Ajout : remote/duplicity .

[lhc/ateliers.git] / remote / gpg-preset-passphrase

diff --git a/remote/gpg-preset-passphrase b/remote/gpg-preset-passphrase
new file mode 100755 (executable)
index 0000000..36e9fd1
--- /dev/null
+++ b/remote/gpg-preset-passphrase
@@ -0,0 +1,34 @@
+#!/bin/sh -eu
+# SYNTAX: [--forget|--preset] $uid_email [...]
+# DESCRIPTION: encapsuleur de gpg-preset-passphrase(1) facilitant son usage.
+# XXX: il faut que gpg-agent(1) soit configuré avec allow-preset-passphrase.
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/remote/lib.sh
+
+if ! grep -Fqx allow-preset-passphrase $HOME/.gnupg/gpg-agent.conf &&
+ ! pgrep -fx >/dev/null '.*gpg-agent .*--allow-preset-passphrase.*'
+ then
+       cat >&2 <<-EOF
+               ${tput_rev-}WARNING${tput_sgr0-}: you MUST configure gpg-agent(1) with allow-preset-passphrase.
+               EOF
+       #exit 1
+ fi
+
+command=$1; shift
+PATH=/usr/lib/gnupg2:"$PATH"
+for uid in "$@"
+ do
+       pass_file="$tool"/var/sec/openpgp/"$uid".pass.gpg
+       test -e "$pass_file"
+       
+       IFS= read -r pass <<-EOF
+               $(gpg --decrypt "$pass_file")
+               EOF
+       for fpr in $("$tool"/remote/gpg --list-secret-keys \
+        --with-colons --with-fingerprint --with-fingerprint \
+        -- "$@" | grep '^fpr:' | cut -d : -f 10)
+        do gpg-preset-passphrase $command ${TRACE:+--verbose} $fpr <<-EOF
+               $pass
+               EOF
+        done
+ done