Sunday, April 17, 2011

Calcurse, a compact Linux organizer, now with encryption ...

I bumped into calcurse a while ago, but I didn't take the use of it seriously. When I started using it, I was also using Gnome's Evolution. But than, times changed, and I didn't need a calender anymore, so I gradually quit using Evolution. When two weeks ago I decide to organize my life on the computer again, I decided I would like to have a portable application I could carry on a USB stick. There was calcurse, which produces a very compact executable which I can carry around. Since it uses plain text files which are easily editable, I can also edit them on other operating systems without any problem.
So there you have it. A small great lightweight calendar application: Calcurse !

As a bonus to myself I decided to play with the idea, that I would like to encrypt the data I have on my disk on key, since it is possible that I loose my USB with lots of customers private data. So I wrote the following script, which launches the binary from the USB, decrypts the data folder, and then upon closing Calcurse would archive the data directory, encrypt it, and move it back to the USB.

Notice the following things:
1. I use OpenSSL, this is probably lame, and I should use GPG key.
2. You have to do a few steps manually before you can use the script, you will find them in
the body of the script below as comments.



# Written by Oz Nahum 
# This script is distributed under the terms of the GNU Public License 
# Version 3 or later.
# You can obtaion copies of this license at:

# A script to decrypt the calcurse_date dir, open it in 
# /home//calcurse_data
# then launch calcurse pointing to it, 
# and upon closing calcurse, encrypt the data, move it to usb stick, 
# and delete all data from /home//calcurse_data

# these commands needs to be run manually at first
# 1. make calcurse files only readable by owner
# $ chmod -vR 600 calcurse_data
# 2. creat a tar archive of the data:
# $ tar -cf calcurse_data.tar calcurse_data
# 3. encrypt the archive:
# $ openssl aes-256-cbc -salt -in calcurse_data.tar -out calcurse_d.tar.enc
# 4. copy calcurse binary from your system to the USB key
# $ cp -v `which calcurse` 
# 5. copy the encrypted archive to the USB
# $ cp -v calcurse_d.tar.enc 
# 6. finally, copy the script itself to your USB, and launch:
# $ bash

### Begin of Script
#make files readable only by owner
umask 077
trap "find /dev/shm/calcurse_data -type f | xargs shred -fuz;
      shred -u -n 3 -z /dev/shm/calcurse_data_tmp.tar
# first decrypt the data:
openssl enc -d -aes-256-cbc -salt -in calcurse_d.tar.enc -out /dev/shm/calcurse_data_tmp.tar

echo "extracting data"
#silently extract data, no need for verbose output (v flag)
tar -C /dev/shm -xf /dev/shm/calcurse_data_tmp.tar
echo "removing temporary data"
#remvoe the temporary archive
shred  -u -n 3 -z /dev/shm/calcurse_data_tmp.tar
sleep 3
#launce calcurse
calcurse -D /dev/shm/calcurse_data
# when calcurse is done tar the direcotry

tar -cf /dev/shm/calcurse_data_tmp.tar -C /dev/shm calcurse_data
#tar -cf calcurse_data_tmp.tar calcurse_data/

# then encrypt
#if encryption failed $? == 1 so repeat it again ...
openssl aes-256-cbc -salt -in /dev/shm/calcurse_data_tmp.tar -out calcurse_d.tar.enc
while [ "$es" = "1" ]; do 
    echo "encrypting data"
    openssl aes-256-cbc -salt -in /dev/shm/calcurse_data_tmp.tar -out calcurse_d.tar.enc
#if encryption succeeded remove the tar file
find /dev/shm/calcurse_data -type f | xargs shred -u -n 3 -z 

rm -rf /dev/shm/calcurse_data
shred -u -n 3 -z /dev/shm/calcurse_data_tmp.tar
#copy the encrypted file back to the USB
#mv ~/calcurse_d.tar.enc .

#note about the salt option note found in openssl man page[1],[2]
#note about lack of compresion with ssl [3]


Friday, April 15, 2011

Stripping EOL from output in BASH

Sometimes you have to text process the output of many chained commands, e.g. bash command to list all dev package in Debian. The results are usually outputted with "\n", e.g.

If the list is long enough your screen will scroll, and it will be hard to control the output without less. A solution is to strip the EOL marks with echo, for example compare:
getent passwd | cut -f 1 -d ":"
echo $(getent passwd | cut -f 1 -d ":")

Sunday, April 03, 2011

Turn your laptop to alarm clock

I bumped into an article describing rtcwake here, so I thought it will be cool to write a nice wrapper script around it.
It was also an excuse to master some more bash scripting and the use of "date" command.

There are many many other implementations for rtcwake script, like here for example, and I've seen some other cases in the Ubuntu forums, after I finished writing mine. So with out further a do, here is my solution, which is easy to use:


#       Copyright 2011 Oz Nahum <>
#       This program is free software; you can redistribute it 
#       and/or modify it under the terms of the GNU General 
#       Public License as published by the Free Software 
#       Foundation; either version 3 of the License, or
#       (at your option) any later version.
#       This program is distributed in the hope that it will 
#       be useful, but WITHOUT ANY WARRANTY; without even the
#       implied warranty of MERCHANTABILITY or FITNESS FOR A
#       PARTICULAR PURPOSE.  See the GNU General Public 
#       License for more details.

if [ $5 ] && [ $5 !=  "test" ]; then

if [ $PLAYER ] && [ $PLAYER = "mplayer" ] ; then
   PLAYER="mplayer -playlist"

#echo "player is" $PLAYER
case "$1" in

        echo "  usage: --help to see this how to use that script"
        exit 1
        echo " [--set|--configure]   "
        echo " "
        echo "  Options:"
        echo "  --set"
        echo "  --configure"
        echo ""
        echo " --set   [player|playlist]"
        echo "      will set the correct time for the script to wake the computer "
        echo "       with a lovely playlist."
        echo " "
        echo " --configure "
        echo "      will add the specified  to the sudoers list, so that rtcwake" 
        echo "      can be called without promting for password. This option is not yet"
        echo "      implemented. This option is only available with sudo or as root..."

        arrIn=(${IN//:/ })
        echo "will set up wake up to ${arrIn[0]}:${arrIn[1]} $2"
        TODAY=`date +%F`
        TODAY_IN_SEC=`date --date=$TODAY +%s`
        TIME=`date -d "$2 00:00:00" +%s`
        echo "date to wake up" `date --date "1970-01-01 $WAKE_UP_TIME sec" "+%Y-%m-%d %T"`
        # check if testing mode
        if [ "$5" = "test" ] || [ "$6" = "test" ]; then

            echo "testing only", $PLAYER, $PLAYLIST
            sudo rtcwake -t $WAKE_UP_TIME -m on -v && $PLAYER $PLAYLIST         
            sudo rtcwake -t $WAKE_UP_TIME -m mem -v && $PLAYER $PLAYLIST        

        if  [[ $EUID -ne 0 ]]; then
            echo "This script must be run as root" 1>&2
            exit 1
        echo "Will add user " $2 "to sudoers file so that,"
        echo "$2 will be able to call it without password"
        echo "$2 ALL= NOPASSWD: /usr/sbin/rtcwake" >> /etc/sudoers

Saturday, April 02, 2011

Remove all Development packages from Debian

Another cool one liner to remove all development packages to clean your Debian.

$ aptitude remove `dpkg -l | grep -e \-dev | sed 's/ii//g' \
| sed 's/rc//g' | sed 's/^ *//;s/ *$//' \
| sed 's/ \+ /\t/g' | cut -f 1`

Remove all GNOME from debian - a one line command

This one is not so easy to follow, but it works for me :-).

Do try only the stuff inside `` (back tick operator in the bash language), to see what it does:

$ aptitude remove `dpkg -l | grep gnome | sed 's/ii//g' \
| sed 's/rc//g' | sed 's/^ *//;s/ *$//' \
| sed 's/ \+ /\t/g' | cut -f 1`

GNOME Fork is dead ...

The EXDE project, which aimed to continue supporting gnome 2.X is dead. This is really a shame,
I wish I could have taken part in it. I really like the user experience that GNOME 2.X offered new comers to Linux, and it was always my default recommendation when I installed a new laptop with Linux to a friend.

I will keep looking for an alternative for GNOME 2.X, and I already expect to start working with XFCE 4.8 on my installed Debian.