Allow defining custom paths to u2f_keys and pubring.kbx via CLI argum…

…ents (fix #1)
maximbaz · Dec 12, 2017 · 9f8a7d2 · 9f8a7d2
1 parent 33dad60
commit 9f8a7d2
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -91,13 +91,17 @@ In order to detect when `pam-u2f` requests a touch on YubiKey, you first need to
 
 With that in place, `pam-u2f` will open `$HOME/.config/Yubico/u2f_keys` every time it starts and stops waiting for a touch.
 
+> If the path to your `u2f_keys` file differs, provide it via `--u2f-keys-path` CLI argument.
+
 This app will thus watch for `OPEN` events on that file, and when event occurs will toggle the touch indicator.
 
 ### Detecting gpg operations
 
 This detection is based on a "busy check" - when the card is busy (i.e. `gpg --card-status` hangs), it is assumed that it is waiting on a touch. This of course leads to false positives, when the card is busy for other reasons, but it is a good guess anyway.
 
-In order to not run the `gpg --card-status` indefinitely (which leads to YubiKey be constantly blinking), the check is being performed only after `$HOME/.gnupg/pubring.kbx` file is opened (the app is thus watching for `OPEN` events on that file).
+In order to not run the `gpg --card-status` indefinitely (which leads to YubiKey be constantly blinking), the check is being performed only after `$GNUPGHOME/pubring.kbx` (or `$HOME/.gnupg/pubring.kbx`) file is opened (the app is thus watching for `OPEN` events on that file).
+
+> If the path to your `pubring.kbx` file differs, provide it via `--gpg-pubring-path` CLI argument.
 
 ### Detecting ssh operations
 

diff --git a/detector/gpg.go b/detector/gpg.go
@@ -1,9 +1,7 @@
 package detector
 
 import (
-	"os"
 	"os/exec"
-	"path"
 	"time"
 
 	"github.com/maximbaz/yubikey-touch-detector/notifier"
@@ -12,17 +10,12 @@ import (
 )
 
 // WatchGPG watches for hints that YubiKey is maybe waiting for a touch on a GPG request
-func WatchGPG(requestGPGCheck chan bool) {
+func WatchGPG(gpgPubringPath string, requestGPGCheck chan bool) {
 	// No need for a buffered channel,
 	// we are interested only in the first event, it's ok to skip all subsequent ones
 	events := make(chan notify.EventInfo)
-	file := os.ExpandEnv("$HOME/.gnupg/pubring.kbx")
-	gpgHome := os.Getenv("GNUPGHOME")
-	if gpgHome != "" {
-		file = path.Join(gpgHome, "pubring.kbx")
-	}
-	if err := notify.Watch(file, events, notify.InOpen); err != nil {
-		log.Errorf("Cannot establish a watch on GPG file '%v': %v\n", file, err)
+	if err := notify.Watch(gpgPubringPath, events, notify.InOpen); err != nil {
+		log.Errorf("Cannot establish a watch on gpg's pubring.kbx file '%v': %v\n", gpgPubringPath, err)
 		return
 	}
 	defer notify.Stop(events)

diff --git a/detector/u2f.go b/detector/u2f.go
@@ -1,20 +1,17 @@
 package detector
 
 import (
-	"os"
-
 	"github.com/maximbaz/yubikey-touch-detector/notifier"
 	"github.com/rjeczalik/notify"
 	log "github.com/sirupsen/logrus"
 )
 
 // WatchU2F watches when YubiKey is waiting for a touch on a U2F request
-func WatchU2F(notifiers map[string]chan notifier.Message) {
+func WatchU2F(u2fKeysPath string, notifiers map[string]chan notifier.Message) {
 	// It's important to not miss a single event, so have a small buffer
 	events := make(chan notify.EventInfo, 10)
-	file := os.ExpandEnv("$HOME/.config/Yubico/u2f_keys")
-	if err := notify.Watch(file, events, notify.InOpen); err != nil {
-		log.Errorf("Cannot establish a watch on U2F file '%v': %v\n", file, err)
+	if err := notify.Watch(u2fKeysPath, events, notify.InOpen); err != nil {
+		log.Errorf("Cannot establish a watch on u2f_keys file '%v': %v\n", u2fKeysPath, err)
 		return
 	}
 	defer notify.Stop(events)

diff --git a/main.go b/main.go
@@ -4,6 +4,7 @@ import (
 	"flag"
 	"os"
 	"os/signal"
+	"path"
 	"syscall"
 
 	"github.com/maximbaz/yubikey-touch-detector/detector"
@@ -12,14 +13,32 @@ import (
 )
 
 func main() {
+	defaultGpgPubringPath := "$GNUPGHOME/pubring.kbx or $HOME/.gnupg/pubring.kbx"
+
 	var verbose bool
+	var u2fKeysPath string
+	var gpgPubringPath string
 	flag.BoolVar(&verbose, "v", false, "print verbose output")
+	flag.StringVar(&u2fKeysPath, "u2f-keys-path", "$HOME/.config/Yubico/u2f_keys", "path to u2f_keys file")
+	flag.StringVar(&gpgPubringPath, "gpg-pubring-path", defaultGpgPubringPath, "path to gpg's pubring.kbx file")
 	flag.Parse()
 
 	if verbose {
 		log.SetLevel(log.DebugLevel)
 	}
 
+	if gpgPubringPath == defaultGpgPubringPath {
+		gpgHome := os.Getenv("GNUPGHOME")
+		if gpgHome != "" {
+			gpgPubringPath = path.Join(gpgHome, "pubring.kbx")
+		} else {
+			gpgPubringPath = "$HOME/.gnupg/pubring.kbx"
+		}
+	}
+
+	u2fKeysPath = os.ExpandEnv(u2fKeysPath)
+	gpgPubringPath = os.ExpandEnv(gpgPubringPath)
+
 	log.SetFormatter(&log.TextFormatter{FullTimestamp: true})
 	log.Debug("Starting Yubikey touch detector")
 
@@ -33,8 +52,8 @@ func main() {
 	requestGPGCheck := make(chan bool)
 	go detector.CheckGPGOnRequest(requestGPGCheck, notifiers)
 
-	go detector.WatchU2F(notifiers)
-	go detector.WatchGPG(requestGPGCheck)
+	go detector.WatchU2F(u2fKeysPath, notifiers)
+	go detector.WatchGPG(gpgPubringPath, requestGPGCheck)
 	go detector.WatchSSH(requestGPGCheck, exits)
 
 	wait := make(chan bool)