arver 0.1.7 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8ec56c5c57da5c904ede2f834a7a31f11227f89bae92357a7849341dbf00a0b5
-  data.tar.gz: 5a8049767274641a034549459e5faab6199210dfd6b66659856bf06207beb2f7
+  metadata.gz: b11992d186276bbaa51cef0eb4b05f51cc74ee1e0668dffb7f81122d8674e764
+  data.tar.gz: 686b2e04289e64f90ac0064d2464ee3d5e7b6b29507cced0b51343b59033b9b7
 SHA512:
-  metadata.gz: 5ea82ee6e26a0eadb8c87c7ee590eeb7015560eaed5df7faaad07de0cd3d969e39bfd5b60cf67b368e2f52e8b0a8f6b0cff227b7e0226e17a1ad4a3873f4cedc
-  data.tar.gz: a1fed0ca7e559246b886a7cfafe9019ffa1e287b5389d9b29a4a5475e458725747cc8122b8cb22da5b531eced4a4f10569c71b7294eee4b48da803587295504a
+  metadata.gz: 8e8b53c4598c0ee397aa3fb47fabf697c906386fa1c0d6f6eacd01dec2fa118c4edff2c2fe68b97068aaf0f71e8975b42604730c1866e4e03a8668732c170478
+  data.tar.gz: b499b9154521c7d98f327487b964d77022ac98e278ba43139b14526d09bf3f48c757691b03c2a53d43fb2624ecd90aae25c9794be0e505402f1c7e598ef401f7

data/README.textile

@@ -46,7 +46,6 @@ contains an arver package we recommend installation by your package manager.
 The following ruby gems are required for arver:
 
 * gpgme 2
-* activesupport 2
 * escape
 * highline
 
@@ -68,6 +67,10 @@ h1. Limitations
 
 h2. Known Issues
 
+It is strongly advised not to set any 'encrypt-to' option in your gnupgp.conf.
+Otherwise, when you issue a key to another person, you can still decrypt it
+yourself, since gpg always encrypts it to this additional recipient.
+
 h3. GPGME and gpg-agent
 
 If arver asks you multiple times for the password, you might consider to use

data/lib/arver.rb

@@ -1,6 +1,6 @@
-%w{singleton yaml fileutils rubygems active_support highline/import gpgme openssl zlib}.each {|f| require f }
+%w{singleton yaml fileutils rubygems highline/import gpgme openssl zlib}.each {|f| require f }
 $:.unshift(File.dirname(__FILE__)) unless
   $:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
  
-%w{ gpg_key_manager luks_wrapper action initial_config_action refresh_action create_action list_action gc_action adduser_action deluser_action info_action close_action open_action target_list command_wrapper ssh_command_wrapper log_levels io_logger log string bootstrap local_config config test_config_loader node_with_script_hooks partition_hierarchy_node host hostgroup tree partition test_partition key_generator key_saver keystore runtime_config key_info_action}.each {|f| require "arver/#{f}" }
+%w{ gpg_key_manager luks_wrapper action initial_config_action refresh_action create_action list_action gc_action adduser_action deluser_action info_action close_action open_action target_list command_wrapper ssh_command_wrapper log_levels io_logger log string bootstrap local_config config test_config_loader node_with_script_hooks partition_hierarchy_node host hostgroup tree partition test_partition key_generator key_saver keystore runtime_config key_info_action dump_key_action }.each {|f| require "arver/#{f}" }
 

data/lib/arver/bootstrap.rb

@@ -7,7 +7,7 @@ class Arver::Bootstrap
       
       return true if options[:action] == :init
 
-      unless local.username.present?
+      if "#{local.username}".empty?
         Arver::Log.error( "No user defined" )
         return false
       end

data/lib/arver/cli.rb

@@ -77,6 +77,8 @@ module Arver
                 "LUKS info about a target.") { |arg| options[:argument][:target] = arg; options[:action] = :info; }
         opts.on_tail( "-l", "--list-targets",
                 "List targets." ) { options[:action] = :list; }
+        opts.on_tail( "--dump-key TARGET", String,
+                "Dump raw luks passphrase." ) { |arg| options[:argument][:target] = arg; options[:action] = :dump; }
         opts.on_tail( "--init",
                 "Setup a sample configuration." ) { options[:action] = :init; }
         
@@ -123,6 +125,7 @@ module Arver
         :key_info => Arver::KeyInfoAction,
         :init => Arver::InitialConfigAction,
         :refresh => Arver::RefreshAction,
+        :dump => Arver::DumpKeyAction,
       }
 
       action = (actions[ action ]).new( target_list )

data/lib/arver/config.rb

@@ -15,17 +15,22 @@ module Arver
     end
     
     def load
-      if( ! File.exists?( path ) )
-        Arver::Log.error( "config-dir "+path+" does not exist" )
-        exit
+      if !File.directory?(path)
+        Arver::Log.error("config "+path+" does not exist")
+        exit 1
       end
-      @users= ( load_file( File.join(path,'users') ) )
+      @users = load_file(File.join(path,'users')) || {}
+
       tree.clear
-      tree.from_hash( load_file( File.join(path,'disks') ) )
+      tree.from_hash(load_file(File.join(path,'disks')))
     end
     
     def load_file( filename )
-      YAML.load( File.read(filename) ) if File.exists?( filename )
+      if !File.exists?(filename)
+        Arver::Log.error("missing config #{filename}")
+        exit 1
+      end
+      YAML.load(File.read(filename))
     end
     
     def save
@@ -35,7 +40,7 @@ module Arver
     end
     
     def exists?( user )
-      ! users[user].nil?
+      !users[user].nil?
     end
 
     def gpg_key user
@@ -45,6 +50,13 @@ module Arver
     def slot user
       users[user]['slot'] if exists?(user)
     end
+
+    def user_at(slot)
+      users.each do |name, conf|
+        return name if slot == conf['slot']
+      end
+      'unknown'
+    end
     
     def == other
       return tree == other.tree && users == other.users if other.is_a?(Arver::Config)

data/lib/arver/dump_key_action.rb

@@ -0,0 +1,29 @@
+module Arver
+  class DumpKeyAction < Action
+    def initialize(target_list)
+      super(target_list)
+      self.open_keystore
+    end
+
+    def verify?(partition)
+      load_key(partition)
+    end
+
+    def execute_partition( partition )
+      Arver::Log.info("key for #{partition.path}:")
+      Arver::Log.info(key)
+    end
+
+    def pre_host( host )
+    end
+
+    def pre_partition( partition )
+    end
+
+    def post_partition( partition )
+    end
+
+    def post_host( host )
+    end
+  end
+end

data/lib/arver/info_action.rb

@@ -3,6 +3,7 @@ module Arver
     def initialize( target_list )
       super( target_list )
       self.open_keystore
+      Arver::Log.info("Warning: existence of a keyslot is not a guarantee that the user can access it")
     end
 
     def pre_host( host )
@@ -10,13 +11,44 @@ module Arver
     end
 
     def execute_partition(partition)
-      info = {}
-      (caller = Arver::LuksWrapper.dump(partition)).execute
-      caller.output.each_line do |line|
-        next unless line =~ /^[A-Z].*: .*$/
-        info.store(*line.split(':',2).collect{|f| f.strip })
+      cmd = Arver::LuksWrapper.dump(partition)
+      cmd.execute
+      info = cmd.output
+      info =~ /Version:[\s]+(\d)/
+      version = $1
+      slots = []
+
+      head = " #{sprintf("%0-10s",partition.name[0...10])} :"+
+             " #{sprintf("%0-30s",partition.device_path[0...30])}"
+
+      if version != '1' && version != '2'
+        Arver::Log.info("#{head} : Unsupported luks version")
+        return
+      end
+
+      if version == '1'
+        info.each_line do |line|
+          if line =~ /Key Slot (\d): ENABLED/
+            slots << Integer($1)
+          end
+        end
+      else
+        keyslots = []
+        start = false
+        info.each_line do |line|
+          if line =~ /Keyslots:/
+            start = true
+            next
+          end
+          next unless start
+          break unless line =~ /^\s/
+          if line =~ /[\s]+(\d): luks2/
+            slots << Integer($1)
+          end
+        end
       end
-      Arver::Log.info("  #{sprintf("%0-20s",partition.name.first(20))}:  #{sprintf("%0-40s",partition.device_path.first(40))}: Slots: #{(0..7).map{|i| info["Key Slot #{i}"] == 'ENABLED' ? 'X' : '_'}.join}; LUKSv#{info['Version']}; Cypher: #{info['Cipher name']}:#{info['Cipher mode']}:#{info['Hash spec']}; UUID=#{info['UUID']}")
+      slots = slots.map{|s| "#{Config.instance.user_at(s)}(#{s})"}.join(",")
+      Arver::Log.info("#{head} : #{slots}")
     end
   end
 end

data/lib/arver/key_saver.rb

@@ -130,7 +130,7 @@ module Arver
     end
     
     def self.substract_padding( key )
-      if( key.starts_with? '--- ' )
+      if key[0...4] == "--- "
         Arver::Log.warn( "Warning: you are using deprecated unpadded keyfiles. Please run garbage collect!" )
         return key
       end

data/lib/arver/keystore.rb

@@ -15,23 +15,23 @@ module Arver
       end
     end
           
-    attr_accessor :username, :loaded
+    attr_reader :username, :loaded
         
     def initialize( name )
       @keys = {}
       @key_versions = {}
-      self.username= name
-      self.loaded = false
+      @username = name
+      @loaded = false
     end
     
     def load
       flush_keys
-      KeySaver.read( self.username ).each do | loaded |
+      KeySaver.read(username).each do | loaded |
         YAML.load( loaded ).each do | target, key |
           load_luks_key(target,key)
         end
       end
-      self.loaded = true
+      @loaded = true
     end
     
     def save

data/lib/arver/partition_hierarchy_node.rb

@@ -1,5 +1,3 @@
-require 'active_support/all'
-
 module Arver
   module PartitionHierarchyNode
         
@@ -72,7 +70,7 @@ module Arver
     def find( name )
       found = []
       self.each_node do | node |
-        found += [ node ] if ( node.name == name || node.path.ends_with?( name ) )
+        found += [ node ] if (node.name == name || node.path =~ /#{name}$/)
       end
       found
     end

data/lib/arver/version.rb

@@ -1,3 +1,3 @@
 module Arver
-  VERSION = '0.1.7'
+  VERSION = '0.1.8'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: arver
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.1.8
 platform: ruby
 authors:
 - o
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-01 00:00:00.000000000 Z
+date: 2020-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gpgme
@@ -26,20 +26,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.0.0
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
@@ -96,8 +82,8 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.9.2
-description: Arver helps you to manage a large amount of crypted devices easily and
-  safe amongst a certain amount of members
+description: Arver helps you to share access to LUKS devices easily and safely in
+  a team
 email: arver@lists.immerda.ch
 executables:
 - arver
@@ -117,6 +103,7 @@ files:
 - lib/arver/config.rb
 - lib/arver/create_action.rb
 - lib/arver/deluser_action.rb
+- lib/arver/dump_key_action.rb
 - lib/arver/gc_action.rb
 - lib/arver/gpg_key_manager.rb
 - lib/arver/host.rb
@@ -147,7 +134,7 @@ files:
 - lib/arver/tree.rb
 - lib/arver/version.rb
 - man/arver.5
-homepage: https://github.com/arver/arver
+homepage: https://code.immerda.ch/immerda/apps/arver
 licenses: []
 metadata: {}
 post_install_message: 
@@ -158,16 +145,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-rubyforge_project: "[none]"
-rubygems_version: 2.7.6
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
-summary: Open crypted devices automatically
+summary: LUKS for groups
 test_files: []