-
-
Notifications
You must be signed in to change notification settings - Fork 45
/
qubes.Gpg.service
executable file
·40 lines (36 loc) · 1.51 KB
/
qubes.Gpg.service
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/sh
unit() {
case "$1" in
0s);;
1s) echo " 1 second";;
*s) echo " ${1%s} seconds";;
0m);;
1m) echo " 1 minute";;
*m) echo " ${1%m} minutes";;
0h);;
1h) echo " 1 hour";;
*h) echo " ${1%h} hours";;
0d);;
1d) echo " 1 day";;
*d) echo " ${1%d} days";;
esac
}
if [ -z "$QUBES_GPG_AUTOACCEPT" ]; then
QUBES_GPG_AUTOACCEPT=300
fi
days="$(( $QUBES_GPG_AUTOACCEPT / (3600*24) ))d";
hours="$(( ( $QUBES_GPG_AUTOACCEPT % (3600*24) ) / 3600 ))h";
minutes="$(( ( $QUBES_GPG_AUTOACCEPT % 3600 ) / 60 ))m";
seconds="$(( $QUBES_GPG_AUTOACCEPT % 60 ))s";
stat_file="/var/run/qubes-gpg-split/stat.$QREXEC_REMOTE_DOMAIN"
stat_time=$(stat -c %Y "$stat_file" 2>/dev/null || echo 0)
now=$(date +%s)
if [ $(($stat_time + $QUBES_GPG_AUTOACCEPT)) -lt "$now" ]; then
echo "$USER" | /etc/qubes-rpc/qubes.WaitForSession >/dev/null 2>/dev/null
msg_text="Do you allow VM '$QREXEC_REMOTE_DOMAIN' to access your GPG keys"
msg_text="$msg_text\n(now and for the following $(unit $days)$(unit $hours)$(unit $minutes)$(unit $seconds))?"
zenity --question --no-wrap --text "$msg_text" 2>/dev/null </dev/null >/dev/null || exit 1
touch "$stat_file"
fi
notify-send "Keyring access from domain: $QREXEC_REMOTE_DOMAIN" --expire-time=1000 </dev/null >/dev/null 2>/dev/null &
/usr/lib/qubes-gpg-split/gpg-server /usr/bin/gpg2 "$QREXEC_REMOTE_DOMAIN"