With my previous commit I missed that `pass git status` also uses
mounted ramdisks, and needs to be safely removed there as well.
Therefore I moved the cleanup_tmp function to the beginning of
src/password-store.sh's helper functions. The caveat is that any locally
defined tmp_file's need to be passed to the function's arguments. The
intended use for this function is the command for `trap` definitions
I also added a new test to t0600 to account for `pass git status`
behavior.
This commit passes all tests. Further testing and comments appreciated.
---
src/password-store.sh | 21 ++++++++++++---------
tests/t0600-darwin-test-diskutil.sh | 7 ++++++-
2 files changed, 18 insertions(+), 10 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index d8c052e..3ba3bdd 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -22,6 +22,16 @@ export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
# BEGIN helper functions
#
+shred_tmpfile() {
+ # If there is a local tmp_file var somewhere, be sure to pass it to
+ # shred_tmpfile() as an argument when you define a trap
+ tmp_file="$1"
+ $SHRED "$tmp_file"
+ if [[ $(uname) == Darwin ]]; then
+ cleanup_tmp
+ fi
+ rm -rf "$SECURE_TMPDIR" "$tmp_file"
+}
git_add_file() {
[[ -d $GIT_DIR ]] || return
git add "$1" || return
@@ -413,14 +423,7 @@ cmd_edit() {
tmpdir #Defines $SECURE_TMPDIR
local tmp_file="$(TMPDIR="$SECURE_TMPDIR" mktemp -t "$template")"
- eval "shred_tmpfile() {
- $SHRED '$tmp_file'
- if [[ $(uname) == Darwin ]]; then
- cleanup_tmp
- fi
- rm -rf '$SECURE_TMPDIR' '$tmp_file'
- }"
- trap shred_tmpfile INT TERM EXIT
+ trap shred_tmpfile "$tmp_file" INT TERM EXIT
local action="Add"
@@ -570,7 +573,7 @@ cmd_git() {
git config --local diff.gpg.textconv "$GPG -d ${GPG_OPTS[*]}"
elif [[ -d $GIT_DIR ]]; then
tmpdir nowarn #Defines $SECURE_TMPDIR. We don't warn, because
at most, this only copies encrypted files.
- trap "rm -rf '$SECURE_TMPDIR'" INT TERM EXIT
+ trap shred_tmpfile INT TERM EXIT
export TMPDIR="$SECURE_TMPDIR"
git "$@"
else
diff --git a/tests/t0600-darwin-test-diskutil.sh
b/tests/t0600-darwin-test-diskutil.sh
index 9c82e19..d43ee67 100755
--- a/tests/t0600-darwin-test-diskutil.sh
+++ b/tests/t0600-darwin-test-diskutil.sh
@@ -22,7 +22,7 @@ test_expect_success 'Setup initial key and git' '
initial_disk_env=($(mounted_disks))
# These two tests are copied from test-0100 and test-0200
-# The point is to create a situation where mounting a /dev/diskX is required.
+# The point is to create a situation where mounting a ramdisk is required.
test_expect_success 'Test "insert" command' '
"$PASS" init $KEY1 &&
echo "Hello world" | "$PASS" insert -e cred1 &&
@@ -38,6 +38,11 @@ test_expect_success 'Test "edit" command' '
[[ $("$PASS" show cred1) == "$FAKE_EDITOR_PASSWORD" ]]
'
+# `pass git status` also uses mounted ramdisks
+test_expect_success 'Test "git" command' '
+ "$PASS" git status
+'
+
end_disk_env=($(mounted_disks))
# Simply test if the number of mounted disks is the same as when we began.
--
1.7.10.4
_______________________________________________
Password-Store mailing list
[email protected]
http://lists.zx2c4.com/mailman/listinfo/password-store
