#10 Running a single command + reading the master password from a file

[enki]

Hi,

I've added two useful features to kpcli:
- the ability to run a single command ("eval") instead of starting the interactive ui
- the possibility of reading a master password from a file instead of the console

Both of these allow me to use kpcli to automatically retrieve secrets from a kdb file like so:

getsecret() {
local keydb="$KEYDB"
local path="$1"; shift
local password=""
read -sp "Enter master password to unlock '$keydb': " password
echo "" > /dev/tty
echo $password | kpcli --readonly --kdb "$keydb" --passwdfile=/dev/fd/0 --eval "show -f \"$path\"" | awk '/Pass:/ { print $2; }'
}

The patch is applied, if you like it please include it in the upstream code so others can use it too.

Regards,
Maciej Grela

[Lester Hightower]

I don't understand what you added that did not already exist in version 3.1 via --pwfile and --command, the --help typo in --pwfile notwithstanding (which will be fixed in 3.2):

$ ~/bin/kpcli.d/kpcli-3.1.pl --help
Usage: kpcli-3.1 [--kdb=<file.kdb>] [--key=<file.key>]

  --kdb         Optional KeePass database file to open (must exist).
  --key         Optional KeePass key file (must exist).
  --pwfiles     Read master password from file instead of console.
  --histfile    Specify your history file (or perhaps /dev/null).
  --readonly    Run in read-only mode; no changes will be allowed.
  --timeout=i   Lock interface after i seconds of inactivity.
  --command     Run single command and exit (no interactive session).
  --no-recycle  Don't store entry changes in /Backup or "/Recycle Bin".
  --help        This message.

Run kpcli with no options and type 'help' at its command prompt to learn
about kpcli's commands.

[Lester Hightower]

Having heard no follow up on this, closing.