feat(vault): scope gopass per user session

author: Romain Gonçalves <me@rgoncalves.se> 2023-06-14 11:55:48 +0200
committer: Romain Gonçalves <me@rgoncalves.se> 2023-06-14 11:55:48 +0200
commit: e4482079f52a6fc6d3e6172b1c1a6b6889d8dc31 (patch)
tree: 487013599187d77b5c2292f5007b9a2f068bc9bc
parent: 35498e61b26112b56dac4cdda213ebd69bca30b9 (diff)
download: rules-e4482079f52a6fc6d3e6172b1c1a6b6889d8dc31.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/vault.sh b/vault.sh
index bac110e..6bf443a 100755
--- a/vault.sh
+++ b/vault.sh
@@ -5,4 +5,12 @@ set -ex
 password_bin=$(command -v pass || command -v gopass)
 password_name="${2:-infrastructure/ansible/root}"
 
-"${password_bin}" show "${password_name}" | head -n 1
+set +x
+
+if [ "$(logname)" != "$(whoami)" ]; then
+	password_string="$(su "$(logname)" -c "${password_bin} show ${password_name}")"
+else
+	password_string="$("${password_bin}" show "${password_name}")"
+fi
+
+echo "${password_string}" | head -n 1
author	Romain Gonçalves <me@rgoncalves.se>	2023-06-14 11:55:48 +0200
committer	Romain Gonçalves <me@rgoncalves.se>	2023-06-14 11:55:48 +0200
commit	e4482079f52a6fc6d3e6172b1c1a6b6889d8dc31 (patch)
tree	487013599187d77b5c2292f5007b9a2f068bc9bc
parent	35498e61b26112b56dac4cdda213ebd69bca30b9 (diff)
download	rules-e4482079f52a6fc6d3e6172b1c1a6b6889d8dc31.tar.gz