Newer
Older
cPasswords
==========
cPasswords is a group password manager develop by the
`CRANS <https://www.crans.org>`__.
Client installation
-------------------
- Add you GPG fingerprint and your SSH key to the cpassword server. For
the CRANS, you can do this on the intranet.
- Clone the code,
``git clone git@gitlab.crans.org:nounous/cranspasswords.git``,
- Make sure the install path (``~/.local/bin``) is in your ``$PATH``,
- Try ``cranspasswords test`` to decrypt a test password.
Server installation
-------------------
- Clone the code,
``git clone git@gitlab.crans.org:nounous/cranspasswords.git``,
- Launch ``pip install --user .``,
- Add a sudoers rule to enable users from ``sudoers_group`` to launch
cpasswords,
``%sudoers_group ALL=(root) NOPASSWD: /usr/local/bin/cranspasswords-server``
- Copy and adapt ``docs/serverconfig.example.py`` to
``/etc/cranspasswords/serverconfig.py``.
- Create ``/var/lib/cranspasswords/db/`` with owner root and mod 700
(root only).
Develop
~~~~~~~
With a Python virtualenv,
.. code:: bash
python3 -m venv venv
. venv/bin/activate
pip install -e .
Then you will be able to launch the client with ``cpasswords``
or the server with ``cpasswords-server``.
Change command name
~~~~~~~~~~~~~~~~~~~
If you wish to rename the command from ``cranspasswords`` to something
else, define ``COMMAND_NAME`` environment variable before executing
``pip install`` during the installation of the client or server.
Import cPasswords
~~~~~~~~~~~~~~~~~
To import ``client.py`` from another script, you may need to specify
where is his configuration :
::
export CRANSPASSWORDS_CLIENT_CONFIG_DIR=/path/to/config/dir/
Install completion
------------------
With bash, you can add to ``~/.bashrc`` :
.. code:: bash
source <this repo path>/docs/bash_completion
complete -F _cranspasswords_completion <command name>
Troubleshoutings
----------------
To troubleshot, you ``-vv`` option to activate debug.
""“sudo: sorry, a password is required to run sudo”""
Check sudoers file on server side.