我正在开发一个用于 Windows 共享的自动安装脚本。我已经完成了脚本,它运行良好,但是是否可以将 Gnome Keyring 添加到 bash,这样一旦用户输入他/她的密码,它就会被保存到 Gnome Keyring 中,稍后将从那里获取。此外,我的 Windows AD 用户密码必须每月更改一次,是否可以编写脚本,以便每月过去后脚本再次要求输入密码?
例子:
用户登录 Ubuntu,安装脚本在登录时启动。用户输入密码,脚本将其发送到 Gnome Keyring 进行保存。下次他/她登录时,密码将从 Gnome Keyring 中获取,但如果是 6 月 1 日,例如,用户必须再次输入密码。
代码:
#!/bin/bash
MOUNTDIR=Public
DIRNAME=Shares
DOMAIN=AD_Domain
SERVER=server.local.lan
SHARE=shared_folder
# create mountpoint for mounting
if [ ! -d ${HOME}/${DIRNAME} ]; then
mkdir ${HOME}/${DIRNAME}
fi
# define a function that launched the zenity username dialog
get_username(){
zenity --entry --width=300 --title="Mount $MOUNTDIR" --text="Username:"
}
# define a function that launched the zenity password dialog
get_password(){
zenity --entry --width=300 --title="Mount $MOUNTDIR" --text="Password:" --hide-text
}
# attempt to get the username and exit if cancel was pressed.
wUsername=$(get_username) || exit
# if the username is empty or matches only whitespace.
while [ "$(expr match "$wUsername" '.')" -lt "1" ]; do
zenity --error --title="Error in username!" --text="Please check your username! Username field can not be empty!" || exit
wUsername=$(get_username) || exit
done
# if the password is empty or matches only whitespace.
wPassword=$(get_password) || exit
while [ "$(expr match "$wPassword" '.')" -lt "1" ]; do
zenity --error --title="Error in password!" --text="Please check your password! Password field can not be empty!" || exit
wPassword=$(get_password) || exit
done
# mount windows share to mountpoint
sudo mount -t cifs //$SERVER/$SHARE ${HOME}/${DIRNAME} -o username=${wUsername},password=${wPassword},domain=${DOMAIN}
# show if mounting was OK or failed
if [ $? -eq 0 ]; then
zenity --info --title="Mounting public share succeeded!" --text="Location Documents/Shares/public!"
else
zenity --error --title="Mounting public did not succed!" --text="Please contact system administrator!"
fi
答案1
答案2
在搜索同样的东西时,我遇到了这个问题,由于没有最新的答案(唯一的答案是在评论中),这是我的:
查看这. 可以轻松用于脚本编写
python -c "import keyring; print(keyring.get_password('name', 'username'))"
python -c "import keyring; keyring.set_password('name', 'username', '$PASSWORD')"
并且理论上应该可以与许多密钥环守护进程一起工作。
答案3
因为我非常喜欢 python 答案(尽管它确实创建了 Python 依赖项,但是现在谁没有安装 python 呢)但是 python 答案并没有详细说明,而且我的例子对于评论来说太大了,下面是我使用它的方式。
#!/usr/bin/env bash
check_keyring() {
[[ $( python3 -c "import keyring" >/dev/null; echo $?) -eq 1 ]] &&
pip3 --upgrade keyring
}
keyring_get() {
local key
key="${1}"
check_keyring
python3 -c "import keyring; print(keyring.get_password('myscript', '${key}'))"
}
keyring_isset() {
local key res
key="${1}"
check_keyring
res=$(python3 -c "import keyring; print(keyring.get_password('myscript', '${key}'))")
[[ "${res}" == "None" ]] && echo 1 || echo 0
}
keyring_set() {
local key val
key="${1}"
val="${2}"
check_keyring
python3 -c "import keyring; print(keyring.set_password('myscript', '${key}', '${val}'))" > /dev/null 2>&1
}
DB_KEY="127.0.0.1|mydb|myuser"
DB_PASSWD=""
if [[ "$(keyring_isset "${DB_KEY}")" -eq 1 ]]; then
echo -n "PG password for ${DB_KEY}:\n"
read -sp "" DB_PASSWD
keyring_set "${DB_KEY}" "${DB_PASSWD}"
else
DB_PASSWD="$(keyring_get "${DB_KEY}")"
fi
PGPASSWORD="${DB_PASSWD}" psql -h 127.0.0.1 -p 5432 -d mydb -U myuser
这只是一个例子,显然isset如果你的值实际上设置为“无”,这个就不起作用,它每次都会检查密钥环是否安装,这可能会产生一些延迟,但这样就是一种不干涉的依赖关系