itgenerate random password for new tombs - coffin - secure lan file storage on a device Err parazyd.org 70 hgit clone git://parazyd.org/coffin.git URL:git://parazyd.org/coffin.git parazyd.org 70 1Log /git/coffin/log.gph parazyd.org 70 1Files /git/coffin/files.gph parazyd.org 70 1Refs /git/coffin/refs.gph parazyd.org 70 1Submodules /git/coffin/file/.gitmodules.gph parazyd.org 70 1README /git/coffin/file/README.md.gph parazyd.org 70 1LICENSE /git/coffin/file/LICENSE.gph parazyd.org 70 i--- Err parazyd.org 70 1commit 6220dc5a83eeff6355d94ce2b4243b8d932cd83c /git/coffin/commit/6220dc5a83eeff6355d94ce2b4243b8d932cd83c.gph parazyd.org 70 1parent 553b392eaf2505455427ce9c4d5bee583574261a /git/coffin/commit/553b392eaf2505455427ce9c4d5bee583574261a.gph parazyd.org 70 hAuthor: parazyd URL:mailto:parazyd@dyne.org parazyd.org 70 iDate: Mon, 7 Mar 2016 16:29:23 +0100 Err parazyd.org 70 i Err parazyd.org 70 igenerate random password for new tombs Err parazyd.org 70 i Err parazyd.org 70 iDiffstat: Err parazyd.org 70 i M README.md | 2 ++ Err parazyd.org 70 i M bin/sacrist | 117 ++++++++++++++++--------------- Err parazyd.org 70 i Err parazyd.org 70 i2 files changed, 62 insertions(+), 57 deletions(-) Err parazyd.org 70 i--- Err parazyd.org 70 1diff --git a/README.md b/README.md /git/coffin/file/README.md.gph parazyd.org 70 it@@ -11,6 +11,8 @@ Once you plug in your key again, that same tomb will be closed and your Err parazyd.org 70 i files are once again unreadable. Err parazyd.org 70 i Err parazyd.org 70 i ## Notes Err parazyd.org 70 i+* `gmakehook` can be used to create tombox hooks in a more user-friendly Err parazyd.org 70 i+ manner. It is a GUI (zenity) helper script. Err parazyd.org 70 i Err parazyd.org 70 i ## Installation Err parazyd.org 70 i Err parazyd.org 70 1diff --git a/bin/sacrist b/bin/sacrist /git/coffin/file/bin/sacrist.gph parazyd.org 70 it@@ -8,9 +8,12 @@ device=$1 Err parazyd.org 70 i happenz=$2 Err parazyd.org 70 i keyuuid=$(blkid $device | awk -F\" '{print $2}') Err parazyd.org 70 i Err parazyd.org 70 i- Err parazyd.org 70 i typeset -H keypass Err parazyd.org 70 i+typeset -H keyuuid Err parazyd.org 70 i typeset -H undertaker Err parazyd.org 70 i+typeset -H graveyard Err parazyd.org 70 i+typeset -H tombs Err parazyd.org 70 i+typeset -H tombpasswd Err parazyd.org 70 i Err parazyd.org 70 i # Vars Err parazyd.org 70 i graveyard="/home/graveyard" # Our graveyard, with all the tombs Err parazyd.org 70 it@@ -23,21 +26,58 @@ hooks="$coffindot/hook" Err parazyd.org 70 i tomb="/usr/local/bin/tomb" Err parazyd.org 70 i tombpasswd="$graveyard/passwd" Err parazyd.org 70 i Err parazyd.org 70 i-# Hook syntax Err parazyd.org 70 i-# create:username:tombname:tombsize:passphrase Err parazyd.org 70 i- Err parazyd.org 70 i # Debugs Err parazyd.org 70 i print "Arg1: $1" Err parazyd.org 70 i print "Arg2: $2" Err parazyd.org 70 i print "Device path is: $device" Err parazyd.org 70 i print "Device UUID is: $keyuuid" Err parazyd.org 70 i Err parazyd.org 70 i-# {{{ Functions Err parazyd.org 70 i-_mountkey() { Err parazyd.org 70 i- mkdir -p $keymount Err parazyd.org 70 i- mount $device $keymount Err parazyd.org 70 i+# {{{ msg Err parazyd.org 70 i+_msg() { Err parazyd.org 70 i+ if [[ $1 == "error" ]]; then Err parazyd.org 70 i+ print "\e[1;31m[E] \e[0;31m$2 \e[0m" Err parazyd.org 70 i+ elif [[ $1 == "warn" ]]; then Err parazyd.org 70 i+ print "\e[1;33m[W] \e[0;33m$2 \e[0m" Err parazyd.org 70 i+ elif [[ $1 == "info" ]]; then Err parazyd.org 70 i+ print "\e[1;34m[i] \e[0;34m$2 \e[0m" Err parazyd.org 70 i+ fi Err parazyd.org 70 i } Err parazyd.org 70 i+# }}} Err parazyd.org 70 i Err parazyd.org 70 i+_umountkey() { umount $keymount; rmdir $keymount } Err parazyd.org 70 i+_mountkey() { mkdir -p $keymount; mount $device $keymount } Err parazyd.org 70 i+ Err parazyd.org 70 i+_hashkey() { cat $coffindot/$tombid.key | sha512sum | awk -F" " '{print $1}' } Err parazyd.org 70 i+ Err parazyd.org 70 i+_comparekey() { Err parazyd.org 70 i+ keyhash=$(_hashkey) Err parazyd.org 70 i+ if [[ ( $(cat $tombs | grep $keyhash | grep $keyuuid) ) ]]; then Err parazyd.org 70 i+ happenz=close Err parazyd.org 70 i+ else Err parazyd.org 70 i+ happenz=open Err parazyd.org 70 i+ fi Err parazyd.org 70 i+} Err parazyd.org 70 i+ Err parazyd.org 70 i+_hooks() { Err parazyd.org 70 i+ for entry in $(cat $hooks); do Err parazyd.org 70 i+ let hook=$hook+1 Err parazyd.org 70 i+ _msg info "Found hook $hook..." Err parazyd.org 70 i+ Err parazyd.org 70 i+ # Check what's hook supposed to do Err parazyd.org 70 i+ if [[ ${entry[(ws@:@)1]} == "create" ]]; then Err parazyd.org 70 i+ _create_new_tomb Err parazyd.org 70 i+ elif [[ ${entry[(ws@:@)1]} == "delete" ]]; then Err parazyd.org 70 i+ #DELETE TOMB Err parazyd.org 70 i+ elif [[ ${entry[(ws@:@)1]} == "backup" ]]; then Err parazyd.org 70 i+ # do backup Err parazyd.org 70 i+ else Err parazyd.org 70 i+ _msg error "No valid hook syntax on hook $hook" Err parazyd.org 70 i+ fi Err parazyd.org 70 i+ rm $hooks && _msg info "Removed $hooks" Err parazyd.org 70 i+ done Err parazyd.org 70 i+} Err parazyd.org 70 i+ Err parazyd.org 70 i+# {{{ ttabmagic Err parazyd.org 70 i _ttabmagic() { Err parazyd.org 70 i # Loop entire ttab and do stuff for tombs that want to be opened Err parazyd.org 70 i _msg info "Doing ttab magic..." Err parazyd.org 70 it@@ -68,7 +108,7 @@ _ttabmagic() { Err parazyd.org 70 i keypass=$(cat $tombpasswd | grep $keyhash | awk -F: '{print $2}') Err parazyd.org 70 i print "Tomb passphrase: $keypass" Err parazyd.org 70 i sudo -u $undertaker $tomb open $graveyard/$tombid.tomb -k $coffindot/$tombid.key \ Err parazyd.org 70 i- --unsafe --tomb-pwd "$keypass" # Deal with this Err parazyd.org 70 i+ --unsafe --tomb-pwd "$keypass" Err parazyd.org 70 i Err parazyd.org 70 i if [[ -d "/media/$tombid" ]]; then Err parazyd.org 70 i print "$undertaker:$keyhash:$keyuuid" >> $tombs && chmod 600 $tombs && _msg info "Added info to $tombs" Err parazyd.org 70 it@@ -80,45 +120,19 @@ _ttabmagic() { Err parazyd.org 70 i done Err parazyd.org 70 i umount $keymount && rmdir $keymount && _msg info "Unmounted and deleted $keymount" Err parazyd.org 70 i } Err parazyd.org 70 i+# }}} Err parazyd.org 70 i Err parazyd.org 70 i-_hashkey() { Err parazyd.org 70 i- cat $coffindot/$tombid.key | sha512sum | awk -F" " '{print $1}' Err parazyd.org 70 i-} Err parazyd.org 70 i- Err parazyd.org 70 i-_comparekey() { Err parazyd.org 70 i- keyhash=$(_hashkey) Err parazyd.org 70 i- if [[ ( $(cat $tombs | grep $keyhash | grep $keyuuid) ) ]]; then Err parazyd.org 70 i- happenz=close Err parazyd.org 70 i- else Err parazyd.org 70 i- happenz=open Err parazyd.org 70 i- fi Err parazyd.org 70 i-} Err parazyd.org 70 i- Err parazyd.org 70 i-_hooks() { Err parazyd.org 70 i- for entry in $(cat $hooks); do Err parazyd.org 70 i- let hook=$hook+1 Err parazyd.org 70 i- _msg info "Found hook $hook..." Err parazyd.org 70 i- Err parazyd.org 70 i- # Check what's hook supposed to do Err parazyd.org 70 i- if [[ ${entry[(ws@:@)1]} == "create" ]]; then Err parazyd.org 70 i- _create_new_tomb Err parazyd.org 70 i- elif [[ ${entry[(ws@:@)1]} == "delete" ]]; then Err parazyd.org 70 i- #DELETE TOMB Err parazyd.org 70 i- elif [[ ${entry[(ws@:@)1]} == "foo" ]]; then Err parazyd.org 70 i- # do foo Err parazyd.org 70 i- else Err parazyd.org 70 i- _msg error "No valid hook syntax on hook $hook" Err parazyd.org 70 i- fi Err parazyd.org 70 i- rm $hooks && _msg info "Removed $hooks" Err parazyd.org 70 i- done Err parazyd.org 70 i-} Err parazyd.org 70 i- Err parazyd.org 70 i+# {{{ _create_new_tomb Err parazyd.org 70 i _create_new_tomb() { Err parazyd.org 70 i+ # TODO: options for webdav, sshfs, ipfs Err parazyd.org 70 i+ # TODO: recognize custom post/bind hooks and implement them inside the new tomb Err parazyd.org 70 i+ # TODO: delete/backup/foo hooks Err parazyd.org 70 i+ Err parazyd.org 70 i _msg info "Creating new tomb!" Err parazyd.org 70 i undertaker=${entry[(ws@:@)2]} Err parazyd.org 70 i tombid=${entry[(ws@:@)3]} Err parazyd.org 70 i tombsize=${entry[(ws@:@)4]} Err parazyd.org 70 i- keypass=${entry[(ws@:@)5]} Err parazyd.org 70 i+ keypass=$(pwgen 30 -1 1) Err parazyd.org 70 i Err parazyd.org 70 i if ! [[ ( $(id $undertaker) ) ]]; then Err parazyd.org 70 i _msg warn "No user called $undertaker found. Creating..." Err parazyd.org 70 it@@ -141,26 +155,14 @@ _create_new_tomb() { Err parazyd.org 70 i _msg info "Wrote to $ttab and $tombpasswd" Err parazyd.org 70 i # rm $createme && _msg info "Removed $createme" Err parazyd.org 70 i } Err parazyd.org 70 i+# }}} Err parazyd.org 70 i Err parazyd.org 70 i _endgame() { Err parazyd.org 70 i # Mr. Proper Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i-_msg() { Err parazyd.org 70 i- if [[ $1 == "error" ]]; then Err parazyd.org 70 i- print "\e[1;31m[E] \e[0;31m$2 \e[0m" Err parazyd.org 70 i- elif [[ $1 == "warn" ]]; then Err parazyd.org 70 i- print "\e[1;33m[W] \e[0;33m$2 \e[0m" Err parazyd.org 70 i- elif [[ $1 == "info" ]]; then Err parazyd.org 70 i- print "\e[1;34m[i] \e[0;34m$2 \e[0m" Err parazyd.org 70 i- fi Err parazyd.org 70 i-} Err parazyd.org 70 i-# }}} Err parazyd.org 70 i- Err parazyd.org 70 i-#--------------------------------------------------------------------------------------------------- Err parazyd.org 70 i-#------------------------------------------------------ Main --------------------------------------- Err parazyd.org 70 i-#--------------------------------------------------------------------------------------------------- Err parazyd.org 70 i Err parazyd.org 70 i+# {{{ MAIN Err parazyd.org 70 i if [[ $happenz == "CREATE" ]]; then Err parazyd.org 70 i _mountkey Err parazyd.org 70 i if [[ -d "$coffindot" ]]; then Err parazyd.org 70 it@@ -180,6 +182,7 @@ if [[ $happenz == "CREATE" ]]; then Err parazyd.org 70 i fi Err parazyd.org 70 i else Err parazyd.org 70 i _msg error "No valid .coffin directory! Exiting..." Err parazyd.org 70 i- umount $keymount && rmdir $keymount && _msg info "Umounted and removed $keymount" Err parazyd.org 70 i+ _umountkey && _msg info "Unmounted and removed $keymount" Err parazyd.org 70 i fi Err parazyd.org 70 i fi Err parazyd.org 70 i+# }}} Err parazyd.org 70 .