Re: [Pull request] Shortcut feature

[Thorsten Wißmann]

Hi Ondrej,

On Sun, Mar 26, 2017 at 04:34:06PM -0700, David A. wrote:
> On Mon, 27 Mar 2017 00:51:22 +0200, Ondrej Vaško wrote:
> >This commit introduces shortcut argument *-s* or *--shortcut* to *pass show
> >*command with which you can reference password not by full path, but by
> >number, which reference the specific gpg file in your password storage
> >directory.
> 
> >After few days of thinking about an easy solution I decided to use an
> >*inode* as a reference shortcut
> 
> If you're going to implement a shortcut option, it should really be
> something that makes referring to any entry easy and intuitive.
> Something like nicknames that are shorter and easy to remember. inodes
> are hardly that.

Even worse: inodes differ using pass on different machines.

David has indicated it already: In case one is looking for simple
shorthands for the frequently used pass files, one can create a symbolic
link with an descriptive name and add that to the git, e.g.:

  $ cd ${PASSWORD_STORE_DIR:-$HOME/.password-store}
  $ ln -sf mailinglists/password-st...@lists.zx2c4.com.gpg passlist.gpg
  $ git add !$ ; git commit -m 'ln'
  $ pass show passlist

Best Regards,
Thorsten


signature.asc
Description: PGP signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH] Allow custom subcommands

[Thorsten Wißmann]

Hi Lucas,

On Fri, Oct 07, 2016 at 10:33:33AM +0200, Lucas Hoffmann wrote:
> Currently there is one official "plugin" or "addon" for pass in the
> official repository: passmenu.  But that uses a new script name instead
> of hacking into pass subcommands.
> 
> This might be because it does not benefit the use case of passmenu much
> to exist inside the pass subcommands namespace or it might be to keep
> pass simple.

I guess that is the case because `passmenu` isn't used in the usual pass
workflow, which is in my opinion something like the following sequence
of commands in the shell:

  $ pass my-custom-generate web/some-pass.file # create it
  $ pass edit web/some-pass.file # adjust it a little bit
  $ pass show web/some-pass.file # double check
  $ pass clipwiz web/some-pass.file # paste it to the clipboard

> Attached you can find a script that wraps pass in order to call a
> subcommand script (it does what you describe above, only in an extra
> script).  Maybe if your solution is to intrusive we can add this wrapper
> in the contrib/ subdirecory.  Opinions?

That sounds like a nice workaround for experienced users until pass
officially supports custom subcommands. I'd refrain from adding this to
contrib/ because one has to be careful when using it with the name
"pass".

The first disadvantage of such a wrapper script is, that you can not
call it pass and place it in your $PATH. (Simply because `exec pass`
would call itself). So we have to hard-code the `pass` location, e.g.:

#!/bin/bash
if which "pass-$1" >/dev/null 2>&1; then
  exec "pass-$@"
fi
exec /usr/bin/pass "$@"

Furthermore, the user has to take care that this wrapper script is
placed in a directory mentioned earlier than /usr/bin/ in $PATH.

> Quoting Thorsten Wißmann (2016-09-30 11:33:33)
> > This does not only fit the usual pass workflow (first show a file,
> > then paste it using clipwiz), but one also gets the tab-completion for
> > custom pass scripts for free.
> 
> Some basic level of completion for the wrapper can be achieved in zsh
> with a simple "compdef pass-plugin-wrapper=pass".  Only official
> subcommands and no plugin commands will be completed like this.  But
> passwords will be completed after custom commands.

Yes, sure. If my patch was merged, one would need to extend the
subcommand completion in three completion files (bash, fish, and zsh).

> > Other command line utilities like git or hledger[2] provide those
> > custom subcommands, and I'd love to see it in pass as well. I've
> > implemented that in the attached git formatted patch, but did not know
> > whether/where/how to add an description for that in the man page.
> 
> I was also looking for this functionality before so I hope that we will
> find some solution that makes it into the repository.

I'd be interested in Jason's opinion on this functionality in general.

Cheers,
Thorsten


signature.asc
Description: PGP signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH] Allow custom subcommands

[Thorsten Wißmann]

Hi Sylvain,

On Mon, Oct 03, 2016 at 07:20:47AM +0200, Sylvain Viart wrote:
> Le 30/09/2016 à 11:33, Thorsten Wißmann a écrit :
> > if there is an executable pass-clipwiz in the PATH. This does not only
> > fit the usual pass workflow (first show a file, then paste it using
> > clipwiz), but one also gets the tab-completion for custom pass scripts
> > for free.
> 
> Sounds cool!
> 
> See also:
> 
> [pass] Extending pass with user-defined hooks / add ons
> https://lists.zx2c4.com/pipermail/password-store/2015-August/001659.html

I see, thanks! I think the main decision is whether those extensions
should be part of "the password store" (that approach) or of the system
(my approach).

> Does GPG web of trust sure enough, to allow co-signing script to enable
> such signed plugins?

I don't understand your question. But are you asking how my patch could
be extended to call only 'signed' extensions?

If some bad guy has write access to some directory in $PATH and wants to
take over your password store, then the bad guy can simply add a
malicious `pass` executable and the user would not notice.

I.e. I don't think `pass` should do something like signing of program
code. It's some separate problem to check if the programs in your $PATH
are trustworthy or not.

Cheers,
Thorsten


signature.asc
Description: PGP signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

[pass] [PATCH] Allow custom subcommands

[Thorsten Wißmann]

Hi,

I have a couple of custom pass scripts (e.g. a custom clipboard
wizard[1], or a custom file generation script). It would fit perfectly
to the pass workflow if one could call those directly via pass, e.g.

pass clipwiz Business/some-silly-business-site.com

which should call

pass-clipwiz Business/some-silly-business-site.com

if there is an executable pass-clipwiz in the PATH. This does not only
fit the usual pass workflow (first show a file, then paste it using
clipwiz), but one also gets the tab-completion for custom pass scripts
for free.

Other command line utilities like git or hledger[2] provide those custom
subcommands, and I'd love to see it in pass as well. I've implemented
that in the attached git formatted patch, but did not know
whether/where/how to add an description for that in the man page.

Feel free to adjust my little patch as you want.

Thank you very much for pass,
Cheers,
Thorsten


[1] http://thorsten-wissmann.de/p/3e7fa904a600c2505b33eda1d4850492
[2] http://hledger.org/manual.html
From 9b96e033a5a6e9e585dc3e1b1057e02a518b3818 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorsten=20Wi=C3=9Fmann?= 
Date: Mon, 26 Sep 2016 11:17:37 +0200
Subject: [PATCH] Allow custom subcommands

If called with a subcommand 'cmd', call 'pass-cmd' if such a program is
found in $PATH.
---
 src/password-store.sh | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index 63be840..b21250b 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -592,6 +592,13 @@ case "$1" in
 	rename|mv) shift;		cmd_copy_move "move" "$@" ;;
 	copy|cp) shift;			cmd_copy_move "copy" "$@" ;;
 	git) shift;			cmd_git "$@" ;;
-	*) COMMAND="show";		cmd_show "$@" ;;
+	*)
+		if which "pass-$1" 2>/dev/null 1>/dev/null ; then
+			shift
+			exec pass-"$COMMAND" "$@"
+		else
+			COMMAND="show";		cmd_show "$@"
+		fi
+		;;
 esac
 exit 0
-- 
2.10.0



signature.asc
Description: PGP signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store