diff options
| -rw-r--r-- | .gitlab-ci.yml | 101 | ||||
| -rw-r--r-- | ChangeLog | 28 | ||||
| -rw-r--r-- | Makefile | 37 | ||||
| -rw-r--r-- | development.md | 12 | ||||
| -rwxr-xr-x | keyringer | 12 | ||||
| -rwxr-xr-x | lib/keyringer/actions/check | 5 | ||||
| -rwxr-xr-x | lib/keyringer/actions/sclip | 9 | ||||
| l--------- | lib/keyringer/actions/search | 1 | ||||
| l--------- | lib/keyringer/actions/ssearch | 1 | ||||
| -rwxr-xr-x | lib/keyringer/actions/xclip | 9 | ||||
| -rw-r--r-- | lib/keyringer/completions/bash/keyringer | 5 | ||||
| -rw-r--r-- | lib/keyringer/completions/zsh/_keyringer | 4 | ||||
| -rwxr-xr-x | lib/keyringer/functions | 4 | ||||
| -rw-r--r-- | share/man/keyringer.1 | 62 | ||||
| -rw-r--r-- | share/man/keyringer.1.md | 34 |
15 files changed, 283 insertions, 41 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..0fe0fed --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,101 @@ +--- +variables: + KEYRINGER_NON_INTERACTIVE: "1" + +debian: + image: debian:testing + script: + # Configure pbuilder + # + # This should be done before pbuilder is installed. + # Pbuilder is a dependency of git-buildpackage. + # + # With doing this, pbuilder may fail to detect MIRRORSITE during package installation, + # giving errors like + # + # Configuring pbuilder + # -------------------- + # Default mirror not found + # Mirror information detection failed and the user provided no mirror + # information. + # Please enter valid mirror information. + # Please enter the default mirror you want to be used by pbuilder. + # If you leave this field blank, there will be one attempt to autodetect this + # information. If this attempt fails, you will be prompted again to insert some + # valid mirror information. + # Here is a valid mirror example: http://deb.debian.org/debian + # Default mirror site: + # Use of uninitialized value $_[1] in join or string at + # /usr/share/perl5/Debconf/DbDriver/Stack.pm line 112. + # + # As of 2025-01-04, it seems this bug was still not reported upstream. + - echo 'DISTRIBUTION=sid' > /etc/pbuilderrc + - echo 'MIRRORSITE=http://http.debian.net/debian/' >> /etc/pbuilderrc + + # Install dependencies + - apt-get update + - apt-get install -y git + - apt-get install -y git-buildpackage lintian piuparts + + # Build the package + - git fetch --all + - git branch debian --track origin/debian || true + - git checkout debian + - git branch --set-upstream-to=origin/debian debian + - git pull + - gbp buildpackage --git-ignore-new --git-upstream-signatures=no --git-no-sign-tags -us -uc + + # Run lintian + # Usually gbp-buildpackage already calls lintian, but we run it again just to make sure + - lintian --allow-root -v --pedantic ../keyringer_*.deb + + # Run piuparts + #- piuparts ../keyringer*.deb + + # Save artifacts + - mkdir -p dist + - mv ../keyringer_*.* dist + artifacts: + paths: + - dist + +test: + image: debian:testing + script: + # Install keyringer from the distro packaging system + # This ensures the needed dependencies are installed + - apt-get update + - apt-get install -y keyringer + + # Import debian/upstream/signing-key.asc + - git fetch --all + - git branch debian --track origin/debian || true + - git checkout debian + - git branch --set-upstream-to=origin/debian debian + - git pull + - gpg --import < debian/upstream/signing-key.asc + + # Create a test keyring in the develop branch + - git branch develop --track origin/develop || true + - git checkout develop + - git branch --set-upstream-to=origin/develop develop + - git pull + - mkdir -p ~/temp/tests + - git config --global user.name 'Test' + - git config --global user.email 'test@example.org' + - ./keyringer test init ~/temp/tests/keyringer + + # Build the recipients configuration + # Explanation on the "paste" syntax is available at https://stackoverflow.com/a/9605450 + - gpg --with-colons --list-keys | grep "^uid" | head -1 | awk -F ':' '{ x = $10; gsub(/.*</, "", x); gsub(/>/, "", x); print x; }' > ~/temp/tests/recipients + - gpg --with-colons --list-public-keys --with-fingerprint | grep "^fpr" | head -1 | awk -F ':' '{ print $10 }' >> ~/temp/tests/recipients + - paste -d " " - - < ~/temp/tests/recipients > ~/temp/tests/keyringer/config/recipients/default + - rm ~/temp/tests/recipients + - ./keyringer test recipients ls + + # Test the keyring in the develop branch + # This will also test the expiration of the upstream signing key + - ./keyringer test check + + # Tear down the keyring in the develop branch + - ./keyringer test teardown -y @@ -1,7 +1,33 @@ -2022-08-19 - unreleased - Silvio Rhatto <rhatto@riseup.net> +2025-10-25 - unreleased - Silvio Rhatto <rhatto@riseup.net> + + Makefile: uninstall targets (thanks Spenser Truex <truex@equwal.com>). + + New "search" and "ssearch" actions. + +2025-01-04 - 0.6.0 - Silvio Rhatto <rhatto@riseup.net> + + Fix: check action now exits with non-zero status if there are expiring keys + in the keyring. + + Fix: removed shebang from the bash completion file (#9). + + Feat: GitLab CI support (#10). + + Feat: init: allow for non-interactive keyring creation, useful for + tests (#10). This is controlled by the KEYRINGER_NON_INTERACTIVE + environment variable: when set to "1", keyringer won't do any + interactive procedure related to the keyring initialization. + +2022-08-19 - 0.5.9 - Silvio Rhatto <rhatto@riseup.net> + + Fix: edit: check whether decryption suceeded + + Fix: xclip: avoid 'Error: target STRING not available' Moved docs to the README, favouring the GitLab repository over the site + New upstream repository: https://0xacab.org/rhatto/keyringer + 2022-08-19 - 0.5.8 - Silvio Rhatto <rhatto@riseup.net> Fix re-encryption when the secret hass NULL bytes @@ -21,6 +21,8 @@ MANDIR ?=$(PREFIX)/share/man ARCHIVE ?= tarballs INSTALL = /usr/bin/install +.PHONY: clean install_lib install_bin install_doc install_man install_completion install build_man tarball release debian web web_deploy uninstall + clean: find . -name *~ | xargs rm -f # clean local backups @@ -31,23 +33,56 @@ install_lib: $(INSTALL) -D -m 0755 -d share/keyringer/editors $(DESTDIR)/$(PREFIX)/share/$(PACKAGE)/editors $(INSTALL) -D -m 0644 share/keyringer/editors/* $(DESTDIR)/$(PREFIX)/share/$(PACKAGE)/editors +uninstall_lib: + rm -f $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/functions + rm -f $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions/* + rmdir $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions 2> /dev/null || true + rmdir $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE) 2> /dev/null || true + rm -f $(DESTDIR)/$(PREFIX)/share/$(PACKAGE)/editors/* + rmdir $(DESTDIR)/$(PREFIX)/share/$(PACKAGE)/editors 2> /dev/null || true + rmdir $(DESTDIR)/$(PREFIX)/share/$(PACKAGE) 2> /dev/null || true + rmdir -p $(DESTDIR)/$(PREFIX)/lib 2>/dev/null || true + install_bin: $(INSTALL) -D -m 0755 keyringer $(DESTDIR)/$(PREFIX)/bin/keyringer +uninstall_bin: + rm -f $(DESTDIR)/$(PREFIX)/bin/keyringer + rmdir -p $(DESTDIR)/$(PREFIX)/bin 2>/dev/null || true + install_doc: $(INSTALL) -D -m 0644 index.md $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/README.md $(INSTALL) -D -m 0644 LICENSE $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/LICENSE +uninstall_doc: + rm -f $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/LICENSE + rm -f $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE)/README.md + rmdir $(DESTDIR)/$(PREFIX)/share/doc/$(PACKAGE) 2>/dev/null || true + rmdir $(DESTDIR)/$(PREFIX)/share/doc 2>/dev/null || true + install_man: $(INSTALL) -D -m 0644 share/man/keyringer.1 $(DESTDIR)/$(MANDIR)/man1/keyringer.1 +uninstall_man: + rm -f $(DESTDIR)/$(PREFIX)/share/man/man1/keyringer.1 + rmdir -p $(DESTDIR)/$(PREFIX)/share/man/man1 2> /dev/null || true + install_completion: $(INSTALL) -D -m 0644 lib/keyringer/completions/bash/keyringer $(DESTDIR)/$(PREFIX)/share/bash-completion/completions/keyringer $(INSTALL) -D -m 0644 lib/keyringer/completions/zsh/_keyringer $(DESTDIR)/$(PREFIX)/share/zsh/site-functions/_keyringer +uninstall_completion: + rm -f $(DESTDIR)/$(PREFIX)/share/zsh/site-functions/_keyringer + rm -f $(DESTDIR)/$(PREFIX)/share/bash-completion/completions/keyringer + rmdir -p $(DESTDIR)/$(PREFIX)/share/zsh/site-functions 2> /dev/null || true + rmdir -p $(DESTDIR)/$(PREFIX)/share/bash-completion/completions 2> /dev/null || true + install: clean @make install_lib install_bin install_doc install_man install_completion +uninstall: uninstall_completion uninstall_man uninstall_doc uninstall_bin uninstall_lib + rmdir -p $(DESTDIR)/$(PREFIX)/share 2>/dev/null || true + build_man: # Pipe output to sed to avoid http://lintian.debian.org/tags/hyphen-used-as-minus-sign.html # Fixed in http://johnmacfarlane.net/pandoc/releases.html#pandoc-1.10-2013-01-19 @@ -82,7 +117,7 @@ debian: # Fine tune debian/changelog prepared by git-dch dch -e git commit -a -m "Updating debian/changelog" - gbp buildpackage --git-tag-only --git-sign-tags + gbp buildpackage --git-tag-only --git-sign-tags --git-ignore-new web: @ikiwiki --setup ikiwiki.yaml diff --git a/development.md b/development.md index d439742..da74b5a 100644 --- a/development.md +++ b/development.md @@ -41,9 +41,14 @@ Push everything: git push --tags +If there are repository mirrors, ensure to push changes there as well. Example: + + git push all + git push all --tags + Build the package from the debian Git branch: - gbp buildpackage + gbp buildpackage --git-ignore-new Run lintian (or [add it to your pbuilder hooks](http://askubuntu.com/questions/140697/how-do-i-run-lintian-from-pbuilder-dist)): @@ -60,7 +65,10 @@ Cleanup symlink: Notes: -* `gbp import-orig` takes care of running `pristine-tar commit`, of merging of the tag and orig tarball into the upstream branch, and then it merges the result into the debian branch. With the above configuration, it also runs git-dch to do the bulk of the work in `debian/changelog`. +* `gbp import-orig` takes care of running `pristine-tar commit`, of merging of + the tag and orig tarball into the upstream branch, and then it merges the + result into the debian branch. With the above configuration, it also runs + git-dch to do the bulk of the work in `debian/changelog`. * To build a development package, checkout the debian branch, merge master, run `git-dch --auto --snapshot` and build. Packaging workflow @@ -112,10 +112,12 @@ function keyringer_init { fi # Edit default recipients - echo "Now you have to edit the default recipient configuration to be able to encrypt secrets." - echo "Press any key to proceed editing..." - read key - keyringer_exec recipients "$BASEDIR" edit default + if [ "$KEYRINGER_NON_INTERACTIVE" != "1" ]; then + echo "Now you have to edit the default recipient configuration to be able to encrypt secrets." + echo "Press any key to proceed editing..." + read key + keyringer_exec recipients "$BASEDIR" edit default + fi # Stage and commit keyringer_exec git "$BASEDIR" add . @@ -140,7 +142,7 @@ function keyringer_dispatch { # Config NAME="keyringer" -KEYRINGER_VERSION="0.5.8" +KEYRINGER_VERSION="0.6.0" CONFIG_VERSION="0.1" CONFIG_BASE="$HOME/.$NAME" CONFIG="$CONFIG_BASE/config" diff --git a/lib/keyringer/actions/check b/lib/keyringer/actions/check index 8722381..58adaf5 100755 --- a/lib/keyringer/actions/check +++ b/lib/keyringer/actions/check @@ -27,3 +27,8 @@ source "$LIB" maintenance $* || exit 1 # This should be done here: # TODO: Check canaries' timestamps, warning by mail if configured by user preferences. + +# Since this is the check action, it should exit whenever there's a warning +if [ "$KEYRINGER_HAS_EXPIRING_KEYS" == "1" ]; then + exit 1 +fi diff --git a/lib/keyringer/actions/sclip b/lib/keyringer/actions/sclip index de9c3b5..e513e8d 100755 --- a/lib/keyringer/actions/sclip +++ b/lib/keyringer/actions/sclip @@ -7,9 +7,16 @@ LIB="`dirname $0`/../functions" source "$LIB" read $* || exit 1 +# Determine action +if [ "$(basename "$0")" == "ssearch" ]; then + action="search" +else + action="xclip" +fi + # Clip password shift -keyringer $KEYRING xclip $* +keyringer $KEYRING $action $* # Se window switch combo if [ -z "$XDOTOOL_NEXT_WINDOW" ]; then diff --git a/lib/keyringer/actions/search b/lib/keyringer/actions/search new file mode 120000 index 0000000..8b8c16c --- /dev/null +++ b/lib/keyringer/actions/search @@ -0,0 +1 @@ +xclip
\ No newline at end of file diff --git a/lib/keyringer/actions/ssearch b/lib/keyringer/actions/ssearch new file mode 120000 index 0000000..10534ec --- /dev/null +++ b/lib/keyringer/actions/ssearch @@ -0,0 +1 @@ +sclip
\ No newline at end of file diff --git a/lib/keyringer/actions/xclip b/lib/keyringer/actions/xclip index ff82cc1..a189545 100755 --- a/lib/keyringer/actions/xclip +++ b/lib/keyringer/actions/xclip @@ -57,8 +57,15 @@ if ! which xclip &> /dev/null; then exit 1 fi +# Find our search mode +if [ "$(basename "$0")" == "search" ] && [ -z "$2" ]; then + read -p "Enter option (Ctrl-C to abort): " query +else + query="$2" +fi + # Get file -keyringer_get_file "$2" +keyringer_get_file "$query" # Decrypt pass="$($GPG --use-agent -d "$KEYDIR/$FILE" | head -n 1)" diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer index 10b852e..3e70e4c 100644 --- a/lib/keyringer/completions/bash/keyringer +++ b/lib/keyringer/completions/bash/keyringer @@ -1,10 +1,9 @@ -#!bash # # Keyringer bash completion # if [[ -n ${ZSH_VERSION-} ]]; then - autoload -U +X bashcompinit && bashcompinit + autoload -U +X bashcompinit && bashcompinit fi # Completion for git subcommand @@ -93,7 +92,7 @@ _keyringer() { recipients) opts="ls edit" ;; - ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) + ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|search|ssearch|find|mv|cp) cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" ;; diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index 7562352..0ac6c7f 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -49,7 +49,7 @@ _keyringer() { recipients) compadd "$@" ls edit ;; - ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) + ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|search|ssearch|find|mv|cp) words[4]="`echo $words[4] | sed -e "s|^/*||"`" # avoid leading slash compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null) ;; @@ -96,7 +96,7 @@ _keyringer() { true fi ;; - esac + esac } _keyringer "$@" diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 308d0ea..d9b97e3 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -467,7 +467,7 @@ function keyringer_get_file { done echo "" - read -p "Enter option (Ctrl-C to abort): " option + read -p "Enter number, secret name or pattern (Ctrl-C to abort): " option if [[ "$option" =~ ^[0-9]+$ ]] && [ ! -z "${candidates[$option]}" ]; then FILE="$(keyringer_filename "$RELATIVE_PATH/${candidates[$option]}")" @@ -766,6 +766,8 @@ function keyringer_check_expiration { if [[ "$ahead" -gt "$expiry" ]] && [ "$BASENAME" == "check" ]; then echo "Warning: subkey from $recipient will expire soon, on `date --date="@$expiry"`" + + KEYRINGER_HAS_EXPIRING_KEYS="1" fi fi done diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index 9e60ae0..6435ac9 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -1,5 +1,19 @@ -.\" Automatically generated by Pandoc 2.9.2.1 +.\" Automatically generated by Pandoc 2.17.1.1 .\" +.\" Define V font for inline verbatim, using C font in formats +.\" that render this, and otherwise B font. +.ie "\f[CB]x\f[]"x" \{\ +. ftr V B +. ftr VI BI +. ftr VB B +. ftr VBI BI +.\} +.el \{\ +. ftr V CR +. ftr VI CI +. ftr VB CB +. ftr VBI CBI +.\} .TH "KEYRINGER" "1" "Oct 25, 2013" "Keyringer User Manual" "" .hy .SH NAME @@ -48,7 +62,7 @@ After initialization, \f[I]path\f[R] will contain a folder structure for storing secrets and metadata (user aka recipients, groups of recipients, etc). .PP -Also, an entry will be added to \f[C]$HOME/.keyringer/config\f[R] +Also, an entry will be added to \f[V]$HOME/.keyringer/config\f[R] allowing keyringer to find the keyring by its alias. .RE .TP @@ -104,9 +118,9 @@ Run maintenance checks in a keyring. .PP All secret manipulation actions operate upon a \f[I]secret\f[R] which is the pathname of an encrypted file relative to the keyring with optional -\f[C].asc\f[R] extension. +\f[V].asc\f[R] extension. .PP -If the \f[C].asc\f[R] extension is omitted, keyringer will add it at the +If the \f[V].asc\f[R] extension is omitted, keyringer will add it at the end of the pathname. .PP No spaces are allowed in the secret name. @@ -206,24 +220,44 @@ secrets. recrypt <\f[I]secret\f[R]> Re-encrypts a secret by decrypting it and encrypting it again. Useful when users are added into the recipient configuration. +.RS +.PP If no \f[I]secret\f[R] is given, all secrets in the repository are re-encrypted. +.RE .TP -clip <\f[I]secret\f[R]> +clip [\f[I]query\f[R]] Copy the first line of a secret to the clipboard, following password-store convention. +.RS +.PP +If the query does not exactly match an existing secret, a interactive +prompt menu is shown, helping selecting the secret. +.RE .TP -xclip <\f[I]secret\f[R]> -Alias to clip action. +xclip [\f[I]query\f[R]] +Alias to the clip action. .TP -sclip <\f[I]secret\f[R]> -Same as clip action, but sleeps five seconds, overwrite clipboard and +sclip [\f[I]query\f[R]] +Invokes the clip action, sleeps five seconds, overwrite clipboard and exit. +.RS +.PP If xdotool is available, it also switches to the next window using the alt+Tab shortcut. This action is useful to be invoked by a custom key combo in a window manager so it becomes easy to provide keyringer managed passphrases to other applications such as a web browser. +.RE +.TP +search [\f[I]query\f[R]] +Similar to the clip action, but without showing the initial selection +menu: instead, it just shows a prompt if the query does not exactly +match an existing single. +.TP +ssearch [\f[I]query\f[R]] +Like the the sclip action, but invokes the search instead of the clip +action. .SH CONFIGURATION ACTIONS .TP commands @@ -247,7 +281,7 @@ List, edit or add \f[I]user\f[R] preferences for a given repository. .RS .PP User preferences are settings which are saved in the user\[cq]s -keyringer folder (\f[C]$HOME/.keyringer/\f[R]), and not shared with the +keyringer folder (\f[V]$HOME/.keyringer/\f[R]), and not shared with the other users. .PP Preferences are written using the \f[I]KEY=VALUE\f[R] syntax. @@ -276,9 +310,9 @@ For instance, if a user encrypts a secret to a file in the keyring repository\[cq]s \f[I]accounting\f[R] folder, a \f[I]recipients-file\f[R] under \f[I]accounting\f[R] will be used. Encrypting a secret into \f[I]accounting/bank-accounts\f[R] will result -in a file \f[C]$KEYRING_FOLDER/keys/accounting/bank-accounts.asc\f[R] +in a file \f[V]$KEYRING_FOLDER/keys/accounting/bank-accounts.asc\f[R] encrypted using the public keys listed in the config -file\f[C]$KEYRING_FOLDER/config/recipients/accounting\f[R]. +file\f[V]$KEYRING_FOLDER/config/recipients/accounting\f[R]. .PP Each line in a recipients file has entries in the format `john\[at]doe.com XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', where @@ -297,11 +331,11 @@ List all existing recipients files. Create or edit a recipients file. .RS .PP -Editing happens using the editor specified by the \f[C]$EDITOR\f[R] +Editing happens using the editor specified by the \f[V]$EDITOR\f[R] environment variable. .PP The required parameter \f[I]recipients-file\f[R] is interpreted relative -to the \f[C]$KEYRING_FOLDER/config/recipients/\f[R] folder. +to the \f[V]$KEYRING_FOLDER/config/recipients/\f[R] folder. .RE .RE .SH FILES diff --git a/share/man/keyringer.1.md b/share/man/keyringer.1.md index 8acd747..082999b 100644 --- a/share/man/keyringer.1.md +++ b/share/man/keyringer.1.md @@ -178,20 +178,34 @@ pwgen <*secret*> [*size*] recrypt <*secret*> : Re-encrypts a secret by decrypting it and encrypting it again. Useful when users are added - into the recipient configuration. If no *secret* is given, all secrets in the repository - are re-encrypted. + into the recipient configuration. -clip <*secret*> + If no *secret* is given, all secrets in the repository are re-encrypted. + +clip [*query*] : Copy the first line of a secret to the clipboard, following password-store convention. -xclip <*secret*> -: Alias to clip action. + If the query does not exactly match an existing secret, a interactive + prompt menu is shown, helping selecting the secret. + +xclip [*query*] +: Alias to the clip action. + +sclip [*query*] +: Invokes the clip action, sleeps five seconds, overwrite clipboard and exit. + + If xdotool is available, it also switches to the next window using the + alt+Tab shortcut. This action is useful to be invoked by a custom key combo + in a window manager so it becomes easy to provide keyringer managed + passphrases to other applications such as a web browser. + +search [*query*] +: Similar to the clip action, but without showing the initial selection menu: + instead, it just shows a prompt if the query does not exactly match an + existing single. -sclip <*secret*> -: Same as clip action, but sleeps five seconds, overwrite clipboard and exit. If xdotool - is available, it also switches to the next window using the alt+Tab shortcut. This action - is useful to be invoked by a custom key combo in a window manager so it becomes easy to - provide keyringer managed passphrases to other applications such as a web browser. +ssearch [*query*] +: Like the the sclip action, but invokes the search instead of the clip action. # CONFIGURATION ACTIONS |