-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathedit.py
executable file
·73 lines (61 loc) · 2.21 KB
/
edit.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/python3
"""Edit a gpg-encrypted file, decrypting to a tmpfs mount.
Avoids leaving an unencrypted temp file laying around.
"""
import os, sys, subprocess, getpass, stat, shutil
from encodings.cp866 import encoding_map
editor = 'nano'
dataFile = sys.argv[1]
## make a backup of the encrypted file
bakFile = dataFile+'-gpgedit_backup'
shutil.copy(dataFile, bakFile)
dstat = os.stat(dataFile)
## create temporary directory in tmpfs to work from
tmpDir = '/dev/shm/gpgedit'
n = 0
while True:
try:
os.mkdir(tmpDir+str(n))
break
except OSError as err:
if err.errno != 17: ## file already exists
raise
n += 1
tmpDir += str(n)
os.chmod(tmpDir, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
try:
## Get password
passwd = getpass.getpass()
## decrypt file
tmpFile = os.path.join(tmpDir, 'data')
cmd = "gpg -d --batch --ignore-mdc-error --passphrase-fd 0 --output %s %s" % (tmpFile, dataFile)
proc = subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE)
proc.stdin.write(bytes(passwd, encoding='utf-8'))
proc.stdin.close()
if proc.wait() != 0:
raise Exception("Error decrypting file.")
## record stats of tmp file
stat = os.stat(tmpFile)
## invoke editor
os.system('%s %s' % (editor, tmpFile))
## see whether data has changed
stat2 = os.stat(tmpFile)
if stat.st_mtime == stat2.st_mtime and stat.st_size == stat2.st_size:
raise Exception("Data unchanged; not writing encrypted file.")
## re-encrypt, write back to original file
cmd = "gpg --yes --batch --symmetric --passphrase-fd 0 --output %s %s" % (dataFile, tmpFile)
proc = subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE)
proc.stdin.write(bytes(passwd, encoding='utf-8'))
proc.stdin.close()
if proc.wait() != 0:
raise Exception("Error encrypting file.")
except:
## If there was an error AND the data file was modified, restore the backup.
dstat2 = os.stat(dataFile)
if dstat.st_mtime != dstat2.st_mtime or dstat.st_size != dstat2.st_size:
print("Error occurred, restored encrypted file from backup.")
shutil.copy(bakFile, dataFile)
raise
finally:
shutil.rmtree(tmpDir)
os.remove(bakFile)