commit aa4988d112edf4f6d50cb1876a0af7d3637678d3 from: Alex Arx via: Alex Arch date: Sun Mar 16 08:11:45 2025 UTC bump version to 1.0, and update all supporting files commit - d4a0a080f81afa34a60e19da5e62efc8585e28e9 commit + aa4988d112edf4f6d50cb1876a0af7d3637678d3 blob - fe3f369debc1b7a997d6cb0994f5a629e1718968 blob + 635fa29101c318760c3ea1a0b7169b37c5b14378 --- CHANGES +++ CHANGES @@ -1,3 +1,21 @@ +1.0 + +A jump 0.3 -> 1.0 is made because the utility is now called "secstore", +and is largely incompatible with the gpm utility. Please refer to the +README for a migration guide. + +- GPM_ variables are no longer handled +- list now uses a builtin function; removed GPM_LSCMD +- All other GPM_* variables have been renamed to SECSTORE_* +- Newlines are now handled intelligently, rather than manually: + + The add subcommand appends a newline at the end of its input, if + there isn't one already. + + The copy subcommand removes the last newline character. +- add, move and remove subcommands now have an -f (force) flag +- The move subcommand now behaves more like Unix mv(1) +- Shortest unique prefixes of subcommands are no longer accepted, but + some aliases are. + 0.3 - Added the copy subcommand blob - 8fc3d5d9093b732df24205e1de54b2169b22c96f blob + 43183cdd2ea0356139f385cf9379ef51ee15a661 --- Makefile +++ Makefile @@ -1,6 +1,6 @@ include version.mk -BIN = gpm +BIN = secstore MAN = $(BIN:=.1) DIST = $(BIN)$(V) TARBALL = $(DIST).tar.gz blob - 8e59aced25e00395086835a5838fbb314ec84ac5 blob + 58dc54e27f91e76da07e62a794b75623fb91a826 --- README +++ README @@ -1,10 +1,21 @@ -gpm is a gpg-based password manager, similar to pass, but much simpler, and -free of the bash dependency. gpm is developed from my other now-deprecated -openssl-based password manager pm. To convert pm passwords into gpm passwords, -please use the pm2gpm script. For installation run `make install'. +secstore is a secret storage manager, similar to pass, but more +flexible, and written in perl. In particular, you are allowed to choose +which commands to use for encryption/decryption/copying, and a more +arbitrary file hierarchy is permitted. +secstore is a continuation of gpm. + The dependencies are: - Digest::SHA -- gpg +- gpg (optional) - xclip (optional) + + +gpm to secstore migration + +$ mv ~/.gpm ~/.secstore +$ find ~/.secstore -type f -exec chmod u+w {} + + +Instead of ~/.{gpm,secstore} you might use $XDG_DATA_HOME/{gpm,secstore} +or $GPM_DIR and $SECSTORE_DIR. blob - 372418686f1931995eb2d6be7e1dca9a342d4cdc blob + ea35d96ef7bd8a34677b14d4df2ad8e0ede555bd --- examples/isecstore +++ examples/isecstore @@ -30,7 +30,7 @@ while getopts COPTcopt name; do t) tmux=tmux ;; esac ;; - ?) echo "usage: igpm [-COPTcopt] [file ...]" >&2; exit 1 ;; + ?) echo "usage: isecstore [-COPTcopt] [file ...]" >&2; exit 1 ;; esac done shift $((OPTIND - 1)) @@ -47,9 +47,9 @@ for c in $clip; do nclip=$((nclip + 1)); done case $clip in tmux) test "$tmux" || exit 1 - GPM_COPY_INCMD='tmux loadb -b _gpm -' - GPM_COPY_OUTCMD='tmux showb -b _gpm' - GPM_COPY_DELCMD='tmux deleteb -b _gpm' + GPM_COPY_INCMD='tmux loadb -b _secstore -' + GPM_COPY_OUTCMD='tmux showb -b _secstore' + GPM_COPY_DELCMD='tmux deleteb -b _secstore' ;; primary) test "$primary" || exit 1 @@ -80,13 +80,13 @@ else if [ "$#" -gt 0 ]; then for i; do printf %s\\n "$i"; done else - gpm ls + secstore ls fi | $selector )" fi if $justprint; then - gpm show "$pw" + secstore show "$pw" else - gpm copy "$pw" + secstore copy "$pw" fi blob - /dev/null blob + 53b2403352bf96e2dd99b4cfa5b6647477ef263a (mode 644) --- /dev/null +++ TODO @@ -0,0 +1,3 @@ +- Add recursive remove +- Add directory move +- Allow unencrypted storage blob - 3f4c6215578c0088749e90727d005c3ac6259377 blob + 06a0cba8fb1f58f31a111a6b97c95b9a0b5c00fc --- secstore.1 +++ secstore.1 @@ -33,8 +33,6 @@ or a custom command (see .Sx ENVIRONMENT ) . .Nm provides several commands for manipulating secrets. -Commands may be specified by their shortest unique prefix (all characters -after are ignored). Commands may accept additional arguments. Commands may be preceeded by global options as follows: .Bl -tag -width Ds @@ -47,10 +45,11 @@ Overrides The .Nm commands are as follows: -.Bl -tag -width Ds +.Pp +.Bl -tag -compact -width Ds .It Xo .Cm add -.Op Fl Nnm +.Op Fl fm .Ar name .Xc Create a new secret @@ -59,28 +58,20 @@ The new secret is read from stdin. If used from a TTY without the .Fl m flag, a single line is read twice, and not echoed. -Otherwise, an arbitrary amount of lines is read normally once. -If -.Fl n -is specified without -.Fl N -chop off any last newline character of input. +Otherwise, an arbitrary amount of lines is read once (and echoed). +Unless +.Fl f +is specified, overwriting existing secrets is not allowed. .Pp -Options in the -.Ev SECSTORE_ADD -environment variable are passed to -.Nm -.Cm add -automatically, before any options specified on the command line. .It Xo .Cm copy -.Op Fl Nn .Op Fl d Ar delcmd .Op Fl i Ar incmd .Op Fl o Ar outcmd .Op Fl s Ar time .Ar name .Xc +.Dl Pq alias: Cm cp Copy the secret .Ar name by piping it to @@ -113,73 +104,53 @@ If is 0, .Ar delcmd is not run. -If -.Fl n -is specified without -.Fl N , -chop off any last newline character before passing the secret to -.Ar incmd . .Pp -Options in the -.Ev SECSTORE_COPY -environment variable are passed to -.Nm -.Cm copy -automatically, before any options specified on the command line. -.It Cm ls -List existing secrets, using the command in -.Ev SECSTORE_LSCMD -if set. +.It Cm list +.Dl Pq alias: Cm ls +Produce a complete file listing for the secret storage. .Pp -Options in the -.Ev SECSTORE_LS -environment variable are passed to -.Nm -.Cm ls -automatically, before any options specified on the command line. -.It Cm mv Ar from Ar to +.It Xo +.Cm move +.Op Fl f +.Ar source +.Ar target +.Xc +.It Xo +.Cm move +.Op Fl f +.Ar source ... +.Ar directory +.Xc +.Dl Pq alias: Cm mv Rename secret -.Ar from +.Ar source to -.Ar to . +.Ar target . +If more than two arguments are specified, or +.Ar target +ends with a slash +.Pq Ql / , +moves the +.Ar source +secrets to +.Ar directory . .Pp -Options in the -.Ev SECSTORE_MV -environment variable are passed to -.Nm -.Cm mv -automatically, before any options specified on the command line. -.It Cm rm Ar name ... +.It Xo +.Cm remove +.Op Fl f +.Ar name ... +.Xc +.Dl Pq alias: Cm rm Remove secrets specified on the command line. .Nm -will ask for confirmation before each removal. +will ask for confirmation before each removal, unless +.Fl f +is specified. .Pp -Options in the -.Ev SECSTORE_RM -environment variable are passed to -.Nm -.Cm rm -automatically, before any options specified on the command line. -.It Xo -.Cm show -.Op Fl Nn -.Ar name -.Xc +.It Cm print Ar name Decrypt the secret .Ar name , and print plaintext to stdout. -If -.Fl n -is specified without -.Fl N , -chop off any last newline character of output. -.Pp -Options in the -.Ev SECSTORE_SHOW -environment variable are passed to -.Nm -.Cm show -automatically, before any options specified on the command line. .El .Sh ENVIRONMENT .Bl -tag -width XDG_DATA_HOME @@ -189,7 +160,7 @@ Command used for encryption. if not set. .It Ev SECSTORE_DECCMD Command used for decryption. -.Dq gpg -d \-\- +.Dq gpg -dq \-\- if not set. .It Ev SECSTORE_DIR Directory in which the secrets are stored. @@ -216,8 +187,8 @@ is set. Tab-completion may be set, e.g. with .Xr ksh 1 : .Bd -literal -offset indent -set -A complete_secstore_1 -- add copy ls mv rm show -set -A complete_secstore -- $(secstore ls) +set -A complete_secstore_1 -- add copy list move remove print +set -A complete_secstore -- $(secstore list) .Ed .Sh SEE ALSO .Xr gpass 1 , blob - 8c91f3cff74dd4d81d2b8da7c968adf69b4a18e3 blob + 50b960e8f37905fec59a15ad7a6d43463da3b276 --- version.mk +++ version.mk @@ -1 +1 @@ -V = 0.3 +V = 1.0