egrep and fgrep are deemed obsolete and usage issues a warning since a few versions.
To quote the respective notification:
7th Edition Unix had commands egrep and fgrep that were the counterparts of the modern ‘grep -E’ and ‘grep -F’.
Although breaking up grep into three programs was perhaps useful on the small computers of the 1970s, egrep and fgrep were deemed obsolescent by POSIX in 1992, removed from POSIX in 2001, deprecated by GNU Grep 2.5.3 in 2007, and changed to issue obsolescence warnings by GNU Grep 3.8 in 2022; eventually, they are planned to be removed entirely.
Closes#553
While possible to make the argument optional, it introduced some wonkyness.
It kinda required a fixed ordering of arguments then, which wasn't needed before.
Previously it wasn't possible to use argon2 as KDF function without the tomb tools from extras/kdf-keys being available.
To change that behaviour introduce checks on the ARGON2 variable. Additionally add a fallback function to create a salt that is compatible to tomb-kdb-pbkdf2-gensalt.
Options specific for the different supported KDF algorithm are reorganized. Some options align between the various KDF and some are unique to them.
The output of -h is enhanced with the various --kdf options and depends on the available optional tools. argon2 specific cli arguments won't be displayed if argon2 is not available.
Add case for results beside argon2 and pbkdf2. Key creation won't be stopped, just a warning is issued that the resulting key won't be protected via KDF.
Regarding the cli options. The argument for the suboption --kdf is made optional. In that regard one needs to make sure, that --kdf is the last option before an argument. Or - to separate. Third option would be use -k to specify the keyname.
Example: tomb forge --kdf - testkey.tomb
Example: tomb forge --kdf -k testkey.tomb
Example: tomb forge -k testkey.tomb --kdf
Additonally the kdf options are reorganized, which is a possible breaking change for scripts or GUI helpers.
* --kdftype is changed to --kdf
* --kdfiter is introduced as replacement the for previous --kdf definition
* --kdfpar is introduced to support the parallelism option of argon2 (nice to have if someone wants to adjust memory or iteration costs without increasing the time that much)
Only --kdf is mandatory to get a key which is protected with KDF. For every other option safe defaults are set and can be optionally adjusted.
KDF related subcommand options are removed where they don't come into play. gen_key() is only called in forge and passwd.
Closes#526
Namely /run/media/$USER, which was introduced as a replacement for the
classic /media. Main motiviation being, that $USER_B shouldn't get
access to or information about mounted devices from $USER_A.
The mount point itself is owned by root, therefore one needs currently
to know the name of the mountpoint to change to the location.
Other tools for mounting media like udisksctl set ACL to allow the
owner to use it normally (autocompletion and such).
Fixes#461
this comes free and is handled gracefully by btrfs according to
pre-compression heuristics, making it an ideal filesystem choice for
tomb volumes that have compressable contents.
A `compress-force=zstd:1` custom option would deactivate the heuristic
test and compress everything.
In general umount_tomb and slam_tomb shared a lot of similar code.
Main difference being, that the latter additionally searched for
processes and would still call umount_tomb if the processes could
be killed.
umount_tomb would then again search with the provided name for the
relevant tomb in list_tomb_mounts, which should be obsolete at this
point.
Therefore the decision to reduce slam_tomb in functionality. It would
only work on a supplied tombname and tombmount, look if there are
processes and is called from within umount_tomb.
(Theoretical tombname could be removed)
Calling tomb with slam or close sets a flag, which will decide if
that part in umount_tomb will be executed.
In #504 list_processes() got reworked in a way to avoid parsing process
output as this had interesting side-effects.
Back then I mentioned the same behaviour existing in slam_tomb() which
should probably be changed too. This PR addresses that.
Firstly it will use list_processes() from within slam_tomb(), as this is
in principal overlapping functionality. For this list_processes() needed
to be adjusted. It now has a return value which can indicate if there
were processes.
Secondly the order of execution was changed in slam_tomb(). Before it
would process one process and work through the signals until this
process was killed. Now it will take a signal and issue a kill for all
processes found.
new minimum increase for resize is 120MiB
increase resize delta on all test to be above new minimum
skip resize test for btrfs mixedmode (always fails)
As the argument for list_tomb_mounts uses the input directly, it needs to be uniform.
Therefore one must make sure that extraneous character like parentheses are removed from the variable.
And those are in place in tombname for slam_tomb().
Instead of only looking for bind mounts from within a tomb due to bind-hooks, also consider bind mounts that happenfrom the outside (example: open a tomb and manually issue a mount --bind /media/tomb some/other/location).
Such a mount wouldn't be filtered before (only looking for an additional [/path/] added to TARGET.
Instead look for every mount that is related to the respective /dev/mapper/ entry of a tomb and also close or list them.
This helps to avoid to loop again against mounted tombs inside the main loop which loops over mounted tombs.
similar to list_tomb_mounts, rework the findmnt usage to usage of the
actual tomb mapper device.
Simplifies the awk usage and just only one argument needed for the
mapper function.
previously it had dedicated cases for listing all tombs and a singular
one, which duplicated code.
The function got reworked, that it uses a different approach for
findmnt. Instead of filtering the general result, it now uses --source
on the tomb specific crypsetup mapper. Those are searched via general
globbing of the devices in /dev/mapper. This allows to combine the
previous separate cases.
Additionally remove the usage of _sudo for findmnt, as it is not
necessary.
Cryptsetup is since 1.3.0 capable of setting up a loop device if the
device argument is a file.
This has the additional benefit that those loop devices will get the
AUTOCLEAR flag (available with Linux 2.6.25). This means those loop
devices will be closed as soon they're unused (on luksClose).
Swish is outdated and recoll works much better as a frontend to
xapian, so we adopt it to provide local search over file contents in a
tomb. This update also makes plocate optional to search over file
names, not mandatory. Recoll works also in GUI using its -c
commandline option followed by the indexed tomb's path.
Parsing the output from lsof had possibilities for race conditions.
Either due to short lived processes or issuing "tomb ps" from a terminal which cwd is from inside the tomb.
This would spit out available users on the system.
To avoid this use the lsof output directly.
In the future formatting could be reintroduced via commands like
"lsof +D "$tombmount" -F Lc" or "lsof +D "$tombmount" -F Lc0".
This fixes#503
long due, was ready in november 2022 and basically left unchanged at
that stage, except the deprecation of veracrypt in the experimental
portable branch, which is not included in the stable release.
The sudo program checks this env var and uses it, but only if --askpass
was given at the command line, or if it thinks there is no terminal.
But the terminal detection is unreliable, so give it --askpass if there
is an askpass program defined in the environment.
To try it, simply "export SUDO_ASKPASS=/usr/bin/ssh-askpass" before
running tomb.
For me personally, this makes it possible to have a hotkey to run
"pass" and "pass tomb" related commands. Without this patch, invoking
via hotkey causes my window manager to lock up while waiting for a
password on the VT where Xorg was started... and since it's locked up,
I can't change to the VT to enter the data it's waiting for. So I have
to log in via ssh from another host to recover it.
So, instead of locking up... now it can use a GUI askpass program.
The --filesystem option can be used to specify
an alternative filesystem used to format the tomb, in place of the default "ext4".
Beside "btrfs" now the following parameters to --filesystem are supported:
"ext3" using operating system defaults
"ext4" using operating system defaults
"btrfs" for tombs >= 47MB using operating system defaults
"btrfsmixedmode" for tombs >=18MB btrfs mixed mode (see mkfs.btrfs(8))
"ext3maxinodes" ext3 with a maximum of inodes (for many small files)
"ext4maxinodes" ext4 with a maximum of inodes (for many small files)
These changes help use scenarios in which there is a great number of small files
and/or directories in a small filesystem, like e.g. the pass-tomb extension to pass.
Check if unencrypted swap is zram. If it is zram check whether a writeback to
disk is configured.
Unencrypted zramswap not written to disk is accepted.
ToDo (as for other unencrypted swap): check if the writeback happens on an
already encrypted disk/partition.
