aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRomain Gonçalves <me@rgoncalves.se>2023-06-14 11:55:48 +0200
committerRomain Gonçalves <me@rgoncalves.se>2023-06-14 11:55:48 +0200
commite4482079f52a6fc6d3e6172b1c1a6b6889d8dc31 (patch)
tree487013599187d77b5c2292f5007b9a2f068bc9bc
parent35498e61b26112b56dac4cdda213ebd69bca30b9 (diff)
downloadrules-e4482079f52a6fc6d3e6172b1c1a6b6889d8dc31.tar.gz
feat(vault): scope gopass per user session
-rwxr-xr-xvault.sh10
1 files changed, 9 insertions, 1 deletions
diff --git a/vault.sh b/vault.sh
index bac110e..6bf443a 100755
--- a/vault.sh
+++ b/vault.sh
@@ -5,4 +5,12 @@ set -ex
password_bin=$(command -v pass || command -v gopass)
password_name="${2:-infrastructure/ansible/root}"
-"${password_bin}" show "${password_name}" | head -n 1
+set +x
+
+if [ "$(logname)" != "$(whoami)" ]; then
+ password_string="$(su "$(logname)" -c "${password_bin} show ${password_name}")"
+else
+ password_string="$("${password_bin}" show "${password_name}")"
+fi
+
+echo "${password_string}" | head -n 1
remember that computers suck.