From bf99499751482886833ad7ce77930ba9a12b8a86 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 14 Nov 2013 22:57:59 -0200 Subject: Support for encrypting a whole tree (closes #21) --- share/man/keyringer.1.mdwn | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'share/man/keyringer.1.mdwn') diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index ee035e3..876f774 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -94,10 +94,12 @@ edit <*secret*> encrypt <*secret*> [*file*] : Encrypts content from standard input or *file* into *secret* pathname. No spaces - are supported in the *secret* name. + are supported in the *secret* name. If *file* is actually a folder, keyringer + will recursivelly encrypt all it's contents. -encrypt-batch <*secret*> -: Encrypt content, batch mode. +encrypt-batch <*secret*> [*file*] +: Encrypt content, batch mode. Behavior is identical to *encrypt* action, but less + verbose. Useful inside scripts. genpair <*ssh*|*gpg*|*ssl*|*ssl-self*> [*options*] : Wrapper to generate encryption key-pairs, useful for automated key deployment. -- cgit v1.2.3 From 1297148b7c48f8c9c6677c133ad8b22cd6572c0e Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Mon, 25 Nov 2013 22:58:20 -0200 Subject: Fix manpage formatting at 'recipients' action --- share/man/keyringer.1 | 64 ++++++++++++++++++++++++---------------------- share/man/keyringer.1.mdwn | 2 +- 2 files changed, 35 insertions(+), 31 deletions(-) (limited to 'share/man/keyringer.1.mdwn') diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index 99a49bc..35755ae 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -113,11 +113,15 @@ variable and then re-encrypting it. Encrypts content from standard input or \f[I]file\f[] into \f[I]secret\f[] pathname. No spaces are supported in the \f[I]secret\f[] name. +If \f[I]file\f[] is actually a folder, keyringer will recursivelly +encrypt all it\[aq]s contents. .RS .RE .TP -.B encrypt-batch <\f[I]secret\f[]> +.B encrypt-batch <\f[I]secret\f[]> [\f[I]file\f[]] Encrypt content, batch mode. +Behavior is identical to \f[I]encrypt\f[] action, but less verbose. +Useful inside scripts. .RS .RE .TP @@ -193,41 +197,41 @@ aliases. .PP Keyringer uses a default recipients file, but specifying a custom \f[I]recipients-file\f[] pathname will override this default. +.PP For instance, if a user encrypts a secret to a file in the keyring repository\[aq]s \f[I]accounting\f[] folder, a \f[I]recipients-file\f[] under \f[I]accounting\f[] will be used. Encrypting a secret into \f[I]accounting/bank-accounts\f[] will result -in a file +in a file \f[C]$KEYRING_FOLDER/keys/accounting/bank-accounts.asc\f[] +encrypted using the public keys listed in the config +file\f[C]$KEYRING_FOLDER/config/recipients/accounting\f[]. +.PP +Each line in a recipients file has entries in the format +\[aq]john\@doe.com XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\[aq], where +\f[I]john\@doe.com\f[] is an alias for the GPG public key whose +fingerprint is \f[I]XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.\f[] +.PP +All lines starting with the hash (#) character are interpreted as +comments. +.PP +Parameters to the \f[I]recipients\f[] action are: +.TP +.B \f[I]ls\f[] +List all existing recipients files. +.RS .RE +.TP +.B \f[I]edit\f[] +Create or edit a recipients file. +.RS .PP -\f[C]$KEYRING_FOLDER/keys/accounting/bank-accounts.asc\f[] encrypted -using the public keys listed in the config -file\f[C]$KEYRING_FOLDER/config/recipients/accounting\f[]. -.IP -.nf -\f[C] -Each\ line\ in\ a\ recipients\ file\ has\ entries\ in\ the\ format -\[aq]john\@doe.com\ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\[aq],\ where\ *john\@doe.com* -is\ an\ alias\ for\ the\ GPG\ public\ key\ whose\ fingerprint\ is -*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.* - -All\ lines\ starting\ with\ the\ hash\ (#)\ character\ are\ interpreted\ as\ comments. - -Parameters\ to\ the\ *recipients*\ action\ are: - -\ \ *ls* -\ \ :\ \ \ List\ all\ existing\ recipients\ files. - -\ \ *edit* -\ \ :\ \ \ Create\ or\ edit\ a\ recipients\ file. - -\ \ \ \ \ \ Editing\ happens\ using\ the\ editor\ specified\ by\ the\ `$EDITOR` -\ \ \ \ \ \ environment\ variable. - -\ \ \ \ \ \ The\ required\ parameter\ *recipients-file*\ is\ interpreted\ relative -\ \ \ \ \ \ to\ the\ `$KEYRING_FOLDER/config/recipients/`\ folder. -\f[] -.fi +Editing happens using the editor specified by the \f[C]$EDITOR\f[] +environment variable. +.PP +The required parameter \f[I]recipients-file\f[] is interpreted relative +to the \f[C]$KEYRING_FOLDER/config/recipients/\f[] folder. +.RE +.RE .SH FILES .PP $HOME/.keyringer/config : User\[aq]s main configuration file used to map diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index 876f774..d2156d8 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -155,7 +155,7 @@ recipients <*ls*|*edit*> <*recipients-file*> For instance, if a user encrypts a secret to a file in the keyring repository's *accounting* folder, a *recipients-file* under *accounting* will be used. Encrypting a secret into *accounting/bank-accounts* will result in a file - `$KEYRING_FOLDER/keys/accounting/bank-accounts.asc` encrypted using the public + `$KEYRING_FOLDER/keys/accounting/bank-accounts.asc` encrypted using the public keys listed in the config file`$KEYRING_FOLDER/config/recipients/accounting`. Each line in a recipients file has entries in the format -- cgit v1.2.3 From 17bfa3c574c8a44614053410edf06791cb432dbc Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 26 Nov 2013 16:18:55 -0200 Subject: New actions: tree and rm (alias for del) --- ChangeLog | 4 ++++ lib/keyringer/actions/rm | 1 + lib/keyringer/actions/tree | 19 +++++++++++++++++++ lib/keyringer/completions/bash/keyringer | 2 +- lib/keyringer/completions/zsh/_keyringer | 2 +- share/man/keyringer.1.mdwn | 8 ++++++++ 6 files changed, 34 insertions(+), 2 deletions(-) create mode 120000 lib/keyringer/actions/rm create mode 100755 lib/keyringer/actions/tree (limited to 'share/man/keyringer.1.mdwn') diff --git a/ChangeLog b/ChangeLog index 9fe7aa5..343d7d6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2013-11-26 - Silvio Rhatto + Added 'tree' action + + Added 'rm' alias to 'del' action + Set .gitignore during initialization and when using tmp inside the repository Pass options to git-rm at del action diff --git a/lib/keyringer/actions/rm b/lib/keyringer/actions/rm new file mode 120000 index 0000000..1a7ac23 --- /dev/null +++ b/lib/keyringer/actions/rm @@ -0,0 +1 @@ +del \ No newline at end of file diff --git a/lib/keyringer/actions/tree b/lib/keyringer/actions/tree new file mode 100755 index 0000000..2033abd --- /dev/null +++ b/lib/keyringer/actions/tree @@ -0,0 +1,19 @@ +#!/bin/bash +# +# List keys. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Aditional parameters +CWD="`pwd`" + +# Avoid leading slash +shift +ARGS="`echo "$*" | sed -e "s|^/*||"`" + +# Run list command +cd "$KEYDIR" && tree $ARGS +cd "$CWD" diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer index bbd49f5..eeda27f 100644 --- a/lib/keyringer/completions/bash/keyringer +++ b/lib/keyringer/completions/bash/keyringer @@ -94,7 +94,7 @@ _keyringer() { recipients) opts="ls edit" ;; - ls|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|recrypt|open) + ls|tree|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open) cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash opts="$(bash -c "set -f && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" ;; diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index 5d0a64c..5717b00 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -50,7 +50,7 @@ _keyringer() { recipients) compadd "$@" ls edit ;; - ls|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|recrypt|open) + ls|tree|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open) words[4]="`echo $words[4] | sed -e "s|^/*||"`" # avoid leading slash compadd "$@" $(KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null) ;; diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index d2156d8..d4b71e3 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -56,6 +56,11 @@ ls <*path*> if *path* is specified. Like the git wrapper, this is a wrapper around the *LS(1)* command. +tree <*path*> +: List contents from the toplevel repository *keys* folder or from relative paths + if *path* is specified using a tree-like format. Like the ls wrapper, this is a + wrapper around the *TREE(1)* command. + # SECRET MANIPULATION ACTIONS All secret manipulation actions operate upon a *secret* which is the pathname @@ -88,6 +93,9 @@ del <*secret*> To completely remove a file from a keyring, you should also rewrite the Git history yourself. +rm <*secret*> +: Alias for *del* action. + edit <*secret*> : Edit a secret by temporarily decrypting it, opening the decrypted copy into the text editor defined by the *$EDITOR* environment variable and then re-encrypting it. -- cgit v1.2.3