arver 0.1.9 → 0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eeb29f1cdc8ba4b8fd5a05791fe282f1a016440253f0b3591c95e30f573343f5
-  data.tar.gz: d41505b368abe1d3aa20c3fdf0ed13c3e382aadeb18e9b000778f156279dce0d
+  metadata.gz: 42ca84af2d596b0eed3141d4a198b6b232786a398363a47579aa0d1af4bea645
+  data.tar.gz: 8161dce60e9c7968b808962c6426edc44503bfd09d9180367c0a5b78310160da
 SHA512:
-  metadata.gz: f63236b680841a83333b3fce1c6a6c379e0a35820554f016821f1aff3998011c844655a883cd5f0514481b20618490aec95d005f320cfa57472b9f95585c73ff
-  data.tar.gz: 5734e53e093a97465751ae5e9cd95cee18f9565337ea94208f7eea9448c7a32f79b53aa1f92a8e82f0ac4a88127ca13fd91ca6e9838f5b7aaa284a4b05ea8e91
+  metadata.gz: 12102d7730ac2a893f7a0fe8593c6e20d1c4141d2a9ba227ee3db5aaf55d9fe5fccd9baaf9d8a8dbf80b2a4968d7c60ebc04b1f1326a3a08457421435f55431f
+  data.tar.gz: 704abd36bc00fde5746cb91edb9602426d7bed46a1dfde2ed4e62e93bc9cc4d8c945cab8f6bf63ff5f2857eda7f474e5b2abff2d009a75e7e315b3e3ccf3d5dc

data/CHANGELOG.textile

@@ -1,3 +1,7 @@
+=== 0.2 2023-05-29
+
+* Ruby 3.2 compatible release.
+
 === 0.1.9 2022-01-29
 
 * Add a new --open-systemd to support opening disks at startup. This mode is compatible with systemd-ask-password which is used to open disks in the initrd.

data/lib/arver/config.rb

@@ -26,7 +26,7 @@ module Arver
     end
     
     def load_file( filename )
-      if !File.exists?(filename)
+      if !File.exist?(filename)
         Arver::Log.error("missing config #{filename}")
         exit 1
       end
@@ -34,7 +34,7 @@ module Arver
     end
     
     def save
-      FileUtils.mkdir_p( path ) unless File.exists?( path )
+      FileUtils.mkdir_p( path ) unless File.exist?( path )
       File.open( File.join(path,'users'), 'w' ) { |f| f.write( users.to_yaml ) }
       File.open( File.join(path,'disks'), 'w' ) { |f| f.write( tree.to_yaml ) }
     end

data/lib/arver/gpg_key_manager.rb

@@ -43,10 +43,10 @@ module Arver
         end
 
         config_path = Arver::LocalConfig.instance.config_dir
-        FileUtils.mkdir_p "#{config_path}/keys/public" unless File.exists?( "#{config_path}/keys/public" )
+        FileUtils.mkdir_p "#{config_path}/keys/public" unless File.exist?( "#{config_path}/keys/public" )
         key = _key_of( user )
         user_pubkey_file = config_path+"/keys/public/"+user
-        on_disk = File.exists?( user_pubkey_file )
+        on_disk = File.exist?( user_pubkey_file )
         
         if ! key && ! on_disk
           Arver::Log.error( "No publickey for #{user} found. Aborting all actions." )

data/lib/arver/key_saver.rb

@@ -2,13 +2,12 @@ require 'securerandom'
 
 module Arver
   class KeySaver
-    
     def self.save( user, key )
       tmp_path  = tmp_key_path( user )
       back_path = backup_key_path( user )
       path      = key_path( user )
       filename  = save_to( user, key, tmp_path )
-      FileUtils.mv(path,back_path) if File.exists?(path) 
+      FileUtils.mv(path,back_path) if File.exist?(path)
       FileUtils.mv(tmp_path,path)
       FileUtils.rm_rf(back_path)
       File.join(path,filename)
@@ -57,7 +56,7 @@ module Arver
       end
       key_encrypted = encrypted.read
       unless( Arver::RuntimeConfig.instance.dry_run )
-        FileUtils.mkdir_p path unless File.exists?( path )
+        FileUtils.mkdir_p path unless File.exist?( path )
         filename = "#{OpenSSL::Digest::SHA256.new << key_encrypted}"
         File.open( File.join("#{path}","#{filename}"), 'w' ) do |f|
           f.write key_encrypted
@@ -92,7 +91,7 @@ module Arver
     
     def self.read( user )
       GPGKeyManager.check_key_of( user )
-      return [] unless File.exists?( key_path( user ) )
+      return [] unless File.exist?( key_path( user ) )
       decrypted = []
       crypto = GPGME::Crypto.new
       Dir.entries( key_path( user ) ).sort.each do | file |

data/lib/arver/local_config.rb

@@ -15,7 +15,7 @@ class Arver::LocalConfig
   end
 
   def load_file(filename)
-    content = YAML.load(File.read(filename)) if File.exists?(filename)
+    content = YAML.load(File.read(filename)) if File.exist?(filename)
     self.default.merge(content||{})
   end
 

data/lib/arver/systemd_open_action.rb

@@ -13,26 +13,45 @@ module Arver
         return false
       end
       return false unless load_key( partition )
+
+      if verify_partition(partition)
+        Arver::Log.info( "#{partition.path} is already open! Skipping..." )
+        return false
+      end
       true
     end
 
     def get_socket(host, partid)
       # Check which partitions are waiting for a password
-      # see https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/
-      files_exec = Arver::SSHCommandWrapper.create("ls", ["/run/systemd/ask-password/ask.*"], host, true, true)
-      files_exec.execute
-      files = files_exec.output.split("\n")
+      # see https://systemd.io/PASSWORD_AGENTS/
+      # systemd might have a while until they pop up does we try a few times
+      3.times do
+        found = false
+        files_exec = ''
+        3.times do
+          files_exec = Arver::SSHCommandWrapper.create("ls", ["/run/systemd/ask-password/ask.*","2>","/dev/null"], host, true, true)
+          files_exec.execute
+          found = files_exec.success?
+          break if found
+          Arver::Log.error( "No ask-password definition found, retrying in 3 secs..." )
+          sleep 3
+        end
+        if found
+          files = files_exec.output.split("\n")
 
-      # Find the socket for the partition we want to open
-      files.each do |f|
-        f_exec = Arver::SSHCommandWrapper.create("cat", [f], host, true, true)
-        f_exec.execute
-        ask_file = f_exec.output
-        if ask_file =~ /#{partid}/
-          ask_file =~ /Socket=(.*)/
-          return $1
+          # Find the socket for the partition we want to open
+          files.each do |f|
+            f_exec = Arver::SSHCommandWrapper.create("cat", [f], host, true, true)
+            f_exec.execute
+            ask_file = f_exec.output
+            if ask_file =~ /#{partid}/
+              ask_file =~ /Socket=(.*)/
+              return $1
+            end
+          end
         end
       end
+      Arver::Log.error( "No ask-password definitions found to scan. Aborting..." )
       nil
     end
 
@@ -42,24 +61,16 @@ module Arver
       partid = nil
       host = partition.parent
 
-      # Find the uuid of this partition
-      partid_exec = Arver::SSHCommandWrapper.create("blkid", ["/dev/#{partition.device}"], host, true, true)
-      partid_exec.execute
-      partid = partid_exec.output.chomp.gsub(/.* UUID=\"([^"]+)\" .*/,'\1')
-      unless partid =~ /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/
-        puts "Could not get uuid of disk"
-        throw( :abort_action )
-      end
-
+      partid = get_uuid(partition)
       socket = get_socket(host, partid)
       if socket.nil?
-        puts "Disk is not waiting to be opened"
+        Arver::Log.error( "Disk is not waiting to be opened" )
         throw( :abort_action )
       end
 
       # Upload password-agent binary and supply password to the correct socket
       binary = File.join(ROOT_DIR, "vendor", "password-agent")
-      unless File.exists?(binary)
+      unless File.exist?(binary)
         puts "This gem is missing the native password-agent binary"
         throw( :abort_action )
       end
@@ -77,7 +88,39 @@ module Arver
       a = Arver::SSHCommandWrapper.create("/run/password-agent", [socket], host, true, true)
       a.execute(key)
 
-      # Cannot check if it worked, since if it did, the server rebooted
+      Arver::Log.info("Trying to validate opening of #{partition.path} ..." )
+      verified = false
+      3.times do
+        verified = verify_partition(partition)
+        break if verified
+        sleep 3
+      end
+      if verified
+        Arver::Log.info("Success in validating opening of #{partition.path} ..." )
+      else
+        Arver::Log.error("Failed to validate opening of #{partition.path} ..." )
+      end
+    end
+
+    private
+
+    def get_uuid(partition)
+      # Find the uuid of this partition
+      partid_exec = Arver::SSHCommandWrapper.create("blkid", ["/dev/#{partition.device}"], partition.parent, true, true)
+      partid_exec.execute
+      partid = partid_exec.output.chomp.gsub(/.* UUID=\"([^"]+)\" .*/,'\1')
+      unless partid =~ /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/
+        puts "Could not get uuid of disk"
+        throw( :abort_action )
+      end
+      partid
+    end
+
+    def verify_partition(partition)
+      partid = get_uuid(partition)
+      r = Arver::SSHCommandWrapper.create("test", ['-b',"/dev/mapper/luks-#{partid}"], partition.parent, true, true)
+      r.execute
+      r.success?
     end
   end
 end

data/lib/arver/version.rb

@@ -1,3 +1,3 @@
 module Arver
-  VERSION = '0.1.9'
+  VERSION = '0.2'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: arver
 version: !ruby/object:Gem::Version
-  version: 0.1.9
+  version: '0.2'
 platform: ruby
 authors:
 - o
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-29 00:00:00.000000000 Z
+date: 2024-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gpgme
@@ -137,7 +137,8 @@ files:
 - man/arver.5
 - vendor/password-agent
 homepage: https://code.immerda.ch/immerda/apps/arver
-licenses: []
+licenses:
+- MIT
 metadata: {}
 post_install_message:
 rdoc_options: []
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: LUKS for groups