|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Script works fine until I | more
Post 95452 by Perderabo on Wednesday 11th of January 2006 10:17:32 AM
01-11-2006
|
|
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have a very basic script that essentially sends a log file, via FTP, to a backup server. My cron entry to run this every night is:
55 23 * * * /usr/bin/archive_logs
The script runs perfectly when executed manually, and actually worked via cron for about three weeks. However, it mysteriously... (3 Replies)
Discussion started by: cdunavent
3 Replies
2. Shell Programming and Scripting
Hi,
A cron job CJ invokes a shell script SC. SC internally invokes multiple perl scripts. One of the perl scripts deals with Accurev (i am using Accurev CLI).
The first accurev command encountered is
accurev merge -i <<file_name>> (file name has absolute path)
When I run the perl script or... (1 Reply)
Discussion started by: singh
1 Replies
3. UNIX for Advanced & Expert Users
I am having trouble mounting with cifs, but mounting the exact same command with smbfs works fine. The share is on another samba server and is set to full public guest access. # mount -t cifs //servername/sharename /mnt/temp -o password=""
mount error 13 = Permission denied Refer to the... (3 Replies)
Discussion started by: humbletech99
3 Replies
4. UNIX for Dummies Questions & Answers
1)
ssh a@b
echo $USER it display the correct value as a (even though i have not defined it in .profile)
2)
remsh b -l a
echo $USER it does not display the value as a (variable is not set
any idea why $USER variable is not initialized when i login via remsh or rlogin but shows the... (10 Replies)
Discussion started by: reldb
10 Replies
5. Shell Programming and Scripting
Hello All,
This is driving me nuts. Wrote a very simple script (it's in csh so sorry about that). Just something very simple though. Here is the catch. Works great from command line sometimes. Other times it runs no errors or anything but I never receive an email. Never runs from crontab... (6 Replies)
Discussion started by: jacktay
6 Replies
6. Shell Programming and Scripting
Hi,
I have a problem with a SED script that works fine on AIX but does not work properly on a Solaris system.
The ksh script executes the SED and puts the output in HTML in tables.
But the layout of the output in HTML is not shown correctly(no tables, no color). Can anyone tell if there is... (7 Replies)
Discussion started by: Faith111
7 Replies
7. Shell Programming and Scripting
Guys,
I need you help please.
The script below is not working correclty for checking via a awk/if statement . Can you tell me what i am doing wrong in the script code "if($1 == "$RETENTION_LEVEL") "
Syntax
RETENTION_LEVEL=`echo $LINE | cut -f2 -d" "`
echo " ==============... (4 Replies)
Discussion started by: Junes
4 Replies
8. UNIX for Dummies Questions & Answers
Greetings, I have a C-program that is made to implement a hidden Markov model on an input file. The program is very memory intensive.
I've installed it on my local server where I have an account and it compiles fine. The way they have the server set up is that you can either work... (1 Reply)
Discussion started by: Twinklefingers
1 Replies
9. Shell Programming and Scripting
Hi,
I am a bit confused ,why would a sed command work fine outside of ksh script but not inside.
e.g
I want to replace all the characters which end with a value and have space at end of it.
so my command for it is :
sed -i "s/$SEPARATOR /$SEPARATOR/g" file_name
This is working fine in... (8 Replies)
Discussion started by: vital_parsley
8 Replies
10. Shell Programming and Scripting
Hello all,
I am facing a weird issue while executing a code below -
#!/bin/bash
cd /wload/baot/home/baotasa0/sandboxes_finance/ext_ukba_bde/pset
sh UKBA_publish.sh UKBA 28082015 3
if
then
echo "Param file conversion for all the areas are completed, please check in your home directory"... (2 Replies)
Discussion started by: ektubbe
2 Replies
LEARN ABOUT DEBIAN
gpgwrap
gpgwrap(1) General Commands Manual gpgwrap(1) NAME
gpgwrap - a small wrapper for gpg SYNOPSIS
gpgwrap -V gpgwrap -P [-v] [-i] [-a] [-p <file>] gpgwrap -F [-v] [-i] [-a] [-c] [-p <file>] [-o <name>] [--] <file> [<file> ... ] gpgwrap [-v] [-i] [-a] [-p <file>] [-o <name>] [--] gpg [gpg options] DESCRIPTION
The GNU Privacy Guard (gpg) supplies the option --passphrase-fd. This instructs gpg to read the passphrase from the given file descriptor. Usually this file descriptor is opened before gpg is executed via execvp(3). Exactly that is what gpgwrap is doing. The passphrase may be passed to gpgwrap in 4 ways: * as file path, whereat the passphrase is stored as plain text in the file * it is piped from another program to the stdin of gpgwrap * through the GPGWRAP_PASSPHRASE environment variable * gpgwrap prompts for it With no precautions the first point undermines the secure infrastructure gpg provides. But in pure batch oriented environments this may be what you want. Otherwise if you are willing to enter passphrases once and don't want them to be stored as plain text in a file gpg-agent is what you are looking for. Another security objection could be the use of the environment variable GPGWRAP_PASSPHRASE which contains the passphrase and may be read by other processes of the same user. OPTIONS
-V, --version Print out version and exit. -P, --print Get the passphrase and print it mangled to stdout. -F, --file Read gpg commands from the given files. If <file> is - it is read from stdin. Exactly one command per line is expected. The given line is handled in the following way: * In the first place the passphrase is mangled. This means that unusual characters are replaced by their backslash escaped octal numbers. * Secondly the mangled passphrase is stored in the environment variable GPGWRAP_PASSPHRASE. * "exec gpgwrap -- " is prepended to each line, before the result is passed as argument to "sh -c". -h, --help Print out usage information. -v, --verbose Increase verbosity level. -i, --interactive Always prompt for passphrase (ignores -p and the environment variable). -a, --ask-twice Ask twice if prompting for a passphrase. -c, --check-exit-code While reading gpg commands from a file, gpgwrap ignores per default the exit code of its child processes. This option enables the check of the exit code. If a child terminates abnormal or with an exit code not equal 0 gpgwrap stops immediately and does return with this exit code. See also section BUGS. -p <file>, --passphrase-file <file> Read passphrase from <file>. If <file> is - it is read from stdin. The passphrase is expected to be in plain text. If this option is not given the passphrase will be taken either from the environment variable GPGWRAP_PASSPHRASE or it will be prompted on the controlling tty if the environment variable is not set. -o <name>, --option-name <name> Specify the name of the "--passphrase-fd" option understood by the program to be executed. This is useful if you want to use gpg- wrap in combination with other programs than gpg. LIMITATIONS
The given passphrase is subject to several limitations depending on the way it was passed to gpgwrap: * There is a size limitation: the passphrase should be not larger than some kilobytes (examine the source code for the exact limit). * gpgwrap allows you to use all characters in a passphrase even �00, but this does not mean that gpg will accept it. gpg may reject your passphrase or may only read a part of it, if it contains characters like �12 (in C also known as ). * If you set the environment variable GPGWRAP_PASSPHRASE you should take special care with the backslash character, because gpgwrap uses backslash to escape octal numbers, (see option -F). Therefore write backslash itself as octal number: 134. EXAMPLES
1. gpgwrap -p /path/to/a/secret/file gpg -c -z 0 --batch --no-tty --cipher-algo blowfish < infile > outfile Read passphrase from /path/to/a/secret/file and execute gpg to do symmetric encryption of infile and write it to outfile. 2. gpgwrap -i -a gpg -c -z 0 --batch --no-tty --cipher-algo blowfish < infile > outfile Same as above except that gpgwrap prompts twice for the passphrase. 3. gpgwrap -F -i - <<EOL gpg --decrypt --batch --no-tty < "$HOME/infile1" > "$HOME/outfile1" gpg --decrypt --batch --no-tty < "$HOME/infile2" > "$HOME/outfile2" gpg --decrypt --batch --no-tty < "$HOME/infile3" > "$HOME/outfile3" gpg --decrypt --batch --no-tty < "$HOME/infile4" > "$HOME/outfile4" EOL gpgwrap prompts for the passphrase and executes four instances of gpg to decrypt the given files. 4. GPGWRAP_PASSPHRASE="mysecretpassphrase" export GPGWRAP_PASSPHRASE gpgwrap -F -c -v /tmp/cmdfile1 - /tmp/cmdfile2 <<EOL gpg --decrypt --batch --no-tty < "$HOME/infile1" > "$HOME/outfile1" gpg --decrypt --batch --no-tty < "$HOME/infile2" > "$HOME/outfile2" gpg --decrypt --batch --no-tty < "$HOME/infile3" > "$HOME/outfile3" gpg --decrypt --batch --no-tty < "$HOME/infile4" > "$HOME/outfile4" EOL Same as above except that gpgwrap gets the passphrase via the environment variable, reads commands additionally from other files and checks the exit code of every gpg instance. This means if one gpg command has a non zero exit code, no further commands are executed. Furthermore gpgwrap produces verbose output. 5. GPGWRAP_PASSPHRASE="$(gpgwrap -P -i -a)" export GPGWRAP_PASSPHRASE find . -maxdepth 1 -type f | while read FILE; do FILE2="$FILE.bz2.gpg" bzip2 -c "$FILE" | gpgwrap gpg -c -z 0 --batch --no-tty --cipher-algo blowfish > "$FILE2" && touch -r "$FILE" "$FILE2" && rm -f "$FILE" done Read in passphrase, compress all files in the current directory, encrypt them and keep date from original file. 6. find . -maxdepth 1 -type f -name '*.bz2.gpg' | awk '{ printf("gpg --decrypt --batch --no-tty --quiet "); printf("--no-secmem-warning < %s ", $0); }' | gpgwrap -F -i -c - | bzip2 -d -c - | grep -i 'data' Decrypt all *.bz2.gpg files in the current directory, decompress them and print out all occurances of data. If you pipe the result to less you get into trouble because gpgwrap and less try to read from the TTY at the same time. In such a case it is better to use the environment variable to give the passphrase (the example above shows how to do this). 7. GPGWRAP_PASSPHRASE="$(gpgwrap -P -i -a)" export GPGWRAP_PASSPHRASE gpgwrap -P | ssh -C -x -P -l user host " GPGWRAP_PASSPHRASE="$(cat)" ... " Prompt for a passphrase twice and write it to the GPGWRAP_PASSPHRASE environment variable. 8. echo -n "Passphrase: " stty -echo read GPGWRAP_PASSPHRASE echo stty echo export GPGWRAP_PASSPHRASE Another way to prompt manually for the passphrase. It was needed in combination with older versions of gpgwrap, because they did not upport -P. Be aware that with this method no automatic conversion to backslash escaped octal numbers takes place. 9. echo "mysecretpassphrase" | gpg --batch --no-tty --passphrase-fd 0 --output outfile --decrypt infile Cheap method to give passphrase to gpg without gpgwrap. Note that you can't use stdin to pass a file to gpg, because stdin is already used for the passphrase. 10. gpg --batch --no-tty --passphrase-fd 3 3< /path/to/a/secret/file < infile > outfile This is a more advanced method to give the passphrase, it is equivalent to Option -p of gpgwrap. This example should at least work with the bash. 11. gpg --batch --no-tty --passphrase-fd 3 3< <(echo "mysecretpassphrase") < infile > outfile Like above, but the passphrase is given directly. This example should at least work with the bash. BUGS
In version 0.02 of gpgwrap the exit code of gpg was only returned if gpgwrap read the passphrase from a file. Since version 0.03, only -F omits exit code checking by default, but it can be enabled with -c. SEE ALSO
gpg, gpg-agent AUTHOR
Karsten Scheibler gpgwrap 0.04 gpgwrap(1)