unbrot/fedora-OEMDRV
1
0
Fork 0
forked from obel1x/fedora-OEMDRV
Code Pull Requests Activity

KWallet: Created, not finished

Browse Source
This commit is contained in:
Daniel Pätzold
2026-03-28 16:32:08 +01:00
parent 4503ad63b0
commit 7e16182bd1
2 changed files with 140 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client_software/0005_kwallet/create-kwallet-file.sh
Executable
+109
View File
@@ -0,0 +1,109 @@
#!/usr/bin/env bash
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
#
# This Script
# Takes three args: WALLET_NAME, WALLET_PASSWORD, OPTIONAL_FILE_PATH
# Creates the wallet via qdbus (works without kwalletcli)
# If OPTIONAL_FILE_PATH is provided, creates the .kwl there and bind-mounts it to ~/.local/share/kwalletd5/.kwl so kwalletd5 reads/writes that file
# Avoids leaving the password exposed by using a file descriptor for qdbus where possible (note: qdbus API here still passes password argument)
#eg run: ./create-kwallet-file.sh MyWallet "MyPass" /home/user/.my_kwallet/kwallet5.kwl
#
set -euo pipefail
WALLET_NAME="${1:-}"
WALLET_PASSWORD="${2:-}"
TARGET_PATH="${3:-}"
if [ -z "$WALLET_NAME" ] || [ -z "$WALLET_PASSWORD" ]; then
echo "Usage: $0 <wallet-name> <wallet-password> [target-file-path]"
exit 2
fi
# Ensure kwalletd6 is running
if ! pgrep -x kwalletd6 >/dev/null 2>&1; then
nohup kwalletd6 >/dev/null 2>&1 &
sleep 1
fi
# Use qdbus to create the wallet
if ! command -v qdbus-qt6 >/dev/null 2>&1; then
echo "qdbus required"
exit 3
fi
SERVICE="org.kde.kwalletd"
PATH_DBUS="/modules/kwalletd6"
APPID="create-kwallet-script-$$"
HANDLE=$(qdbus-qt6 "$SERVICE" "$PATH_DBUS" org.kde.KWallet.open "$APPID" 0) || true
# createWallet(walletName, password, winId)
qdbus-qt6 "$SERVICE" "$PATH_DBUS" org.kde.KWallet.createWallet "$WALLET_NAME" "$WALLET_PASSWORD" 0
echo "Not working until now, need to go further into things..."
exit 0
# Set default wallet in kwalletrc
kwallet_cfg="$HOME/.config/kwalletrc"
mkdir -p "$(dirname "$kwallet_cfg")"
# Simple write/replace of DefaultWallet in [KDE Wallet]
if ! grep -q "^\[KDE Wallet\]" "$kwallet_cfg" 2>/dev/null; then
printf "[KDE Wallet]\nDefaultWallet = %s\n" "$WALLET_NAME" >> "$kwallet_cfg"
else
if grep -q "^\[KDE Wallet\]" "$kwallet_cfg" && grep -q "^DefaultWallet" "$kwallet_cfg"; then
sed -i "s/^DefaultWallet.*/DefaultWallet = $WALLET_NAME/" "$kwallet_cfg"
else
awk -v w="$WALLET_NAME" 'BEGIN{p=1} /^\[KDE Wallet\]/{print; print "DefaultWallet = " w; p=0; next} {print}' "$kwallet_cfg" > "$kwallet_cfg.tmp" && mv "$kwallet_cfg.tmp" "$kwallet_cfg"
fi
fi
# If a target file was given, arrange for kwalletd5 to use it
if [ -n "$TARGET_PATH" ]; then
TARGET_DIR="$(dirname "$TARGET_PATH")"
mkdir -p "$TARGET_DIR"
touch "$TARGET_PATH"
chmod 600 "$TARGET_PATH"
chown "$(id -u):$(id -g)" "$TARGET_PATH"
KW_DIR="$HOME/.local/share/kwalletd6"
KW_FILE_NAME="$(basename "$TARGET_PATH")"
mkdir -p "$KW_DIR"
# Stop kwalletd5 before moving / mounting
pkill kwalletd6 || true
sleep 0.5
# Backup existing kwallet dir
if [ -e "$KW_DIR" ] && [ ! -L "$KW_DIR" ]; then
mv "$KW_DIR" "${KW_DIR}.bak" || true
fi
mkdir -p "$KW_DIR"
# If target is a directory path that contains a .kwl name, use that name; else use wallet name
if [[ "$KW_FILE_NAME" != *.kwl ]]; then
KW_FILE_NAME="${WALLET_NAME}.kwl"
TARGET_PATH="${TARGET_DIR}/${KW_FILE_NAME}"
touch "$TARGET_PATH"
chmod 600 "$TARGET_PATH"
fi
# Ensure target file exists
touch "$TARGET_PATH"
chmod 600 "$TARGET_PATH"
# Mount --bind the target file into kwalletd5 dir with the expected name
MOUNT_POINT="${KW_DIR}/${KW_FILE_NAME}"
mkdir -p "$(dirname "$MOUNT_POINT")"
# create placeholder if missing
touch "$MOUNT_POINT"
sudo mount --bind "$TARGET_PATH" "$MOUNT_POINT"
# Restart kwalletd5
nohup kwalletd6 &
sleep 1
fi
echo "Created wallet '$WALLET_NAME'."
if [ -n "$TARGET_PATH" ]; then
echo "Wallet file bound to: $TARGET_PATH"
fi
client_software/0005_kwallet/install.sh
Executable
+31
View File
@@ -0,0 +1,31 @@
#!/usr/bin/env sh
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
#
# Kwallet Setup to Secure Directory
#
# Kwallet5 will be used for storing passwords for most KDE- Applications, like for Nextcloud- Client, Talk app and many more.
# Usually Kwallet will ask for a password to have good security in your file, but this will make Logon non Interactive.
# We will setup a new walletfile into the encrypted Data-Directory and encrypt it with the IPA-Vault Password.
#
echo "Setup KWallet Password- Service."
#Check for root
if [ "$EUID" -ne 0 ]; then
echo "Error: Script requires root. Please check if ${SCRIPTPATH}/${SCRIPTNAME} is in sudoers rules and if you are a member. And if executed via sudo."
exit 1
fi
#Check Token
if [ "${DAVTOKEN_USER}." == "." ]; then
echo "Error: Script cannot be executed standalone and needs a prereserved Environment. Quit."
exit 1
fi
#Local Vars
#SYNCCMD="$BASECMD --userid ${DAVTOKEN_USER} --apppassword ${DAVTOKEN_PASS} --localdirpath ${CLIENT_DATA_DST} --remotedirpath ${CLIENT_DATA_SRC} --serverurl https://${SERVERFQDN_NC}"
#SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )
echo "Not implemented yet, skipping."
exit 0