxxxxx-xxxxx > --==[[ xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxx/xxxxx-xxxxx-xxxxxxx > --==[[ xxxxx/xxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxx.xxx > --==[[ xxxxx/xxxxxxxxxxxxxxxxxxx.xxx ]]==-- > ./src/password-store.sh show xxxxx/xxxxxxxxxxxxxxxxxxx.xxx > > > > >> -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Print-full-paths-in-pipeline-non-interactive-usage.patch Type: text/x-patch Size: 2836 bytes Desc: not available URL: From jarraneil at gmail.com Sat Apr 3 16:54:08 2021 From: jarraneil at gmail.com (Neil Webster) Date: Sat, 3 Apr 2021 12:54:08 -0400 Subject: Migrating to new computer Message-ID: <1a96b7d2-d329-2cc7-7c68-bd20bf2266ae@gmail.com> Hello, I am sure this ought to be quite simple but I am having a heck of a time figuring out how to migrate my password store from an old drive to a new SSD drive. I have moved the contents of the .password-store folder across and can see all of the *.gpg files. I exported the gpg keys using the old drive gpg --export-secret-keys --armor --output privkey.asc my at emailaddress.com and tried importing on the new drive using gpg --import privkey.asc When I try to access the password store using pass it says gpg: decryption failed: No secret key I have looked around on-line and can't find a good how-to for this common use case. Any help or pointers greatly appreciated. Regards, Neil From mail at maciej.szmigiero.name Sat Apr 3 17:00:35 2021 From: mail at maciej.szmigiero.name (Maciej S. Szmigiero) Date: Sat, 3 Apr 2021 19:00:35 +0200 Subject: Migrating to new computer In-Reply-To: <1a96b7d2-d329-2cc7-7c68-bd20bf2266ae@gmail.com> References: <1a96b7d2-d329-2cc7-7c68-bd20bf2266ae@gmail.com> Message-ID: <39fafe02-c92b-df81-25fe-7882b5b1c09d@maciej.szmigiero.name> Hi Neil, On 03.04.2021 18:54, Neil Webster wrote: > Hello, > > I am sure this ought to be quite simple but I am having a heck of a time figuring out how to migrate my password store from an old drive to a new SSD drive. I have moved the contents of the .password-store folder across and can see all of the *.gpg files. I exported the gpg keys using the old drive > > gpg --export-secret-keys --armor --output privkey.asc my at emailaddress.com > > and tried importing on the new drive using > > gpg --import privkey.asc > > When I try to access the password store using pass it says > > gpg: decryption failed: No secret key > > I have looked around on-line and can't find a good how-to for this common use case. > > Any help or pointers greatly appreciated. And what does gpg -K say? Did you try decrypting any password file manually using gpg (without pass)? BTW: That's more of a GPG question than a pass one. > Regards, Neil > Maciej From jarraneil at gmail.com Sat Apr 3 17:06:23 2021 From: jarraneil at gmail.com (Neil Webster) Date: Sat, 3 Apr 2021 13:06:23 -0400 Subject: Migrating to new computer In-Reply-To: <39fafe02-c92b-df81-25fe-7882b5b1c09d@maciej.szmigiero.name> References: <1a96b7d2-d329-2cc7-7c68-bd20bf2266ae@gmail.com> <39fafe02-c92b-df81-25fe-7882b5b1c09d@maciej.szmigiero.name> Message-ID: Thanks Maciej, gpg -K returns with nothing Running gpg directly on a file in the password store using gpg -d filename gives gpg: encrypted with 3072-bit RSA key, ID 94FDE31D5B3E9BC6, created 2020-03-11 ????? "my at emailaddress.com" gpg: decryption failed: No secret key Cheers, Neil On 4/3/21 1:00 PM, Maciej S. Szmigiero wrote: > Hi Neil, > > On 03.04.2021 18:54, Neil Webster wrote: >> Hello, >> >> I am sure this ought to be quite simple but I am having a heck of a >> time figuring out how to migrate my password store from an old drive >> to a new SSD drive. I have moved the contents of the .password-store >> folder across and can see all of the *.gpg files. I exported the gpg >> keys using the old drive >> >> gpg --export-secret-keys --armor --output privkey.asc >> my at emailaddress.com >> >> and tried importing on the new drive using >> >> gpg --import privkey.asc >> >> When I try to access the password store using pass it says >> >> gpg: decryption failed: No secret key >> >> I have looked around on-line and can't find a good how-to for this >> common use case. >> >> Any help or pointers greatly appreciated. > > And what does gpg -K say? > Did you try decrypting any password file manually using gpg (without > pass)? > > BTW: > That's more of a GPG question than a pass one. > >> Regards, Neil >> > > Maciej From mail at maciej.szmigiero.name Sat Apr 3 17:50:15 2021 From: mail at maciej.szmigiero.name (Maciej S. Szmigiero) Date: Sat, 3 Apr 2021 19:50:15 +0200 Subject: Migrating to new computer In-Reply-To: References: <1a96b7d2-d329-2cc7-7c68-bd20bf2266ae@gmail.com> <39fafe02-c92b-df81-25fe-7882b5b1c09d@maciej.szmigiero.name> Message-ID: On 03.04.2021 19:06, Neil Webster wrote: > Thanks Maciej, > > gpg -K > > returns with nothing That means you have no secret keys in your keyring. Inspect that exported privkey.asc whether it says "PRIVATE KEY" somewhere. Check ~/.gnupg/private-keys-v1.d/ whether there are any private keys there. Try importing that privkey.asc once again and notice what gpg says on import (as far as I remember it should say that it has imported 1 secret key or so). > > Cheers, Neil Maciej From gildasiojunior at riseup.net Fri Apr 9 02:09:03 2021 From: gildasiojunior at riseup.net (=?utf-8?B?R2lsZMOhc2lvIErDum5pb3I=?=) Date: Thu, 8 Apr 2021 23:09:03 -0300 Subject: otp in passmenu Message-ID: Hi all, I have the same demand as Alessandro Accardo mentioned in Sep 2018 [0]. He submited a patch, receive a feedback, updated it and I couldn't see any other new feedback. I had patched passmenu to support pass-otp too (in a bigger way than he did). I'm sending my patch to receive some feedback and talk about the demand we have. Anyway, thanks for your work. pass and passmenu as well are projects that I like a lot. Thank you. PS: I didn't have experience contribut with git patches by email. So please let me know if I did something wrong and how can get the right path. [0]: https://lists.zx2c4.com/pipermail/password-store/2018-September/003406.html -- []'s Gild?sio J?nior -------------- next part -------------- From bbfce317691dd9db9ac8b6bbd729a70260032dbf Mon Sep 17 00:00:00 2001 From: Gildasio Junior Date: Thu, 8 Apr 2021 23:04:44 -0300 Subject: [PATCH] Add pass-otp support in passmenu --- contrib/dmenu/README.md | 6 ++++-- contrib/dmenu/passmenu | 41 +++++++++++++++++++++++++++++++++-------- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/contrib/dmenu/README.md b/contrib/dmenu/README.md index 9d54fb4..5e1b4ec 100644 --- a/contrib/dmenu/README.md +++ b/contrib/dmenu/README.md @@ -2,12 +2,14 @@ password manager. This design allows you to quickly copy a password to the clipboard without having to open up a terminal window if you don't already have one open. If `--type` is specified, the password is typed using [xdotool][] -instead of copied to the clipboard. +instead of copied to the clipboard. If `--otp` is specified, the password is +interpreted as a 2fa OTP token using [pass-otp][]. # Usage - passmenu [--type] [dmenu arguments...] + passmenu [--type] [--otp] [dmenu arguments...] [dmenu]: http://tools.suckless.org/dmenu/ [xdotool]: http://www.semicomplete.com/projects/xdotool/ [pass]: http://www.zx2c4.com/projects/password-store/ +[pass-otp]: https://github.com/tadfisher/pass-otp diff --git a/contrib/dmenu/passmenu b/contrib/dmenu/passmenu index 83268bc..e278330 100755 --- a/contrib/dmenu/passmenu +++ b/contrib/dmenu/passmenu @@ -2,24 +2,49 @@ shopt -s nullglob globstar +prefix=${PASSWORD_STORE_DIR-~/.password-store} typeit=0 -if [[ $1 == "--type" ]]; then - typeit=1 - shift -fi +otp='' +dir2fa='' +dmenu_options='' + +while [[ $# -gt 0 ]] +do +option="$1" + +case $option in + --type) + typeit=1 + shift + ;; + --otp) + otp='otp' + dir2fa='2fa/' + prefix=${PASSWORD_STORE_DIR-~/.password-store/$dir2fa} + shift + ;; + *) + dmenu_options="${dmenu_options} ${option}" + shift + ;; +esac +done -prefix=${PASSWORD_STORE_DIR-~/.password-store} password_files=( "$prefix"/**/*.gpg ) password_files=( "${password_files[@]#"$prefix"/}" ) password_files=( "${password_files[@]%.gpg}" ) -password=$(printf '%s\n' "${password_files[@]}" | dmenu "$@") +if [[ $otp == '' ]]; then + password=$(printf '%s\n' "${password_files[@]}" | grep -v '2fa/' | dmenu $dmenu_options "$@") +else + password=$(printf '%s\n' "${password_files[@]}" | dmenu $dmenu_options "$@") +fi [[ -n $password ]] || exit if [[ $typeit -eq 0 ]]; then - pass show -c "$password" 2>/dev/null + pass $otp show -c "$dir2fa$password" 2>/dev/null else - pass show "$password" | { IFS= read -r pass; printf %s "$pass"; } | + pass $otp show "$dir2fa$password" | { IFS= read -r pass; printf %s "$pass"; } | xdotool type --clearmodifiers --file - fi -- 2.31.1 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From mail at maciej.szmigiero.name Fri Apr 9 14:27:32 2021 From: mail at maciej.szmigiero.name (Maciej S. Szmigiero) Date: Fri, 9 Apr 2021 16:27:32 +0200 Subject: Is pass actively maintained? (Was: explicit GPG subkey for a subdir causes the whole subdir to be reencrypted when password is moved there) In-Reply-To: References: Message-ID: <03df3d31-6b5f-03df-435d-82e196ebd25e@maciej.szmigiero.name> On 20.03.2021 12:52, Maciej S. Szmigiero wrote: > Hi, > > When an explicit GPG subkey is set for a particular subdirectory pass will > reencrypt every password in that subdirectory each time a password file is > moved to that subdirectory. > (..) I see that the last pass release was 2.5+ years ago, since that time there were no maintainer-authored commits to the project's git repository. In the past 10 months there were just two commits overall, both from an outside contributor. Since the project maintainer has not posted to this ML since December last year, I wonder whether there are plans to still actively maintain pass? Thanks, Maciej From Jason at zx2c4.com Fri Apr 9 15:26:56 2021 From: Jason at zx2c4.com (Jason A. Donenfeld) Date: Fri, 9 Apr 2021 09:26:56 -0600 Subject: Is pass actively maintained? (Was: explicit GPG subkey for a subdir causes the whole subdir to be reencrypted when password is moved there) In-Reply-To: <03df3d31-6b5f-03df-435d-82e196ebd25e@maciej.szmigiero.name> References: <03df3d31-6b5f-03df-435d-82e196ebd25e@maciej.szmigiero.name> Message-ID: On 4/9/21, Maciej S. Szmigiero wrote: > On 20.03.2021 12:52, Maciej S. Szmigiero wrote: >> Hi, >> >> When an explicit GPG subkey is set for a particular subdirectory pass >> will >> reencrypt every password in that subdirectory each time a password file >> is >> moved to that subdirectory. >> > (..) > > I see that the last pass release was 2.5+ years ago, since that time > there were no maintainer-authored commits to the project's git > repository. > > In the past 10 months there were just two commits overall, both from an > outside contributor. > > Since the project maintainer has not posted to this ML since December > last year, I wonder whether there are plans to still actively maintain > pass? Yes, it is maintained. Adding quick one-off things to a bash script and sending a patch is easy, but actually keeping such a script sane and manageable is not. So, don't expect for all "feature" requests to be immediately picked up.or embraced. Jason From mail at maciej.szmigiero.name Fri Apr 9 16:12:11 2021 From: mail at maciej.szmigiero.name (Maciej S. Szmigiero) Date: Fri, 9 Apr 2021 18:12:11 +0200 Subject: Is pass actively maintained? (Was: explicit GPG subkey for a subdir causes the whole subdir to be reencrypted when password is moved there) In-Reply-To: References: <03df3d31-6b5f-03df-435d-82e196ebd25e@maciej.szmigiero.name> Message-ID: <3e02c7d9-e938-02e5-18df-2e2795ba0f7d@maciej.szmigiero.name> On 09.04.2021 17:26, Jason A. Donenfeld wrote: > On 4/9/21, Maciej S. Szmigiero wrote: >> On 20.03.2021 12:52, Maciej S. Szmigiero wrote: >>> Hi, >>> >>> When an explicit GPG subkey is set for a particular subdirectory pass >>> will >>> reencrypt every password in that subdirectory each time a password file >>> is >>> moved to that subdirectory. >>> >> (..) >> >> I see that the last pass release was 2.5+ years ago, since that time >> there were no maintainer-authored commits to the project's git >> repository. >> >> In the past 10 months there were just two commits overall, both from an >> outside contributor. >> >> Since the project maintainer has not posted to this ML since December >> last year, I wonder whether there are plans to still actively maintain >> pass? > > Yes, it is maintained. Adding quick one-off things to a bash script > and sending a patch is easy, but actually keeping such a script sane > and manageable is not. So, don't expect for all "feature" requests to > be immediately picked up.or embraced. Cool, thanks. > Jason > Maciej From jonas at cowboyprogrammer.org Sun Apr 11 14:05:50 2021 From: jonas at cowboyprogrammer.org (Jonas Kalderstam) Date: Sun, 11 Apr 2021 16:05:50 +0200 Subject: otp in passmenu In-Reply-To: References: Message-ID: On 9 April 2021 04:09:03 CEST, "Gild?sio J?nior" wrote: >I have the same demand as Alessandro Accardo mentioned in Sep 2018 [0]. >He submited a patch, receive a feedback, updated it and I couldn't see >any other new feedback. I wouldn't expect much in terms of a reply when you have "demands" on people working for free in their spare time.. >PS: I didn't have experience contribut with git patches by email. So >please let me know if I did something wrong and how can get the right >path. See https://git-send-email.io for an excellent guide to git and email. From kenny.evitt at gmail.com Sun Apr 11 19:59:13 2021 From: kenny.evitt at gmail.com (Kenny Evitt) Date: Sun, 11 Apr 2021 15:59:13 -0400 Subject: otp in passmenu In-Reply-To: References: Message-ID: I suspect Gild?sio used "demand" but meant "request". Nothing else in their email implies that they're 'demanding' anything from Jason, the maintainer, or anyone else. I think it might be reasonable for people to seriously consider forking Pass. No one's obligated to do anything. But no one's obligated to refrain from changing Pass, or refrain from sharing those changes either. (I'd strongly suggest picking a new distinctive name, or at least a distinctive variation on "pass" or "password store".) I suspect Jason considers Pass mostly complete as-is. And that's fine! I mostly agree with that myself. My own previous patches were never accepted, and Jason had good reasons for doing so. But it's frustrating not having patches accepted, or running one's own custom private 'fork'. If people want to make changes useful to them, and share those changes with others, then a fork could make sense. (It's a lot of work tho!) On Sun, Apr 11, 2021 at 10:07 AM Jonas Kalderstam wrote: > > On 9 April 2021 04:09:03 CEST, "Gild?sio J?nior" wrote: > >I have the same demand as Alessandro Accardo mentioned in Sep 2018 [0]. > >He submited a patch, receive a feedback, updated it and I couldn't see > >any other new feedback. > > I wouldn't expect much in terms of a reply when you have "demands" on people working for free in their spare time.. > > >PS: I didn't have experience contribut with git patches by email. So > >please let me know if I did something wrong and how can get the right > >path. > > See https://git-send-email.io for an excellent guide to git and email. > > From dev.git.password-store at ojford.com Sun Apr 11 22:24:38 2021 From: dev.git.password-store at ojford.com (Oliver Ford) Date: Sun, 11 Apr 2021 22:24:38 +0000 Subject: otp in passmenu In-Reply-To: References: Message-ID: <01020178c3096cc0-e95ca2ae-611e-437c-8f4e-5dd9cbc80107-000000@eu-west-1.amazonses.com> > I suspect Gild?sio used "demand" but meant "request". Nothing else in > their email implies that they're 'demanding' anything from Jason, the > maintainer, or anyone else. Hear hear. I didn't think I was reading too charitably in assuming a translation quirk. I know I do a far worse job of trying to speak any non-English languages than that. > I think it might be reasonable for people to seriously consider > forking Pass. [etc.] Those desiring a version of pass that's more, how should I put it, 'continually iterated on', might consider 'gopass': https://github.com/gopasspw/gopass It's a re-write rather than an actual fork, but it aims for pass-compatibility and is already (~4k 'stars') popular. I've no affiliation (perhaps some trivial patch), and perhaps there's a good reason (?) to prefer a true fork/a bash script (ok it's truer to the front and centre Unix philosophy adhered to by pass I suppose) in which case this isn't that. If the most important thing to you in 'pass' is a new feature though, I think it's considerably more likely 'over there'. -- Oliver Ford dev.git.password-store at ojford.com On Sun, 11 Apr 2021, at 19:59, Kenny Evitt wrote: > I suspect Gild?sio used "demand" but meant "request". Nothing else in > their email implies that they're 'demanding' anything from Jason, the > maintainer, or anyone else. > > > > I think it might be reasonable for people to seriously consider > forking Pass. No one's obligated to do anything. But no one's > obligated to refrain from changing Pass, or refrain from sharing those > changes either. > > (I'd strongly suggest picking a new distinctive name, or at least a > distinctive variation on "pass" or "password store".) > > I suspect Jason considers Pass mostly complete as-is. And that's fine! > I mostly agree with that myself. My own previous patches were never > accepted, and Jason had good reasons for doing so. > > But it's frustrating not having patches accepted, or running one's own > custom private 'fork'. If people want to make changes useful to them, > and share those changes with others, then a fork could make sense. > (It's a lot of work tho!) > > > On Sun, Apr 11, 2021 at 10:07 AM Jonas Kalderstam > wrote: > > > > On 9 April 2021 04:09:03 CEST, "Gild?sio J?nior" wrote: > > >I have the same demand as Alessandro Accardo mentioned in Sep 2018 [0]. > > >He submited a patch, receive a feedback, updated it and I couldn't see > > >any other new feedback. > > > > I wouldn't expect much in terms of a reply when you have "demands" on people working for free in their spare time.. > > > > >PS: I didn't have experience contribut with git patches by email. So > > >please let me know if I did something wrong and how can get the right > > >path. > > > > See https://git-send-email.io for an excellent guide to git and email. > > > > > > From gerhardus.geldenhuis at gmail.com Wed Apr 14 09:09:22 2021 From: gerhardus.geldenhuis at gmail.com (Gerhardus Geldenhuis) Date: Wed, 14 Apr 2021 11:09:22 +0200 Subject: Availability of rpm package Message-ID: Hi It looks like pass is not available anymore from EPEL and a clean CentOS install does not have any default repository that contains pass package. I was wondering if there is an alternative source to find a yum package to get it installed? Regards -- Gerhardus Geldenhuis From pierreprinetti at redhat.com Wed Apr 14 11:23:23 2021 From: pierreprinetti at redhat.com (Pierre Prinetti) Date: Wed, 14 Apr 2021 13:23:23 +0200 Subject: pass list Message-ID: I want to use pass in a system menu that isn't dmenu. When I look at passmenu[1], I see that most of its complexity is about printing a list of password names. If pass was able to print that list, I wouldn't need any plugin and I could wire that up in my compositor configuration. Example tree (current behaviour): ``` $ pass list Password Store ??? one ??? two ??? folder ? ??? three ??? four ``` Example flat list (proposed behaviour): ``` $ pass list -q one two folder/three four ``` I propose that pass prints a flat list (instead of a tree) when: * `list -q`; and/or * `list --flat`; and/or * `list` is piped; and/or * other ideas? I am willing to write a patch if we find consensus. -Pierre [1]: https://git.zx2c4.com/password-store/tree/contrib/dmenu/passmenu From minshall at umich.edu Wed Apr 14 13:01:50 2021 From: minshall at umich.edu (Greg Minshall) Date: Wed, 14 Apr 2021 16:01:50 +0300 Subject: pass list In-Reply-To: Your message of "Wed, 14 Apr 2021 13:23:23 +0200." Message-ID: <149320.1618405310@apollo2.minshall.org> Pierre, > I am willing to write a patch if we find consensus. i'd be a fan. and, if highlighting could somehow also be controlled, that would be great. cheers, Greg From dacoda.strack at gmail.com Wed Apr 14 15:20:25 2021 From: dacoda.strack at gmail.com (Dacoda Strack) Date: Wed, 14 Apr 2021 08:20:25 -0700 Subject: pass list In-Reply-To: <149320.1618405310@apollo2.minshall.org> References: <149320.1618405310@apollo2.minshall.org> Message-ID: On Wed, Apr 14, 2021 at 04:01:50PM +0300, Greg Minshall wrote: > Pierre, > > > I am willing to write a patch if we find consensus. > > i'd be a fan. and, if highlighting could somehow also be controlled, > that would be great. > > cheers, Greg This sounds great to me, I wonder if something naive like find $PASSWORD_STORE -type f -name '*.gpg' with some additional sed to clean up the path would get us where we need to be I think I'm going to have a small local fork and build RPMs with some of these minor patches. From pierreprinetti at redhat.com Wed Apr 14 17:57:36 2021 From: pierreprinetti at redhat.com (Pierre Prinetti) Date: Wed, 14 Apr 2021 19:57:36 +0200 Subject: pass list In-Reply-To: References: <149320.1618405310@apollo2.minshall.org> Message-ID: >From 23752d9a1d3d8f86022a1464a8001e7d50452f6e Mon Sep 17 00:00:00 2001 From: Pierre Prinetti Date: Wed, 14 Apr 2021 19:26:45 +0200 Subject: [PATCH] Add --flat option to show The --flat flag to {show,ls,list} makes pass list multiple entries in a flat list form, rather than in a tree form. The new flag applies when no argument is passed, or when the argument corresponds to a directory. --- src/password-store.sh | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/src/password-store.sh b/src/password-store.sh index 77f3eda..b791139 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -364,17 +364,18 @@ cmd_init() { } cmd_show() { - local opts selected_line clip=0 qrcode=0 - opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")" + local opts selected_line clip=0 qrcode=0 flat=0 + opts="$($GETOPT -o q::c:: -l qrcode::,clip::,flat -n "$PROGRAM" -- "$@")" local err=$? eval set -- "$opts" while true; do case $1 in -q|--qrcode) qrcode=1; selected_line="${2:-1}"; shift 2 ;; -c|--clip) clip=1; selected_line="${2:-1}"; shift 2 ;; + --flat) flat=1; shift 1 ;; --) shift; break ;; esac done - [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage: $PROGRAM $COMMAND [--clip[=line-number],-c[line-number]] [--qrcode[=line-number],-q[line-number]] [pass-name]" + [[ $err -ne 0 || ( $qrcode -eq 1 && $clip -eq 1 ) ]] && die "Usage: $PROGRAM $COMMAND [--clip[=line-number],-c[line-number]] [--qrcode[=line-number],-q[line-number]] [--flat] [pass-name]" local pass local path="$1" @@ -395,12 +396,17 @@ cmd_show() { fi fi elif [[ -d $PREFIX/$path ]]; then - if [[ -z $path ]]; then - echo "Password Store" + if [[ $flat -eq 1 ]]; then + local prefix_realpath="$(realpath "$PREFIX")" + find "$PREFIX/$path" -type f -name '*.gpg' | while read -r line; do echo "${line##"${prefix_realpath}/"}"; done | sed -E 's/\.gpg$//g' else - echo "${path%\/}" + if [[ -z $path ]]; then + echo "Password Store" + else + echo "${path%\/}" + fi + tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors fi - tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors elif [[ -z $path ]]; then die "Error: password store is empty. Try \"pass init\"." else -- 2.30.2 On Wed, 14 Apr 2021 at 17:20, Dacoda Strack wrote: > > On Wed, Apr 14, 2021 at 04:01:50PM +0300, Greg Minshall wrote: > > Pierre, > > > > > I am willing to write a patch if we find consensus. > > > > i'd be a fan. and, if highlighting could somehow also be controlled, > > that would be great. > > > > cheers, Greg > > This sounds great to me, I wonder if something naive like > > find $PASSWORD_STORE -type f -name '*.gpg' > > with some additional sed to clean up the path would get us where we need > to be > > I think I'm going to have a small local fork and build RPMs with some > of these minor patches. > From ramses0 at yahoo.com Wed Apr 14 21:56:27 2021 From: ramses0 at yahoo.com (Robert Ames) Date: Wed, 14 Apr 2021 21:56:27 +0000 (UTC) Subject: pass list In-Reply-To: References: <149320.1618405310@apollo2.minshall.org> Message-ID: <1113212974.1538307.1618437387265@mail.yahoo.com> Detect TTY (interactive status): +[[ -t 1 ]] && YES_TTY=1 If NO_TTY, use find + sed as suggested, else keep the existing "Tree" command: -????????tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors +????????if [[ -z $YES_TTY ]] ; then +????????????find "$PREFIX/$path" -type f -iname \*.gpg | sed -e 's/\.gpg$//g' -e "s,^$PREFIX,,g" -e 's/^\///g' # when non-interactive (pipeline) print full-path-per-entry (for easy copy/paste or filtering) +????????else +????????????tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors +????????fi ... at Dacoda... yep, "naive find" was what I came up with in 2019. Other password managers change behaviour slightly when running in a TTY/NO_TTY context: https://github.com/lastpass/lastpass-cli/blob/2a70884ed7ef48a8d621687acb96202cc354245b/cmd-ls.c#L287-L288 It's _crucial_ to support `pass ls | grep ...` and be able to show the full identifier for usage. --Robert On Wednesday, April 14, 2021, 08:20:36 AM PDT, Dacoda Strack wrote: On Wed, Apr 14, 2021 at 04:01:50PM +0300, Greg Minshall wrote: > Pierre, > > > I am willing to write a patch if we find consensus. > > i'd be a fan.? and, if highlighting could somehow also be controlled, > that would be great. > > cheers, Greg This sounds great to me, I wonder if something naive like find $PASSWORD_STORE -type f -name '*.gpg' with some additional sed to clean up the path would get us where we need to be I think I'm going to have a small local fork and build RPMs with some of these minor patches. -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Print-full-paths-in-pipeline-non-interactive-usage.patch Type: application/octet-stream Size: 2836 bytes Desc: not available URL: From pierreprinetti at redhat.com Thu Apr 15 07:51:19 2021 From: pierreprinetti at redhat.com (Pierre Prinetti) Date: Thu, 15 Apr 2021 09:51:19 +0200 Subject: pass list In-Reply-To: <1113212974.1538307.1618437387265@mail.yahoo.com> References: <149320.1618405310@apollo2.minshall.org> <1113212974.1538307.1618437387265@mail.yahoo.com> Message-ID: @ robert: Thank you, your patch is better than mine. And indeed, not adding flags is even better. Added locally, FWIW :) On Thu, 15 Apr 2021 at 00:01, Robert Ames wrote: > > Detect TTY (interactive status): > +[[ -t 1 ]] && YES_TTY=1 > > If NO_TTY, use find + sed as suggested, else keep the existing "Tree" command: > - tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors > + if [[ -z $YES_TTY ]] ; then > + find "$PREFIX/$path" -type f -iname \*.gpg | sed -e 's/\.gpg$//g' -e "s,^$PREFIX,,g" -e 's/^\///g' # when non-interactive (pipeline) print full-path-per-entry (for easy copy/paste or filtering) > + else > + tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g' # remove .gpg at end of line, but keep colors > + fi > > ... at Dacoda... yep, "naive find" was what I came up with in 2019. > > Other password managers change behaviour slightly when running in a TTY/NO_TTY context: > https://github.com/lastpass/lastpass-cli/blob/2a70884ed7ef48a8d621687acb96202cc354245b/cmd-ls.c#L287-L288 > > It's _crucial_ to support `pass ls | grep ...` and be able to show the full identifier for usage. > > --Robert > > > > On Wednesday, April 14, 2021, 08:20:36 AM PDT, Dacoda Strack wrote: > > > > > > On Wed, Apr 14, 2021 at 04:01:50PM +0300, Greg Minshall wrote: > > > Pierre, > > > > > I am willing to write a patch if we find consensus. > > > > i'd be a fan. and, if highlighting could somehow also be controlled, > > that would be great. > > > > cheers, Greg > > > This sounds great to me, I wonder if something naive like > > find $PASSWORD_STORE -type f -name '*.gpg' > > with some additional sed to clean up the path would get us where we need > to be > > I think I'm going to have a small local fork and build RPMs with some > of these minor patches. > From gildasiojunior at riseup.net Thu Apr 15 11:41:17 2021 From: gildasiojunior at riseup.net (=?utf-8?B?R2lsZMOhc2lvIErDum5pb3I=?=) Date: Thu, 15 Apr 2021 08:41:17 -0300 Subject: otp in passmenu In-Reply-To: References: Message-ID: Yeah, thanks Kenny for made me clear. By "demand" I mean something like "I would like this" not "I want this in my desk tonight". My main purpose with the original message was to understand why the Alessandro's patch wasn't more discussed/merged and receive feedbacks to made my patch better. I like the fork idea, maybe I'll do something like this (actually just this patch I'm thinking now). On Sun, Apr 11, 2021 at 03:58:22PM -0400, Kenny Evitt wrote: > I suspect Gild?sio used "demand" but meant "request". Nothing else in their > email implies that they're 'demanding' anything from Jason, the maintainer, > or anyone else. > > > > I think it might be reasonable for people to seriously consider forking > Pass. No one's obligated to do anything. But no one's obligated to refrain > from changing Pass, or refrain from sharing those changes either. > > (I'd strongly suggest picking a new distinctive name, or at least a > distinctive variation on "pass" or "password store".) > > I suspect Jason considers Pass mostly complete as-is. And that's fine! I > mostly agree with that myself. My own previous patches were never accepted, > and Jason had good reasons for doing so. > > But it's frustrating not having patches accepted, or running one's own > custom private 'fork'. If people want to make changes useful to them, and > share those changes with others, then a fork could make sense. (It's a lot > of work tho!) > > On Sun, Apr 11, 2021 at 10:07 AM Jonas Kalderstam < > jonas at cowboyprogrammer.org> wrote: > > > On 9 April 2021 04:09:03 CEST, "Gild?sio J?nior" < > > gildasiojunior at riseup.net> wrote: > > >I have the same demand as Alessandro Accardo mentioned in Sep 2018 [0]. > > >He submited a patch, receive a feedback, updated it and I couldn't see > > >any other new feedback. > > > > I wouldn't expect much in terms of a reply when you have "demands" on > > people working for free in their spare time.. > > > > >PS: I didn't have experience contribut with git patches by email. So > > >please let me know if I did something wrong and how can get the right > > >path. > > > > See https://git-send-email.io for an excellent guide to git and email. > > > > > > -- []'s Gild?sio J?nior -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From glenndoyle at protonmail.com Tue Apr 27 07:02:05 2021 From: glenndoyle at protonmail.com (glenndoyle) Date: Tue, 27 Apr 2021 07:02:05 +0000 Subject: Can't get bash-completion to work for alias Message-ID: Hi, I've been using pass for some years now and it's proven to be an invaluable tool. I do however have an issue that I can't come to terms with. I have two password stores now, one that is in the default $HOME/.password-store and a separate store in $HOME/.yet-another-password-store To approach these I've made an alias for .yet-another-password-store like so: alias yapass='PASSWORD_STORE_DIR=~/.yet-another-password-store PASSWORD_STORE_GIT=~/.yet-another-password-store pass' This works insofar that all the individual commands for 'yapass' work, but the bash-completion is totally lost. The bash-completion for 'pass' works flawlessly, it's just this alias that doesn't get the same benefit. What's missing? I'm using Ubuntu 20.04 and the bash that come with it, if that makes any difference. Thanks. From lists.trs-80 at isnotmyreal.name Thu Apr 29 19:45:26 2021 From: lists.trs-80 at isnotmyreal.name (TRS-80) Date: Thu, 29 Apr 2021 15:45:26 -0400 Subject: Can't get bash-completion to work for alias In-Reply-To: References: Message-ID: On 2021-04-27 03:02, glenndoyle wrote: > alias yapass='PASSWORD_STORE_DIR=~/.yet-another-password-store > PASSWORD_STORE_GIT=~/.yet-another-password-store pass' > > This works insofar that all the individual commands for 'yapass' work, > but the bash-completion is totally lost. The bash-completion for > 'pass' works flawlessly, it's just this alias that doesn't get the > same benefit. I suspect this is something to do with bash completion. Maybe try ##linux or #bash on Freenode (IRC) for an immediate answer, or perhaps even bash-users mailing list (if there is such a thing) or searching internet about bash completion. Cheers, TRS-80 From mailinglist at chiraag.me Thu Apr 29 19:52:12 2021 From: mailinglist at chiraag.me (=?utf-8?B?4LKa4LK/4LKw4LK+4LKX4LONIOCyqOCyn+CysOCyvuCynOCzjQ==?=) Date: Thu, 29 Apr 2021 19:52:12 +0000 Subject: Can't get bash-completion to work for alias In-Reply-To: References: Message-ID: 12021/02/38 06:56.55 ?????, TRS-80 ??????: > > On 2021-04-27 03:02, glenndoyle wrote: > > alias yapass='PASSWORD_STORE_DIR=~/.yet-another-password-store > > PASSWORD_STORE_GIT=~/.yet-another-password-store pass' > > > > This works insofar that all the individual commands for 'yapass' work, > > but the bash-completion is totally lost. The bash-completion for > > 'pass' works flawlessly, it's just this alias that doesn't get the > > same benefit. > > I suspect this is something to do with bash completion. Maybe try > ##linux or #bash on Freenode (IRC) for an immediate answer, or perhaps > even bash-users mailing list (if there is such a thing) or searching > internet about bash completion. > > Cheers, > TRS-80 Yup, bash completion doesn't work (by default) for aliases. You can use complete-alias to fix this issue: https://github.com/cykerway/complete-alias.git HTH! Sincerely, Chiraag -- ?????? ?????? Pronouns: he/him/his -------------- next part -------------- A non-text attachment was scrubbed... Name: publickey - mailinglist at chiraag.me - b0c8d720.asc Type: application/pgp-keys Size: 659 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 233 bytes Desc: OpenPGP digital signature URL: