Posts Tagged ‘OSX’

A *more* secure(-ish) crypted file

Monday, January 16th, 2012

I have been using two commands blogged about by a friend Steve Harris to store my passwords on my mac osx laptop. He illustrated two commands “useful” and “viuseful” which open an gpg encrypted file using less and vi respectively. Opening the file in less, allows for safe read-only access to the contents of the encrypted file. The vi mode of operation as described by Steve leaves a temporary copy of the file that exists in plaintext briefly while it’s being encrypted.

With a little help from one of my current colleagues Sid I have altered Steve’s example by writing the temp file to a ramdisk, which is subsequently srm’d.

The fact that this implementation never writes the contents of the unencrypted file to disk, I recon I can go as far as saying that it was a little *more* secure than Steve’s original post :)


#Password config
USEFUL_FILE="$HOME/.passwords/passwords.txt.gpg"
USEFUL_KEYID="XXXXXXXX"
RDLABEL="ramdisk"
RAMDISK="/Volumes/$RDLABEL" # Please no spaces
FILE="passtmp" # Please no spaces

function useful {
  gpg --trust-model always -d $USEFUL_FILE | less
}

function ramdisk {
  let SIZE=$1*2
  # Check if the ramdisk is already mounted
  if [[ $(mount | grep "$RAMDISK " | wc -l) -eq 0 ]]; then
    diskutil erasevolume HFS+ "$RDLABEL" $(hdiutil attach -nomount ram://$SIZE) &> /dev/null
  fi
}

function cleanup {
  if [[ -e "$RAMDISK/$FILE" ]]; then
    srm -f "$RAMDISK/$FILE"
    umount "$RAMDISK"
  fi
}

function viuseful {
  ramdisk 4096 # 4MB
  cp "$USEFUL_FILE" "$USEFUL_FILE~"
  vi '+set viminfo=' '+set noswapfile' '+r !gpg --trust-model always --quiet -d '"$USEFUL_FILE"' 2>/dev/null' '+1d' '+redraw!' "$RAMDISK/$FILE"
  if [ -s "$RAMDISK/$FILE" ]; then
    gpg --trust-model always --yes -r "$USEFUL_KEYID" -o "$USEFUL_FILE" -e "$RAMDISK/$FILE"
  else
   echo "File not changed"
  fi
  cleanup
}

So yeah, a big shout out to both Steve and Sid, for now I have a proprietary secure(-ish) way of storing all of various passwords.

If someone would like to tell me how to create the RAMDISK on a linux machine I would love to know :)

Tags:, , , , ,
Posted in OSX | No Comments »

Signing Mail on Snow Leopard

Thursday, August 19th, 2010

Yay finally, come across an update to the GPGMail plugin for Mail.app 4.3 on Snow Leopard. This is the one bit of functionality which I have missed since upgrading from Leopard to Snow Leopard, and have been searching for updates periodically for a while now.

This is fanstatic news, as I can now digitally sign my emails, with my GPG identity, which can be found linked to from my FOAF file.

Tags:, , ,
Posted in OSX | No Comments »

ld: duplicate symbol _g_bit_nth_lsf Mac OSX Leopard/Darwin

Tuesday, July 7th, 2009

I have had some problems installing software from source on my Max OS X Leopard machine. I should thank Martin Szomszor for his help on getting this working, but after some time faffing we finally got it sorted out.

I found that I was having problems making software on Leopard, which I could build fine on my linux (fedora) machines. The error I was getting was:

ld: duplicate symbol _g_bit_nth_lsf in foo.o and bar.o

I am running Leopard 10.5.3. I was using glib2, installed via Fink, version number: 2.12.0-103. After spending lots of time googling I found the following article to be of the most use, “Wireshark with Macports”, where Anders Brownworth pointed out that the error was due to a “extern inline bug in glib/gutils.h which is easily fixed“.

So to fix this:

  • I located gutils.h, which I found here:

    /sw/include/glib-2.0/glib/gutils.h
  • I then replaced these lines:

    #ifdef G_IMPLEMENT_INLINES

    # define G_INLINE_FUNC

    # undef G_CAN_INLINE

    #elif defined (__GNUC__)

    # define G_INLINE_FUNC extern inline

    #elif defined (G_CAN_INLINE)

  • With this:

    #ifdef G_IMPLEMENT_INLINES

    # define G_INLINE_FUNC

    # undef G_CAN_INLINE

    #elif defined (__APPLE__)

    # define G_INLINE_FUNC static inline

    #elif defined (__GNUC__)

    # define G_INLINE_FUNC extern inline

    #elif defined (G_CAN_INLINE)

  • By adding these two middle lines:

    #elif defined (__APPLE__)

    # define G_INLINE_FUNC static inline
  • The start of the fragment of code was at line number 96 in my gutils.h file

Here is a link to my edited and working gutils.h file.

Note 1: I would make sure I get a copy of my original gutils.h file, as this may come in handy

Note 2: There is a patch which one could apply to make the same changes which I have just described here. This patch follows this ticket. I didn’t know what to do with the patch file, so I ended up editing the file by hand:). I am guessing that is something todo with macports, mmm, nevermind, its working now.

Tags:, , ,
Posted in glib, OSX | No Comments »

duplicate dylib libiconv.2.dylib

Tuesday, July 7th, 2009

When building from source on Mac OSX, I have regularly come across the problem whereby the compiler complains about duplicate dylibs.

duplicate dylib libiconv.2.dylib

This is due to my use of the Fink and Darwin packages to install various bits I need for OSX development.

I recently noticed that many configure scripts cater for the user to select which dylib they would like to include. So I figured that my problem of duplicate iconv’s can be overcome by looking for options like :

--with-iconv=

So look out for similar parameters in configure scripts

./configure --with-iconv=/opt/local/..

So, why do I not just remove all but one instance of iconv? Well, Leopard ships with an old version of iconv, and I require recent versions for my development work.

Tags:, , , ,
Posted in OSX | 1 Comment »