author: Steve Wills <swills@FreeBSD.org> 2012-09-17 02:37:38 +0000
committer: Steve Wills <swills@FreeBSD.org> 2012-09-17 02:37:38 +0000
commit: ecd8106d7fc2f6680fa8504ecedf024868d6c9d6 (patch)
tree: a4e56ce5ef9127f53c4aa94ef60ae7fc57d411b3 /sysutils/password-store
parent: 1484e36defc3ee7b26a1e0f89e715897367d58d1 (diff)
7 files changed, 1511 insertions, 0 deletions
diff --git a/sysutils/password-store/Makefile b/sysutils/password-store/Makefile
new file mode 100644
index 000000000000..84dfd05bb1c7
--- /dev/null
+++ b/sysutils/password-store/Makefile
@@ -0,0 +1,66 @@
+# $FreeBSD$
+
+PORTNAME=	password-store
+PORTVERSION=	1.3.1
+CATEGORIES=	sysutils
+MASTER_SITES=	http://git.zx2c4.com/password-store/snapshot/
+EXTRACT_SUFX=	.tar.xz
+
+MAINTAINER=	milki@rescomp.berkeley.edu
+COMMENT=	Stores, retrieves, generates, and synchronizes passwords securely
+
+LICENSE=	GPLv2
+
+RUN_DEPENDS=	gnupg>=2:${PORTSDIR}/security/gnupg \
+		pwgen>=0:${PORTSDIR}/sysutils/pwgen \
+		tree>=0:${PORTSDIR}/sysutils/tree
+
+OPTIONS_DEFINE=		GIT XCLIP
+
+GIT_DESC=		Enable git backend
+XCLIP_DESC=		Enable xclip feature
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MGIT}
+RUN_DEPENDS+=	git>=0:${PORTSDIR}/devel/git
+.endif
+
+.if ${PORT_OPTIONS:MXCLIP}
+RUN_DEPENDS+=	base64>=0:${PORTSDIR}/converters/base64 \
+		xclip>=0:${PORTSDIR}/x11/xclip
+.endif
+
+do-patch:
+.if empty(PORT_OPTIONS:MGIT) && empty(PORT_OPTIONS:MXCLIP)
+	(cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+git+xclip.patch)
+.elif empty(PORT_OPTIONS:MGIT)
+	(cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+git.patch)
+.elif empty(PORT_OPTIONS:MXCLIP)
+	(cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+xclip.patch)
+.else
+	(cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism.patch)
+.endif
+
+# empty to skip make
+do-build:
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/src/password-store.sh ${PREFIX}/libexec/pass
+	@${LN} -s ${PREFIX}/libexec/pass ${PREFIX}/bin/pass
+
+	@${MKDIR} ${DATADIR}
+	${INSTALL_DATA} ${WRKSRC}/contrib/pass.bash-completion ${DATADIR}/
+	${INSTALL_DATA} ${WRKSRC}/contrib/pass.zsh-completion ${DATADIR}/
+	${INSTALL_DATA} ${WRKSRC}/man/pass.1 ${MANPREFIX}/man/man1/pass.1
+
+MAN1=	pass.1
+MANCOMPRESSED=	no
+
+PLIST_FILES=	bin/pass \
+		libexec/pass \
+		share/password-store/pass.bash-completion \
+		share/password-store/pass.zsh-completion
+PLIST_DIRS=	share/password-store
+
+.include <bsd.port.mk>
diff --git a/sysutils/password-store/distinfo b/sysutils/password-store/distinfo
new file mode 100644
index 000000000000..e93ea26bb3d9
--- /dev/null
+++ b/sysutils/password-store/distinfo
@@ -0,0 +1,2 @@
+SHA256 (password-store-1.3.1.tar.xz) = 351c0e2eb3315ca317026e73f7654a6351f2674000d9476b18c1525cbc5d732d
+SIZE (password-store-1.3.1.tar.xz) = 14864
diff --git a/sysutils/password-store/files/linuxism+git+xclip.patch b/sysutils/password-store/files/linuxism+git+xclip.patch
new file mode 100644
index 000000000000..3e55bb955318
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+git+xclip.patch
@@ -0,0 +1,475 @@
+diff --git a/README b/README
+index 52e23af..f24107f 100644
+--- README
++++ README
+@@ -14,8 +14,6 @@ Please see the man page for documentation and examples.
+ 
+ Depends on:
+ - gpg2
+-- git
+-- xclip
+ - pwgen
+ - tree
+ - GNU getopt
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..f589b5e 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -27,9 +27,6 @@ _pass () {
+       "generate[Generate a new password using pwgen]" \
+       "edit[Edit a password with \$EDITOR]" \
+       "rm[Remove the password]" \
+-      "push[push the latest changes using git-push(1)]" \
+-      "pull[pull the latest changes using git-pull(1)]" \
+-      "git[Call git]" \
+       "help[Help]"
+     _pass_cmd_show
+   fi
+@@ -45,7 +42,6 @@ _pass_cmd_ls () {
+ 
+ _pass_cmd_show () {
+   _arguments : \
+-    "-c[put it on the clipboard]" \
+     '*::show:_get_stored_pwd'
+     #'::pass id:_files -W ~/.password-store -g "*.gpg(|.*)(-.)"'
+ }
+@@ -65,7 +61,6 @@ _pass_cmd_insert () {
+ _pass_cmd_generate () {
+   _arguments : \
+     "-n[no symbols]" \
+-    "-c[put password on the clipboard]" \
+     '::show:_get_stored_pwd'
+ }
+ 
+@@ -75,6 +70,6 @@ _pass_cmd_rm () {
+ }
+ 
+ _get_stored_pwd () {
+-  compadd `find ~/.password-store \( -name .git -o -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
++  compadd `find ~/.password-store \( -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
+ 
+ }
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..8eeb49b 100644
+--- man/pass.1
++++ man/pass.1
+@@ -34,13 +34,6 @@ or
+ depending on the type of specifier in ARGS. Otherwise COMMAND must be one of
+ the valid commands listed below.
+ 
+-Several of the commands below rely on or provide additional functionality if
+-the password store directory is also a git repository. If the password store
+-directory is a git repository, all password store modification commands will
+-cause a corresponding git commit. See the \fIEXAMPLES\fP section for an
+-extended description using \fBinit\fP and
+-.BR git (1).
+-
+ The \fBinit\fP command must be run before other commands in order to initialize
+ the password store with the correct gpg key id.
+ 
+@@ -64,12 +57,8 @@ by using the
+ .BR tree (1)
+ program. This command is alternatively named \fBlist\fP.
+ .TP
+-\fBshow\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP
+-Decrypt and print a password named \fIpass-name\fP. If \fI--clip\fP or \fI-c\fP
+-is specified, do not print the password but instead copy the first line to the
+-clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
++\fBshow\fP \fIpass-name\fP
++Decrypt and print a password named \fIpass-name\fP.
+ .TP
+ \fBinsert\fP [ \fI--no-echo\fP, \fI-n\fP | \fI--multiline\fP, \fI-m\fP ] [ \fI--force\fP, \fI-f\fP ]\fIpass-name\fP
+ Insert a new password into the password store called \fIpass-name\fP. This will
+@@ -88,33 +77,16 @@ ensure that temporary files are created in \fI/dev/shm\fP in order to avoid writ
+ difficult-to-erase disk sectors. If \fI/dev/shm\fP is not accessible, fallback to
+ the ordinary \fBTMPDIR\fP location, and print a warning.
+ .TP
+-\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] [ \fI--clip\fP, \fI-c\fP ] \fIpass-name pass-length\fP
++\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] \fIpass-name pass-length\fP
+ Generate a new password using
+ .BR pwgen (1)
+ of length \fIpass-length\fP and insert into \fIpass-name\fP. If \fI--no-symbols\fP or \fI-n\fP
+ is specified, do not use any non-alphanumeric characters in the generated password.
+-If \fI--clip\fP or \fI-c\fP is specified, do not print the password but instead copy
+-it to the clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
+ .TP
+ \fBrm\fP \fIpass-name\fP
+ Remove the password named \fIpass-name\fP from the password store. This command is
+ alternatively named \fBremove\fP.
+ .TP
+-\fBpush\fP
+-If the password store is a git repository, push the latest changes using
+-.BR git-push (1).
+-.TP
+-\fBpull\fP
+-If the password store is a git repository, pull the latest changes using
+-.BR git-pull (1).
+-.TP
+-\fBgit\fP \fIgit-command-args\fP...
+-If the password store is a git repository, pass \fIgit-command-args\fP as arguments to
+-.BR git (1)
+-using the password store as the git repository.
+-.TP
+ \fBhelp\fP
+ Show usage message.
+ .TP
+@@ -165,11 +137,6 @@ Show existing password
+ .br
+ sup3rh4x3rizmynam3 
+ .TP
+-Copy existing password to clipboard
+-.B zx2c4@laptop ~ $ pass -c Email/zx2c4.com 
+-.br
+-Copied Email/jason@zx2c4.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Add password to store
+ .B zx2c4@laptop ~ $ pass insert Business/cheese-whiz-factory 
+ .br
+@@ -208,11 +175,6 @@ The generated password to Email/jasondonenfeld.com is:
+ .br
+ YqFsMkBeO6di
+ .TP
+-Generate new password and copy it to the clipboard
+-.B zx2c4@laptop ~ $ pass -c generate Email/jasondonenfeld.com 19
+-.br
+-Copied Email/jasondonenfeld.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Remove password from store
+ .B zx2c4@laptop ~ $ pass remove Business/cheese-whiz-factory 
+ .br
+@@ -220,10 +182,8 @@ rm: remove regular file \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz
+ .br
+ removed \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg\[u2019]
+ 
+-.SH EXTENDED GIT EXAMPLE
+-Here, we initialize new password store, create a git repository, and then manipulate and sync passwords. Make note of the arguments to the first call of \fBpass push\fP; consult
+-.BR git-push (1)
+-for more information.
++.SH EXTENDED EXAMPLE
++Here, we initialize new password store, and then manipulate and sync passwords.
+ 
+ .B zx2c4@laptop ~ $ pass init Jason@zx2c4.com 
+ .br
+@@ -231,12 +191,6 @@ mkdir: created directory \[u2018]/home/zx2c4/.password-store\[u2019]
+ .br
+ Password store initialized for Jason@zx2c4.com. 
+ 
+-.B zx2c4@laptop ~ $ pass git init 
+-.br
+-Initialized empty Git repository in /home/zx2c4/.password-store/.git/ 
+-
+-.B zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store 
+-
+ .B zx2c4@laptop ~ $ pass generate Amazon/amazonemail@email.com 21 
+ .br
+ mkdir: created directory \[u2018]/home/zx2c4/.password-store/Amazon\[u2019] 
+@@ -251,24 +205,6 @@ The generated password to Amazon/amazonemail@email.com is:
+ .br
+ <5m,_BrZY`antNDxKN<0A 
+ 
+-.B zx2c4@laptop ~ $ pass push -u --all 
+-.br
+-Counting objects: 4, done. 
+-.br
+-Delta compression using up to 2 threads. 
+-.br
+-Compressing objects: 100% (3/3), done. 
+-.br
+-Writing objects: 100% (4/4), 921 bytes, done. 
+-.br
+-Total 4 (delta 0), reused 0 (delta 0) 
+-.br
+-To kexec.com:pass-store 
+-.br
+-* [new branch]      master -> master 
+-.br
+-Branch master set up to track remote branch master from origin. 
+-
+ .B zx2c4@laptop ~ $ pass insert Amazon/otheraccount@email.com 
+ .br
+ Enter password for Amazon/otheraccount@email.com: som3r3a11yb1gp4ssw0rd!!88** 
+@@ -293,20 +229,6 @@ rm 'Amazon/amazonemail@email.com.gpg'
+ .br
+ delete mode 100644 Amazon/amazonemail@email.com.gpg 
+ 
+-.B zx2c4@laptop ~ $ pass push 
+-.br
+-Counting objects: 9, done. 
+-.br
+-Delta compression using up to 2 threads. 
+-.br
+-Compressing objects: 100% (5/5), done. 
+-.br
+-Writing objects: 100% (7/7), 1.25 KiB, done. 
+-.br
+-Total 7 (delta 0), reused 0 (delta 0) 
+-.br
+-To kexec.com:pass-store
+-
+ .SH FILES
+ 
+ .TP
+@@ -320,8 +242,6 @@ be set using the \fBinit\fP command.
+ .SH SEE ALSO
+ .BR gpg (1),
+ .BR pwgen (1),
+-.BR git (1),
+-.BR xclip (1).
+ 
+ .SH AUTHOR
+ .B pass
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..103dfd1 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+ 
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,11 +7,9 @@ umask 077
+ 
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
+-
+-export GIT_DIR="$GIT"
+-export GIT_WORK_TREE="$PREFIX"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
+ 
+ version() {
+ 	cat <<_EOF
+@@ -34,27 +32,18 @@ Usage:
+         Initialize new password storage and use gpg-id for encryption.
+     $program [ls] [subfolder]
+         List passwords.
+-    $program [show] [--clip,-c] pass-name
+-        Show existing password and optionally put it on the clipboard.
+-        If put on the clipboard, it will be cleared in 45 seconds.
++    $program [show] pass-name
++        Show existing password
+     $program insert [--no-echo,-n | --multiline,-m] [--force,-f] pass-name
+         Insert new password. Optionally, the console can be enabled to not
+         echo the password back. Or, optionally, it may be multiline. Prompt
+         before overwriting existing password unless forced.
+     $program edit pass-name
+         Insert a new password or edit an existing password using ${EDITOR:-vi}.
+-    $program generate [--no-symbols,-n] [--clip,-c] pass-name pass-length
++    $program generate [--no-symbols,-n] pass-name pass-length
+         Generate a new password of pass-length with optionally no symbols.
+-        Optionally put it on the clipboard and clear board after 45 seconds.
+     $program rm pass-name
+         Remove existing password.
+-    $program push
+-        If the password store is a git repository, push the latest changes.
+-    $program pull
+-        If the password store is a git repository, pull the latest changes.
+-    $program git git-command-args...
+-        If the password store is a git repository, execute a git command
+-        specified by git-command-args.
+     $program help
+         Show this text.
+     $program version
+@@ -63,32 +52,10 @@ _EOF
+ }
+ isCommand() {
+ 	case "$1" in
+-		init|ls|list|show|insert|edit|generate|remove|rm|delete|push|pull|git|help|--help|version|--version) return 0 ;;
++		init|ls|list|show|insert|edit|generate|remove|rm|delete|help|--help|version|--version) return 0 ;;
+ 		*) return 1 ;;
+ 	esac
+ }
+-clip() {
+-	# This base64 business is a disgusting hack to deal with newline inconsistancies
+-	# in shell. There must be a better way to deal with this, but because I'm a dolt,
+-	# we're going with this for now.
+-
+-	before="$(xclip -o -selection clipboard | base64)"
+-	echo -n "$1" | xclip -selection clipboard
+-	(
+-		sleep 45
+-		now="$(xclip -o -selection clipboard | base64)"
+-		if [[ $now != $(echo -n "$1" | base64) ]]; then
+-			before="$now"
+-		fi
+-		# It might be nice to programatically check to see if klipper exists,
+-		# as well as checking for other common clipboard managers. But for now,
+-		# this works fine. Clipboard managers frequently write their history
+-		# out in plaintext, so we axe it here.
+-		qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+-		echo "$before" | base64 -d | xclip -selection clipboard
+-	) & disown
+-	echo "Copied $2 to clipboard. Will clear in 45 seconds."
+-}
+ program="$(basename "$0")"
+ command="$1"
+ if isCommand "$command"; then
+@@ -132,18 +99,10 @@ fi
+ 
+ case "$command" in
+ 	show|ls|list)
+-		clip=0
+-
+-		opts="$(getopt -o c -l clip -n $program -- "$@")"
+ 		err=$?
+-		eval set -- "$opts"
+-		while true; do case $1 in
+-			-c|--clip) clip=1; shift ;;
+-			--) shift; break ;;
+-		esac done
+ 
+ 		if [[ $err -ne 0 ]]; then
+-			echo "Usage: $program $command [--clip,-c] [pass-name]"
++			echo "Usage: $program $command [pass-name]"
+ 			exit 1
+ 		fi
+ 
+@@ -161,11 +120,7 @@ case "$command" in
+ 				echo "$path is not in the password store."
+ 				exit 1
+ 			fi
+-			if [ $clip -eq 0 ]; then
+-				exec gpg -q -d --yes --batch "$passfile"
+-			else
+-				clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+-			fi
++		    exec $GPG -q -d --yes --batch "$passfile"
+ 		fi
+ 		;;
+ 	insert)
+@@ -173,7 +128,7 @@ case "$command" in
+ 		noecho=0
+ 		force=0
+ 
+-		opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++		opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -201,7 +156,7 @@ case "$command" in
+ 		if [[ $ml -eq 1 ]]; then
+ 			echo "Enter contents of $path and press Ctrl+D when finished:"
+ 			echo
+-			cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++			cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ 		elif [[ $noecho -eq 1 ]]; then
+ 			while true; do
+ 				read -p "Enter password for $path: " -s password
+@@ -209,7 +164,7 @@ case "$command" in
+ 				read -p "Retype password for $path: " -s password_again
+ 				echo
+ 				if [[ $password == $password_again ]]; then
+-					gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++					$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 					break
+ 				else
+ 					echo "Error: the entered passwords do not match."
+@@ -217,11 +172,7 @@ case "$command" in
+ 			done
+ 		else
+ 			read -p "Enter password for $path: " -e password
+-			gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+-		fi
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added given password for $path to store."
++			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 		fi
+ 		;;
+ 	edit)
+@@ -252,35 +203,28 @@ case "$command" in
+ 
+ 		action="Added"
+ 		if [[ -f $passfile ]]; then
+-			gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++			$GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ 			action="Edited"
+ 		fi
+ 		${EDITOR:-vi} "$tmp_file"
+-		while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++		while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ 			echo "GPG encryption failed. Retrying."
+ 			sleep 1
+ 		done
+-
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "$action password for $path using ${EDITOR:-vi}."
+-		fi
+ 		;;
+ 	generate)
+-		clip=0
+ 		symbols="-y"
+ 
+-		opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++		opts="$($GETOPT -o nc -l no-symbols -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+ 			-n|--no-symbols) symbols=""; shift ;;
+-			-c|--clip) clip=1; shift ;;
+ 			--) shift; break ;;
+ 		esac done
+ 
+ 		if [[ $err -ne 0 || $# -ne 2 ]]; then
+-			echo "Usage: $program $command [--no-symbols,-n] [--clip,-c] pass-name pass-length"
++			echo "Usage: $program $command [--no-symbols,-n] pass-name pass-length"
+ 			exit 1
+ 		fi
+ 		path="$1"
+@@ -292,18 +236,9 @@ case "$command" in
+ 		mkdir -p -v "$PREFIX/$(dirname "$path")"
+ 		pass="$(pwgen -s $symbols $length 1)"
+ 		passfile="$PREFIX/$path.gpg"
+-		gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added generated password for $path to store."
+-		fi
+-		
+-		if [ $clip -eq 0 ]; then
+-			echo "The generated password to $path is:"
+-			echo "$pass"
+-		else
+-			clip "$pass" "$path"
+-		fi
++		$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++		echo "The generated password to $path is:"
++		echo "$pass"
+ 		;;
+ 	delete|rm|remove)
+ 		if [[ $# -ne 1 ]]; then
+@@ -317,26 +252,6 @@ case "$command" in
+ 			exit 1
+ 		fi
+ 		rm -i -v "$passfile"
+-		if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+-			git rm -f "$passfile"
+-			git commit -m "Removed $path from store."
+-		fi
+-		;;
+-	push|pull)
+-		if [[ -d $GIT ]]; then
+-			exec git $command "$@"
+-		else
+-			echo "Error: the password store is not a git repository."
+-			exit 1
+-		fi
+-		;;
+-	git)
+-		if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+-			exec git "$@"
+-		else
+-			echo "Error: the password store is not a git repository."
+-			exit 1
+-		fi
+ 		;;
+ 	*)
+ 		usage
diff --git a/sysutils/password-store/files/linuxism+git.patch b/sysutils/password-store/files/linuxism+git.patch
new file mode 100644
index 000000000000..98267c063aa9
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+git.patch
@@ -0,0 +1,358 @@
+diff --git a/README b/README
+index 52e23af..273aa27 100644
+--- README
++++ README
+@@ -14,7 +14,6 @@ Please see the man page for documentation and examples.
+ 
+ Depends on:
+ - gpg2
+-- git
+ - xclip
+ - pwgen
+ - tree
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..cab22e0 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -27,9 +27,6 @@ _pass () {
+       "generate[Generate a new password using pwgen]" \
+       "edit[Edit a password with \$EDITOR]" \
+       "rm[Remove the password]" \
+-      "push[push the latest changes using git-push(1)]" \
+-      "pull[pull the latest changes using git-pull(1)]" \
+-      "git[Call git]" \
+       "help[Help]"
+     _pass_cmd_show
+   fi
+@@ -75,6 +72,6 @@ _pass_cmd_rm () {
+ }
+ 
+ _get_stored_pwd () {
+-  compadd `find ~/.password-store \( -name .git -o -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
++  compadd `find ~/.password-store \( -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
+ 
+ }
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..c2ff884 100644
+--- man/pass.1
++++ man/pass.1
+@@ -34,13 +34,6 @@ or
+ depending on the type of specifier in ARGS. Otherwise COMMAND must be one of
+ the valid commands listed below.
+ 
+-Several of the commands below rely on or provide additional functionality if
+-the password store directory is also a git repository. If the password store
+-directory is a git repository, all password store modification commands will
+-cause a corresponding git commit. See the \fIEXAMPLES\fP section for an
+-extended description using \fBinit\fP and
+-.BR git (1).
+-
+ The \fBinit\fP command must be run before other commands in order to initialize
+ the password store with the correct gpg key id.
+ 
+@@ -102,19 +95,6 @@ and then restore the clipboard after 45 seconds.
+ Remove the password named \fIpass-name\fP from the password store. This command is
+ alternatively named \fBremove\fP.
+ .TP
+-\fBpush\fP
+-If the password store is a git repository, push the latest changes using
+-.BR git-push (1).
+-.TP
+-\fBpull\fP
+-If the password store is a git repository, pull the latest changes using
+-.BR git-pull (1).
+-.TP
+-\fBgit\fP \fIgit-command-args\fP...
+-If the password store is a git repository, pass \fIgit-command-args\fP as arguments to
+-.BR git (1)
+-using the password store as the git repository.
+-.TP
+ \fBhelp\fP
+ Show usage message.
+ .TP
+@@ -220,10 +200,8 @@ rm: remove regular file \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz
+ .br
+ removed \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg\[u2019]
+ 
+-.SH EXTENDED GIT EXAMPLE
+-Here, we initialize new password store, create a git repository, and then manipulate and sync passwords. Make note of the arguments to the first call of \fBpass push\fP; consult
+-.BR git-push (1)
+-for more information.
++.SH EXTENDED EXAMPLE
++Here, we initialize new password store, and then manipulate and sync passwords.
+ 
+ .B zx2c4@laptop ~ $ pass init Jason@zx2c4.com 
+ .br
+@@ -231,12 +209,6 @@ mkdir: created directory \[u2018]/home/zx2c4/.password-store\[u2019]
+ .br
+ Password store initialized for Jason@zx2c4.com. 
+ 
+-.B zx2c4@laptop ~ $ pass git init 
+-.br
+-Initialized empty Git repository in /home/zx2c4/.password-store/.git/ 
+-
+-.B zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store 
+-
+ .B zx2c4@laptop ~ $ pass generate Amazon/amazonemail@email.com 21 
+ .br
+ mkdir: created directory \[u2018]/home/zx2c4/.password-store/Amazon\[u2019] 
+@@ -251,24 +223,6 @@ The generated password to Amazon/amazonemail@email.com is:
+ .br
+ <5m,_BrZY`antNDxKN<0A 
+ 
+-.B zx2c4@laptop ~ $ pass push -u --all 
+-.br
+-Counting objects: 4, done. 
+-.br
+-Delta compression using up to 2 threads. 
+-.br
+-Compressing objects: 100% (3/3), done. 
+-.br
+-Writing objects: 100% (4/4), 921 bytes, done. 
+-.br
+-Total 4 (delta 0), reused 0 (delta 0) 
+-.br
+-To kexec.com:pass-store 
+-.br
+-* [new branch]      master -> master 
+-.br
+-Branch master set up to track remote branch master from origin. 
+-
+ .B zx2c4@laptop ~ $ pass insert Amazon/otheraccount@email.com 
+ .br
+ Enter password for Amazon/otheraccount@email.com: som3r3a11yb1gp4ssw0rd!!88** 
+@@ -293,20 +247,6 @@ rm 'Amazon/amazonemail@email.com.gpg'
+ .br
+ delete mode 100644 Amazon/amazonemail@email.com.gpg 
+ 
+-.B zx2c4@laptop ~ $ pass push 
+-.br
+-Counting objects: 9, done. 
+-.br
+-Delta compression using up to 2 threads. 
+-.br
+-Compressing objects: 100% (5/5), done. 
+-.br
+-Writing objects: 100% (7/7), 1.25 KiB, done. 
+-.br
+-Total 7 (delta 0), reused 0 (delta 0) 
+-.br
+-To kexec.com:pass-store
+-
+ .SH FILES
+ 
+ .TP
+@@ -320,7 +260,6 @@ be set using the \fBinit\fP command.
+ .SH SEE ALSO
+ .BR gpg (1),
+ .BR pwgen (1),
+-.BR git (1),
+ .BR xclip (1).
+ 
+ .SH AUTHOR
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..6844dc4 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+ 
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,11 +7,11 @@ umask 077
+ 
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
+-
+-export GIT_DIR="$GIT"
+-export GIT_WORK_TREE="$PREFIX"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++XCLIP=xclip
++BASE64=base64
+ 
+ version() {
+ 	cat <<_EOF
+@@ -48,13 +48,6 @@ Usage:
+         Optionally put it on the clipboard and clear board after 45 seconds.
+     $program rm pass-name
+         Remove existing password.
+-    $program push
+-        If the password store is a git repository, push the latest changes.
+-    $program pull
+-        If the password store is a git repository, pull the latest changes.
+-    $program git git-command-args...
+-        If the password store is a git repository, execute a git command
+-        specified by git-command-args.
+     $program help
+         Show this text.
+     $program version
+@@ -63,7 +56,7 @@ _EOF
+ }
+ isCommand() {
+ 	case "$1" in
+-		init|ls|list|show|insert|edit|generate|remove|rm|delete|push|pull|git|help|--help|version|--version) return 0 ;;
++		init|ls|list|show|insert|edit|generate|remove|rm|delete|help|--help|version|--version) return 0 ;;
+ 		*) return 1 ;;
+ 	esac
+ }
+@@ -72,12 +65,12 @@ clip() {
+ 	# in shell. There must be a better way to deal with this, but because I'm a dolt,
+ 	# we're going with this for now.
+ 
+-	before="$(xclip -o -selection clipboard | base64)"
+-	echo -n "$1" | xclip -selection clipboard
++	before="$($XCLIP -o -selection clipboard | $BASE64)"
++	echo -n "$1" | $XCLIP -selection clipboard
+ 	(
+ 		sleep 45
+-		now="$(xclip -o -selection clipboard | base64)"
+-		if [[ $now != $(echo -n "$1" | base64) ]]; then
++		now="$($XCLIP -o -selection clipboard | $BASE64)"
++		if [[ $now != $(echo -n "$1" | $BASE64) ]]; then
+ 			before="$now"
+ 		fi
+ 		# It might be nice to programatically check to see if klipper exists,
+@@ -85,7 +78,7 @@ clip() {
+ 		# this works fine. Clipboard managers frequently write their history
+ 		# out in plaintext, so we axe it here.
+ 		qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+-		echo "$before" | base64 -d | xclip -selection clipboard
++		echo "$before" | $BASE64 -d | $XCLIP -selection clipboard
+ 	) & disown
+ 	echo "Copied $2 to clipboard. Will clear in 45 seconds."
+ }
+@@ -134,7 +127,7 @@ case "$command" in
+ 	show|ls|list)
+ 		clip=0
+ 
+-		opts="$(getopt -o c -l clip -n $program -- "$@")"
++		opts="$($GETOPT -o c -l clip -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -162,9 +155,9 @@ case "$command" in
+ 				exit 1
+ 			fi
+ 			if [ $clip -eq 0 ]; then
+-				exec gpg -q -d --yes --batch "$passfile"
++				exec $GPG -q -d --yes --batch "$passfile"
+ 			else
+-				clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
++				clip "$($GPG -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+ 			fi
+ 		fi
+ 		;;
+@@ -173,7 +166,7 @@ case "$command" in
+ 		noecho=0
+ 		force=0
+ 
+-		opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++		opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -201,7 +194,7 @@ case "$command" in
+ 		if [[ $ml -eq 1 ]]; then
+ 			echo "Enter contents of $path and press Ctrl+D when finished:"
+ 			echo
+-			cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++			cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ 		elif [[ $noecho -eq 1 ]]; then
+ 			while true; do
+ 				read -p "Enter password for $path: " -s password
+@@ -209,7 +202,7 @@ case "$command" in
+ 				read -p "Retype password for $path: " -s password_again
+ 				echo
+ 				if [[ $password == $password_again ]]; then
+-					gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++					$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 					break
+ 				else
+ 					echo "Error: the entered passwords do not match."
+@@ -217,11 +210,7 @@ case "$command" in
+ 			done
+ 		else
+ 			read -p "Enter password for $path: " -e password
+-			gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+-		fi
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added given password for $path to store."
++			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 		fi
+ 		;;
+ 	edit)
+@@ -252,25 +241,20 @@ case "$command" in
+ 
+ 		action="Added"
+ 		if [[ -f $passfile ]]; then
+-			gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++			$GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ 			action="Edited"
+ 		fi
+ 		${EDITOR:-vi} "$tmp_file"
+-		while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++		while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ 			echo "GPG encryption failed. Retrying."
+ 			sleep 1
+ 		done
+-
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "$action password for $path using ${EDITOR:-vi}."
+-		fi
+ 		;;
+ 	generate)
+ 		clip=0
+ 		symbols="-y"
+ 
+-		opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++		opts="$($GETOPT -o nc -l no-symbols,clip -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -292,12 +276,7 @@ case "$command" in
+ 		mkdir -p -v "$PREFIX/$(dirname "$path")"
+ 		pass="$(pwgen -s $symbols $length 1)"
+ 		passfile="$PREFIX/$path.gpg"
+-		gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added generated password for $path to store."
+-		fi
+-		
++		$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+ 		if [ $clip -eq 0 ]; then
+ 			echo "The generated password to $path is:"
+ 			echo "$pass"
+@@ -317,26 +296,6 @@ case "$command" in
+ 			exit 1
+ 		fi
+ 		rm -i -v "$passfile"
+-		if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+-			git rm -f "$passfile"
+-			git commit -m "Removed $path from store."
+-		fi
+-		;;
+-	push|pull)
+-		if [[ -d $GIT ]]; then
+-			exec git $command "$@"
+-		else
+-			echo "Error: the password store is not a git repository."
+-			exit 1
+-		fi
+-		;;
+-	git)
+-		if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+-			exec git "$@"
+-		else
+-			echo "Error: the password store is not a git repository."
+-			exit 1
+-		fi
+ 		;;
+ 	*)
+ 		usage
diff --git a/sysutils/password-store/files/linuxism+xclip.patch b/sysutils/password-store/files/linuxism+xclip.patch
new file mode 100644
index 000000000000..ea6ba1af76f7
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+xclip.patch
@@ -0,0 +1,374 @@
+diff --git a/README b/README
+index 52e23af..ce7c745 100644
+--- README
++++ README
+@@ -15,7 +15,6 @@ Please see the man page for documentation and examples.
+ Depends on:
+ - gpg2
+ - git
+-- xclip
+ - pwgen
+ - tree
+ - GNU getopt
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..5e1c3ac 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -45,7 +45,6 @@ _pass_cmd_ls () {
+ 
+ _pass_cmd_show () {
+   _arguments : \
+-    "-c[put it on the clipboard]" \
+     '*::show:_get_stored_pwd'
+     #'::pass id:_files -W ~/.password-store -g "*.gpg(|.*)(-.)"'
+ }
+@@ -65,7 +64,6 @@ _pass_cmd_insert () {
+ _pass_cmd_generate () {
+   _arguments : \
+     "-n[no symbols]" \
+-    "-c[put password on the clipboard]" \
+     '::show:_get_stored_pwd'
+ }
+ 
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..7df6551 100644
+--- man/pass.1
++++ man/pass.1
+@@ -64,12 +64,8 @@ by using the
+ .BR tree (1)
+ program. This command is alternatively named \fBlist\fP.
+ .TP
+-\fBshow\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP
+-Decrypt and print a password named \fIpass-name\fP. If \fI--clip\fP or \fI-c\fP
+-is specified, do not print the password but instead copy the first line to the
+-clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
++\fBshow\fP \fIpass-name\fP
++Decrypt and print a password named \fIpass-name\fP.
+ .TP
+ \fBinsert\fP [ \fI--no-echo\fP, \fI-n\fP | \fI--multiline\fP, \fI-m\fP ] [ \fI--force\fP, \fI-f\fP ]\fIpass-name\fP
+ Insert a new password into the password store called \fIpass-name\fP. This will
+@@ -88,15 +84,11 @@ ensure that temporary files are created in \fI/dev/shm\fP in order to avoid writ
+ difficult-to-erase disk sectors. If \fI/dev/shm\fP is not accessible, fallback to
+ the ordinary \fBTMPDIR\fP location, and print a warning.
+ .TP
+-\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] [ \fI--clip\fP, \fI-c\fP ] \fIpass-name pass-length\fP
++\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] \fIpass-name pass-length\fP
+ Generate a new password using
+ .BR pwgen (1)
+ of length \fIpass-length\fP and insert into \fIpass-name\fP. If \fI--no-symbols\fP or \fI-n\fP
+ is specified, do not use any non-alphanumeric characters in the generated password.
+-If \fI--clip\fP or \fI-c\fP is specified, do not print the password but instead copy
+-it to the clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
+ .TP
+ \fBrm\fP \fIpass-name\fP
+ Remove the password named \fIpass-name\fP from the password store. This command is
+@@ -165,11 +157,6 @@ Show existing password
+ .br
+ sup3rh4x3rizmynam3 
+ .TP
+-Copy existing password to clipboard
+-.B zx2c4@laptop ~ $ pass -c Email/zx2c4.com 
+-.br
+-Copied Email/jason@zx2c4.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Add password to store
+ .B zx2c4@laptop ~ $ pass insert Business/cheese-whiz-factory 
+ .br
+@@ -208,11 +195,6 @@ The generated password to Email/jasondonenfeld.com is:
+ .br
+ YqFsMkBeO6di
+ .TP
+-Generate new password and copy it to the clipboard
+-.B zx2c4@laptop ~ $ pass -c generate Email/jasondonenfeld.com 19
+-.br
+-Copied Email/jasondonenfeld.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Remove password from store
+ .B zx2c4@laptop ~ $ pass remove Business/cheese-whiz-factory 
+ .br
+@@ -321,7 +303,6 @@ be set using the \fBinit\fP command.
+ .BR gpg (1),
+ .BR pwgen (1),
+ .BR git (1),
+-.BR xclip (1).
+ 
+ .SH AUTHOR
+ .B pass
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..43e095e 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+ 
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,10 +7,13 @@ umask 077
+ 
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
++GITDIR="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++GIT=git
+ 
+-export GIT_DIR="$GIT"
++export GIT_DIR="$GITDIR"
+ export GIT_WORK_TREE="$PREFIX"
+ 
+ version() {
+@@ -34,18 +37,16 @@ Usage:
+         Initialize new password storage and use gpg-id for encryption.
+     $program [ls] [subfolder]
+         List passwords.
+-    $program [show] [--clip,-c] pass-name
+-        Show existing password and optionally put it on the clipboard.
+-        If put on the clipboard, it will be cleared in 45 seconds.
++    $program [show] pass-name
++        Show existing password
+     $program insert [--no-echo,-n | --multiline,-m] [--force,-f] pass-name
+         Insert new password. Optionally, the console can be enabled to not
+         echo the password back. Or, optionally, it may be multiline. Prompt
+         before overwriting existing password unless forced.
+     $program edit pass-name
+         Insert a new password or edit an existing password using ${EDITOR:-vi}.
+-    $program generate [--no-symbols,-n] [--clip,-c] pass-name pass-length
++    $program generate [--no-symbols,-n] pass-name pass-length
+         Generate a new password of pass-length with optionally no symbols.
+-        Optionally put it on the clipboard and clear board after 45 seconds.
+     $program rm pass-name
+         Remove existing password.
+     $program push
+@@ -67,28 +68,6 @@ isCommand() {
+ 		*) return 1 ;;
+ 	esac
+ }
+-clip() {
+-	# This base64 business is a disgusting hack to deal with newline inconsistancies
+-	# in shell. There must be a better way to deal with this, but because I'm a dolt,
+-	# we're going with this for now.
+-
+-	before="$(xclip -o -selection clipboard | base64)"
+-	echo -n "$1" | xclip -selection clipboard
+-	(
+-		sleep 45
+-		now="$(xclip -o -selection clipboard | base64)"
+-		if [[ $now != $(echo -n "$1" | base64) ]]; then
+-			before="$now"
+-		fi
+-		# It might be nice to programatically check to see if klipper exists,
+-		# as well as checking for other common clipboard managers. But for now,
+-		# this works fine. Clipboard managers frequently write their history
+-		# out in plaintext, so we axe it here.
+-		qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+-		echo "$before" | base64 -d | xclip -selection clipboard
+-	) & disown
+-	echo "Copied $2 to clipboard. Will clear in 45 seconds."
+-}
+ program="$(basename "$0")"
+ command="$1"
+ if isCommand "$command"; then
+@@ -132,18 +111,10 @@ fi
+ 
+ case "$command" in
+ 	show|ls|list)
+-		clip=0
+-
+-		opts="$(getopt -o c -l clip -n $program -- "$@")"
+ 		err=$?
+-		eval set -- "$opts"
+-		while true; do case $1 in
+-			-c|--clip) clip=1; shift ;;
+-			--) shift; break ;;
+-		esac done
+ 
+ 		if [[ $err -ne 0 ]]; then
+-			echo "Usage: $program $command [--clip,-c] [pass-name]"
++			echo "Usage: $program $command [pass-name]"
+ 			exit 1
+ 		fi
+ 
+@@ -161,11 +132,7 @@ case "$command" in
+ 				echo "$path is not in the password store."
+ 				exit 1
+ 			fi
+-			if [ $clip -eq 0 ]; then
+-				exec gpg -q -d --yes --batch "$passfile"
+-			else
+-				clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+-			fi
++		    exec $GPG -q -d --yes --batch "$passfile"
+ 		fi
+ 		;;
+ 	insert)
+@@ -173,7 +140,7 @@ case "$command" in
+ 		noecho=0
+ 		force=0
+ 
+-		opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++		opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -201,7 +168,7 @@ case "$command" in
+ 		if [[ $ml -eq 1 ]]; then
+ 			echo "Enter contents of $path and press Ctrl+D when finished:"
+ 			echo
+-			cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++			cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ 		elif [[ $noecho -eq 1 ]]; then
+ 			while true; do
+ 				read -p "Enter password for $path: " -s password
+@@ -209,7 +176,7 @@ case "$command" in
+ 				read -p "Retype password for $path: " -s password_again
+ 				echo
+ 				if [[ $password == $password_again ]]; then
+-					gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++					$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 					break
+ 				else
+ 					echo "Error: the entered passwords do not match."
+@@ -217,11 +184,11 @@ case "$command" in
+ 			done
+ 		else
+ 			read -p "Enter password for $path: " -e password
+-			gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 		fi
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added given password for $path to store."
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "Added given password for $path to store."
+ 		fi
+ 		;;
+ 	edit)
+@@ -252,35 +219,33 @@ case "$command" in
+ 
+ 		action="Added"
+ 		if [[ -f $passfile ]]; then
+-			gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++			$GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ 			action="Edited"
+ 		fi
+ 		${EDITOR:-vi} "$tmp_file"
+-		while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++		while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ 			echo "GPG encryption failed. Retrying."
+ 			sleep 1
+ 		done
+ 
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "$action password for $path using ${EDITOR:-vi}."
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "$action password for $path using ${EDITOR:-vi}."
+ 		fi
+ 		;;
+ 	generate)
+-		clip=0
+ 		symbols="-y"
+ 
+-		opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++		opts="$($GETOPT -o nc -l no-symbols -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+ 			-n|--no-symbols) symbols=""; shift ;;
+-			-c|--clip) clip=1; shift ;;
+ 			--) shift; break ;;
+ 		esac done
+ 
+ 		if [[ $err -ne 0 || $# -ne 2 ]]; then
+-			echo "Usage: $program $command [--no-symbols,-n] [--clip,-c] pass-name pass-length"
++			echo "Usage: $program $command [--no-symbols,-n] pass-name pass-length"
+ 			exit 1
+ 		fi
+ 		path="$1"
+@@ -292,18 +257,13 @@ case "$command" in
+ 		mkdir -p -v "$PREFIX/$(dirname "$path")"
+ 		pass="$(pwgen -s $symbols $length 1)"
+ 		passfile="$PREFIX/$path.gpg"
+-		gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added generated password for $path to store."
+-		fi
+-		
+-		if [ $clip -eq 0 ]; then
+-			echo "The generated password to $path is:"
+-			echo "$pass"
+-		else
+-			clip "$pass" "$path"
++		$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "Added generated password for $path to store."
+ 		fi
++		echo "The generated password to $path is:"
++		echo "$pass"
+ 		;;
+ 	delete|rm|remove)
+ 		if [[ $# -ne 1 ]]; then
+@@ -317,22 +277,45 @@ case "$command" in
+ 			exit 1
+ 		fi
+ 		rm -i -v "$passfile"
+-		if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+-			git rm -f "$passfile"
+-			git commit -m "Removed $path from store."
++		if [[ -d $GITDIR ]] && ! [[ -f $passfile ]]; then
++			$GIT rm -f "$passfile"
++			$GIT commit -m "Removed $path from store."
+ 		fi
+ 		;;
+ 	push|pull)
+-		if [[ -d $GIT ]]; then
+-			exec git $command "$@"
++		if [[ -d $GITDIR ]]; then
++			exec $GIT $command "$@"
+ 		else
+ 			echo "Error: the password store is not a git repository."
+ 			exit 1
+ 		fi
+ 		;;
+ 	git)
+-		if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+-			exec git "$@"
++		if [[ $1 == "init" ]]; then
++			username=$2
++			useremail=$3
++
++			$GIT init
++
++			if [ -z "$username" ]; then
++			    current=$($GIT config user.name)
++			    prompt="Set your git user.name: "
++			    read -e -i "$current" -p "$prompt" username
++                username="${username:-$username}"
++			fi
++			if [ -z "$useremail" ]; then
++			    current=$($GIT config user.email)
++			    prompt="Set your git user.email: "
++			    read -e -i "$current" -p "$prompt" useremail
++                useremail="${useremail:-$useremail}"
++			fi
++			$GIT config user.name "$username"
++			$GIT config user.email "$useremail"
++			echo .gpg-id > $PREFIX/.gitignore
++			$GIT add .
++			$GIT commit -m "Adding existing passwords to the store."
++		elif [[ -d $GITDIR ]]; then
++			exec $GIT "$@"
+ 		else
+ 			echo "Error: the password store is not a git repository."
+ 			exit 1
diff --git a/sysutils/password-store/files/linuxism.patch b/sysutils/password-store/files/linuxism.patch
new file mode 100644
index 000000000000..9920ff2a5a6b
--- /dev/null
+++ b/sysutils/password-store/files/linuxism.patch
@@ -0,0 +1,218 @@
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..78c45b8 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+ 
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,10 +7,15 @@ umask 077
+ 
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
++GITDIR="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++GIT=git
++XCLIP=xclip
++BASE64=base64
+ 
+-export GIT_DIR="$GIT"
++export GIT_DIR="$GITDIR"
+ export GIT_WORK_TREE="$PREFIX"
+ 
+ version() {
+@@ -72,12 +77,12 @@ clip() {
+ 	# in shell. There must be a better way to deal with this, but because I'm a dolt,
+ 	# we're going with this for now.
+ 
+-	before="$(xclip -o -selection clipboard | base64)"
+-	echo -n "$1" | xclip -selection clipboard
++	before="$($XCLIP -o -selection clipboard | $BASE64)"
++	echo -n "$1" | $XCLIP -selection clipboard
+ 	(
+ 		sleep 45
+-		now="$(xclip -o -selection clipboard | base64)"
+-		if [[ $now != $(echo -n "$1" | base64) ]]; then
++		now="$($XCLIP -o -selection clipboard | $BASE64)"
++		if [[ $now != $(echo -n "$1" | $BASE64) ]]; then
+ 			before="$now"
+ 		fi
+ 		# It might be nice to programatically check to see if klipper exists,
+@@ -85,7 +90,7 @@ clip() {
+ 		# this works fine. Clipboard managers frequently write their history
+ 		# out in plaintext, so we axe it here.
+ 		qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+-		echo "$before" | base64 -d | xclip -selection clipboard
++		echo "$before" | $BASE64 -d | $XCLIP -selection clipboard
+ 	) & disown
+ 	echo "Copied $2 to clipboard. Will clear in 45 seconds."
+ }
+@@ -134,7 +139,7 @@ case "$command" in
+ 	show|ls|list)
+ 		clip=0
+ 
+-		opts="$(getopt -o c -l clip -n $program -- "$@")"
++		opts="$($GETOPT -o c -l clip -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -162,9 +167,9 @@ case "$command" in
+ 				exit 1
+ 			fi
+ 			if [ $clip -eq 0 ]; then
+-				exec gpg -q -d --yes --batch "$passfile"
++				exec $GPG -q -d --yes --batch "$passfile"
+ 			else
+-				clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
++				clip "$($GPG -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+ 			fi
+ 		fi
+ 		;;
+@@ -173,7 +178,7 @@ case "$command" in
+ 		noecho=0
+ 		force=0
+ 
+-		opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++		opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -201,7 +206,7 @@ case "$command" in
+ 		if [[ $ml -eq 1 ]]; then
+ 			echo "Enter contents of $path and press Ctrl+D when finished:"
+ 			echo
+-			cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++			cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ 		elif [[ $noecho -eq 1 ]]; then
+ 			while true; do
+ 				read -p "Enter password for $path: " -s password
+@@ -209,7 +214,7 @@ case "$command" in
+ 				read -p "Retype password for $path: " -s password_again
+ 				echo
+ 				if [[ $password == $password_again ]]; then
+-					gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++					$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 					break
+ 				else
+ 					echo "Error: the entered passwords do not match."
+@@ -217,11 +222,11 @@ case "$command" in
+ 			done
+ 		else
+ 			read -p "Enter password for $path: " -e password
+-			gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++			$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ 		fi
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added given password for $path to store."
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "Added given password for $path to store."
+ 		fi
+ 		;;
+ 	edit)
+@@ -252,25 +257,25 @@ case "$command" in
+ 
+ 		action="Added"
+ 		if [[ -f $passfile ]]; then
+-			gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++			$GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ 			action="Edited"
+ 		fi
+ 		${EDITOR:-vi} "$tmp_file"
+-		while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++		while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ 			echo "GPG encryption failed. Retrying."
+ 			sleep 1
+ 		done
+ 
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "$action password for $path using ${EDITOR:-vi}."
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "$action password for $path using ${EDITOR:-vi}."
+ 		fi
+ 		;;
+ 	generate)
+ 		clip=0
+ 		symbols="-y"
+ 
+-		opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++		opts="$($GETOPT -o nc -l no-symbols,clip -n $program -- "$@")"
+ 		err=$?
+ 		eval set -- "$opts"
+ 		while true; do case $1 in
+@@ -292,10 +297,10 @@ case "$command" in
+ 		mkdir -p -v "$PREFIX/$(dirname "$path")"
+ 		pass="$(pwgen -s $symbols $length 1)"
+ 		passfile="$PREFIX/$path.gpg"
+-		gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+-		if [[ -d $GIT ]]; then
+-			git add "$passfile"
+-			git commit -m "Added generated password for $path to store."
++		$GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++		if [[ -d $GITDIR ]]; then
++			$GIT add "$passfile"
++			$GIT commit -m "Added generated password for $path to store."
+ 		fi
+ 		
+ 		if [ $clip -eq 0 ]; then
+@@ -317,22 +322,45 @@ case "$command" in
+ 			exit 1
+ 		fi
+ 		rm -i -v "$passfile"
+-		if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+-			git rm -f "$passfile"
+-			git commit -m "Removed $path from store."
++		if [[ -d $GITDIR ]] && ! [[ -f $passfile ]]; then
++			$GIT rm -f "$passfile"
++			$GIT commit -m "Removed $path from store."
+ 		fi
+ 		;;
+ 	push|pull)
+-		if [[ -d $GIT ]]; then
+-			exec git $command "$@"
++		if [[ -d $GITDIR ]]; then
++			exec $GIT $command "$@"
+ 		else
+ 			echo "Error: the password store is not a git repository."
+ 			exit 1
+ 		fi
+ 		;;
+ 	git)
+-		if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+-			exec git "$@"
++		if [[ $1 == "init" ]]; then
++			username=$2
++			useremail=$3
++
++			$GIT init
++
++			if [ -z "$username" ]; then
++			    current=$($GIT config user.name)
++			    prompt="Set your git user.name: "
++			    read -e -i "$current" -p "$prompt" username
++                username="${username:-$username}"
++			fi
++			if [ -z "$useremail" ]; then
++			    current=$($GIT config user.email)
++			    prompt="Set your git user.email: "
++			    read -e -i "$current" -p "$prompt" useremail
++                useremail="${useremail:-$useremail}"
++			fi
++			$GIT config user.name "$username"
++			$GIT config user.email "$useremail"
++			echo .gpg-id > $PREFIX/.gitignore
++			$GIT add .
++			$GIT commit -m "Adding existing passwords to the store."
++		elif [[ -d $GITDIR ]]; then
++			exec $GIT "$@"
+ 		else
+ 			echo "Error: the password store is not a git repository."
+ 			exit 1
diff --git a/sysutils/password-store/pkg-descr b/sysutils/password-store/pkg-descr
new file mode 100644
index 000000000000..39031160d478
--- /dev/null
+++ b/sysutils/password-store/pkg-descr
@@ -0,0 +1,18 @@
+Password management should be simple and follow Unix philosophy. With pass, each
+password lives inside of a gpg encrypted file whose filename is the title of the
+website or resource that requires the password. These encrypted files may be
+organized into meaningful folder hierarchies, copied from computer to computer,
+and, in general, manipulated using standard command line file management
+utilities.
+
+pass makes managing these individual password files extremely easy. All
+passwords live in ~/.password-store, and pass provides some nice commands for
+adding, editing, generating, and retrieving passwords. It is a very short and
+simple shell script. It's capable of temporarily putting passwords on your
+clipboard and tracking password changes using git.
+
+You can edit the password store using ordinary unix shell commands alongside the
+pass command. There are no funky file formats or new paradigms to learn. There
+is bash completion so that you can simply hit tab to fill in names.
+
+WWW: http://zx2c4.com/projects/password-store/
author	Steve Wills <swills@FreeBSD.org>	2012-09-17 02:37:38 +0000
committer	Steve Wills <swills@FreeBSD.org>	2012-09-17 02:37:38 +0000
commit	ecd8106d7fc2f6680fa8504ecedf024868d6c9d6 (patch)
tree	a4e56ce5ef9127f53c4aa94ef60ae7fc57d411b3 /sysutils/password-store
parent	1484e36defc3ee7b26a1e0f89e715897367d58d1 (diff)