tomb

the crypto undertaker
git clone git://parazyd.org/tomb.git
Log | Files | Refs | README | LICENSE

commit 16f04128175cde1ab9c9c0b20f6db34078e291e0
parent ddff7a78951e936431a6998c573cd19375cdc0ff
Author: Jaromil <jaromil@dyne.org>
Date:   Mon, 23 May 2011 22:30:39 +0200

Merge branch 'debian0'

Diffstat:
M.gitignore | 1-
MTODO.org | 63++++++++++++++++++++++++++++++++++++++-------------------------
Adebian/changelog | 26++++++++++++++++++++++++++
Adebian/compat | 1+
Adebian/control | 36++++++++++++++++++++++++++++++++++++
Adebian/copyright | 18++++++++++++++++++
Adebian/dirs | 1+
Adebian/docs | 1+
Adebian/menu | 3+++
Adebian/rules | 7+++++++
Adebian/source/format | 1+
Adebian/tomb-gtk.install | 2++
Adebian/tomb.install | 6++++++
Adebian/tomb.mime | 1+
Adebian/tomb.sharedmimeinfo | 11+++++++++++
Adebian/watch | 5+++++
Msrc/tomb | 3+++
17 files changed, 160 insertions(+), 26 deletions(-)

diff --git a/.gitignore b/.gitignore @@ -27,5 +27,4 @@ stamp-h1 tags doc/web/public doc/web/dyne -debian share/gtkrc diff --git a/TODO.org b/TODO.org @@ -5,7 +5,10 @@ you are welcome to send patches to jaromil@dyne.org * DONE Release 1.0 :100%: -** [#B] remove gnome dependencies from tomb core :jaromil: +** TODO [#C] make one single status handle more tombs +** TODO [#C] decorate creation wizard with ASCII art + +** DONE [#B] remove gnome dependencies from tomb core :jaromil: gksu is deeply connected to gnome in all its packages. actually libgksu2-dev is and that doesn't helps. @@ -18,7 +21,7 @@ you are welcome to send patches to jaromil@dyne.org to sudo and provide it an interface to ask the password graphically via pinentry -** [#B] SLAM tomb and kill all applications using it :anathema: +** DONE [#B] SLAM tomb and kill all applications using it :anathema: using lsof and fuser(1) we can do that easily @@ -27,15 +30,15 @@ you are welcome to send patches to jaromil@dyne.org tomb-askpass will become tomb-ask managing such user interaction, using libassuan and pinentry from the gpg project. -** [#B] fix operation without DISPLAY (over SSH) :hellekin: -** [#A] steganography to store tomb key :jaromil: +** DONE [#B] fix operation without DISPLAY (over SSH) :hellekin: +** DONE [#A] steganography to store tomb key :jaromil: steghide can hide keys in JPG, BMP, WAV or AU files it also takes care of compressing end encrypting the key file so we don't necessarily need gpg... it has Serpent and AES256 (CBC) -** [#A] use a posix thread instead of fork for status close :jaromil: -** [#A] use a config file to map bind mounts :jaromil: +** DONE [#A] use a posix thread instead of fork for status close :jaromil: +** DONE [#A] use a config file to map bind mounts :jaromil: done as file 'bind-hooks' inside tom. also 'post-hooks' is executed as user in case symlinks are needed and so @@ -43,38 +46,48 @@ you are welcome to send patches to jaromil@dyne.org using mount -o bind we can trigger actions to be made after mounting a tomb so that personal directories appear in the home folder. -** [#A] desktop integration the freedesktop way :jaromil: -** [#B] debian packaging with desktop integration :jaromil: +** DONE [#A] desktop integration the freedesktop way :jaromil: +** DONE [#B] debian packaging with desktop integration :jaromil: * TODO Release 2.0 :00%: -100% backward compatible with tombs created with 1.0 +Must be 100% backward compatible with tombs created with 1.0 + +** Bugs to fix + +*** TODO [#A] Should refuse opening a tomb that is already open :jaromil: + +** New features + +*** [#A] use inotify on tomb + + inotify can also count when was the last time tomb was used and + unmount it automatically after a timeout, see how much free space + is left and warn when the space is almost finished +*** [#A] udev rules to avoid usb automount of keyplug in gnome -** [#A] system to split keys in parts (ssss) :boyska: -** [#A] use inotify on tomb +*** [#A] sign and verify tomb script integrity (executed as root) - inotify can also count when was the last time tomb was used and - unmount it automatically after a timeout +*** TODO [#B] Internationalization using gettext :jaromil: -** [#A] udev rules to avoid usb automount of keyplug in gnome -** [#A] sign and verify tomb script integrity (executed as root) -** [#B] make a gnome tomb undertaker using gnome-druid in glade -** [#B] tomb locksmith for key management - a graphical tool or text wizard to move keys in/out steganography - as well split them + Started generating the strings, still need to figure out how to + install it -** [#B] transport keys and integrity checksums on qrcodes +*** [#B] make a gnome tomb undertaker using gnome-druid in glade +*** [#B] tomb locksmith for key management + a graphical tool or text wizard to move keys in/out steganography + as well split them +*** [#B] system to split keys in parts (ssss) -** [#B] analyse and show tomb entropy using libdisorder +*** [#B] transport keys and integrity checksums on qrcodes -** [#B] indeep security analysis of possible vulnerabilities +*** [#B] analyse and show tomb entropy using libdisorder -** [#C] make one single status handle more tombs -** [#C] decorate creation wizard with ASCII art +*** [#B] indeep security analysis of possible vulnerabilities -** [#C] more gtk dialogs for configurations? keep it minimal! +*** [#C] more gtk dialogs for configurations? keep it minimal! * TODO Porting to Win$loth diff --git a/debian/changelog b/debian/changelog @@ -0,0 +1,26 @@ +tomb (1.0-1) unstable; urgency=low + + * New upstream release + * Fixes to dependencies + * Split in 2 packages: tomb and tomb-gtk + + -- Denis Roio <jaromil@dyne.org> Mon, 21 Feb 2011 00:59:55 +0100 + +tomb (0.9.2-1) unstable; urgency=low + + * New upstream release + * Mentored fixes to debian packaging + + -- Denis Roio <jaromil@dyne.org> Thu, 10 Feb 2011 15:22:58 +0100 + +tomb (0.9.1-1) unstable; urgency=low + + * New upstream release + + -- Denis Roio <jaromil@dyne.org> Thu, 03 Feb 2011 22:32:23 +0100 + +tomb (0.9-1) unstable; urgency=low + + * Initial release. (Closes: #611660) + + -- Denis Roio <jaromil@dyne.org> Mon, 31 Jan 2011 19:39:06 +0100 diff --git a/debian/compat b/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debian/control b/debian/control @@ -0,0 +1,36 @@ +Source: tomb +Section: misc +Priority: extra +Maintainer: Denis Roio <jaromil@dyne.org> +Build-Depends: debhelper (>= 7), autotools-dev, cdbs, libgtk2.0-dev, libnotify-dev +Standards-Version: 3.9.1 +Homepage: http://tomb.dyne.org + +Package: tomb +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, zsh, cryptsetup, pinentry-curses, gnupg, sudo +Suggests: tomb-gtk, wipe, dcfldd, steghide +Description: the crypto undertaker + Derived from the dyne:bolic nesting mechanism, Tomb is a free and + easy to operate desktop application for fairly strong encryption of + personal files. A tomb is like a locked folder that can be + transported and hidden in filesystems; its keys are password + protected and can be kept separate, for instance keeping a tomb file + in your computer's harddisk and its key file on a USB stick. + Tomb relies on dm-crypt (and cryptsetup) as an encryption backend + using the aes-cbc-essiv:sha256 cypher. + +Package: tomb-gtk +Architecture: any +Depends: tomb, libnotify-bin, pinentry-gtk2, ${shlibs:Depends}, ${misc:Depends} +Description: the crypto undertaker - desktop integration + Derived from the dyne:bolic nesting mechanism, Tomb is a free and + easy to operate desktop application for fairly strong encryption of + personal files. A tomb is like a locked folder that can be + transported and hidden in filesystems; its keys are password + protected and can be kept separate, for instance keeping a tomb file + in your computer's harddisk and its key file on a USB stick. + Tomb relies on dm-crypt (and cryptsetup) as an encryption backend + using the aes-cbc-essiv:sha256 cypher. + . + This package contains a graphical interface to use Tomb on the desktop. diff --git a/debian/copyright b/debian/copyright @@ -0,0 +1,18 @@ +This package was debianized by Denis Roio <jaromil@dyne.org> +on Thu Jan 13 23:21:12 CET 2011 + +It was downloaded from the code.dyne.org source repository + +Upstream Author(s): Denis Roio <jaromil@dyne.org> + +Copyright: + <Copyright (C) 2007-2011 Denis Roio aka Jaromil> + +License: + This software is available under the GNU General Public License. + http://www.opensource.org/licenses/gpl-license.php + +Packaging: + Copyright (C) 2011 by Denis Roio <jaromil@dyne.org> + released under the terms of GNU GPL version 3, + see `/usr/share/common-licenses/GPL-3'. diff --git a/debian/dirs b/debian/dirs @@ -0,0 +1 @@ +usr/bin diff --git a/debian/docs b/debian/docs @@ -0,0 +1 @@ +README diff --git a/debian/menu b/debian/menu @@ -0,0 +1,3 @@ +?package(tomb):command="tomb-open" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \ + section="Applications/System/Security" title="Tomb" hints="Crypto" \ + hotkey="Tomb" diff --git a/debian/rules b/debian/rules @@ -0,0 +1,7 @@ +#!/usr/bin/make -f +include /usr/share/cdbs/1/rules/autoreconf.mk +include /usr/share/cdbs/1/rules/buildcore.mk +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk +# include /usr/share/cdbs/1/class/gnome.mk + diff --git a/debian/source/format b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/tomb-gtk.install b/debian/tomb-gtk.install @@ -0,0 +1,2 @@ +usr/bin/tomb-status +usr/share/man/man1/tomb-status.1 diff --git a/debian/tomb.install b/debian/tomb.install @@ -0,0 +1,6 @@ +usr/bin/tomb +usr/bin/tomb-open +usr/share/man/man1/tomb.1 +usr/share/man/man1/tomb-open.1 +usr/share/pixmaps/monmort.xpm +usr/share/icons/monmort.png diff --git a/debian/tomb.mime b/debian/tomb.mime @@ -0,0 +1 @@ +application/x-tomb-volume; tomb-open '%s'; priority=8 diff --git a/debian/tomb.sharedmimeinfo b/debian/tomb.sharedmimeinfo @@ -0,0 +1,11 @@ +<?xml version="1.0"?> +<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'> + <mime-type type="application/x-tomb-volume"> + <comment>Tomb crypto volume</comment> + <glob pattern="*.tomb"/> + </mime-type> + <mime-type type="application/x-tomb-key"> + <comment>Tomb crypto key</comment> + <glob pattern="*.tomb.key"/> + </mime-type> +</mime-info> diff --git a/debian/watch b/debian/watch @@ -0,0 +1,5 @@ +version = 3 + +# Package mantained by upstream developer +# wishing there would be a way to watch git repos? +# however our ftp is on ftp://ftp.dyne.org/tomb/releases diff --git a/src/tomb b/src/tomb @@ -763,6 +763,9 @@ umount_tomb() { fi + # avoid block when the same tomb is mounted, take only the first + for tm in ${(f)tombmount}; do tombmount=${tm}; break; done + func "tomb close argument: $1" func "name:\t$tombname" func "mount:\t$tombmount"