From: Alain Spineux <alain@baculasystems.com>
Date: Fri, 13 Jan 2023 16:39:51 +0000 (+0100)
Subject: tweak install-key-manager.sh & key-manager.py
X-Git-Tag: Beta-15.0.0~272
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cc23365062bfed9a6ab8b3e9769e73c0cd472696;p=thirdparty%2Fbacula.git

tweak install-key-manager.sh & key-manager.py

- check for python gnupg module
- make key-manager works when no regex match the volume name
---

diff --git a/bacula/scripts/install-key-manager.sh.in b/bacula/scripts/install-key-manager.sh.in
index cac8b6264..2c91a5c41 100644
--- a/bacula/scripts/install-key-manager.sh.in
+++ b/bacula/scripts/install-key-manager.sh.in
@@ -39,15 +39,23 @@ check_gnupg()
 
 #############################################################################
 #
-# check_gnupg
+# check
 #
 #############################################################################
-check_gnupg()
+check_python_gnupg()
 {
-   # Check if GnuPG is installed
-   GNUPGBIN=`which gpg`
-   if [ -z "$GNUPGBIN" ] ; then
-      echo "GnuPG is not found or not installed" >&2
+   # Check if the python3 API is installed for GnuPG
+   PYTHON3=`which python3`
+   if [ -z "$PYTHON3" ] ; then
+      echo "python3 is not found or not installed" >&2
+      exit 1
+   fi
+   OUT=`mktemp`
+   $PYTHON3 -c 'import gnupg;print("OK" if gnupg.GPG else "KO")' >$OUT 2>/dev/null
+   out=`cat $OUT`
+   if [ "$out" != "OK" ] ; then
+      echo "python3 gnupg module is not found" >&2
+      echo "try: pip3 install gnupg" >&2
       exit 1
    fi
 }
@@ -60,14 +68,14 @@ check_gnupg()
 check()
 {
    check_gnupg
+   check_python_gnupg
 
    if [ -e $GNUPGHOME ] ; then
       echo "Directory \"$GNUPGHOME\" exists"
-      exit 0
    else
-      echo "Directory \"$GNUPGHOME\" don't exist"
-      exit 1
+      echo "Directory \"$GNUPGHOME\" doesn't exist"
    fi
+   exit 0
 }
 
 #############################################################################
diff --git a/bacula/scripts/key-manager.py.in b/bacula/scripts/key-manager.py.in
index 2dc66a871..898e9bd75 100644
--- a/bacula/scripts/key-manager.py.in
+++ b/bacula/scripts/key-manager.py.in
@@ -230,8 +230,7 @@ def get_crypto_ctx_from_config(args, volume_name, master_keyid=None):
             None : for error
             MasterKey object : the master-key
     """
-    crypto_ctx=CryptoCtx()
-    crypto_ctx.cipher=args.cipher
+
     if args.config:
         try:
             config=configparser.ConfigParser()
@@ -265,31 +264,35 @@ def get_crypto_ctx_from_config(args, volume_name, master_keyid=None):
                 if match:
                     the_section=section
                     break
-            if  not the_section:
-                logging.error("no master-key defined for volume \"%s\"", volume_name)
-                print("error: no master-key define for volume \"{}\"".format(volume_name))
-                return None
+            if not the_section:
+                logging.debug("no master-key defined for volume \"%s\"", volume_name)
+
         crypto_ctx=CryptoCtx()
-        crypto_ctx.master_key_id=the_section
-        try:
-            crypto_ctx.gnupghome=config.get(the_section, 'gnupghome')
-            if crypto_ctx.gnupghome.startswith('"') and crypto_ctx.gnupghome.endswith('"'):
-                crypto_ctx.gnupghome=crypto_ctx.gnupghome[1:-1]
-        except configparser.NoOptionError:
-            crypto_ctx.cipher=GNUPGHOME
-        try:
-            crypto_ctx.cipher=config.get(the_section, 'cipher')
-        except configparser.NoOptionError:
+        if the_section==None:
+            # no master key
+            crypto_ctx.master_key_id=None
             crypto_ctx.cipher=args.cipher
-        try:
-            crypto_ctx.stealth=config.getboolean(the_section, 'stealth')
-        except configparser.NoOptionError:
-            pass
-        try:
-            crypto_ctx.passphrase=config.get(the_section, 'passphrase')
-        except configparser.NoOptionError:
-            pass
-        logging.info("use masterkey %r and cipher \"%s\" for volume \"%s\"", crypto_ctx.master_key_id, crypto_ctx.cipher, volume_name)
+        else:
+            crypto_ctx.master_key_id=the_section
+            try:
+                crypto_ctx.gnupghome=config.get(the_section, 'gnupghome')
+                if crypto_ctx.gnupghome.startswith('"') and crypto_ctx.gnupghome.endswith('"'):
+                    crypto_ctx.gnupghome=crypto_ctx.gnupghome[1:-1]
+            except configparser.NoOptionError:
+                crypto_ctx.gnupghome=GNUPGHOME
+            try:
+                crypto_ctx.cipher=config.get(the_section, 'cipher')
+            except configparser.NoOptionError:
+                crypto_ctx.cipher=args.cipher
+            try:
+                crypto_ctx.stealth=config.getboolean(the_section, 'stealth')
+            except configparser.NoOptionError:
+                pass
+            try:
+                crypto_ctx.passphrase=config.get(the_section, 'passphrase')
+            except configparser.NoOptionError:
+                pass
+            logging.info("use masterkey %r and cipher \"%s\" for volume \"%s\"", crypto_ctx.master_key_id, crypto_ctx.cipher, volume_name)
 
     return crypto_ctx