Commit Graph

201 Commits

Author SHA1 Message Date
Jaromil
85e36178df flag .noindex for tombs to exclude from search index
better manpage documentation for the search index command
2013-04-23 15:45:31 +02:00
Jaromil
d769a09d25 fix to tomb search
correctly searches across multiple mounted tombs
2013-04-16 13:40:25 +02:00
Jaromil
fc84c27a49 small fix in password processing 2013-03-31 10:25:57 +02:00
Jaromil
a5d09a0559 create command restored for backward compatibility
the new mechanism to create tombs is in place (dig/forge/lock), but we
still wrap it with a create command for backward compatibility.
2013-03-30 18:59:34 +01:00
Jaromil
825f7ed687 Security check for extra keyslots
when a tomb is opened we check if other slots besides the master (0)
are enabled and if so we warn the user that there can be a backdoor.
LUKS permits the presence of multiple keys that can open a single
volume, but this weakens the security of it and we are not really
interested in implementing it.
2013-03-30 18:44:05 +01:00
Jaromil
12a7760895 new index and search commands
now it is possible to index all filenames contained in tombs using
updatedb(8) and then automatically search for them using locate in all
open tombs. Documentation was updated accordingly.
2013-03-30 17:29:51 +01:00
Jaromil
2b6a38f1d7 more information on who opened the tomb last time and when
also cleanups in uid/git handling and new tty and host info
2013-03-29 12:51:43 +01:00
Jaromil
cc3cfccd21 fix to password check (return code of gpg parsed using --status-fd 2013-03-22 23:39:25 +01:00
Jaromil
32cf477b58 cleaned up old create_tomb and updated terminal help 2013-03-22 22:31:29 +01:00
Jaromil
342c121fa2 completed new create procedure 2013-03-22 22:22:55 +01:00
Jaromil
84d4385696 new creation system in 3 steps and some tips in documentation 2013-03-22 21:13:59 +01:00
boyska
42f239a8d6 TEST: kdf=null, passwd added
some cleanup: first usage of try-always block, which makes cleanup actions
much cleaner
2013-02-16 15:58:43 +01:00
boyska
6003623fe5 KDF: modularize code to support kdf everywhere 2013-02-16 15:58:42 +01:00
boyska
25512c5864 chown of the tomb is done immediately 2013-02-16 15:58:42 +01:00
boyska
419ad9a2bc Unit tests, through --unsecure-dev-mode
other similar options are introduced to make testing possible
2013-02-16 15:58:42 +01:00
boyska
2e6a3df756 Add KDF support #82
Include pbkdf2 tools inside tomb
It also supports parameters (itertime).
2013-02-16 15:55:25 +01:00
boyska
75497a2382 reintroduce --ignore-swap (-f is also supported) 2013-02-16 15:55:25 +01:00
Jaromil
df2348381e global vars aren't needed: we use option_is_set in message functions 2013-02-16 11:39:16 +01:00
BoySka
7a16c7f187 Stupid fix: abort after 3 attempts missing 2013-02-16 11:19:30 +01:00
BoySka
18febabbe5 check_priv: 3 attempts, error if wrong password 2013-02-16 11:19:30 +01:00
Jaromil
957e820c29 fixed chown of user permissions on tombs and added optional cipher (xts-plain etc.) 2012-07-10 10:31:14 +02:00
Jaromil
c46596987c fixes cryptsetup and gpg binary paths on debian 2012-06-14 12:45:27 +02:00
Jaromil
c188c47679 fix gpg check and update the verbose mode 2012-02-07 21:05:29 +01:00
boyska
634720b40c Merge: changed legacy code, added modelines 2012-02-02 23:45:07 +01:00
boyska
d57994fcc3 FIX (tries) #77: slam wasn't slamming
That's because fuser behaves differently on debian.
(Why, debian, why???)
2012-02-02 00:31:44 +01:00
boyska
7de7f85109 _msg resets colors after use 2012-01-29 16:25:16 +01:00
boyska
72b44a84f6 --option-parsing: useful for completion 2012-01-29 15:54:48 +01:00
boyska
1f290078bd Add subcommand 'check' and support in tomblib 2012-01-29 15:54:46 +01:00
boyska
5ccd6cf96c vim/emacs modeline: help keeping code tidy;see #25 2012-01-20 02:14:39 +01:00
boyska
2065090b84 Cleaning: remove CMD{,2,3} (see #25)
they were deprecated. If you really need, use $PARAM array instead.
But you probably DON'T need to; it's better to make your function directly
accept parameters (btw, mandatory options should probably be parameters, too)
2012-01-20 01:47:07 +01:00
boyska
6f0bc82e07 fix #79: tomb open in debug mode (_msg to stderr) 2012-01-18 00:56:43 +01:00
boyska
40af028d8f Removed QUIET and DEBUG globals
Addressed removal of $CMD2 and $CMD3, too. They were deprecated
since a long time. You should use $PARAM[1], $PARAM[2],... instead
2012-01-18 00:29:45 +01:00
Jaromil
be0c9ce718 undertaker cleanups
merging boyska's branch to current master
changes some previous names of options:
--path --batch --poll

work in progress, refers to issues: #71 #70 #69 #58 #42 #27 #5
2012-01-17 19:08:09 +01:00
boyska
55a14a95d6 Undertaker: add mounted:///, key_found, fixes
refs #71
2012-01-17 18:48:30 +01:00
boyska
b68d28c13b --machine-parseable added 2012-01-17 18:45:39 +01:00
Jaromil
29f250d8f2 fix: on -k - , wipe temp file 2012-01-17 18:39:18 +01:00
Jaromil
f7c1c05ad4 Removed old-style globals as suggested in #78 2012-01-17 17:47:42 +01:00
boyska
b07c8ae67c FIX --no-color works again (see #78 )
now _msg complies with zsh way of doing colors
2012-01-17 17:46:07 +01:00
Jaromil
1af4c42749 messaging and debugging enhancements
Now checks for GnuPG and lists available ciphers

Some more information about the tomb opened is retrieved via cryptsetup
Also some duplicate strings were eliminated and year notices were updated
2012-01-17 17:28:40 +01:00
Jaromil
35e1afdceb Merge branch 'fix_debug' 2012-01-17 15:18:27 +01:00
boyska
40ca8b0ee6 FIX: -D and -q work again (see #78 ) 2012-01-17 15:18:06 +01:00
Jaromil
0d2038836a using short form for force option: -f
documentation updated accordingly
2012-01-17 15:17:12 +01:00
Jaromil
f645bc59e1 documentation for the new resize command
along with some small fixes
2012-01-17 15:00:01 +01:00
Anathema
c72acdeaa9 Tomb resize
The new 'resize' command lets a user increase the size of the tomb

The operation is quite lengthy as it requires the creation of a new
tomb file and then copying all contents from the old tomb to the new.
2012-01-17 14:47:22 +01:00
Jaromil
58decda7fe fixes to check_swap and new --force flag
Tenamed --ignore-swap flag to --force which is more generic and used
also by other commands. There are also some minor fixes to CMD
parsing. All changes are documented in manual and help.
2012-01-17 14:46:57 +01:00
hellekin
9e32766e07 tomb-open is relative to tomb 2011-12-01 21:43:20 +01:00
hellekin
d0e44bb264 Enforce safe SHM and no, or only encrypted swap 2011-12-01 20:41:04 +01:00
hellekin
7aff877fda Shorten check_bin
Squashed commit of the following:

commit 7c393ed0a0c8412203a6ee0ee5455f3008381da4
Author: hellekin <hellekin@cepheide.org>
Date:   Thu Dec 1 20:25:53 2011 +0100

    use string tokenizer for mkfs too

commit f37de5beae6b92af2834cd56b5109076693d3145
Author: hellekin <hellekin@cepheide.org>
Date:   Thu Dec 1 20:20:08 2011 +0100

    use string tokenizer for wipe, not array

commit fa035bfab1d7d1682d4edf2f6430f7da4483a3f3
Author: hellekin <hellekin@cepheide.org>
Date:   Thu Dec 1 20:18:46 2011 +0100

    Shorten check_bin
2011-12-01 20:27:05 +01:00
hellekin
10ea863c0a Refactor messages 2011-12-01 20:04:56 +01:00
hellekin
27c1ca2490 Fix PATH for cryptsetup when user does not have /sbin in it. 2011-12-01 18:54:08 +01:00