aboutsummaryrefslogtreecommitdiff
path: root/sysutils/password-store
diff options
context:
space:
mode:
authorSteve Wills <swills@FreeBSD.org>2012-09-17 02:37:38 +0000
committerSteve Wills <swills@FreeBSD.org>2012-09-17 02:37:38 +0000
commitecd8106d7fc2f6680fa8504ecedf024868d6c9d6 (patch)
treea4e56ce5ef9127f53c4aa94ef60ae7fc57d411b3 /sysutils/password-store
parent1484e36defc3ee7b26a1e0f89e715897367d58d1 (diff)
downloadports-ecd8106d7fc2f6680fa8504ecedf024868d6c9d6.tar.gz
ports-ecd8106d7fc2f6680fa8504ecedf024868d6c9d6.zip
Password management should be simple and follow Unix philosophy. With pass, each
password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities. pass makes managing these individual password files extremely easy. All passwords live in ~/.password-store, and pass provides some nice commands for adding, editing, generating, and retrieving passwords. It is a very short and simple shell script. It's capable of temporarily putting passwords on your clipboard and tracking password changes using git. You can edit the password store using ordinary unix shell commands alongside the pass command. There are no funky file formats or new paradigms to learn. There is bash completion so that you can simply hit tab to fill in names. WWW: http://zx2c4.com/projects/password-store/ PR: ports/171686 Submitted by: milki@rescomp.berkeley.edu
Notes
Notes: svn path=/head/; revision=304384
Diffstat (limited to 'sysutils/password-store')
-rw-r--r--sysutils/password-store/Makefile66
-rw-r--r--sysutils/password-store/distinfo2
-rw-r--r--sysutils/password-store/files/linuxism+git+xclip.patch475
-rw-r--r--sysutils/password-store/files/linuxism+git.patch358
-rw-r--r--sysutils/password-store/files/linuxism+xclip.patch374
-rw-r--r--sysutils/password-store/files/linuxism.patch218
-rw-r--r--sysutils/password-store/pkg-descr18
7 files changed, 1511 insertions, 0 deletions
diff --git a/sysutils/password-store/Makefile b/sysutils/password-store/Makefile
new file mode 100644
index 000000000000..84dfd05bb1c7
--- /dev/null
+++ b/sysutils/password-store/Makefile
@@ -0,0 +1,66 @@
+# $FreeBSD$
+
+PORTNAME= password-store
+PORTVERSION= 1.3.1
+CATEGORIES= sysutils
+MASTER_SITES= http://git.zx2c4.com/password-store/snapshot/
+EXTRACT_SUFX= .tar.xz
+
+MAINTAINER= milki@rescomp.berkeley.edu
+COMMENT= Stores, retrieves, generates, and synchronizes passwords securely
+
+LICENSE= GPLv2
+
+RUN_DEPENDS= gnupg>=2:${PORTSDIR}/security/gnupg \
+ pwgen>=0:${PORTSDIR}/sysutils/pwgen \
+ tree>=0:${PORTSDIR}/sysutils/tree
+
+OPTIONS_DEFINE= GIT XCLIP
+
+GIT_DESC= Enable git backend
+XCLIP_DESC= Enable xclip feature
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MGIT}
+RUN_DEPENDS+= git>=0:${PORTSDIR}/devel/git
+.endif
+
+.if ${PORT_OPTIONS:MXCLIP}
+RUN_DEPENDS+= base64>=0:${PORTSDIR}/converters/base64 \
+ xclip>=0:${PORTSDIR}/x11/xclip
+.endif
+
+do-patch:
+.if empty(PORT_OPTIONS:MGIT) && empty(PORT_OPTIONS:MXCLIP)
+ (cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+git+xclip.patch)
+.elif empty(PORT_OPTIONS:MGIT)
+ (cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+git.patch)
+.elif empty(PORT_OPTIONS:MXCLIP)
+ (cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism+xclip.patch)
+.else
+ (cd ${WRKSRC} && ${PATCH} < ${PATCHDIR}/linuxism.patch)
+.endif
+
+# empty to skip make
+do-build:
+
+do-install:
+ ${INSTALL_SCRIPT} ${WRKSRC}/src/password-store.sh ${PREFIX}/libexec/pass
+ @${LN} -s ${PREFIX}/libexec/pass ${PREFIX}/bin/pass
+
+ @${MKDIR} ${DATADIR}
+ ${INSTALL_DATA} ${WRKSRC}/contrib/pass.bash-completion ${DATADIR}/
+ ${INSTALL_DATA} ${WRKSRC}/contrib/pass.zsh-completion ${DATADIR}/
+ ${INSTALL_DATA} ${WRKSRC}/man/pass.1 ${MANPREFIX}/man/man1/pass.1
+
+MAN1= pass.1
+MANCOMPRESSED= no
+
+PLIST_FILES= bin/pass \
+ libexec/pass \
+ share/password-store/pass.bash-completion \
+ share/password-store/pass.zsh-completion
+PLIST_DIRS= share/password-store
+
+.include <bsd.port.mk>
diff --git a/sysutils/password-store/distinfo b/sysutils/password-store/distinfo
new file mode 100644
index 000000000000..e93ea26bb3d9
--- /dev/null
+++ b/sysutils/password-store/distinfo
@@ -0,0 +1,2 @@
+SHA256 (password-store-1.3.1.tar.xz) = 351c0e2eb3315ca317026e73f7654a6351f2674000d9476b18c1525cbc5d732d
+SIZE (password-store-1.3.1.tar.xz) = 14864
diff --git a/sysutils/password-store/files/linuxism+git+xclip.patch b/sysutils/password-store/files/linuxism+git+xclip.patch
new file mode 100644
index 000000000000..3e55bb955318
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+git+xclip.patch
@@ -0,0 +1,475 @@
+diff --git a/README b/README
+index 52e23af..f24107f 100644
+--- README
++++ README
+@@ -14,8 +14,6 @@ Please see the man page for documentation and examples.
+
+ Depends on:
+ - gpg2
+-- git
+-- xclip
+ - pwgen
+ - tree
+ - GNU getopt
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..f589b5e 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -27,9 +27,6 @@ _pass () {
+ "generate[Generate a new password using pwgen]" \
+ "edit[Edit a password with \$EDITOR]" \
+ "rm[Remove the password]" \
+- "push[push the latest changes using git-push(1)]" \
+- "pull[pull the latest changes using git-pull(1)]" \
+- "git[Call git]" \
+ "help[Help]"
+ _pass_cmd_show
+ fi
+@@ -45,7 +42,6 @@ _pass_cmd_ls () {
+
+ _pass_cmd_show () {
+ _arguments : \
+- "-c[put it on the clipboard]" \
+ '*::show:_get_stored_pwd'
+ #'::pass id:_files -W ~/.password-store -g "*.gpg(|.*)(-.)"'
+ }
+@@ -65,7 +61,6 @@ _pass_cmd_insert () {
+ _pass_cmd_generate () {
+ _arguments : \
+ "-n[no symbols]" \
+- "-c[put password on the clipboard]" \
+ '::show:_get_stored_pwd'
+ }
+
+@@ -75,6 +70,6 @@ _pass_cmd_rm () {
+ }
+
+ _get_stored_pwd () {
+- compadd `find ~/.password-store \( -name .git -o -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
++ compadd `find ~/.password-store \( -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
+
+ }
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..8eeb49b 100644
+--- man/pass.1
++++ man/pass.1
+@@ -34,13 +34,6 @@ or
+ depending on the type of specifier in ARGS. Otherwise COMMAND must be one of
+ the valid commands listed below.
+
+-Several of the commands below rely on or provide additional functionality if
+-the password store directory is also a git repository. If the password store
+-directory is a git repository, all password store modification commands will
+-cause a corresponding git commit. See the \fIEXAMPLES\fP section for an
+-extended description using \fBinit\fP and
+-.BR git (1).
+-
+ The \fBinit\fP command must be run before other commands in order to initialize
+ the password store with the correct gpg key id.
+
+@@ -64,12 +57,8 @@ by using the
+ .BR tree (1)
+ program. This command is alternatively named \fBlist\fP.
+ .TP
+-\fBshow\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP
+-Decrypt and print a password named \fIpass-name\fP. If \fI--clip\fP or \fI-c\fP
+-is specified, do not print the password but instead copy the first line to the
+-clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
++\fBshow\fP \fIpass-name\fP
++Decrypt and print a password named \fIpass-name\fP.
+ .TP
+ \fBinsert\fP [ \fI--no-echo\fP, \fI-n\fP | \fI--multiline\fP, \fI-m\fP ] [ \fI--force\fP, \fI-f\fP ]\fIpass-name\fP
+ Insert a new password into the password store called \fIpass-name\fP. This will
+@@ -88,33 +77,16 @@ ensure that temporary files are created in \fI/dev/shm\fP in order to avoid writ
+ difficult-to-erase disk sectors. If \fI/dev/shm\fP is not accessible, fallback to
+ the ordinary \fBTMPDIR\fP location, and print a warning.
+ .TP
+-\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] [ \fI--clip\fP, \fI-c\fP ] \fIpass-name pass-length\fP
++\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] \fIpass-name pass-length\fP
+ Generate a new password using
+ .BR pwgen (1)
+ of length \fIpass-length\fP and insert into \fIpass-name\fP. If \fI--no-symbols\fP or \fI-n\fP
+ is specified, do not use any non-alphanumeric characters in the generated password.
+-If \fI--clip\fP or \fI-c\fP is specified, do not print the password but instead copy
+-it to the clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
+ .TP
+ \fBrm\fP \fIpass-name\fP
+ Remove the password named \fIpass-name\fP from the password store. This command is
+ alternatively named \fBremove\fP.
+ .TP
+-\fBpush\fP
+-If the password store is a git repository, push the latest changes using
+-.BR git-push (1).
+-.TP
+-\fBpull\fP
+-If the password store is a git repository, pull the latest changes using
+-.BR git-pull (1).
+-.TP
+-\fBgit\fP \fIgit-command-args\fP...
+-If the password store is a git repository, pass \fIgit-command-args\fP as arguments to
+-.BR git (1)
+-using the password store as the git repository.
+-.TP
+ \fBhelp\fP
+ Show usage message.
+ .TP
+@@ -165,11 +137,6 @@ Show existing password
+ .br
+ sup3rh4x3rizmynam3
+ .TP
+-Copy existing password to clipboard
+-.B zx2c4@laptop ~ $ pass -c Email/zx2c4.com
+-.br
+-Copied Email/jason@zx2c4.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Add password to store
+ .B zx2c4@laptop ~ $ pass insert Business/cheese-whiz-factory
+ .br
+@@ -208,11 +175,6 @@ The generated password to Email/jasondonenfeld.com is:
+ .br
+ YqFsMkBeO6di
+ .TP
+-Generate new password and copy it to the clipboard
+-.B zx2c4@laptop ~ $ pass -c generate Email/jasondonenfeld.com 19
+-.br
+-Copied Email/jasondonenfeld.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Remove password from store
+ .B zx2c4@laptop ~ $ pass remove Business/cheese-whiz-factory
+ .br
+@@ -220,10 +182,8 @@ rm: remove regular file \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz
+ .br
+ removed \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg\[u2019]
+
+-.SH EXTENDED GIT EXAMPLE
+-Here, we initialize new password store, create a git repository, and then manipulate and sync passwords. Make note of the arguments to the first call of \fBpass push\fP; consult
+-.BR git-push (1)
+-for more information.
++.SH EXTENDED EXAMPLE
++Here, we initialize new password store, and then manipulate and sync passwords.
+
+ .B zx2c4@laptop ~ $ pass init Jason@zx2c4.com
+ .br
+@@ -231,12 +191,6 @@ mkdir: created directory \[u2018]/home/zx2c4/.password-store\[u2019]
+ .br
+ Password store initialized for Jason@zx2c4.com.
+
+-.B zx2c4@laptop ~ $ pass git init
+-.br
+-Initialized empty Git repository in /home/zx2c4/.password-store/.git/
+-
+-.B zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store
+-
+ .B zx2c4@laptop ~ $ pass generate Amazon/amazonemail@email.com 21
+ .br
+ mkdir: created directory \[u2018]/home/zx2c4/.password-store/Amazon\[u2019]
+@@ -251,24 +205,6 @@ The generated password to Amazon/amazonemail@email.com is:
+ .br
+ <5m,_BrZY`antNDxKN<0A
+
+-.B zx2c4@laptop ~ $ pass push -u --all
+-.br
+-Counting objects: 4, done.
+-.br
+-Delta compression using up to 2 threads.
+-.br
+-Compressing objects: 100% (3/3), done.
+-.br
+-Writing objects: 100% (4/4), 921 bytes, done.
+-.br
+-Total 4 (delta 0), reused 0 (delta 0)
+-.br
+-To kexec.com:pass-store
+-.br
+-* [new branch] master -> master
+-.br
+-Branch master set up to track remote branch master from origin.
+-
+ .B zx2c4@laptop ~ $ pass insert Amazon/otheraccount@email.com
+ .br
+ Enter password for Amazon/otheraccount@email.com: som3r3a11yb1gp4ssw0rd!!88**
+@@ -293,20 +229,6 @@ rm 'Amazon/amazonemail@email.com.gpg'
+ .br
+ delete mode 100644 Amazon/amazonemail@email.com.gpg
+
+-.B zx2c4@laptop ~ $ pass push
+-.br
+-Counting objects: 9, done.
+-.br
+-Delta compression using up to 2 threads.
+-.br
+-Compressing objects: 100% (5/5), done.
+-.br
+-Writing objects: 100% (7/7), 1.25 KiB, done.
+-.br
+-Total 7 (delta 0), reused 0 (delta 0)
+-.br
+-To kexec.com:pass-store
+-
+ .SH FILES
+
+ .TP
+@@ -320,8 +242,6 @@ be set using the \fBinit\fP command.
+ .SH SEE ALSO
+ .BR gpg (1),
+ .BR pwgen (1),
+-.BR git (1),
+-.BR xclip (1).
+
+ .SH AUTHOR
+ .B pass
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..103dfd1 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,11 +7,9 @@ umask 077
+
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
+-
+-export GIT_DIR="$GIT"
+-export GIT_WORK_TREE="$PREFIX"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
+
+ version() {
+ cat <<_EOF
+@@ -34,27 +32,18 @@ Usage:
+ Initialize new password storage and use gpg-id for encryption.
+ $program [ls] [subfolder]
+ List passwords.
+- $program [show] [--clip,-c] pass-name
+- Show existing password and optionally put it on the clipboard.
+- If put on the clipboard, it will be cleared in 45 seconds.
++ $program [show] pass-name
++ Show existing password
+ $program insert [--no-echo,-n | --multiline,-m] [--force,-f] pass-name
+ Insert new password. Optionally, the console can be enabled to not
+ echo the password back. Or, optionally, it may be multiline. Prompt
+ before overwriting existing password unless forced.
+ $program edit pass-name
+ Insert a new password or edit an existing password using ${EDITOR:-vi}.
+- $program generate [--no-symbols,-n] [--clip,-c] pass-name pass-length
++ $program generate [--no-symbols,-n] pass-name pass-length
+ Generate a new password of pass-length with optionally no symbols.
+- Optionally put it on the clipboard and clear board after 45 seconds.
+ $program rm pass-name
+ Remove existing password.
+- $program push
+- If the password store is a git repository, push the latest changes.
+- $program pull
+- If the password store is a git repository, pull the latest changes.
+- $program git git-command-args...
+- If the password store is a git repository, execute a git command
+- specified by git-command-args.
+ $program help
+ Show this text.
+ $program version
+@@ -63,32 +52,10 @@ _EOF
+ }
+ isCommand() {
+ case "$1" in
+- init|ls|list|show|insert|edit|generate|remove|rm|delete|push|pull|git|help|--help|version|--version) return 0 ;;
++ init|ls|list|show|insert|edit|generate|remove|rm|delete|help|--help|version|--version) return 0 ;;
+ *) return 1 ;;
+ esac
+ }
+-clip() {
+- # This base64 business is a disgusting hack to deal with newline inconsistancies
+- # in shell. There must be a better way to deal with this, but because I'm a dolt,
+- # we're going with this for now.
+-
+- before="$(xclip -o -selection clipboard | base64)"
+- echo -n "$1" | xclip -selection clipboard
+- (
+- sleep 45
+- now="$(xclip -o -selection clipboard | base64)"
+- if [[ $now != $(echo -n "$1" | base64) ]]; then
+- before="$now"
+- fi
+- # It might be nice to programatically check to see if klipper exists,
+- # as well as checking for other common clipboard managers. But for now,
+- # this works fine. Clipboard managers frequently write their history
+- # out in plaintext, so we axe it here.
+- qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+- echo "$before" | base64 -d | xclip -selection clipboard
+- ) & disown
+- echo "Copied $2 to clipboard. Will clear in 45 seconds."
+-}
+ program="$(basename "$0")"
+ command="$1"
+ if isCommand "$command"; then
+@@ -132,18 +99,10 @@ fi
+
+ case "$command" in
+ show|ls|list)
+- clip=0
+-
+- opts="$(getopt -o c -l clip -n $program -- "$@")"
+ err=$?
+- eval set -- "$opts"
+- while true; do case $1 in
+- -c|--clip) clip=1; shift ;;
+- --) shift; break ;;
+- esac done
+
+ if [[ $err -ne 0 ]]; then
+- echo "Usage: $program $command [--clip,-c] [pass-name]"
++ echo "Usage: $program $command [pass-name]"
+ exit 1
+ fi
+
+@@ -161,11 +120,7 @@ case "$command" in
+ echo "$path is not in the password store."
+ exit 1
+ fi
+- if [ $clip -eq 0 ]; then
+- exec gpg -q -d --yes --batch "$passfile"
+- else
+- clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+- fi
++ exec $GPG -q -d --yes --batch "$passfile"
+ fi
+ ;;
+ insert)
+@@ -173,7 +128,7 @@ case "$command" in
+ noecho=0
+ force=0
+
+- opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++ opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -201,7 +156,7 @@ case "$command" in
+ if [[ $ml -eq 1 ]]; then
+ echo "Enter contents of $path and press Ctrl+D when finished:"
+ echo
+- cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++ cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ elif [[ $noecho -eq 1 ]]; then
+ while true; do
+ read -p "Enter password for $path: " -s password
+@@ -209,7 +164,7 @@ case "$command" in
+ read -p "Retype password for $path: " -s password_again
+ echo
+ if [[ $password == $password_again ]]; then
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ break
+ else
+ echo "Error: the entered passwords do not match."
+@@ -217,11 +172,7 @@ case "$command" in
+ done
+ else
+ read -p "Enter password for $path: " -e password
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+- fi
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added given password for $path to store."
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ fi
+ ;;
+ edit)
+@@ -252,35 +203,28 @@ case "$command" in
+
+ action="Added"
+ if [[ -f $passfile ]]; then
+- gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++ $GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ action="Edited"
+ fi
+ ${EDITOR:-vi} "$tmp_file"
+- while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++ while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ echo "GPG encryption failed. Retrying."
+ sleep 1
+ done
+-
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "$action password for $path using ${EDITOR:-vi}."
+- fi
+ ;;
+ generate)
+- clip=0
+ symbols="-y"
+
+- opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++ opts="$($GETOPT -o nc -l no-symbols -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+ -n|--no-symbols) symbols=""; shift ;;
+- -c|--clip) clip=1; shift ;;
+ --) shift; break ;;
+ esac done
+
+ if [[ $err -ne 0 || $# -ne 2 ]]; then
+- echo "Usage: $program $command [--no-symbols,-n] [--clip,-c] pass-name pass-length"
++ echo "Usage: $program $command [--no-symbols,-n] pass-name pass-length"
+ exit 1
+ fi
+ path="$1"
+@@ -292,18 +236,9 @@ case "$command" in
+ mkdir -p -v "$PREFIX/$(dirname "$path")"
+ pass="$(pwgen -s $symbols $length 1)"
+ passfile="$PREFIX/$path.gpg"
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added generated password for $path to store."
+- fi
+-
+- if [ $clip -eq 0 ]; then
+- echo "The generated password to $path is:"
+- echo "$pass"
+- else
+- clip "$pass" "$path"
+- fi
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++ echo "The generated password to $path is:"
++ echo "$pass"
+ ;;
+ delete|rm|remove)
+ if [[ $# -ne 1 ]]; then
+@@ -317,26 +252,6 @@ case "$command" in
+ exit 1
+ fi
+ rm -i -v "$passfile"
+- if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+- git rm -f "$passfile"
+- git commit -m "Removed $path from store."
+- fi
+- ;;
+- push|pull)
+- if [[ -d $GIT ]]; then
+- exec git $command "$@"
+- else
+- echo "Error: the password store is not a git repository."
+- exit 1
+- fi
+- ;;
+- git)
+- if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+- exec git "$@"
+- else
+- echo "Error: the password store is not a git repository."
+- exit 1
+- fi
+ ;;
+ *)
+ usage
diff --git a/sysutils/password-store/files/linuxism+git.patch b/sysutils/password-store/files/linuxism+git.patch
new file mode 100644
index 000000000000..98267c063aa9
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+git.patch
@@ -0,0 +1,358 @@
+diff --git a/README b/README
+index 52e23af..273aa27 100644
+--- README
++++ README
+@@ -14,7 +14,6 @@ Please see the man page for documentation and examples.
+
+ Depends on:
+ - gpg2
+-- git
+ - xclip
+ - pwgen
+ - tree
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..cab22e0 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -27,9 +27,6 @@ _pass () {
+ "generate[Generate a new password using pwgen]" \
+ "edit[Edit a password with \$EDITOR]" \
+ "rm[Remove the password]" \
+- "push[push the latest changes using git-push(1)]" \
+- "pull[pull the latest changes using git-pull(1)]" \
+- "git[Call git]" \
+ "help[Help]"
+ _pass_cmd_show
+ fi
+@@ -75,6 +72,6 @@ _pass_cmd_rm () {
+ }
+
+ _get_stored_pwd () {
+- compadd `find ~/.password-store \( -name .git -o -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
++ compadd `find ~/.password-store \( -name .gpg-id \) -prune -o -type f -print | sed 's#.*\.password-store*.##'| sed 's#\.gpg##' | sort`
+
+ }
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..c2ff884 100644
+--- man/pass.1
++++ man/pass.1
+@@ -34,13 +34,6 @@ or
+ depending on the type of specifier in ARGS. Otherwise COMMAND must be one of
+ the valid commands listed below.
+
+-Several of the commands below rely on or provide additional functionality if
+-the password store directory is also a git repository. If the password store
+-directory is a git repository, all password store modification commands will
+-cause a corresponding git commit. See the \fIEXAMPLES\fP section for an
+-extended description using \fBinit\fP and
+-.BR git (1).
+-
+ The \fBinit\fP command must be run before other commands in order to initialize
+ the password store with the correct gpg key id.
+
+@@ -102,19 +95,6 @@ and then restore the clipboard after 45 seconds.
+ Remove the password named \fIpass-name\fP from the password store. This command is
+ alternatively named \fBremove\fP.
+ .TP
+-\fBpush\fP
+-If the password store is a git repository, push the latest changes using
+-.BR git-push (1).
+-.TP
+-\fBpull\fP
+-If the password store is a git repository, pull the latest changes using
+-.BR git-pull (1).
+-.TP
+-\fBgit\fP \fIgit-command-args\fP...
+-If the password store is a git repository, pass \fIgit-command-args\fP as arguments to
+-.BR git (1)
+-using the password store as the git repository.
+-.TP
+ \fBhelp\fP
+ Show usage message.
+ .TP
+@@ -220,10 +200,8 @@ rm: remove regular file \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz
+ .br
+ removed \[u2018]/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg\[u2019]
+
+-.SH EXTENDED GIT EXAMPLE
+-Here, we initialize new password store, create a git repository, and then manipulate and sync passwords. Make note of the arguments to the first call of \fBpass push\fP; consult
+-.BR git-push (1)
+-for more information.
++.SH EXTENDED EXAMPLE
++Here, we initialize new password store, and then manipulate and sync passwords.
+
+ .B zx2c4@laptop ~ $ pass init Jason@zx2c4.com
+ .br
+@@ -231,12 +209,6 @@ mkdir: created directory \[u2018]/home/zx2c4/.password-store\[u2019]
+ .br
+ Password store initialized for Jason@zx2c4.com.
+
+-.B zx2c4@laptop ~ $ pass git init
+-.br
+-Initialized empty Git repository in /home/zx2c4/.password-store/.git/
+-
+-.B zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store
+-
+ .B zx2c4@laptop ~ $ pass generate Amazon/amazonemail@email.com 21
+ .br
+ mkdir: created directory \[u2018]/home/zx2c4/.password-store/Amazon\[u2019]
+@@ -251,24 +223,6 @@ The generated password to Amazon/amazonemail@email.com is:
+ .br
+ <5m,_BrZY`antNDxKN<0A
+
+-.B zx2c4@laptop ~ $ pass push -u --all
+-.br
+-Counting objects: 4, done.
+-.br
+-Delta compression using up to 2 threads.
+-.br
+-Compressing objects: 100% (3/3), done.
+-.br
+-Writing objects: 100% (4/4), 921 bytes, done.
+-.br
+-Total 4 (delta 0), reused 0 (delta 0)
+-.br
+-To kexec.com:pass-store
+-.br
+-* [new branch] master -> master
+-.br
+-Branch master set up to track remote branch master from origin.
+-
+ .B zx2c4@laptop ~ $ pass insert Amazon/otheraccount@email.com
+ .br
+ Enter password for Amazon/otheraccount@email.com: som3r3a11yb1gp4ssw0rd!!88**
+@@ -293,20 +247,6 @@ rm 'Amazon/amazonemail@email.com.gpg'
+ .br
+ delete mode 100644 Amazon/amazonemail@email.com.gpg
+
+-.B zx2c4@laptop ~ $ pass push
+-.br
+-Counting objects: 9, done.
+-.br
+-Delta compression using up to 2 threads.
+-.br
+-Compressing objects: 100% (5/5), done.
+-.br
+-Writing objects: 100% (7/7), 1.25 KiB, done.
+-.br
+-Total 7 (delta 0), reused 0 (delta 0)
+-.br
+-To kexec.com:pass-store
+-
+ .SH FILES
+
+ .TP
+@@ -320,7 +260,6 @@ be set using the \fBinit\fP command.
+ .SH SEE ALSO
+ .BR gpg (1),
+ .BR pwgen (1),
+-.BR git (1),
+ .BR xclip (1).
+
+ .SH AUTHOR
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..6844dc4 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,11 +7,11 @@ umask 077
+
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
+-
+-export GIT_DIR="$GIT"
+-export GIT_WORK_TREE="$PREFIX"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++XCLIP=xclip
++BASE64=base64
+
+ version() {
+ cat <<_EOF
+@@ -48,13 +48,6 @@ Usage:
+ Optionally put it on the clipboard and clear board after 45 seconds.
+ $program rm pass-name
+ Remove existing password.
+- $program push
+- If the password store is a git repository, push the latest changes.
+- $program pull
+- If the password store is a git repository, pull the latest changes.
+- $program git git-command-args...
+- If the password store is a git repository, execute a git command
+- specified by git-command-args.
+ $program help
+ Show this text.
+ $program version
+@@ -63,7 +56,7 @@ _EOF
+ }
+ isCommand() {
+ case "$1" in
+- init|ls|list|show|insert|edit|generate|remove|rm|delete|push|pull|git|help|--help|version|--version) return 0 ;;
++ init|ls|list|show|insert|edit|generate|remove|rm|delete|help|--help|version|--version) return 0 ;;
+ *) return 1 ;;
+ esac
+ }
+@@ -72,12 +65,12 @@ clip() {
+ # in shell. There must be a better way to deal with this, but because I'm a dolt,
+ # we're going with this for now.
+
+- before="$(xclip -o -selection clipboard | base64)"
+- echo -n "$1" | xclip -selection clipboard
++ before="$($XCLIP -o -selection clipboard | $BASE64)"
++ echo -n "$1" | $XCLIP -selection clipboard
+ (
+ sleep 45
+- now="$(xclip -o -selection clipboard | base64)"
+- if [[ $now != $(echo -n "$1" | base64) ]]; then
++ now="$($XCLIP -o -selection clipboard | $BASE64)"
++ if [[ $now != $(echo -n "$1" | $BASE64) ]]; then
+ before="$now"
+ fi
+ # It might be nice to programatically check to see if klipper exists,
+@@ -85,7 +78,7 @@ clip() {
+ # this works fine. Clipboard managers frequently write their history
+ # out in plaintext, so we axe it here.
+ qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+- echo "$before" | base64 -d | xclip -selection clipboard
++ echo "$before" | $BASE64 -d | $XCLIP -selection clipboard
+ ) & disown
+ echo "Copied $2 to clipboard. Will clear in 45 seconds."
+ }
+@@ -134,7 +127,7 @@ case "$command" in
+ show|ls|list)
+ clip=0
+
+- opts="$(getopt -o c -l clip -n $program -- "$@")"
++ opts="$($GETOPT -o c -l clip -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -162,9 +155,9 @@ case "$command" in
+ exit 1
+ fi
+ if [ $clip -eq 0 ]; then
+- exec gpg -q -d --yes --batch "$passfile"
++ exec $GPG -q -d --yes --batch "$passfile"
+ else
+- clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
++ clip "$($GPG -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+ fi
+ fi
+ ;;
+@@ -173,7 +166,7 @@ case "$command" in
+ noecho=0
+ force=0
+
+- opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++ opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -201,7 +194,7 @@ case "$command" in
+ if [[ $ml -eq 1 ]]; then
+ echo "Enter contents of $path and press Ctrl+D when finished:"
+ echo
+- cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++ cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ elif [[ $noecho -eq 1 ]]; then
+ while true; do
+ read -p "Enter password for $path: " -s password
+@@ -209,7 +202,7 @@ case "$command" in
+ read -p "Retype password for $path: " -s password_again
+ echo
+ if [[ $password == $password_again ]]; then
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ break
+ else
+ echo "Error: the entered passwords do not match."
+@@ -217,11 +210,7 @@ case "$command" in
+ done
+ else
+ read -p "Enter password for $path: " -e password
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+- fi
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added given password for $path to store."
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ fi
+ ;;
+ edit)
+@@ -252,25 +241,20 @@ case "$command" in
+
+ action="Added"
+ if [[ -f $passfile ]]; then
+- gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++ $GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ action="Edited"
+ fi
+ ${EDITOR:-vi} "$tmp_file"
+- while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++ while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ echo "GPG encryption failed. Retrying."
+ sleep 1
+ done
+-
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "$action password for $path using ${EDITOR:-vi}."
+- fi
+ ;;
+ generate)
+ clip=0
+ symbols="-y"
+
+- opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++ opts="$($GETOPT -o nc -l no-symbols,clip -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -292,12 +276,7 @@ case "$command" in
+ mkdir -p -v "$PREFIX/$(dirname "$path")"
+ pass="$(pwgen -s $symbols $length 1)"
+ passfile="$PREFIX/$path.gpg"
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added generated password for $path to store."
+- fi
+-
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+ if [ $clip -eq 0 ]; then
+ echo "The generated password to $path is:"
+ echo "$pass"
+@@ -317,26 +296,6 @@ case "$command" in
+ exit 1
+ fi
+ rm -i -v "$passfile"
+- if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+- git rm -f "$passfile"
+- git commit -m "Removed $path from store."
+- fi
+- ;;
+- push|pull)
+- if [[ -d $GIT ]]; then
+- exec git $command "$@"
+- else
+- echo "Error: the password store is not a git repository."
+- exit 1
+- fi
+- ;;
+- git)
+- if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+- exec git "$@"
+- else
+- echo "Error: the password store is not a git repository."
+- exit 1
+- fi
+ ;;
+ *)
+ usage
diff --git a/sysutils/password-store/files/linuxism+xclip.patch b/sysutils/password-store/files/linuxism+xclip.patch
new file mode 100644
index 000000000000..ea6ba1af76f7
--- /dev/null
+++ b/sysutils/password-store/files/linuxism+xclip.patch
@@ -0,0 +1,374 @@
+diff --git a/README b/README
+index 52e23af..ce7c745 100644
+--- README
++++ README
+@@ -15,7 +15,6 @@ Please see the man page for documentation and examples.
+ Depends on:
+ - gpg2
+ - git
+-- xclip
+ - pwgen
+ - tree
+ - GNU getopt
+diff --git a/contrib/pass.zsh-completion b/contrib/pass.zsh-completion
+index 5cf8808..5e1c3ac 100644
+--- contrib/pass.zsh-completion
++++ contrib/pass.zsh-completion
+@@ -45,7 +45,6 @@ _pass_cmd_ls () {
+
+ _pass_cmd_show () {
+ _arguments : \
+- "-c[put it on the clipboard]" \
+ '*::show:_get_stored_pwd'
+ #'::pass id:_files -W ~/.password-store -g "*.gpg(|.*)(-.)"'
+ }
+@@ -65,7 +64,6 @@ _pass_cmd_insert () {
+ _pass_cmd_generate () {
+ _arguments : \
+ "-n[no symbols]" \
+- "-c[put password on the clipboard]" \
+ '::show:_get_stored_pwd'
+ }
+
+diff --git a/man/pass.1 b/man/pass.1
+index a124c32..7df6551 100644
+--- man/pass.1
++++ man/pass.1
+@@ -64,12 +64,8 @@ by using the
+ .BR tree (1)
+ program. This command is alternatively named \fBlist\fP.
+ .TP
+-\fBshow\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP
+-Decrypt and print a password named \fIpass-name\fP. If \fI--clip\fP or \fI-c\fP
+-is specified, do not print the password but instead copy the first line to the
+-clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
++\fBshow\fP \fIpass-name\fP
++Decrypt and print a password named \fIpass-name\fP.
+ .TP
+ \fBinsert\fP [ \fI--no-echo\fP, \fI-n\fP | \fI--multiline\fP, \fI-m\fP ] [ \fI--force\fP, \fI-f\fP ]\fIpass-name\fP
+ Insert a new password into the password store called \fIpass-name\fP. This will
+@@ -88,15 +84,11 @@ ensure that temporary files are created in \fI/dev/shm\fP in order to avoid writ
+ difficult-to-erase disk sectors. If \fI/dev/shm\fP is not accessible, fallback to
+ the ordinary \fBTMPDIR\fP location, and print a warning.
+ .TP
+-\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] [ \fI--clip\fP, \fI-c\fP ] \fIpass-name pass-length\fP
++\fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] \fIpass-name pass-length\fP
+ Generate a new password using
+ .BR pwgen (1)
+ of length \fIpass-length\fP and insert into \fIpass-name\fP. If \fI--no-symbols\fP or \fI-n\fP
+ is specified, do not use any non-alphanumeric characters in the generated password.
+-If \fI--clip\fP or \fI-c\fP is specified, do not print the password but instead copy
+-it to the clipboard using
+-.BR xclip (1)
+-and then restore the clipboard after 45 seconds.
+ .TP
+ \fBrm\fP \fIpass-name\fP
+ Remove the password named \fIpass-name\fP from the password store. This command is
+@@ -165,11 +157,6 @@ Show existing password
+ .br
+ sup3rh4x3rizmynam3
+ .TP
+-Copy existing password to clipboard
+-.B zx2c4@laptop ~ $ pass -c Email/zx2c4.com
+-.br
+-Copied Email/jason@zx2c4.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Add password to store
+ .B zx2c4@laptop ~ $ pass insert Business/cheese-whiz-factory
+ .br
+@@ -208,11 +195,6 @@ The generated password to Email/jasondonenfeld.com is:
+ .br
+ YqFsMkBeO6di
+ .TP
+-Generate new password and copy it to the clipboard
+-.B zx2c4@laptop ~ $ pass -c generate Email/jasondonenfeld.com 19
+-.br
+-Copied Email/jasondonenfeld.com to clipboard. Will clear in 45 seconds.
+-.TP
+ Remove password from store
+ .B zx2c4@laptop ~ $ pass remove Business/cheese-whiz-factory
+ .br
+@@ -321,7 +303,6 @@ be set using the \fBinit\fP command.
+ .BR gpg (1),
+ .BR pwgen (1),
+ .BR git (1),
+-.BR xclip (1).
+
+ .SH AUTHOR
+ .B pass
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..43e095e 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,10 +7,13 @@ umask 077
+
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
++GITDIR="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++GIT=git
+
+-export GIT_DIR="$GIT"
++export GIT_DIR="$GITDIR"
+ export GIT_WORK_TREE="$PREFIX"
+
+ version() {
+@@ -34,18 +37,16 @@ Usage:
+ Initialize new password storage and use gpg-id for encryption.
+ $program [ls] [subfolder]
+ List passwords.
+- $program [show] [--clip,-c] pass-name
+- Show existing password and optionally put it on the clipboard.
+- If put on the clipboard, it will be cleared in 45 seconds.
++ $program [show] pass-name
++ Show existing password
+ $program insert [--no-echo,-n | --multiline,-m] [--force,-f] pass-name
+ Insert new password. Optionally, the console can be enabled to not
+ echo the password back. Or, optionally, it may be multiline. Prompt
+ before overwriting existing password unless forced.
+ $program edit pass-name
+ Insert a new password or edit an existing password using ${EDITOR:-vi}.
+- $program generate [--no-symbols,-n] [--clip,-c] pass-name pass-length
++ $program generate [--no-symbols,-n] pass-name pass-length
+ Generate a new password of pass-length with optionally no symbols.
+- Optionally put it on the clipboard and clear board after 45 seconds.
+ $program rm pass-name
+ Remove existing password.
+ $program push
+@@ -67,28 +68,6 @@ isCommand() {
+ *) return 1 ;;
+ esac
+ }
+-clip() {
+- # This base64 business is a disgusting hack to deal with newline inconsistancies
+- # in shell. There must be a better way to deal with this, but because I'm a dolt,
+- # we're going with this for now.
+-
+- before="$(xclip -o -selection clipboard | base64)"
+- echo -n "$1" | xclip -selection clipboard
+- (
+- sleep 45
+- now="$(xclip -o -selection clipboard | base64)"
+- if [[ $now != $(echo -n "$1" | base64) ]]; then
+- before="$now"
+- fi
+- # It might be nice to programatically check to see if klipper exists,
+- # as well as checking for other common clipboard managers. But for now,
+- # this works fine. Clipboard managers frequently write their history
+- # out in plaintext, so we axe it here.
+- qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+- echo "$before" | base64 -d | xclip -selection clipboard
+- ) & disown
+- echo "Copied $2 to clipboard. Will clear in 45 seconds."
+-}
+ program="$(basename "$0")"
+ command="$1"
+ if isCommand "$command"; then
+@@ -132,18 +111,10 @@ fi
+
+ case "$command" in
+ show|ls|list)
+- clip=0
+-
+- opts="$(getopt -o c -l clip -n $program -- "$@")"
+ err=$?
+- eval set -- "$opts"
+- while true; do case $1 in
+- -c|--clip) clip=1; shift ;;
+- --) shift; break ;;
+- esac done
+
+ if [[ $err -ne 0 ]]; then
+- echo "Usage: $program $command [--clip,-c] [pass-name]"
++ echo "Usage: $program $command [pass-name]"
+ exit 1
+ fi
+
+@@ -161,11 +132,7 @@ case "$command" in
+ echo "$path is not in the password store."
+ exit 1
+ fi
+- if [ $clip -eq 0 ]; then
+- exec gpg -q -d --yes --batch "$passfile"
+- else
+- clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+- fi
++ exec $GPG -q -d --yes --batch "$passfile"
+ fi
+ ;;
+ insert)
+@@ -173,7 +140,7 @@ case "$command" in
+ noecho=0
+ force=0
+
+- opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++ opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -201,7 +168,7 @@ case "$command" in
+ if [[ $ml -eq 1 ]]; then
+ echo "Enter contents of $path and press Ctrl+D when finished:"
+ echo
+- cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++ cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ elif [[ $noecho -eq 1 ]]; then
+ while true; do
+ read -p "Enter password for $path: " -s password
+@@ -209,7 +176,7 @@ case "$command" in
+ read -p "Retype password for $path: " -s password_again
+ echo
+ if [[ $password == $password_again ]]; then
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ break
+ else
+ echo "Error: the entered passwords do not match."
+@@ -217,11 +184,11 @@ case "$command" in
+ done
+ else
+ read -p "Enter password for $path: " -e password
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ fi
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added given password for $path to store."
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "Added given password for $path to store."
+ fi
+ ;;
+ edit)
+@@ -252,35 +219,33 @@ case "$command" in
+
+ action="Added"
+ if [[ -f $passfile ]]; then
+- gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++ $GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ action="Edited"
+ fi
+ ${EDITOR:-vi} "$tmp_file"
+- while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++ while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ echo "GPG encryption failed. Retrying."
+ sleep 1
+ done
+
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "$action password for $path using ${EDITOR:-vi}."
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "$action password for $path using ${EDITOR:-vi}."
+ fi
+ ;;
+ generate)
+- clip=0
+ symbols="-y"
+
+- opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++ opts="$($GETOPT -o nc -l no-symbols -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+ -n|--no-symbols) symbols=""; shift ;;
+- -c|--clip) clip=1; shift ;;
+ --) shift; break ;;
+ esac done
+
+ if [[ $err -ne 0 || $# -ne 2 ]]; then
+- echo "Usage: $program $command [--no-symbols,-n] [--clip,-c] pass-name pass-length"
++ echo "Usage: $program $command [--no-symbols,-n] pass-name pass-length"
+ exit 1
+ fi
+ path="$1"
+@@ -292,18 +257,13 @@ case "$command" in
+ mkdir -p -v "$PREFIX/$(dirname "$path")"
+ pass="$(pwgen -s $symbols $length 1)"
+ passfile="$PREFIX/$path.gpg"
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added generated password for $path to store."
+- fi
+-
+- if [ $clip -eq 0 ]; then
+- echo "The generated password to $path is:"
+- echo "$pass"
+- else
+- clip "$pass" "$path"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "Added generated password for $path to store."
+ fi
++ echo "The generated password to $path is:"
++ echo "$pass"
+ ;;
+ delete|rm|remove)
+ if [[ $# -ne 1 ]]; then
+@@ -317,22 +277,45 @@ case "$command" in
+ exit 1
+ fi
+ rm -i -v "$passfile"
+- if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+- git rm -f "$passfile"
+- git commit -m "Removed $path from store."
++ if [[ -d $GITDIR ]] && ! [[ -f $passfile ]]; then
++ $GIT rm -f "$passfile"
++ $GIT commit -m "Removed $path from store."
+ fi
+ ;;
+ push|pull)
+- if [[ -d $GIT ]]; then
+- exec git $command "$@"
++ if [[ -d $GITDIR ]]; then
++ exec $GIT $command "$@"
+ else
+ echo "Error: the password store is not a git repository."
+ exit 1
+ fi
+ ;;
+ git)
+- if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+- exec git "$@"
++ if [[ $1 == "init" ]]; then
++ username=$2
++ useremail=$3
++
++ $GIT init
++
++ if [ -z "$username" ]; then
++ current=$($GIT config user.name)
++ prompt="Set your git user.name: "
++ read -e -i "$current" -p "$prompt" username
++ username="${username:-$username}"
++ fi
++ if [ -z "$useremail" ]; then
++ current=$($GIT config user.email)
++ prompt="Set your git user.email: "
++ read -e -i "$current" -p "$prompt" useremail
++ useremail="${useremail:-$useremail}"
++ fi
++ $GIT config user.name "$username"
++ $GIT config user.email "$useremail"
++ echo .gpg-id > $PREFIX/.gitignore
++ $GIT add .
++ $GIT commit -m "Adding existing passwords to the store."
++ elif [[ -d $GITDIR ]]; then
++ exec $GIT "$@"
+ else
+ echo "Error: the password store is not a git repository."
+ exit 1
diff --git a/sysutils/password-store/files/linuxism.patch b/sysutils/password-store/files/linuxism.patch
new file mode 100644
index 000000000000..9920ff2a5a6b
--- /dev/null
+++ b/sysutils/password-store/files/linuxism.patch
@@ -0,0 +1,218 @@
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 1553e5b..78c45b8 100755
+--- src/password-store.sh
++++ src/password-store.sh
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+
+ # (C) Copyright 2012 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ # This is released under the GPLv2+. Please see COPYING for more information.
+@@ -7,10 +7,15 @@ umask 077
+
+ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
+ ID="$PREFIX/.gpg-id"
+-GIT="$PREFIX/.git"
++GITDIR="$PREFIX/.git"
+ GPG_OPTS="--quiet --yes --batch"
++GETOPT=/usr/local/bin/getopt
++GPG=gpg2
++GIT=git
++XCLIP=xclip
++BASE64=base64
+
+-export GIT_DIR="$GIT"
++export GIT_DIR="$GITDIR"
+ export GIT_WORK_TREE="$PREFIX"
+
+ version() {
+@@ -72,12 +77,12 @@ clip() {
+ # in shell. There must be a better way to deal with this, but because I'm a dolt,
+ # we're going with this for now.
+
+- before="$(xclip -o -selection clipboard | base64)"
+- echo -n "$1" | xclip -selection clipboard
++ before="$($XCLIP -o -selection clipboard | $BASE64)"
++ echo -n "$1" | $XCLIP -selection clipboard
+ (
+ sleep 45
+- now="$(xclip -o -selection clipboard | base64)"
+- if [[ $now != $(echo -n "$1" | base64) ]]; then
++ now="$($XCLIP -o -selection clipboard | $BASE64)"
++ if [[ $now != $(echo -n "$1" | $BASE64) ]]; then
+ before="$now"
+ fi
+ # It might be nice to programatically check to see if klipper exists,
+@@ -85,7 +90,7 @@ clip() {
+ # this works fine. Clipboard managers frequently write their history
+ # out in plaintext, so we axe it here.
+ qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory >/dev/null 2>&1
+- echo "$before" | base64 -d | xclip -selection clipboard
++ echo "$before" | $BASE64 -d | $XCLIP -selection clipboard
+ ) & disown
+ echo "Copied $2 to clipboard. Will clear in 45 seconds."
+ }
+@@ -134,7 +139,7 @@ case "$command" in
+ show|ls|list)
+ clip=0
+
+- opts="$(getopt -o c -l clip -n $program -- "$@")"
++ opts="$($GETOPT -o c -l clip -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -162,9 +167,9 @@ case "$command" in
+ exit 1
+ fi
+ if [ $clip -eq 0 ]; then
+- exec gpg -q -d --yes --batch "$passfile"
++ exec $GPG -q -d --yes --batch "$passfile"
+ else
+- clip "$(gpg -q -d --yes --batch "$passfile" | head -n 1)" "$path"
++ clip "$($GPG -q -d --yes --batch "$passfile" | head -n 1)" "$path"
+ fi
+ fi
+ ;;
+@@ -173,7 +178,7 @@ case "$command" in
+ noecho=0
+ force=0
+
+- opts="$(getopt -o mnf -l multiline,no-echo,force -n $program -- "$@")"
++ opts="$($GETOPT -o mnf -l multiline,no-echo,force -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -201,7 +206,7 @@ case "$command" in
+ if [[ $ml -eq 1 ]]; then
+ echo "Enter contents of $path and press Ctrl+D when finished:"
+ echo
+- cat | gpg -e -r "$ID" -o "$passfile" $GPG_OPTS
++ cat | $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS
+ elif [[ $noecho -eq 1 ]]; then
+ while true; do
+ read -p "Enter password for $path: " -s password
+@@ -209,7 +214,7 @@ case "$command" in
+ read -p "Retype password for $path: " -s password_again
+ echo
+ if [[ $password == $password_again ]]; then
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ break
+ else
+ echo "Error: the entered passwords do not match."
+@@ -217,11 +222,11 @@ case "$command" in
+ done
+ else
+ read -p "Enter password for $path: " -e password
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
+ fi
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added given password for $path to store."
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "Added given password for $path to store."
+ fi
+ ;;
+ edit)
+@@ -252,25 +257,25 @@ case "$command" in
+
+ action="Added"
+ if [[ -f $passfile ]]; then
+- gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
++ $GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ action="Edited"
+ fi
+ ${EDITOR:-vi} "$tmp_file"
+- while ! gpg -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
++ while ! $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ echo "GPG encryption failed. Retrying."
+ sleep 1
+ done
+
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "$action password for $path using ${EDITOR:-vi}."
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "$action password for $path using ${EDITOR:-vi}."
+ fi
+ ;;
+ generate)
+ clip=0
+ symbols="-y"
+
+- opts="$(getopt -o nc -l no-symbols,clip -n $program -- "$@")"
++ opts="$($GETOPT -o nc -l no-symbols,clip -n $program -- "$@")"
+ err=$?
+ eval set -- "$opts"
+ while true; do case $1 in
+@@ -292,10 +297,10 @@ case "$command" in
+ mkdir -p -v "$PREFIX/$(dirname "$path")"
+ pass="$(pwgen -s $symbols $length 1)"
+ passfile="$PREFIX/$path.gpg"
+- gpg -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
+- if [[ -d $GIT ]]; then
+- git add "$passfile"
+- git commit -m "Added generated password for $path to store."
++ $GPG -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$pass"
++ if [[ -d $GITDIR ]]; then
++ $GIT add "$passfile"
++ $GIT commit -m "Added generated password for $path to store."
+ fi
+
+ if [ $clip -eq 0 ]; then
+@@ -317,22 +322,45 @@ case "$command" in
+ exit 1
+ fi
+ rm -i -v "$passfile"
+- if [[ -d $GIT ]] && ! [[ -f $passfile ]]; then
+- git rm -f "$passfile"
+- git commit -m "Removed $path from store."
++ if [[ -d $GITDIR ]] && ! [[ -f $passfile ]]; then
++ $GIT rm -f "$passfile"
++ $GIT commit -m "Removed $path from store."
+ fi
+ ;;
+ push|pull)
+- if [[ -d $GIT ]]; then
+- exec git $command "$@"
++ if [[ -d $GITDIR ]]; then
++ exec $GIT $command "$@"
+ else
+ echo "Error: the password store is not a git repository."
+ exit 1
+ fi
+ ;;
+ git)
+- if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
+- exec git "$@"
++ if [[ $1 == "init" ]]; then
++ username=$2
++ useremail=$3
++
++ $GIT init
++
++ if [ -z "$username" ]; then
++ current=$($GIT config user.name)
++ prompt="Set your git user.name: "
++ read -e -i "$current" -p "$prompt" username
++ username="${username:-$username}"
++ fi
++ if [ -z "$useremail" ]; then
++ current=$($GIT config user.email)
++ prompt="Set your git user.email: "
++ read -e -i "$current" -p "$prompt" useremail
++ useremail="${useremail:-$useremail}"
++ fi
++ $GIT config user.name "$username"
++ $GIT config user.email "$useremail"
++ echo .gpg-id > $PREFIX/.gitignore
++ $GIT add .
++ $GIT commit -m "Adding existing passwords to the store."
++ elif [[ -d $GITDIR ]]; then
++ exec $GIT "$@"
+ else
+ echo "Error: the password store is not a git repository."
+ exit 1
diff --git a/sysutils/password-store/pkg-descr b/sysutils/password-store/pkg-descr
new file mode 100644
index 000000000000..39031160d478
--- /dev/null
+++ b/sysutils/password-store/pkg-descr
@@ -0,0 +1,18 @@
+Password management should be simple and follow Unix philosophy. With pass, each
+password lives inside of a gpg encrypted file whose filename is the title of the
+website or resource that requires the password. These encrypted files may be
+organized into meaningful folder hierarchies, copied from computer to computer,
+and, in general, manipulated using standard command line file management
+utilities.
+
+pass makes managing these individual password files extremely easy. All
+passwords live in ~/.password-store, and pass provides some nice commands for
+adding, editing, generating, and retrieving passwords. It is a very short and
+simple shell script. It's capable of temporarily putting passwords on your
+clipboard and tracking password changes using git.
+
+You can edit the password store using ordinary unix shell commands alongside the
+pass command. There are no funky file formats or new paradigms to learn. There
+is bash completion so that you can simply hit tab to fill in names.
+
+WWW: http://zx2c4.com/projects/password-store/