Replace command line argument with a password stored in GNOME Keyring and execute.
pwexec [OPTIONS] <ACTION> [<command> <args> ...]
ACTION is one of:
set: set password associated with specified realm
exec: execute specified command with password replacement
delete: delete password
-k): Specify keyring name. Default keyring is
session, that means stored passwords will be vanished on GNOME session logout. So if you want to make passwords persistent, you should specify
--keyringoption with keyring name explicitly.
defaultis default keyring used in GNOME system and recommended.
For example, imagine you will execute rdesktop program with password.
$ rdesktop -u foo -p bar baz
At first, you have to store a password onto GNOME keyring.
$ pwexec -r rdeskpw -k default set Password: ******** Retype Password: ******** Successfully stored password.
You can specify realm name (on above example,
rdeskpw) whatever you want.
Then, execute the program.
$ pwexec -r rdeskpw exec rdesktop -u foo -p %PASSWORD% baz
On exec phase, pwexec will replace
%PASSWORD% argument with the password
stored on set phase and then execute the command.
You do not have to specify
--keyring parameter on exec phase.
This program does only replace command line argument simply, so proc filesystem would reveal your replaced password. Some programs (such as rdesktop) mask passwords on proc store, but not all programs behave like that.
I wrote the article (written in Japanese) about motivation.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature)
- Commit your changes (
git commit -am 'Added some feature')
- Push to the branch (
git push origin my-new-feature)
- Create new Pull Request
Copyright and license
Copyright © 2012 ITO Nobuaki. See LICENSE for details (MIT License).