add pa edit · j3s.sh/dotfiles@76cd38e

j3s.sh / dotfiles

Fork 0

my dotz

Fork 0

+29 -2

1 changed file

Expand all

bin

+29 -2

bin/pa

··· 43 43 # Heredocs are sometimes implemented via temporary files, 44 44 # however this is typically done using 'mkstemp()' which 45 45 # is more secure than a leak in '/proc'. 46 - pubkey=$(sed -n 's/.*$age$/\1/p' ~/.age/key.txt) 47 46 age -r "$pubkey" -o "$name.age" <<-EOF && 48 - $pass 47 + $pass 49 48 EOF 50 49 printf '%s\n' "Saved '$name' to the store." 51 50 } 52 51 52 + pw_edit() { 53 + name=$1 54 + 55 + # we use /dev/shm because it's an in-memory 56 + # space that we can use to store private data, 57 + # and securely wipe it without worrying about 58 + # residual badness 59 + if [ ! -d /dev/shm ]; then 60 + die "Failed to access /dev/shm" 61 + fi 62 + 63 + mkdir -p /dev/shm/pa 64 + trap 'rm -rf /dev/shm/pa' EXIT 65 + tmpfile="/dev/shm/pa/$name.txt" 66 + 67 + "${EDITOR:-vi}" "$tmpfile" 68 + 69 + if [ ! -f $tmpfile ]; then 70 + die "New password not saved" 71 + fi 72 + 73 + age -r "$pubkey" -o "$name.age" "$tmpfile" 74 + } 75 + 53 76 pw_del() { 54 77 yn "Delete pass file '$1'?" && { 55 78 rm -f "$1.age" ··· 132 155 pa 0.1.0 - age-based password manager 133 156 => [a]dd [name] - Create a new password, randomly generated 134 157 => [d]el [name] - Delete a password entry. 158 + => [e]dit [name] - Edit a password entry with $EDITOR. 135 159 => [l]ist - List all entries. 136 160 => [s]how [name] - Show password for an entry. 137 161 Password length: export PA_LENGTH=50 ··· 176 200 glob "$2" '*/*' && { mkdir -p "${2%/*}" || 177 201 die "Couldn't create category '${2%/*}'"; } 178 202 203 + pubkey=$(sed -n 's/.*$age$/\1/p' ~/.age/key.txt) 204 + 179 205 # Restrict permissions of any new files to 180 206 # only the current user. 181 207 umask 077 ··· 187 213 case $1 in 188 214 a*) pw_add "$2" ;; 189 215 d*) pw_del "$2" ;; 216 + e*) pw_edit "$2" ;; 190 217 s*) pw_show "$2" ;; 191 218 l*) pw_list ;; 192 219 *) usage

Configure Feed

Configure Feed