Fix issue on OS X when creating a temporary file

This prevents the "mktemp: too few X's in template
_stacklib_" error message from appearing when
adding another admin to blackbox and allows the command to successfully
execute.

    Related:
    rtomayko/shocco#5
    http://unix.stackexchange.com/q/87638/63283

Makefile

@@ -1,12 +1,13 @@
 SHELL=/bin/sh
-BIN=tools
 
 PKGNAME=stack_blackbox
 
 all:
 	@echo 'Menu:'
+	@echo '  make update            Update any generated files'
 	@echo '  make packages          Make RPM packages'
-	@echo '  make install           (incomplete)
+	@echo '  make packages-deb      Make DEB packages'
+	@echo '  make install           (incomplete)'
 
 install:
 	@echo 'To install, copy the files from bin to somewhere in your PATH.'
@@ -19,8 +20,11 @@ packages: packages-rpm
 # RPM builds
 #
 
+# NOTE: mk_rpm_fpmdir.stack_blackbox.txt is the master list of files.  All
+# other packages should generate their list from it.
+
 packages-rpm:
-	PKGRELEASE="$${PKGRELEASE}" $(BIN)/build_rpm.sh stack_blackbox tools/rpm_filelist.txt
+	cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_rpm_fpmdir stack_blackbox mk_rpm_fpmdir.stack_blackbox.txt
 
 packages-rpm-debug:
 	@echo BUILD:
@@ -41,16 +45,72 @@ lock-rpm:
 unlock-rpm:
 	sudo yum versionlock clear
 
+#
+# DEB builds
+#
+
+packages-deb:	tools/mk_deb_fpmdir.stack_blackbox.txt
+	cd tools && PKGRELEASE="$${PKGRELEASE}" PKGDESCRIPTION="Safely store secrets in git/hg/svn repos using GPG encryption" ./mk_deb_fpmdir stack_blackbox mk_deb_fpmdir.stack_blackbox.txt
+
+# Make mk_deb_fpmdir.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
+tools/mk_deb_fpmdir.stack_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
+	sed -e '/^#/d' -e 's@/usr/blackbox/bin/@/usr/bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_rpm_fpmdir.stack_blackbox.txt >$@
+
+packages-deb-debug:	tools/mk_deb_fpmdir.stack_blackbox.txt
+	@echo BUILD:
+	@PKGRELEASE=99 make packages-deb
+	@echo ITEMS TO BE PACKAGED:
+	find ~/debbuild-$(PKGNAME)/installroot -type f
+	@echo ITEMS ACTUALLY IN PACKAGE:
+	@dpkg --contents $$(cat ~/debbuild-$(PKGNAME)/bin-packages.txt)
+
+local-deb:
+	@PKGRELEASE=1 make packages
+	-@sudo dpkg -e $(PKGNAME)
+	sudo dpkg -i $$(cat ~/rpmbuild-$(PKGNAME)/bin-packages.txt)
+
+#
+# MacPorts builds
+#
+# To test:
+# rm -rf /tmp/foo ; mkdir -p /tmp/foo;make packages-macports DESTDIR=/tmp/foo;find /tmp/foo -ls
+
+# Make mk_macports.vcs_blackbox.txt from mk_rpm_fpmdir.stack_blackbox.txt:
+tools/mk_macports.vcs_blackbox.txt: tools/mk_rpm_fpmdir.stack_blackbox.txt
+	sed  -e '/^#/d' -e 's@/usr/blackbox/bin/@bin/@g' -e '/profile.d-usrblackbox.sh/d' <tools/mk_rpm_fpmdir.stack_blackbox.txt >$@
+
+# MacPorts expects to run: make packages-macports DESTDIR=${destroot}
+packages-macports: tools/mk_macports.vcs_blackbox.txt
+	mkdir -p $(DESTDIR)/bin
+	cd tools && ./mk_macports mk_macports.vcs_blackbox.txt
+
+# stow is a pretty easy way to manage simple local installs on GNU systems 
+install-stow:
+	mkdir -p /usr/local/stow/blackbox/bin
+	cp bin/* /usr/local/stow/blackbox/bin
+	rm /usr/local/stow/blackbox/bin/Makefile
+	cd /usr/local/stow; stow -R blackbox
+uninstall-stow:
+	cd /usr/local/stow; stow -D blackbox
+	rm -rf /usr/local/stow/blackbox
+
 # Add other package types here.
 
+#
+# Updates
+#
+update: tools/mk_deb_fpmdir.stack_blackbox.txt tools/mk_macports.vcs_blackbox.txt
+
+clean:
+	rm tools/mk_deb_fpmdir.stack_blackbox.txt tools/mk_macports.vcs_blackbox.txt
+
 #
 # System Test:
 #
-
 confidence:
-	@if [[ -e ~/.gnupg ]]; then echo ERROR: '~/.gnupg should not exist. If it does, bugs may polute your .gnupg configuration. If the code has no bugs everything will be fine. Do you feel lucky?'; false ; fi
+	@if [ -e ~/.gnupg ]; then echo ERROR: '~/.gnupg should not exist. If it does, bugs may polute your .gnupg configuration. If the code has no bugs everything will be fine. Do you feel lucky?'; false ; fi
 	@if which >/dev/null gpg-agent ; then pkill gpg-agent ; rm -rf /tmp/tmp.* ; fi
-	@export PATH=~/gitwork/blackbox/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin ; 
-		cd ~/gitwork/blackbox && tools/confidence_test.sh
+	@export PATH="$(PWD)/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/opt/local/bin:$(PATH)" ; tools/confidence_test.sh
+		tools/confidence_test.sh
 	@if which >/dev/null gpg-agent ; then pkill gpg-agent ; fi
-	@if [[ -e ~/.gnupg ]]; then echo ERROR: '~/.gnupg was created which means the scripts might be poluting GnuPG configuration.  Fix this bug.'; false ; fi
+	@if [ -e ~/.gnupg ]; then echo ERROR: '~/.gnupg was created which means the scripts might be poluting GnuPG configuration.  Fix this bug.'; false ; fi

README.md

@@ -1,7 +1,7 @@
 BlackBox
 ========
 
-Safely store secrets in a VCS repo (i.e. Git, Mercurial, or Subversion). These
+Safely store secrets in a VCS repo (i.e. Git, Mercurial, Subversion or Perforce). These
 commands make it easy
 for you to Gnu Privacy Guard (GPG) encrypt specific files in a repo so they are
 "encrypted at rest" in your repository. However, the scripts
@@ -42,8 +42,8 @@ files.  Simply set up a GPG key for the Puppet master (or the role
 account that pushes new files to the Puppet master) and have that
 user run `blackbox_postdeploy` after any files are updated.
 
-Getting started is easy.  Just `cd` into a Git, Mercurial or Subversion
-repository and run `blackbox_initialize`.  After that, if a file is to 
+Getting started is easy.  Just `cd` into a Git, Mercurial, Subversion or
+Perforce repository and run `blackbox_initialize`.  After that, if a file is to
 be encrypted, run `blackbox_register_new_file` and you are done.  Add
 and remove keys with `blackbox_addadmin` and `blackbox_removeadmin`.
 To view and/or edit a file, run `blackbox_edit`; this will decrypt the
@@ -63,10 +63,10 @@ and passwords to be leaked.
 
 NOT SO OBVIOUSLY when we store "secrets" in a VCS repo like Git or
 Mercurial, suddenly we are less able to share our code with other
-people.  Communciation between subteams of an organization is hurt.
+people.  Communication between subteams of an organization is hurt.
 You can't collaborate as well.  Either you find yourself emailing
 individual files around (yuck!), making a special repo with just
-the files needed by your collaborators (yuck!), or just deciding that
+the files needed by your collaborators (yuck!!), or just deciding that
 collaboration isn't worth all that effort (yuck!!!).
 
 The ability to be open and transparent about our code, with the
@@ -74,6 +74,41 @@ exception of a few specific files, is key to the kind of
 collaboration that DevOps and modern IT practitioniers
 need to do.
 
+Installation Instructions:
+==========================
+
+  * *The MacPorts Way*: `sudo port install vcs_blackbox`
+  * *The RPM way*: `make packages-rpm` and now you have an RPM you can install.
+  * *The Debian/Ubuntu way*: Install [fpm](https://github.com/jordansissel/fpm), then `make packages-deb` and now you have a DEB you can install.
+  * *The hard way*: Copy all the files in "bin" to your "bin".
+  * *The Antigen Way*: Add `antigen bundle StackExchange/blackbox` to your .zshrc
+  * *The Zgen Way*: Add `zgen load StackExchange/blackbox` to your .zshrc where you're loading your other plugins.
+
+
+Commands:
+============================
+
+
+| Name: | Description: |
+| --- | --- |
+| `blackbox_edit` | Decrypt, run $EDITOR, re-encrypt a file |
+| `blackbox_edit_start` | Decrypt a file so it can be updated |
+| `blackbox_edit_end` | Encrypt a file after blackbox_edit_start was used |
+| `blackbox_cat` | Decrypt and view the contents of a file |
+| `blackbox_diff` | Diff decrypted files against their original crypted version |
+| `blackbox_initialize` | Enable blackbox for a GIT or HG repo |
+| `blackbox_register_new_file` | Encrypt a file for the first time |
+| `blackbox_deregister_file` | Remove a file from blackbox |
+| `blackbox_list_files` | List the files maintained by blackbox |
+| `blackbox_decrypt_all_files` | Decrypt all managed files (INTERACTIVE) |
+| `blackbox_postdeploy` | Decrypt all managed files (batch) |
+| `blackbox_addadmin` | Add someone to the list of people that can encrypt/decrypt secrets |
+| `blackbox_removeadmin` | Remove someone from the list of people that can encrypt/decrypt secrets |
+| `blackbox_shred_all_files` | Safely delete any decrypted files |
+| `blackbox_update_all_files` | Decrypt then re-encrypt all files. Useful after keys are changed |
+| `blackbox_whatsnew` | show what has changed in the last commit for a given file |
+
+
 Compatibility:
 ============================
 
@@ -86,8 +121,10 @@ It has been tested to work with many operating systems.
   * `git` -- The Git
   * `hg` -- Mercurial
   * `svn` -- SubVersion (Thanks, Ben Drasin!)
+  * `p4` -- Perforce
+  * none -- The files can be decrypted outside of a repo if the keyrings directory is intact
 * Operating system
-  * CentOS
+  * CentOS / RedHat
   * MacOS X
   * Cygwin (Thanks, Ben Drasin!)
 
@@ -102,7 +139,7 @@ Note: Cywin support requires the following packages:
 
   * Normal operation:
     * gnupg
-    * git or mercurial or subversion (as appropriate)
+    * git or mercurial or subversion or perforce (as appropriate)
   * Development (if you will be adding code and want to run the confidence test)
     * procps
     * make
@@ -167,13 +204,13 @@ What does this look like to the typical user?
 ================================
 
 *  If you need to, start the GPG Agent: `eval $(gpg-agent --daemon)`
-*  Decrypt the file so it is editable: `blackbox_edit FILENAME`
+*  Decrypt the file so it is editable: `blackbox_edit_start FILENAME`
 *  (You will need to enter your GPG passphrase.)
 *  Edit FILENAME as you desire: `vim FILENAME`
 *  Re-encrypt the file: `blackbox_edit_end FILENAME`
 *  Commit the changes.  `git commit -a` or `hg commit`
 
-Wait... it can be even easier than than!
+Wait... it can be even easier than that!
 Run `blackbox_edit FILENAME`, and it'll decrypt the file
 in a temp file and call `$EDITOR` on it, re-encrypting again after the editor
 is closed.
@@ -250,14 +287,24 @@ How to enroll a new file into the system?
 blackbox_register_new_file path/to/file.name.key
 ```
 
+Multiple file names can be specified on the command line:
+
+Example 1: Register 2 files:
+
+    blackbox_register_new_file file1.txt file2.txt
+
+Example 2: Register all the files in `$DIR`:
+
+    find $DIR -type f -not -name '*.gpg' -print0 | xargs -0 blackbox_register_new_file
+
+
 How to remove a file from the system?
 ============================
 
-This is a manual process. It happens quite rarely.
-
-1. Remove the file ``keyrings/live/blackbox-files.txt``
-2. Remove references from ``.gitignore`` or ``.hgignore``
-3. Use ``git rm`` or ``hg rm`` as expected.
+This happens quite rarely, but we've got it covered:
+```
+blackbox_deregister_file path/to/file.name.key
+```
 
 How to indoctrinate a new user into the system?
 ============================
@@ -584,6 +631,21 @@ rm -rf /tmp/NEWMASTER
 Also shred any other temporary files you may have made.
 
 
+Using Blackbox without a repo
+===========================
+If the files are copied out of a repo they can still be decrypted
+and edited.  Obviously edits, changes to keys, and such will be lost
+if they are made outside the repo. Also note that commands are most
+likely to only work if run from the base directory (i.e. the parent to
+the keyrings directory).
+
+The following commands have been tested outside a repo:
+
+  * `blackbox_postdeploy`
+  * `blackbox_edit_start`
+  * `blackbox_edit_end`
+
+
 Help out: Submit bugs, pull requests and ideas:
 ============
 

RELEASE_ENGINEERING.txt

@@ -0,0 +1,119 @@
+# Branches and Tags:
+
+There are 3 branches/tags:
+
+* **HEAD:** The cutting edge of development.
+* **tag stable:** Stable enough for use by most people.
+* **tag production:** Burned in long enough that we are confident it can be widely adopted.
+
+If you are packaging Blackbox for distribution, you should track the *tag production*.  You might also want to provide a separate package that tracks *tag stable:* for early adopters.
+
+# Build Tasks
+
+# Stable Releases
+
+Marking the software to be "stable":
+
+Step 1. Tag it.
+
+```
+git pull
+git tag -d stable
+git push origin :stable
+git tag stable
+git push origin tag stable
+```
+
+Step 2. Mark your calendar 1 week from today to check
+to see if this should be promoted to production.
+
+
+# Production Releases
+
+If no bugs have been reported a full week after a stable tag has been pushed, mark the release to be "production".
+
+```
+git fetch
+git checkout stable
+git tag -d production
+git push origin :production
+git tag production
+git push origin tag production
+R="v1.$(date +%Y%m%d)"
+git tag "$R"
+git push origin tag "$R"
+```
+
+# Updating MacPorts (automatic)
+
+Step 1: Generate the Portfile
+
+```
+tools/macports_report_upgrade.sh  1.20150222
+```
+
+This script will generate a file called `Portfile-vcs_blackbox.diff` and instructions on how to submit it as a update request.
+
+Step 2: Submit the update request.
+
+Submit the diff file as a bug as instructed. The instructions should look like this:
+
+* PLEASE OPEN A TICKET WITH THIS INFORMATION:
+    https://trac.macports.org/newticket
+* Summary: `vcs_blackbox @1.20150222 Update to latest upstream`
+* Description: ```New upstream of vcs_blackbox.
+github.setup and checksums updated.```
+* Type: `update`
+* Component: `ports`
+* Port: `vcs_blackbox`
+* Keywords: `maintainer`
+* Attach this file: `Portfile-vcs_blackbox.diff`
+
+Step 3: Watch for the update to happen.
+
+# Updating MacPorts (manual)
+
+This is the old, manual, procedure.  If the automated procedure work, these notes may or may not be helpful.
+
+The ultimate result of the script should be a `diff -u Portfile.orig Portfile`.  The new `Portfile` should have these changes:
+
+1. The `github.setup` line should have a new version number.
+2. The `checksums` line(s) should have updated checksums.
+
+How to generate the checksums?
+
+The easiest way is to to make a Portfile with incorrect checksums, then run `sudo port -v checksum vcs_blackbox` to see what they should have been.  Fix the file, and try again.
+
+When the the checksum command works, run `port lint vcs_blackbox` and make sure it has no errors.
+
+Some useful commands:
+
+Change repos in sources.conf:
+```
+sudo vi /opt/local/etc/macports/sources.conf
+  Add this line early in the file:
+  file:///var/tmp/ports
+```
+
+Add a local repo in an automated manner:
+```
+fgrep >/dev/null -x 'file:///var/tmp/ports' /opt/local/etc/macports/sources.conf || sudo sed -i -e '1s@^@file:///var/tmp/ports\'$'\n@' /opt/local/etc/macports/sources.conf
+```
+
+Remove the local repo in an automated manner:
+```
+sudo sed -i -e '\@^file:///var/tmp/ports@d' /opt/local/etc/macports/sources.conf
+```
+
+Test a Portfile:
+``` 
+sudo port uninstall vcs_blackbox
+sudo port clean --all vcs_blackbox
+rm -rf ~/.macports/opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/security/vcs_blackbox/
+rm -rf /var/tmp/ports
+mkdir -p /var/tmp/ports/security/vcs_blackbox
+cp Portfile /var/tmp/ports/security/vcs_blackbox
+cd /var/tmp/ports && portindex
+sudo port -v checksum vcs_blackbox
+sudo port install vcs_blackbox
+```

bin/_blackbox_common.sh

@@ -7,69 +7,91 @@
 # Usage:
 #
 #   set -e
-#   . _blackbox_common.sh
+#   source "${0%/*}/_blackbox_common.sh"
+
+# Load additional useful functions
+source "${0%/*}"/_stack_lib.sh
+
+# Where are we?
+: "${BLACKBOX_HOME:="$(cd "${0%/*}" ; pwd)"}" ;
 
 # Where in the VCS repo should the blackbox data be found?
-: ${BLACKBOXDATA:=keyrings/live} ;   # If BLACKBOXDATA not set, set it.
+: "${BLACKBOXDATA:=keyrings/live}" ;   # If BLACKBOXDATA not set, set it.
 
-# Outputs a string that is the base directory of this VCS repo.
-# By side-effect, sets the variable VCS_TYPE to either 'git', 'hg',
-# 'svn' or 'unknown'.
-function _determine_vcs_base_and_type() {
-  if git rev-parse --show-toplevel 2>/dev/null ; then
+
+# If $EDITOR is not set, set it to "vi":
+: "${EDITOR:=vi}" ;
+
+# Allow overriding gpg command
+: "${GPG:=gpg}" ;
+
+function physical_directory_of() {
+  local d=$(dirname "$1")
+  local f=$(basename "$1")
+  (cd "$d" && echo $(pwd -P)"/$f" )
+}
+
+# Set REPOBASE to the top of the repository
+# Set VCS_TYPE to 'git', 'hg', 'svn' or 'unknown'
+if which >/dev/null 2>/dev/null git && git rev-parse --show-toplevel >/dev/null 2>&1 ; then
   VCS_TYPE=git
+  REPOBASE=$(git rev-parse --show-toplevel)
 elif [ -d ".svn" ] ; then
-    #find topmost dir with .svn sub-dir
+  # Find topmost dir with .svn sub-dir
   parent=""
   grandparent="."
-    mydir=`pwd`
   while [ -d "$grandparent/.svn" ]; do
     parent=$grandparent
     grandparent="$parent/.."
   done
 
-    if [ ! -z "$parent" ]; then
-      cd $parent
-      echo `pwd`
-    else
-      exit 1
-    fi
-    cd $mydir
+  REPOBASE=$(cd "$parent" ; pwd)
   VCS_TYPE=svn
-  elif hg root 2>/dev/null ; then
+elif which >/dev/null 2>/dev/null hg && hg root >/dev/null 2>&1 ; then
   # NOTE: hg has to be tested last because it always "succeeds".
   VCS_TYPE=hg
+  REPOBASE=$(hg root 2>/dev/null)
 else
-    echo /dev/null
+  # We aren't in a repo at all.  Assume the cwd is the root
+  # of the tree.
   VCS_TYPE=unknown
+  REPOBASE="$(pwd)"
 fi
 export VCS_TYPE
+export REPOBASE=$(physical_directory_of "$REPOBASE")
 # FIXME: Verify this function by checking for .hg or .git
 # after determining what we believe to be the answer.
-}
 
-REPOBASE=$(_determine_vcs_base_and_type)
 KEYRINGDIR="$REPOBASE/$BLACKBOXDATA"
 BB_ADMINS_FILE="blackbox-admins.txt"
 BB_ADMINS="${KEYRINGDIR}/${BB_ADMINS_FILE}"
 BB_FILES_FILE="blackbox-files.txt"
 BB_FILES="${KEYRINGDIR}/${BB_FILES_FILE}"
 SECRING="${KEYRINGDIR}/secring.gpg"
-PUBRING="${KEYRINGDIR}/pubring.gpg"
-: ${DECRYPT_UMASK:=o=} ;
+: "${DECRYPT_UMASK:=0022}" ;
+# : ${DECRYPT_UMASK:=o=} ;
+
+# Checks if $1 is 0 bytes, and if $1/keyrings
+# is a directory
+function is_blackbox_repo() {
+  if [[ -n "$1" ]] && [[ -d "$1/keyrings" ]]; then
+    return 0 # Yep, its a repo
+  else
+    return 1
+  fi
+}
 
 # Return error if not on cryptlist.
 function is_on_cryptlist() {
   # Assumes $1 does NOT have the .gpg extension
-  local rname=$(vcs_relative_path "$1")
-  grep -F -x -s -q "$rname" "$BB_FILES"
+  file_contains_line "$BB_FILES" "$(vcs_relative_path "$1")"
 }
 
 # Exit with error if a file exists.
 function fail_if_exists() {
   if [[ -f "$1" ]]; then
-    echo ERROR: "$1" exists.  "$2"
-    echo Exiting...
+    echo ERROR: "$1" exists.  "$2" >&2
+    echo Exiting... >&2
     exit 1
   fi
 }
@@ -77,18 +99,17 @@ function fail_if_exists() {
 # Exit with error if a file is missing.
 function fail_if_not_exists() {
   if [[ ! -f "$1" ]]; then
-    echo ERROR: "$1" not found.  "$2"
-    echo Exiting...
+    echo ERROR: "$1" not found.  "$2" >&2
+    echo Exiting... >&2
     exit 1
   fi
 }
 
 # Exit we we aren't in a VCS repo.
 function fail_if_not_in_repo() {
-  _determine_vcs_base_and_type
   if [[ $VCS_TYPE = "unknown" ]]; then
-    echo "ERROR: This must be run in a VCS repo: git, hg, or svn."
-    echo Exiting...
+    echo "ERROR: This must be run in a VCS repo: git, hg, or svn." >&2
+    echo Exiting... >&2
     exit 1
   fi
 }
@@ -100,9 +121,9 @@ function fail_if_not_on_cryptlist() {
   local name="$1"
 
   if ! is_on_cryptlist "$name" ; then
-    echo "ERROR: $name not found in $BB_FILES"
-    echo "PWD="$(/bin/pwd)
-    echo 'Exiting...'
+    echo "ERROR: $name not found in $BB_FILES" >&2
+    echo "PWD=$(/bin/pwd)" >&2
+    echo 'Exiting...' >&2
     exit 1
   fi
 }
@@ -110,48 +131,75 @@ function fail_if_not_on_cryptlist() {
 # Exit with error if keychain contains secret keys.
 function fail_if_keychain_has_secrets() {
   if [[ -s ${SECRING} ]]; then
-    echo 'ERROR: The file' "$SECRING" 'should be empty.'
-    echo 'Did someone accidentally add this private key to the ring?'
-    echo 'Exiting...'
+    echo 'ERROR: The file' "$SECRING" 'should be empty.' >&2
+    echo 'Did someone accidentally add this private key to the ring?' >&2
+    echo 'Exiting...' >&2
     exit 1
   fi
 }
 
+function get_pubring_path() {
+  if [[ -f "${KEYRINGDIR}/pubring.gpg" ]]; then
+    echo "${KEYRINGDIR}/pubring.gpg"
+  else
+    echo "${KEYRINGDIR}/pubring.kbx"
+  fi
+}
+
 # Output the unencrypted filename.
 function get_unencrypted_filename() {
-  echo $(dirname "$1")/$(basename "$1" .gpg) | sed -e 's#^\./##'
+  echo "$(dirname "$1")/$(basename "$1" .gpg)" | sed -e 's#^\./##'
 }
 
 # Output the encrypted filename.
 function get_encrypted_filename() {
-  echo $(dirname "$1")/$(basename "$1" .gpg).gpg | sed -e 's#^\./##'
+  echo "$(dirname "$1")/$(basename "$1" .gpg).gpg" | sed -e 's#^\./##'
 }
 
 # Prepare keychain for use.
 function prepare_keychain() {
-  echo '========== Importing keychain: START'
-  gpg --import "${PUBRING}" 2>&1 | egrep -v 'not changed$'
-  echo '========== Importing keychain: DONE'
+  echo '========== Importing keychain: START' >&2
+  $GPG --import "$(get_pubring_path)" 2>&1 | egrep -v 'not changed$' >&2
+  echo '========== Importing keychain: DONE' >&2
 }
 
 # Add file to list of encrypted files.
 function add_filename_to_cryptlist() {
   # If the name is already on the list, this is a no-op.
   # However no matter what the datestamp is updated.
-  local name=$(vcs_relative_path "$1")
   
-  if grep -s -q "$name" "$BB_FILES" ; then
-    echo ========== File is registered. No need to add to list.
+  # https://github.com/koalaman/shellcheck/wiki/SC2155
+  local name
+  name=$(vcs_relative_path "$1")
+
+  if file_contains_line "$BB_FILES" "$name" ; then
+    echo "========== File is registered. No need to add to list."
   else
-    echo ========== Adding file to list.
+    echo "========== Adding file to list."
     touch "$BB_FILES"
     sort -u -o "$BB_FILES" <(echo "$name") "$BB_FILES"
   fi
 }
 
+# Removes a file from the list of encrypted files
+function remove_filename_from_cryptlist() {
+  # If the name is not already on the list, this is a no-op.
+
+  # https://github.com/koalaman/shellcheck/wiki/SC2155
+  local name
+  name=$(vcs_relative_path "$1")
+
+  if ! file_contains_line "$BB_FILES" "$name" ; then
+    echo "========== File is not registered. No need to remove from list."
+  else
+    echo "========== Removing file from list."
+    remove_line "$BB_FILES" "$name"
+  fi
+}
+
 # Print out who the current BB ADMINS are:
 function disclose_admins() {
-  echo ========== blackbox administrators are:
+  echo "========== blackbox administrators are:"
   cat "$BB_ADMINS"
 }
 
@@ -162,9 +210,9 @@ function encrypt_file() {
   unencrypted="$1"
   encrypted="$2"
 
-  echo "========== Encrypting: $unencrypted"
-  gpg --yes --trust-model=always --encrypt -o "$encrypted"  $(awk '{ print "-r" $1 }' < "$BB_ADMINS") "$unencrypted"
-  echo '========== Encrypting: DONE'
+  echo "========== Encrypting: $unencrypted" >&2
+  $GPG --use-agent --yes --trust-model=always --encrypt -o "$encrypted"  $(awk '{ print "-r" $1 }' < "$BB_ADMINS") "$unencrypted" >&2
+  echo '========== Encrypting: DONE' >&2
 }
 
 # Decrypt .gpg file, asking "yes/no" before overwriting unencrypted file.
@@ -175,12 +223,12 @@ function decrypt_file() {
   encrypted="$1"
   unencrypted="$2"
 
-  echo "========== EXTRACTING $unencrypted"
+  echo "========== EXTRACTING $unencrypted" >&2
 
   old_umask=$(umask)
-  umask $DECRYPT_UMASK
-  gpg -q --decrypt -o "$unencrypted" "$encrypted"
-  umask $old_umask
+  umask "$DECRYPT_UMASK"
+  $GPG --use-agent -q --decrypt -o "$unencrypted" "$encrypted" >&2
+  umask "$old_umask"
 }
 
 # Decrypt .gpg file, overwriting unencrypted file if it exists.
@@ -200,13 +248,13 @@ function decrypt_file_overwrite() {
   fi
 
   old_umask=$(umask)
-  umask $DECRYPT_UMASK
-  gpg --yes -q --decrypt -o "$unencrypted" "$encrypted"
-  umask $old_umask
+  umask "$DECRYPT_UMASK"
+  $GPG --use-agent --yes -q --decrypt -o "$unencrypted" "$encrypted" >&2
+  umask "$old_umask"
 
   new_hash=$(md5sum_file "$unencrypted")
-  if [[ $old_hash != $new_hash ]]; then
-    echo "========== EXTRACTED $unencrypted"
+  if [[ "$old_hash" != "$new_hash" ]]; then
+    echo "========== EXTRACTED $unencrypted" >&2
   fi
 }
 
@@ -217,10 +265,10 @@ function shred_file() {
   local OPT
   name="$1"
 
-  if which shred >/dev/null ; then
+  if which shred >/dev/null 2>/dev/null ; then
     CMD=shred
     OPT=-u
-  elif which srm >/dev/null ; then
+  elif which srm >/dev/null 2>/dev/null ; then
     #NOTE: srm by default uses 35-pass Gutmann algorithm
     CMD=srm
     OPT=-f
@@ -244,17 +292,65 @@ function enumerate_subdirs() {
   while read filename; do
     dir=$(dirname "$filename")
     while [[ $dir != '.' && $dir != '/' ]]; do
-      echo $dir
-      dir=$(dirname $dir)
+      echo "$dir"
+      dir=$(dirname "$dir")
     done
   done <"$listfile" | sort -u
 }
  
+
+# chdir to the base of the repo.
+function change_to_vcs_root() {
+  # if vcs_root not explicitly defined, use $REPOBASE
+
+  local rbase=${1:-$REPOBASE} # use $1 but if unset use $REPOBASE
+
+  cd "$rbase"
+
+}
+
+# $1 is a string pointing to a directory.  Outputs a
+# list of  valid blackbox repos,relative to $1
+function enumerate_blackbox_repos() {
+  if [[ -z "$1" ]]; then
+    echo "enumerate_blackbox_repos: ERROR: No Repo provided to Enumerate"
+    exit 1
+  fi
+
+  # https://github.com/koalaman/shellcheck/wiki/Sc2045
+  for dir in $1*/; do
+    if is_blackbox_repo "$dir"; then
+      echo "$dir"
+    fi
+  done
+}
+
 # Output the path of a file relative to the repo base
 function vcs_relative_path() {
   # Usage: vcs_relative_path file
   local name="$1"
-  python -c 'import os ; print(os.path.relpath("'$(pwd -P)'/'"$name"'", "'"$REPOBASE"'"))'
+  python -c 'import os ; print(os.path.relpath("'"$(pwd -P)"'/'"$name"'", "'"$REPOBASE"'"))'
+}
+
+# Removes a line from a text file
+function remove_line() {
+  local tempfile
+
+  make_self_deleting_tempfile tempfile
+
+  # Ensure source file exists
+  touch "$1"
+  grep -Fsxv "$2" "$1" > "$tempfile" || true
+
+  # Using cat+rm instead of cp will preserve permissions/ownership
+  cat "$tempfile" > "$1"
+}
+
+# Determine if a file contains a given line
+function file_contains_line() {
+  # $1: the file
+  # $2: the line
+  grep -xsqF "$2" "$1"
 }
 
 #
@@ -284,22 +380,30 @@ function md5sum_file() {
   esac
 }
 
+function cp_permissions() {
+  # Copy the perms of $1 onto $2 .. end.
+  case $(uname -s) in
+    Darwin )
+      chmod $( stat -f '%p' "$1" ) "${@:2}"
+      ;;
+    Linux | CYGWIN* )
+      chmod --reference "$1" "${@:2}"
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+}
+
+
 #
 # Abstract the difference between git and hg:
 #
 
-# Are we in git, hg, or unknown repo?
-function which_vcs() {
-  if [[ $VCS_TYPE = '' ]]; then
-    _determine_vcs_base_and_type >/dev/null
-  fi
-  echo "$VCS_TYPE"
-}
-
-
 # Is this file in the current repo?
 function is_in_vcs() {
-  is_in_$(which_vcs) """$@"""
+  is_in_$VCS_TYPE "$@"
 }
 # Mercurial
 function is_in_hg() {
@@ -334,73 +438,196 @@ function is_in_svn() {
     echo false
   fi
 }
+# Perforce
+function is_in_p4() {
+  local filename
+  filename="$1"
+
+  if p4 list "$filename" ; then
+    echo true
+  else
+    echo false
+  fi
+}
+# No repo
+function is_in_unknown() {
+  echo true
+}
 
 
 # Add a file to the repo (but don't commit it).
 function vcs_add() {
-  vcs_add_$(which_vcs) """$@"""
+  vcs_add_$VCS_TYPE "$@"
 }
 # Mercurial
 function vcs_add_hg() {
-  hg add """$@"""
+  hg add "$@"
 }
 # Git
 function vcs_add_git() {
-  git add """$@"""
+  git add "$@"
 }
 # Subversion
 function vcs_add_svn() {
-  svn add --parents """$@"""
+  svn add --parents "$@"
+}
+# Perfoce
+function vcs_add_p4() {
+  p4 add "$@"
+}
+# No repo
+function vcs_add_unknown() {
+  :
 }
 
 
 # Commit a file to the repo
 function vcs_commit() {
-  vcs_commit_$(which_vcs) """$@"""
+  vcs_commit_$VCS_TYPE "$@"
 }
 # Mercurial
 function vcs_commit_hg() {
-  hg commit -m"""$@"""
+  hg commit -m "$@"
 }
 # Git
 function vcs_commit_git() {
-  git commit -m"""$@"""
+  git commit -m "$@"
 }
 # Subversion
 function vcs_commit_svn() {
-  svn commit -m"""$@"""
+  svn commit -m "$@"
+}
+# Perforce
+function vcs_commit_p4() {
+  p4 submit -d "$@"
+}
+# No repo
+function vcs_commit_unknown() {
+  :
 }
-
 
 
 # Remove file from repo, even if it was deleted locally already.
 # If it doesn't exist yet in the repo, it should be a no-op.
 function vcs_remove() {
-  vcs_remove_$(which_vcs) """$@"""
+  vcs_remove_$VCS_TYPE "$@"
 }
 # Mercurial
 function vcs_remove_hg() {
-  hg rm -A -- """$@"""
+  hg rm -A -- "$@"
 }
 # Git
 function vcs_remove_git() {
-  git rm --ignore-unmatch -f -- """$@"""
+  git rm --ignore-unmatch -f -- "$@"
 }
 # Subversion
 function vcs_remove_svn() {
-  svn delete """$@"""
+  svn delete "$@"
+}
+# Perforce
+function vcs_remove_p4() {
+  p4 delete "$@"
+}
+# No repo
+function vcs_remove_unknown() {
+  :
 }
 
-function change_to_root() {
-    # If BASEDIR is not set, use REPOBASE.
-    if [[ "$BASEDIR" = "" ]]; then
-      BASEDIR="$REPOBASE"
-    fi
+# Get a path for the ignore file if possible in current vcs
+function vcs_ignore_file_path() {
+  vcs_ignore_file_path_$VCS_TYPE
+}
+# Mercurial
+function vcs_ignore_file_path_hg() {
+  echo "$REPOBASE/.hgignore"
+}
+# Git
+function vcs_ignore_file_path_git() {
+  echo "$REPOBASE/.gitignore"
+}
 
-    if [[ "$BASEDIR" = "/dev/null" ]]; then
-      echo 'WARNING: Not in a VCS repo.  Not changing directory.'
-    else
-      echo "CDing to $BASEDIR"
-      cd "$BASEDIR"
+
+# Ignore a file in a repo.  If it was already ignored, this is a no-op.
+function vcs_ignore() {
+  local file
+  for file in "$@"; do
+    vcs_ignore_$VCS_TYPE "$file"
+  done
+}
+# Mercurial
+function vcs_ignore_hg() {
+  vcs_ignore_generic_file "$(vcs_ignore_file_path)" "$file"
+}
+# Git
+function vcs_ignore_git() {
+  vcs_ignore_generic_file "$(vcs_ignore_file_path)" "$file"
+}
+# Subversion
+function vcs_ignore_svn() {
+  svn propset svn:ignore "$(vcs_relative_path "$file")"
+}
+# Perforce
+function vcs_ignore_p4() {
+  :
+}
+# No repo
+function vcs_ignore_unknown() {
+  :
+}
+# Generic - add line to file
+function vcs_ignore_generic_file() {
+  local file
+  file="$(vcs_relative_path "$2")"
+  file="${file/\$\//}"
+  file="$(echo "/$file" | sed 's/\([\*\?]\)/\\\1/g')"
+  if ! file_contains_line "$1" "$file" ; then
+    echo "$file" >> "$1"
+    vcs_add "$1"
+  fi
+}
+
+
+# Notice (un-ignore) a file in a repo.  If it was not ignored, this is
+# a no-op
+function vcs_notice() {
+  local file
+  for file in "$@"; do
+    vcs_notice_$VCS_TYPE "$file"
+  done
+}
+# Mercurial
+function vcs_notice_hg() {
+  vcs_notice_generic_file "$REPOBASE/.hgignore" "$file"
+}
+# Git
+function vcs_notice_git() {
+  vcs_notice_generic_file "$REPOBASE/.gitignore" "$file"
+}
+# Subversion
+function vcs_notice_svn() {
+  svn propdel svn:ignore "$(vcs_relative_path "$file")"
+}
+# Perforce
+function vcs_notice_p4() {
+  :
+}
+# No repo
+function vcs_notice_unknown() {
+  :
+}
+# Generic - remove line to file
+function vcs_notice_generic_file() {
+  local file
+  file="$(vcs_relative_path "$2")"
+  file="${file/\$\//}"
+  file="$(echo "/$file" | sed 's/\([\*\?]\)/\\\1/g')"
+  if file_contains_line "$1" "$file" ; then
+    remove_line "$1" "$file"
+    vcs_add "$1"
+  fi
+  if file_contains_line "$1" "${file:1}" ; then
+    echo "WARNING:  Found a non-absolute ignore match in $1"
+    echo "WARNING:  Confirm the pattern is intended to only exclude $file"
+    echo "WARNING:  If so, manually update the ignore file"
   fi
 }

bin/_blackbox_common_test.sh

@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+#
+# _blackbox_common_test.sh -- Unit tests of functions from _blackbox_common.sh
+#
+
+set -e
+. "${0%/*}/_blackbox_common.sh"
+. tools/test_functions.sh
+
+PHASE 'Test cp-permissions: TestA'
+touch TestA TestB TestC TestD
+chmod 0347 TestA
+chmod 0700 TestB
+chmod 0070 TestC
+chmod 0070 TestD
+cp_permissions TestA TestB TestC
+# NOTE: cp_permissions is not touching TestD.
+assert_file_perm '--wxr--rwx' TestA
+assert_file_perm '--wxr--rwx' TestB
+assert_file_perm '--wxr--rwx' TestC
+assert_file_perm '----rwx---' TestD  # TestD doesn't change.
+rm -f TestA TestB TestC TestD
+
+echo '========== DONE.'

bin/_stack_lib.sh

@@ -1,6 +1,9 @@
 # Library functions for bash scripts at Stack Exchange.
 
+# NOTE: This file is open sourced. Do not put Stack-proprietary code here.
+
 # Usage:
+#
 #   set -e
 #   . _stack_lib.sh
 
@@ -8,13 +11,13 @@
 
 function debugmsg() {
   # Log to stderr.
-  echo 1>&2 LOG: """$@"""
+  echo 1>&2 LOG: "$@"
   :
 }
 
 function logit() {
   # Log to stderr.
-  echo 1>&2 LOG: """$@"""
+  echo 1>&2 LOG: "$@"
 }
 
 function fail_out() {
@@ -46,6 +49,48 @@ function add_on_exit()
     fi
 }
 
+function create_self_deleting_tempfile() {
+  local filename
+
+  case $(uname -s) in
+    Darwin )
+      : ${TMPDIR:=/tmp} ;
+      filename=$(mktemp -t _stacklib_.XXXXXXXX )
+      ;;
+    Linux )
+      filename=$(mktemp)
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+
+  add_on_exit rm -f "$filename"
+  echo "$filename"
+}
+
+function create_self_deleting_tempdir() {
+  local filename
+
+  case $(uname -s) in
+    Darwin )
+      : ${TMPDIR:=/tmp} ;
+      filename=$(mktemp -d -t _stacklib_ )
+      ;;
+    Linux )
+      filename=$(mktemp -d)
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+
+  add_on_exit rm -rf "$filename"
+  echo "$filename"
+}
+
 # Securely and portably create a temporary file that will be deleted
 # on EXIT.  $1 is the variable name to store the result.
 function make_self_deleting_tempfile() {
@@ -60,9 +105,6 @@ function make_self_deleting_tempfile() {
     Linux )
       name=$(mktemp)
       ;;
-    CYGWIN* )
-      name=$(mktemp)
-      ;;
     * )
       echo 'ERROR: Unknown OS. Exiting.'
       exit 1
@@ -85,9 +127,6 @@ function make_tempdir() {
     Linux )
       name=$(mktemp -d)
       ;;
-    CYGWIN* )
-      name=$(mktemp -d)
-      ;;
     * )
       echo 'ERROR: Unknown OS. Exiting.'
       exit 1
@@ -99,12 +138,12 @@ function make_tempdir() {
 
 function make_self_deleting_tempdir() {
   local __resultvar="$1"
-  local dirname
+  local dname
 
-  make_tempdir dirname
+  make_tempdir dname
 
-  add_on_exit rm -rf "$dirname"
-  eval $__resultvar="$dirname"
+  add_on_exit rm -rf "$dname"
+  eval $__resultvar="$dname"
 }
 
 function fail_if_not_running_as_root() {

bin/blackbox_addadmin

@@ -9,24 +9,12 @@
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
-source ${blackbox_home}/_stack_lib.sh
+source "${0%/*}/_blackbox_common.sh"
 
 fail_if_not_in_repo
 
 KEYNAME="$1"
-: ${KEYNAME:?ERROR: First argument must be a keyname (email address)} ;
-
-# The second argument, if present, is the directory to find the GPG keys to be imported.
-if [[ "$2" == "" ]]; then
-  GPGEXPORTOPTIONS=""
-else
-  GPGEXPORTOPTIONS=--homedir="${2}"
-fi
-# TODO(tlim): This could probably be done with GNUPGHOME
-# but that affects all commands; we just want it to affect the key export.
-
+: "${KEYNAME:?ERROR: First argument must be a keyname (email address)}" ;
 
 # Add the email address to the BB_ADMINS file.  Remove any duplicates.
 # The file must exist for sort to act as we expect.
@@ -38,18 +26,28 @@ sort  -fdu -o "$BB_ADMINS" <(echo "$1") "$BB_ADMINS"
 
 # Extract it:
 make_self_deleting_tempfile pubkeyfile
-gpg $GPGEXPORTOPTIONS --export -a "$KEYNAME" >"$pubkeyfile"
+
+# The second argument, if present, is the directory to find the GPG keys to be imported.
+if [[ -z $2 ]]; then
+  $GPG --export -a "$KEYNAME" >"$pubkeyfile"
+else
+  # TODO(tlim): This could probably be done with GNUPGHOME
+  # but that affects all commands; we just want it to affect the key export.
+  $GPG --homedir="$2" --export -a "$KEYNAME" >"$pubkeyfile"
+fi
+
 if [[ $(wc -l < "$pubkeyfile") = 0 ]]; then
-  fail_out "GPG key '$KEYNAME' not found.  Please create it with: gpg --gen-key"
+  fail_out "GPG key '$KEYNAME' not found.  Please create it with: $GPG --gen-key"
   exit 1
 fi
 
 # Import it:
-gpg --no-permission-warning --homedir="$KEYRINGDIR" --import "$pubkeyfile"
-vcs_add "$KEYRINGDIR/pubring.gpg" "$KEYRINGDIR/trustdb.gpg" "$BB_ADMINS"
+$GPG --no-permission-warning --homedir="$KEYRINGDIR" --import "$pubkeyfile"
+pubring_path=$(get_pubring_path)
+vcs_add "$pubring_path" "$KEYRINGDIR/trustdb.gpg" "$BB_ADMINS"
 
 # Make a suggestion:
 echo
 echo
 echo 'NEXT STEP: You need to manually check these in:'
-echo '     ' $VCS_TYPE commit -m\'NEW ADMIN: $KEYNAME\' "$BLACKBOXDATA/pubring.gpg" "$BLACKBOXDATA/trustdb.gpg" "$BLACKBOXDATA/$BB_ADMINS_FILE"
+echo '     ' $VCS_TYPE commit -m\'NEW ADMIN: $KEYNAME\' "$BLACKBOXDATA/$(basename ${pubring_path})" "$BLACKBOXDATA/trustdb.gpg" "$BLACKBOXDATA/$BB_ADMINS_FILE"

bin/blackbox_cat

@@ -1,17 +1,16 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_cat.sh -- Decrypt a file, cat it, shred it
+# blackbox_cat -- Decrypt a file, cat it, shred it
 #
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
 
-for param in """$@""" ; do
+for param in "$@" ; do
   shreddable=0
   unencrypted_file=$(get_unencrypted_filename "$param")
   if [[ ! -e "$unencrypted_file" ]]; then
-    blackbox_edit_start "$param"
+    "${BLACKBOX_HOME}/blackbox_edit_start" "$param"
     shreddable=1
   fi
   cat "$unencrypted_file"

bin/blackbox_decrypt_all_files

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+#
+# blackbox_decrypt_all_files -- Decrypt all blackbox files (INTERACTIVE).
+#
+
+# Usage:
+#   blackbox_decrypt_all_files [GROUP]
+#       GROUP is optional.  If supplied, the resulting files
+#       are chgrp'ed to that group.
+
+# Since this is often run in a security-critical situation, we
+# force /usr/bin and /bin to the front of the PATH.
+export PATH=/usr/bin:/bin:"$PATH"
+
+set -e
+
+if [[ -z $GPG_AGENT_INFO ]]; then
+  eval $(gpg-agent --daemon)
+fi
+
+exec blackbox_postdeploy "$@"

bin/blackbox_deregister_file

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+#
+# blackbox_deregister_file -- Remove a file from the blackbox system.
+#
+# Takes an encrypted file and removes it from the blackbox system.
+# The encrypted file will also be removed from the filesystem.
+# The unencrypted file, if it exists, will be left alone.
+
+set -e
+source "${0%/*}/_blackbox_common.sh"
+
+unencrypted_file=$(get_unencrypted_filename "$1")
+encrypted_file=$(get_encrypted_filename "$1")
+
+if [[ "$1" == "$unencrypted_file" ]]; then
+  echo ERROR: Please only deregister encrypted files.
+  exit 1
+fi
+
+echo ========== PLAINFILE "$unencrypted_file"
+echo ========== ENCRYPTED "$encrypted_file"
+
+fail_if_not_exists "$encrypted_file" "Please specify an existing file."
+
+prepare_keychain
+remove_filename_from_cryptlist "$unencrypted_file"
+vcs_remove "$encrypted_file"
+vcs_add "$BB_FILES" 
+
+vcs_commit "Removing from blackbox: ${unencrypted_file}" "$BB_FILES" "$encrypted_file"
+echo "========== UPDATING VCS: DONE"
+echo "Local repo updated.  Please push when ready."
+echo "    $VCS_TYPE push"

bin/blackbox_diff

@@ -0,0 +1,52 @@
+#!/usr/bin/env bash
+
+#
+# blackbox_diff -- Show all differences.
+#
+
+set -e
+source "${0%/*}/_blackbox_common.sh"
+
+if [[ -z $GPG_AGENT_INFO ]]; then
+  echo 'WARNING: You probably want to run gpg-agent as'
+  echo 'you will be asked for your passphrase many times.'
+  echo 'Example: $ eval $(gpg-agent --daemon)'
+  read -r -p 'Press CTRL-C now to stop. ENTER to continue: '
+fi
+
+prepare_keychain
+
+modified_files=()
+modifications=()
+echo '========== DIFFING FILES: START'
+while IFS= read <&99 -r unencrypted_file; do
+  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
+  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+  fail_if_not_on_cryptlist "$unencrypted_file"
+  if [[ -f "$unencrypted_file" ]]; then
+    out=$(diff -u <($GPG --yes -q --decrypt "$encrypted_file") "$unencrypted_file" || true)
+    if [ "$out" != "" ]; then
+      modified_files+=("$unencrypted_file")
+      modifications+=("$out")
+    fi
+  fi
+done 99<"$BB_FILES"
+modified_files_number=${#modified_files[@]}
+for (( i=0; i<${modified_files_number}; i++ )); do
+  echo ========== PROCESSING '"'${modified_files[$i]}'"'
+  echo -e "${modifications[$i]}\n"
+done
+echo '========== DIFFING FILES: DONE'
+
+fail_if_keychain_has_secrets
+
+echo '========== DONE.'
+
+if [ ${#modified_files[@]} -eq 0 ] ; then
+  exit 0
+fi
+
+echo 'Likely next steps:'
+for f in "${modified_files[@]}" ; do
+  echo "    blackbox_edit_end" '"'$f'"'
+done

bin/blackbox_edit

@@ -1,27 +1,33 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_edit.sh -- Decrypt a file temporarily for edition, then re-encrypts it again
+# blackbox_edit -- Decrypt a file temporarily for edition, then re-encrypts it again
 #
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
+
+for param in "$@" ; do
 
-for param in """$@""" ; do
   unencrypted_file=$(get_unencrypted_filename "$param")
-  if  ! is_on_cryptlist "$param" && ! is_on_cryptlist "$unencrypted_file" ; then
+  encrypted_file=$(get_encrypted_filename "$param")
+
+  echo >&2 ========== PLAINFILE '"'$unencrypted_file'"'
+  echo >&2 ========== ENCRYPTED '"'$encrypted_file'"'
+
+  if  ! is_on_cryptlist "$encrypted_file" && ! is_on_cryptlist "$unencrypted_file" ; then
     read -r -p "Encrypt file $param? (y/n) " ans
     case "$ans" in
       y* | Y*)
-        blackbox_register_new_file "$param"
+        "${BLACKBOX_HOME}/blackbox_register_new_file" "$unencrypted_file"
         ;;
       *)
-        echo 'Skipping...'
+        echo >&2 'Skipping...'
         continue
         ;;
     esac
   fi
-  blackbox_edit_start "$param"
-  $EDITOR $(get_unencrypted_filename $param)
-  blackbox_edit_end "$param"
+  "${BLACKBOX_HOME}/blackbox_edit_start" "$unencrypted_file"
+  "$EDITOR" "$(get_unencrypted_filename "$unencrypted_file")"
+  "${BLACKBOX_HOME}/blackbox_edit_end" "$unencrypted_file"
+
 done

bin/blackbox_edit_end

@@ -5,13 +5,17 @@
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
 
-unencrypted_file=$(get_unencrypted_filename "$1")
-encrypted_file=$(get_encrypted_filename "$1")
-echo ========== PLAINFILE "$unencrypted_file"
-echo ========== ENCRYPTED "$encrypted_file"
+next_steps=()
+
+for param in "$@" ; do
+
+  unencrypted_file=$(get_unencrypted_filename "$param")
+  encrypted_file=$(get_encrypted_filename "$param")
+
+  echo >&2 ========== PLAINFILE '"'$unencrypted_file'"'
+  echo >&2 ========== ENCRYPTED '"'$encrypted_file'"'
 
   fail_if_not_on_cryptlist "$unencrypted_file"
   fail_if_not_exists "$unencrypted_file" "No unencrypted version to encrypt!"
@@ -19,9 +23,13 @@ fail_if_keychain_has_secrets
 
   encrypt_file "$unencrypted_file" "$encrypted_file"
   shred_file "$unencrypted_file"
+  echo >&2 ========== UPDATED '"'$encrypted_file'"'
+  next_steps+=( "    $VCS_TYPE commit -m\"${encrypted_file} updated\" \"$encrypted_file\"" )
 
-_determine_vcs_base_and_type
+done
 
-echo "========== UPDATED ${encrypted_file}"
-echo "Likely next step:"
-echo "    $VCS_TYPE commit -m\"${encrypted_file} updated\" $encrypted_file"
+echo >&2 "Likely next step:"
+for x in "${next_steps[@]}"
+do
+  echo >&2 "$x"
+done

bin/blackbox_edit_start

@@ -1,17 +1,18 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_edit_start.sh -- Decrypt a file for editing.
+# blackbox_edit_start -- Decrypt a file for editing.
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
+
+for param in "$@" ; do
 
-for param in """$@""" ; do
   unencrypted_file=$(get_unencrypted_filename "$param")
   encrypted_file=$(get_encrypted_filename "$param")
-  echo ========== PLAINFILE "$unencrypted_file"
+
+  echo >&2 ========== PLAINFILE '"'$unencrypted_file'"'
 
   fail_if_not_on_cryptlist "$unencrypted_file"
   fail_if_not_exists "$encrypted_file" "This should not happen."
@@ -19,10 +20,12 @@ for param in """$@""" ; do
     rm -f "$unencrypted_file"
   fi
   if [[ -f "$unencrypted_file" ]]; then
-    echo SKIPPING: "$1" "Will not overwrite non-empty files."
+    echo >&2 SKIPPING: "$1" "Will not overwrite non-empty files."
     continue
   fi
 
   prepare_keychain
+  # FIXME(tlim): prepare_keychain only needs to run once, outside of the loop.
   decrypt_file "$encrypted_file" "$unencrypted_file"
+
 done

bin/blackbox_initialize

@@ -9,10 +9,7 @@
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
-
-_determine_vcs_base_and_type  # Sets VCS_TYPE
+source "${0%/*}/_blackbox_common.sh"
 
 if [[ $1 != 'yes' ]]; then
   read -r -p "Enable blackbox for this $VCS_TYPE repo? (yes/no) " ans
@@ -22,34 +19,19 @@ if [[ $1 != 'yes' ]]; then
   fi
 fi
 
-echo cd "$REPOBASE"
-cd "$REPOBASE"
+change_to_vcs_root
 
 echo VCS_TYPE: $VCS_TYPE
-
-if [[ $VCS_TYPE = "git" || $VCS_TYPE = "hg" ]]; then
-  # Update .gitignore or .hgignore
-
-  IGNOREFILE=".${VCS_TYPE}ignore"
-  if ! grep -sx >/dev/null 'pubring.gpg~' "$IGNOREFILE" ; then
-    echo 'pubring.gpg~' >>"$IGNOREFILE"
-  fi
-  if ! grep -sx >/dev/null 'secring.gpg' "$IGNOREFILE" ; then
-    echo 'secring.gpg' >>"$IGNOREFILE"
-  fi
-elif [[ $VCS_TYPE = "svn" ]]; then
-  # add file to svn ignore propset
-  IGNOREFILE="";
-  svn propset svn:ignore 'pubring.gpg~
-secring.gpg' .
-  svn commit -m "ignore file list"
-fi
+vcs_ignore keyrings/live/pubring.gpg~ keyrings/live/pubring.kbx~ keyrings/live/secring.gpg
 
 # Make directories
 mkdir -p "${KEYRINGDIR}"
 vcs_add "${KEYRINGDIR}"
 touch "$BLACKBOXDATA/$BB_ADMINS_FILE" "$BLACKBOXDATA/$BB_FILES_FILE"
-vcs_add "$IGNOREFILE" "$BLACKBOXDATA/$BB_ADMINS_FILE" "$BLACKBOXDATA/$BB_FILES_FILE"
+vcs_add "$BLACKBOXDATA/$BB_ADMINS_FILE" "$BLACKBOXDATA/$BB_FILES_FILE"
+
+IGNOREFILE="$(vcs_ignore_file_path)"
+test -f "$IGNOREFILE" && vcs_add "$IGNOREFILE"
 
 # Make a suggestion:
 echo

bin/blackbox_list_files

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+#
+# blackbox_list_files -- List files that black box is tracking
+#
+set -e
+source "${0%/*}/_blackbox_common.sh"
+cat "$BB_FILES"

bin/blackbox_postdeploy

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_postdeploy.sh -- Decrypt all blackbox files.
+# blackbox_postdeploy -- Decrypt all blackbox files.
 #
 
 # Usage:
@@ -14,8 +14,7 @@
 export PATH=/usr/bin:/bin:"$PATH"
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
 
 if [[ "$1" == "" ]]; then
   FILE_GROUP=""
@@ -23,7 +22,7 @@ else
   FILE_GROUP="$1"
 fi
 
-change_to_root
+change_to_vcs_root
 prepare_keychain
 
 # Decrypt:
@@ -31,9 +30,11 @@ echo '========== Decrypting new/changed files: START'
 while IFS= read <&99 -r unencrypted_file; do
   encrypted_file=$(get_encrypted_filename "$unencrypted_file")
   decrypt_file_overwrite "$encrypted_file" "$unencrypted_file"
-  chmod g+r "$unencrypted_file"
+  cp_permissions "$encrypted_file" "$unencrypted_file"
   if [[ ! -z "$FILE_GROUP" ]]; then
-    chgrp $FILE_GROUP "$unencrypted_file"
+    chmod g+r "$unencrypted_file"
+    chgrp "$FILE_GROUP" "$unencrypted_file"
   fi
 done 99<"$BB_FILES"
+
 echo '========== Decrypting new/changed files: DONE'

bin/blackbox_recurse

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+# proposed space for blackbox recurion...coming soon
+set -e
+source "${0%/*}/_blackbox_common.sh"
+
+echo "$REBOBASE"

bin/blackbox_register_new_file

@@ -1,30 +1,27 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_register_new_file.sh -- Enroll a new file in the blackbox system.
+# blackbox_register_new_file -- Enroll new file(s) in the blackbox system.
 #
-# Takes a previously unencrypted file and enrolls it into the blackbox
-# system.  It will be kept in the repo as an encrypted file.  On deployment
+# Takes previously unencrypted file(s) and enrolls them into the blackbox
+# system.  Each file will be kept in the repo as an encrypted file.  On deployment
 # to systems that need the plaintext (unencrypted) versions, run
 # blackbox_postdeploy.sh to decrypt all the files.
 
-# TODO(tlim): Add the unencrypted file to .hgignore
-
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
-_determine_vcs_base_and_type
+source "${0%/*}/_blackbox_common.sh"
 
+function register_new_file() {
   unencrypted_file=$(get_unencrypted_filename "$1")
   encrypted_file=$(get_encrypted_filename "$1")
 
-if [[ $1 == $encrypted_file ]]; then
+  if [[ "$1" == "$encrypted_file" ]]; then
     echo ERROR: Please only register unencrypted files.
     exit 1
   fi
 
-echo ========== PLAINFILE "$unencrypted_file"
-echo ========== ENCRYPTED "$encrypted_file"
+  echo "========== PLAINFILE $unencrypted_file"
+  echo "========== ENCRYPTED $encrypted_file"
 
   fail_if_not_exists "$unencrypted_file" "Please specify an existing file."
   fail_if_exists "$encrypted_file" "Will not overwrite."
@@ -34,35 +31,26 @@ encrypt_file "$unencrypted_file" "$encrypted_file"
   add_filename_to_cryptlist "$unencrypted_file"
 
   # Is the unencrypted file already in HG? (ie. are we correcting a bad situation)
-SECRETSEXPOSED=$(is_in_vcs ${unencrypted_file})
+  SECRETSEXPOSED=$(is_in_vcs "${unencrypted_file}")
   echo "========== CREATED: ${encrypted_file}"
   echo "========== UPDATING REPO:"
   shred_file "$unencrypted_file"
 
-VCSCMD=$(which_vcs)
-if $SECRETSEXPOSED ; then
+  if "$SECRETSEXPOSED" ; then
     vcs_remove "$unencrypted_file"
     vcs_add "$encrypted_file"
-  COMMIT_FILES="$BB_FILES $encrypted_file $unencrypted_file"
-else
-  COMMIT_FILES="$BB_FILES $encrypted_file"
-fi
-
-# TODO(tlim): This should be moved to _blackbox_common.sh in a
-# VCS-independent way.
-IGNOREFILE=".${VCS_TYPE}ignore"
-if [[ $VCS_TYPE = 'git' ]]; then
-  ignored_file="$(echo "$unencrypted_file" |  sed 's/\([\*\?]\)/\\\1/g' | sed 's/^\([!#]\)/\\\1/')"
-  if ! grep -Fsx >/dev/null "$ignored_file" "$IGNOREFILE"; then
-    echo "$ignored_file" >>"$IGNOREFILE"
-    COMMIT_FILES="$COMMIT_FILES $IGNOREFILE"
-  fi
-  vcs_add "$IGNOREFILE"
   fi
 
+  vcs_ignore "$unencrypted_file"
   echo 'NOTE: "already tracked!" messages are safe to ignore.'
-vcs_add $BB_FILES $encrypted_file
-vcs_commit "registered in blackbox: ${unencrypted_file}" $COMMIT_FILES
+  vcs_add "$BB_FILES" "$encrypted_file"
+  vcs_commit "registered in blackbox: ${unencrypted_file}" "$BB_FILES" "$encrypted_file"
+}
+
+for target in "$@"; do
+  register_new_file "$target"
+done
+
 echo "========== UPDATING VCS: DONE"
 echo "Local repo updated.  Please push when ready."
-echo "    $VCSCMD push"
+echo "    $VCS_TYPE push"

bin/blackbox_removeadmin

@@ -10,19 +10,15 @@
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
-source ${blackbox_home}/_stack_lib.sh
+source "${0%/*}/_blackbox_common.sh"
 
 fail_if_not_in_repo
 
 KEYNAME="$1"
-: ${KEYNAME:?ERROR: First argument must be a keyname (email address)} ;
+: "${KEYNAME:?ERROR: First argument must be a keyname (email address)}" ;
 
 # Remove the email address from the BB_ADMINS file.
-make_self_deleting_tempfile bbtemp
-cp "$BB_ADMINS" "$bbtemp"
-fgrep -v -x "$KEYNAME" <"$bbtemp" >"$BB_ADMINS"
+remove_line "$BB_ADMINS" "$KEYNAME"
 
 # Make a suggestion:
 echo

bin/blackbox_shred_all_files

@@ -16,19 +16,18 @@
 # have been decrypted for editing, you will see an empty list.
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
 
-change_to_root
+change_to_vcs_root
 
 echo '========== FILES BEING SHREDDED:'
-for i in $(<$BB_FILES) ; do
-  unencrypted_file=$(get_unencrypted_filename "$i")
-  encrypted_file=$(get_encrypted_filename "$i")
+while IFS= read <&99 -r unencrypted_file; do
+  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
+  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
   if [[ -f "$unencrypted_file" ]]; then
     echo "    $unencrypted_file"
     shred_file "$unencrypted_file"
   fi
-done
+done 99<"$BB_FILES"
 
 echo '========== DONE.'

bin/blackbox_update_all_files

@@ -1,12 +1,11 @@
 #!/usr/bin/env bash
 
 #
-# blackbox_update_all_files -- Re-encrypt file after edits.
+# blackbox_update_all_files -- Decrypt then re-encrypt all files. Useful after keys are changed.
 #
 
 set -e
-blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
-source ${blackbox_home}/_blackbox_common.sh
+source "${0%/*}/_blackbox_common.sh"
 
 if [[ -z $GPG_AGENT_INFO ]]; then
   echo 'WARNING: You probably want to run gpg-agent as'
@@ -19,19 +18,21 @@ disclose_admins
 prepare_keychain
 
 echo '========== ENCRYPTED FILES TO BE RE-ENCRYPTED:'
-awk <"$BB_FILES" '{ print "    " $1 ".gpg" }'
+while IFS= read <&99 -r unencrypted_file; do
+    echo "    $unencrypted_file.gpg"
+done 99<"$BB_FILES"
 
 echo '========== FILES IN THE WAY:'
 need_warning=false
-for i in $(<$BB_FILES) ; do
-  unencrypted_file=$(get_unencrypted_filename "$i")
-  encrypted_file=$(get_encrypted_filename "$i")
+while IFS= read <&99 -r unencrypted_file; do
+  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
+  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
   if [[ -f "$unencrypted_file" ]]; then
     need_warning=true
     echo "    $unencrypted_file"
   fi
-done
-if $need_warning ; then
+done 99<"$BB_FILES"
+if "$need_warning" ; then
   echo
   echo 'WARNING: This will overwrite any unencrypted files laying about.'
   read -r -p 'Press CTRL-C now to stop. ENTER to continue: '
@@ -40,22 +41,24 @@ else
 fi
 
 echo '========== RE-ENCRYPTING FILES:'
-for i in $(<$BB_FILES) ; do
-  unencrypted_file=$(get_unencrypted_filename "$i")
-  encrypted_file=$(get_encrypted_filename "$i")
-  echo ========== PROCESSING "$unencrypted_file"
+while IFS= read <&99 -r unencrypted_file; do
+  unencrypted_file=$(get_unencrypted_filename "$unencrypted_file")
+  encrypted_file=$(get_encrypted_filename "$unencrypted_file")
+  echo ========== PROCESSING '"'$unencrypted_file'"'
   fail_if_not_on_cryptlist "$unencrypted_file"
   decrypt_file_overwrite "$encrypted_file" "$unencrypted_file"
   encrypt_file "$unencrypted_file" "$encrypted_file"
   shred_file "$unencrypted_file"
-done
+done 99<"$BB_FILES"
 
 fail_if_keychain_has_secrets
 
 echo '========== COMMITING TO VCS:'
-vcs_commit 'Re-encrypted keys' $(awk <$BB_FILES '{ print $1 ".gpg" }' )
+while IFS= read <&99 -r unencrypted_file; do
+    vcs_add "$unencrypted_file.gpg"
+done 99<"$BB_FILES"
+vcs_commit 'Re-encrypted keys'
 
-VCSCMD=$(which_vcs)
 echo '========== DONE.'
 echo 'Likely next step:'
-echo "    ${VCSCMD} push"
+echo "    $VCS_TYPE push"

bin/blackbox_whatsnew

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+#
+# blackbox_whatsnew - show what has changed in the last commit for a given file
+#
+
+set -e
+source "${0%/*}/_blackbox_common.sh"
+
+if [[ $# -ne 1 ]]
+then
+  echo "Pass only 1 file at a time"
+  exit 1
+fi
+
+fail_if_not_in_repo
+
+if [[ -z $GPG_AGENT_INFO ]]; then
+  echo 'WARNING: You probably want to run gpg-agent as'
+  echo 'you will be asked for your passphrase many times.'
+  echo 'Example: $ eval $(gpg-agent --daemon)'
+  read -r -p 'Press CTRL-C now to stop. ENTER to continue: '
+fi
+
+COLUMNS=`tput cols`
+FILE=$1
+GIT="git log --abbrev-commit --pretty=oneline"
+CURR_COMMIT=`$GIT                  $FILE | head -1 | awk '{print $1}'`
+PREV_COMMIT=`$GIT ${CURR_COMMIT}~1 $FILE | head -1 | awk '{print $1}'`
+# Use colordiff if available
+if which colordiff > /dev/null 2>&1
+  then DIFF="colordiff"
+  else DIFF="diff"
+fi
+
+cat_commit()
+{
+  COMMIT=$1
+  git checkout $COMMIT $FILE
+  echo "[$COMMIT] $FILE"
+  echo "---------------------"
+  "${BLACKBOX_HOME}/blackbox_cat" $FILE | sed '/========== PLAINFILE/,/========== EXTRACTING/d'
+}
+
+CURR_CONTENT=`cat_commit $CURR_COMMIT`
+PREV_CONTENT=`cat_commit $PREV_COMMIT`
+clear
+
+# For some unknown reason this command executes fine but return exit code 1
+$DIFF -y --width $COLUMNS \
+  <(echo "CURRENT"  "$CURR_CONTENT" | fold -w $(( $COLUMNS / 2 - 4 ))  ) \
+  <(echo "PREVIOUS" "$PREV_CONTENT" | fold -w $(( $COLUMNS / 2 - 4 ))  )
+
+git checkout $CURR_COMMIT $FILE
+echo

tools/Portfile.template

@@ -0,0 +1,31 @@
+# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
+# $Id: Portfile 132962 2015-02-16 10:33:02Z ryandesign@macports.org $
+
+PortSystem          1.0
+PortGroup           github 1.0
+
+github.setup        StackExchange blackbox @@VERSION@@ v
+name                vcs_blackbox
+categories          security
+platforms           darwin
+maintainers         whatexit.org:tal openmaintainer
+license             BSD
+supported_archs     noarch
+
+description         Safely store secrets in git/hg/svn repos using GPG encryption
+
+long_description    Storing secrets such as passwords, certificates and private keys \
+                    in Git/Mercurial/SubVersion is dangerous. Blackbox makes it easy \
+                    to store secrets safely using GPG encryption. They can be easily \
+                    decrypted for editing or use in production.
+
+checksums           rmd160  @@RMD160@@ \
+                    sha256  @@SHA256@@
+
+use_configure       no
+
+build               {}
+
+# This project's Makefile uses DESTDIR incorrectly.
+destroot.destdir    DESTDIR=${destroot}${prefix}
+destroot.target     packages-macports

tools/build_rpm.sh

@@ -1,75 +0,0 @@
-#!/bin/bash
-
-# build_rpm.sh - Build an RPM of these files.  (uses FPM)
-
-# Usage:
-#   make_rpm.sh PACKAGENAME MANIFEST1 MANIFEST2 ...
-
-# Example:
-#   Make a package foopkg manifest.txt
-# Where "manifest.txt" contains:
-#   exec /usr/bin/foo        foo/foo
-#   exec /usr/bin/bar        bar/bar.sh
-#   read /usr/man/man1/bar.1 bar/bar.1.man
-#   0444 /etc/foo.conf       bar/foo.conf
-#
-# Col1  chmod-style permissions or "exec" for 0755, "read" for 0744.
-# Col2  Installation location.
-# Col3  Source of the file.
-
-set -e
-
-# Parameters for this RPM:
-PACKAGENAME=${1?"First arg must be the package name."}
-shift
-
-# Defaults that can be overridden via env variables:
-# All packages are 1.0 unless otherwise specifed:
-: ${PKGVERSION:=1.0} ;
-# If there is no iteration setting, assume "1":
-: ${PKGRELEASE:=1}
-
-# The RPM is output here: (should be a place that can be wiped)
-OUTPUTDIR="${HOME}/rpmbuild-$PACKAGENAME"
-# Our build system expects to find the list of artifacts here:
-RPM_BIN_LIST="${OUTPUTDIR}/bin-packages.txt"
-
-# -- Now the real work can be done.
-
-# Clean the output dir.
-rm -rf "$OUTPUTDIR"
-mkdir -p "$OUTPUTDIR/installroot"
-
-# Copy the files into place:
-cat """$@""" | grep -v '^$' | while read -a arr ; do
-  PERM="${arr[0]}"
-  DEST="${arr[1]}"
-  SRC="${arr[2]}"
-  echo ========== "$PERM $DEST"
-  case $PERM in
-    \#*)  continue ;;   # Skip comments.
-    exec) PERM=0755 ;;
-    read) PERM=0744 ;;
-    *) ;;
-  esac
-  FULLDEST="$OUTPUTDIR/installroot/${arr[1]}"
-  install -D -T -b -m "$PERM" -T "$SRC" "$FULLDEST"
-done
-
-# Build the RPM:
-cd "$OUTPUTDIR" && fpm -s dir -t rpm \
-  -a x86_64 \
-  --epoch '0' \
-  -n "${PACKAGENAME}" \
-  --version "${PKGVERSION}" \
-  --iteration "${PKGRELEASE}" \
-  --description 'Safely store secrets in Git/Hg repos using GPG encryption' \
-  -C "$OUTPUTDIR/installroot" \
-  .
-
-# Our build system expects to find the list of all packages created
-# in bin-packages.txt.  Generate that list:
-find "$OUTPUTDIR" -maxdepth 1 -name '*.rpm' >"$RPM_BIN_LIST"
-# Output the list for debugging purposes:
-echo ========== "$RPM_BIN_LIST"
-cat "$RPM_BIN_LIST"

tools/confidence_test.sh

@@ -1,90 +1,17 @@
 #!/usr/bin/env bash
 
 blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/../bin
-export PATH=${blackbox_home}:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin
-
-. _stack_lib.sh
+export PATH="${blackbox_home}:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/opt/local/bin"
 
 set -e
+. _stack_lib.sh
+. tools/test_functions.sh
 
-function PHASE() {
-  echo '********************'
-  echo '********************'
-  echo '*********' """$@"""
-  echo '********************'
-  echo '********************'
-}
+PHASE 'UNIT TESTS'
 
-function assert_file_missing() {
-  if [[ -e "$1" ]]; then
-    echo "ASSERT FAILED: ${1} should not exist."
-    exit 1
-  fi
-}
+_blackbox_common_test.sh
 
-function assert_file_exists() {
-  if [[ ! -e "$1" ]]; then
-    echo "ASSERT FAILED: ${1} should exist."
-    echo "PWD="$(/bin/pwd -P)
-    #echo "LS START"
-    #ls -la
-    #echo "LS END"
-    exit 1
-  fi
-}
-function assert_file_md5hash() {
-  local file="$1"
-  local wanted="$2"
-  assert_file_exists "$file"
-  local found=$(md5sum <"$file" | cut -d' ' -f1 )
-  if [[ "$wanted" != "$found" ]]; then
-    echo "ASSERT FAILED: $file hash wanted=$wanted found=$found"
-    exit 1
-  fi
-}
-function assert_file_group() {
-  local file="$1"
-  local wanted="$2"
-  assert_file_exists "$file"
-
-  case $(uname -s) in
-    CYGWIN* )
-      echo "ASSERT_FILE_GROUP: Running on Cygwin. Not being tested."
-      return 0
-      ;;
-  esac
-
-  local found=$(ls -l "$file" | awk '{ print $4 }')
-  # NB(tlim): We could do this with 'stat' but it would break on BSD-style OSs.
-  if [[ "$wanted" != "$found" ]]; then
-    echo "ASSERT FAILED: $file chgrp wanted=$wanted found=$found"
-    exit 1
-  fi
-}
-function assert_line_not_exists() {
-  local target="$1"
-  local file="$2"
-  assert_file_exists "$file"
-  if grep -F -x -s -q >/dev/null "$target" "$file" ; then
-    echo "ASSERT FAILED: line '$target' should not exist in file $file"
-    echo ==== file contents: START "$file"
-    cat "$file"
-    echo ==== file contents: END "$file"
-    exit 1
-  fi
-}
-function assert_line_exists() {
-  local target="$1"
-  local file="$2"
-  assert_file_exists "$file"
-  if ! grep -F -x -s -q >/dev/null "$target" "$file" ; then
-    echo "ASSERT FAILED: line '$target' should not exist in file $file"
-    echo ==== file contents: START "$file"
-    cat "$file"
-    echo ==== file contents: END "$file"
-    exit 1
-  fi
-}
+PHASE 'SYSTEM TESTS'
 
 make_tempdir test_repository
 cd "$test_repository"
@@ -92,29 +19,30 @@ cd "$test_repository"
 make_self_deleting_tempdir fake_alice_home
 make_self_deleting_tempdir fake_bob_home
 export GNUPGHOME="$fake_alice_home"
-eval $(gpg-agent --homedir "$fake_alice_home" --daemon)
+eval "$(gpg-agent --homedir "$fake_alice_home" --daemon)"
 GPG_AGENT_INFO_ALICE="$GPG_AGENT_INFO"
 
 export GNUPGHOME="$fake_bob_home"
-eval $(gpg-agent --homedir "$fake_alice_home" --daemon)
+eval "$(gpg-agent --homedir "$fake_bob_home" --daemon)"
 GPG_AGENT_INFO_BOB="$GPG_AGENT_INFO"
 
 function become_alice() {
   export GNUPGHOME="$fake_alice_home"
   export GPG_AGENT_INFO="$GPG_AGENT_INFO_ALICE"
-  echo BECOMING ALICE: GNUPGHOME=$GNUPGHOME AGENT=$GPG_AGENT_INFO
-  git config --global user.name "Alice Example"
-  git config --global user.email alice@example.com
+  echo BECOMING ALICE: GNUPGHOME="$GNUPGHOME AGENT=$GPG_AGENT_INFO"
+  mkdir -p .git ; touch .git/config
+  git config user.name "Alice Example"
+  git config user.email alice@example.com
 }
 
 function become_bob() {
-  export GNUPGHOME="$fake_alice_home"
-  export GPG_AGENT_INFO="$GPG_AGENT_INFO_ALICE"
-  git config --global user.name "Bob Example"
-  git config --global user.email bob@example.com
+  export GNUPGHOME="$fake_bob_home"
+  export GPG_AGENT_INFO="$GPG_AGENT_INFO_BOB"
+  mkdir -p .git ; touch .git/config
+  git config user.name "Bob Example"
+  git config user.email bob@example.com
 }
 
-
 PHASE 'Alice creates a repo.  She creates secret.txt.'
 
 become_alice
@@ -195,6 +123,7 @@ PHASE 'She enrolls secrets.txt.'
 blackbox_register_new_file secret.txt
 assert_file_missing secret.txt
 assert_file_exists secret.txt.gpg
+assert_line_exists '/secret.txt' .gitignore
 
 PHASE 'She decrypts secrets.txt.'
 blackbox_edit_start secret.txt
@@ -209,7 +138,51 @@ assert_file_missing secret.txt
 assert_file_exists secret.txt.gpg
 
 
-PHASE 'Bob appears.'
+PHASE 'Alice copies files to a non-repo directory. (NO REPO)'
+
+# Copy the repo entirely:
+make_self_deleting_tempdir fake_alice_filedir
+tar cf - . | ( cd "$fake_alice_filedir" && tar xpvf - )
+# Remove the .git directory
+rm -rf "$fake_alice_filedir/.git"
+(
+cd "$fake_alice_filedir"
+assert_file_missing '.git'
+assert_file_exists 'secret.txt.gpg'
+assert_file_missing 'secret.txt'
+blackbox_postdeploy
+assert_file_missing '.git'
+assert_file_exists 'secret.txt.gpg'
+assert_file_exists 'secret.txt'
+assert_file_md5hash secret.txt "08a3fa763a05c018a38e9924363b97e7"
+
+PHASE 'Alice shreds these non-repo files. (NO REPO)'
+blackbox_shred_all_files
+assert_file_missing '.git'
+assert_file_exists 'secret.txt.gpg'
+assert_file_missing 'secret.txt'
+
+PHASE 'Alice decrypts secrets.txt (NO REPO).'
+blackbox_edit_start secret.txt
+assert_file_exists secret.txt
+assert_file_exists secret.txt.gpg
+assert_file_md5hash secret.txt "08a3fa763a05c018a38e9924363b97e7"
+
+PHASE 'Alice edits secrets.txt. (NO REPO EDIT)'
+echo 'NOREPO EDIT' >secret.txt
+assert_file_md5hash secret.txt "d3e6bbdfc76fae7fd0a921f3408db1d1"
+blackbox_edit_end secret.txt
+assert_file_missing secret.txt
+assert_file_exists secret.txt.gpg
+
+PHASE 'Alice decrypts secrets.txt (NO REPO EDIT).'
+blackbox_edit_start secret.txt
+assert_file_exists secret.txt
+assert_file_exists secret.txt.gpg
+assert_file_md5hash secret.txt "d3e6bbdfc76fae7fd0a921f3408db1d1"
+)
+
+PHASE 'appears.'
 become_bob
 
 PHASE 'Bob makes sure he has all new keys.'
@@ -217,12 +190,14 @@ PHASE 'Bob makes sure he has all new keys.'
 gpg --import keyrings/live/pubring.gpg
 
 # Pick a GID to use:
-TEST_GID_NUM=$(id -G | fmt -1 | tail -n +2 | grep -xv $(id -u) | head -n 1)
-TEST_GID_NAME=$(getent group "$TEST_GID_NUM" | cut -d: -f1)
-DEFAULT_GID_NAME=$(getent group $(id -u) | cut -d: -f1)
-echo TEST_GID_NUM=$TEST_GID_NUM
-echo TEST_GID_NAME=$TEST_GID_NAME
-echo DEFAULT_GID_NAME=$DEFAULT_GID_NAME
+# This users's default group:
+DEFAULT_GID_NAME=$(id -gn)
+# Pick a group that is not the default group:
+TEST_GID_NUM=$(id -G | fmt -1 | tail -n +2 | grep -xv "$(id -u)" | head -n 1)
+TEST_GID_NAME=$(python -c 'import grp; print grp.getgrgid('"$TEST_GID_NUM"').gr_name')
+echo "DEFAULT_GID_NAME=$DEFAULT_GID_NAME"
+echo "TEST_GID_NUM=$TEST_GID_NUM"
+echo "TEST_GID_NAME=$TEST_GID_NAME"
 
 PHASE 'Bob postdeploys... default.'
 blackbox_postdeploy
@@ -232,7 +207,7 @@ assert_file_md5hash secret.txt "08a3fa763a05c018a38e9924363b97e7"
 assert_file_group secret.txt "$DEFAULT_GID_NAME"
 
 PHASE 'Bob postdeploys... with a GID.'
-blackbox_postdeploy $TEST_GID_NUM
+blackbox_postdeploy "$TEST_GID_NUM"
 assert_file_exists secret.txt
 assert_file_exists secret.txt.gpg
 assert_file_md5hash secret.txt "08a3fa763a05c018a38e9924363b97e7"
@@ -241,7 +216,7 @@ assert_file_group secret.txt "$TEST_GID_NAME"
 PHASE 'Bob cleans up the secret.'
 rm secret.txt
 
-PHASE 'Bob removes alice.'
+PHASE 'Bob removes Alice.'
 blackbox_removeadmin alice@example.com
 assert_line_not_exists 'alice@example.com' keyrings/live/blackbox-admins.txt
 
@@ -276,6 +251,7 @@ blackbox_register_new_file mistake.txt
 assert_file_missing mistake.txt
 assert_file_exists mistake.txt.gpg
 # NOTE: It is still in the history. That should be corrected someday.
+assert_line_exists '/mistake.txt' .gitignore
 
 PHASE 'Bob enrolls my/path/to/relsecrets.txt.'
 mkdir my my/path my/path/to
@@ -284,6 +260,9 @@ cd my/path/to
 blackbox_register_new_file relsecrets.txt
 assert_file_missing relsecrets.txt
 assert_file_exists relsecrets.txt.gpg
+assert_file_missing .gitignore
+assert_file_exists ../../../.gitignore
+assert_line_exists '/my/path/to/relsecrets.txt' ../../../.gitignore
 
 PHASE 'Bob decrypts relsecrets.txt.'
 cd ..
@@ -298,34 +277,139 @@ echo A very important file >'!important!.txt'
 blackbox_register_new_file '!important!.txt'
 assert_file_missing '!important!.txt'
 assert_file_exists '!important!.txt'.gpg
-assert_line_exists '\!important!.txt' .gitignore
+assert_line_exists '/!important!.txt' .gitignore
 
 PHASE 'Bob enrolls #andpounds.txt'
 echo A very commented file >'#andpounds.txt'
 blackbox_register_new_file '#andpounds.txt'
 assert_file_missing '#andpounds.txt'
 assert_file_exists '#andpounds.txt'.gpg
-assert_line_exists '\#andpounds.txt' .gitignore
+assert_line_exists '/#andpounds.txt' .gitignore
 
 PHASE 'Bob enrolls stars*bars?.txt'
-echo A very commented file >'stars*bars?.txt'
+echo A very wild and questioned file >'stars*bars?.txt'
 blackbox_register_new_file 'stars*bars?.txt'
 assert_file_missing 'stars*bars?.txt'
 assert_file_exists 'stars*bars?.txt'.gpg
-assert_line_exists 'stars\*bars\?.txt' .gitignore
+assert_line_exists '/stars\*bars\?.txt' .gitignore
 
-# TODO(tlim): Add test to make sure that now alice can NOT decrypt.
+PHASE 'Bob enrolls space space.txt'
+echo A very spacey file >'space space.txt'
+blackbox_register_new_file 'space space.txt'
+assert_file_missing 'space space.txt'
+assert_file_exists 'space space.txt'.gpg
+assert_line_exists '/space space.txt' .gitignore
+
+PHASE 'Bob checks out stars*bars?.txt.'
+blackbox_edit_start 'stars*bars?.txt'
+assert_file_exists 'stars*bars?.txt'
+assert_file_exists 'stars*bars?.txt'
+assert_file_md5hash 'stars*bars?.txt' "448e018faade28cede2bf6f33c3c2dfb"
+
+PHASE 'Bob checks out space space.txt.'
+blackbox_edit_start 'space space.txt'
+assert_file_exists 'space space.txt'
+assert_file_exists 'space space.txt'
+assert_file_md5hash 'space space.txt' "de1d4e4a07046f81af5d3c0194b78742"
+
+PHASE 'Bob shreds all exposed files.'
+assert_file_exists 'my/path/to/relsecrets.txt'
+assert_file_exists 'secret.txt'
+blackbox_shred_all_files
+assert_file_missing '!important!.txt'
+assert_file_missing '#andpounds.txt'
+assert_file_missing 'mistake.txt'
+assert_file_missing 'my/path/to/relsecrets.txt'
+assert_file_missing 'secret.txt'
+assert_file_missing 'space space.txt'
+assert_file_missing 'stars*bars?.txt'
+assert_file_exists '!important!.txt.gpg'
+assert_file_exists '#andpounds.txt.gpg'
+assert_file_exists 'mistake.txt.gpg'
+assert_file_exists 'my/path/to/relsecrets.txt.gpg'
+assert_file_exists 'secret.txt.gpg'
+assert_file_exists 'space space.txt.gpg'
+assert_file_exists 'stars*bars?.txt.gpg'
+
+PHASE 'Bob updates all files.'
+blackbox_update_all_files
+assert_file_missing '!important!.txt'
+assert_file_missing '#andpounds.txt'
+assert_file_missing 'mistake.txt'
+assert_file_missing 'my/path/to/relsecrets.txt'
+assert_file_missing 'secret.txt'
+assert_file_missing 'space space.txt'
+assert_file_missing 'stars*bars?.txt'
+assert_file_exists '!important!.txt.gpg'
+assert_file_exists '#andpounds.txt.gpg'
+assert_file_exists 'mistake.txt.gpg'
+assert_file_exists 'my/path/to/relsecrets.txt.gpg'
+assert_file_exists 'secret.txt.gpg'
+assert_file_exists 'space space.txt.gpg'
+assert_file_exists 'stars*bars?.txt.gpg'
+
+PHASE 'Bob DEregisters mistake.txt'
+touch 'mistake.txt'
+blackbox_deregister_file 'mistake.txt.gpg'
+assert_file_exists 'keyrings/live/blackbox-admins.txt'
+assert_file_exists 'keyrings/live/blackbox-files.txt'
+assert_line_not_exists 'mistake.txt' 'keyrings/live/blackbox-files.txt'
+assert_file_missing 'mistake.txt.gpg'
+assert_file_exists 'mistake.txt'
+# Now remove 'mistake.txt' to leave the area clean.
+rm 'mistake.txt'
+
+PHASE 'Bob enrolls multiple files: multi1.txt and multi2.txt'
+echo 'One singular sensation.' >'multi1.txt'
+echo 'Another singular sensation.' >'multi2.txt'
+blackbox_register_new_file 'multi1.txt' 'multi2.txt'
+assert_file_missing 'multi1.txt'
+assert_file_exists 'multi1.txt'.gpg
+assert_line_exists '/multi1.txt' .gitignore
+assert_file_missing 'multi2.txt'
+assert_file_exists 'multi2.txt'.gpg
+assert_line_exists '/multi2.txt' .gitignore
+
+PHASE 'Alice returns. She should be locked out'
+assert_file_missing 'secret.txt'
+become_alice
+PHASE 'Alice tries to decrypt secret.txt. Is blocked.'
+if blackbox_edit_start secret.txt ; then
+  echo 'ERROR: Alice was able to decrypt secret.txt!  She should have been blocked.'
+  exit 1
+else
+  echo 'NOTE: Alice was not able to decrypt secret.txt as expected.'
+fi
+
+PHASE 'Bob returns.  Tries to update all files with a corrupt blackbox-admins.txt'
+become_bob
+# Corrupt the blackbox-admins.txt list:
+echo 'abba@notarealuser.com' >> keyrings/live/blackbox-admins.txt
+# Make sure it fails.
+if blackbox_update_all_files; then
+  echo '!!!!! blackbox_update_all_files should have failed and it did NOT.'
+  exit 1
+fi
+# Cleanup:
+blackbox_removeadmin abba@notarealuser.com
+
+
+# TODO: Create a new directory. "git clone" the repo into it.
 
 #
 # ASSERTIONS
 #
 
+echo '========== Verifying .gnupg was not accidentally created.'
+
 if [[ -e $HOME/.gnupg ]]; then
   echo "ASSERT FAILED: $HOME/.gnupg should not exist."
   exit 1
 fi
 
+echo '========== DONE with tests.  Outputing some diagnostics:'
+
 find .git?* * -type f -ls
 echo cd "$test_repository"
-echo rm "$test_repository"
-echo DONE.
+echo rm -rf "$test_repository"
+echo 'SUCCESS! Doing final clean-up then exiting.'

tools/macports_report_upgrade.sh

@@ -0,0 +1,67 @@
+#!/usr/bin/env bash
+
+# Turn the Portfile.template into a Portfile.
+# Usage:
+#   mk_portfile.sh TEMPLATE OUTPUTFILE VERSION
+
+set -e
+blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
+source ${blackbox_home}/../bin/_stack_lib.sh
+
+TEMPLATEFILE=tools/Portfile.template
+OUTPUTFILE=Portfile
+PORTVERSION=${1?"Arg 1 must be a version number like 1.20150222 (with no v)"} ; shift
+
+# Add the version number to the template.
+sed <"$TEMPLATEFILE" >"$OUTPUTFILE" -e 's/@@VERSION@@/'"$PORTVERSION"'/g'
+
+# Test it. Record the failure in $checksumout
+fgrep >/dev/null -x 'file:///var/tmp/ports' /opt/local/etc/macports/sources.conf || sudo sed -i -e '1s@^@file:///var/tmp/ports\'$'\n@' /opt/local/etc/macports/sources.conf
+rm -rf /var/tmp/ports
+mkdir -p /var/tmp/ports/security/vcs_blackbox
+cp Portfile /var/tmp/ports/security/vcs_blackbox
+( cd /var/tmp/ports && sudo portindex )
+make_self_deleting_tempfile checksumout
+set +e
+sudo port -v checksum vcs_blackbox > "$checksumout" 2>/dev/null
+ret=$?
+
+# If it failed, grab the checksums. Then re-process the template with them.
+if [[ $ret != 0 ]]; then
+  RMD160=$(awk <"$checksumout" '/^Distfile checksum: .*rmd160/ { print $NF }')
+  SHA256=$(awk <"$checksumout" '/^Distfile checksum: .*sha256/ { print $NF }')
+  echo RMD160=$RMD160
+  echo SHA256=$SHA256
+  echo
+  if [[ $RMD160 != '' && $SHA256 != '' ]]; then
+    sed <"$TEMPLATEFILE" >"$OUTPUTFILE" -e 's/@@VERSION@@/'"$PORTVERSION"'/g' -e 's/@@RMD160@@/'"$RMD160"'/g' -e 's/@@SHA256@@/'"$SHA256"'/g'
+    cp Portfile /var/tmp/ports/security/vcs_blackbox
+    ( cd /var/tmp/ports && sudo portindex )
+    sudo port -v checksum vcs_blackbox
+  fi
+fi
+
+# Generate the diff
+cp /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/security/vcs_blackbox/Portfile /var/tmp/ports/security/vcs_blackbox/Portfile.orig
+( cd /var/tmp/ports/security/vcs_blackbox && diff -u Portfile.orig Portfile ) > Portfile-vcs_blackbox.diff
+open -R Portfile-vcs_blackbox.diff
+
+echo
+echo 'portfile is in:'
+echo '                /var/tmp/ports/security/vcs_blackbox/Portfile'
+echo 'cleanup:'
+echo '                sudo vi /opt/local/etc/macports/sources.conf'
+
+echo "
+PLEASE OPEN A TICKET WITH THIS INFORMATION:
+    https://trac.macports.org/newticket
+    Summary: vcs_blackbox @$PORTVERSION Update to latest upstream
+    Description: 
+New upstream of vcs_blackbox.
+github.setup and checksums updated.
+    Type: update
+    Component: ports
+    Port: vcs_blackbox
+    Keywords: maintainer
+"
+echo 'Attach: Portfile-vcs_blackbox.diff'

tools/mk_deb_fpmdir

@@ -0,0 +1,76 @@
+#! /usr/bin/env bash
+
+# Use fpm to package up files into a DEB .
+
+# Usage:
+#   mk_deb_fpmdir PACKAGENAME MANIFEST1 MANIFEST2 ...
+
+# Example:
+#   Make a package foopkg manifest.txt
+# Where "manifest.txt" contains:
+#   exec /usr/bin/stack_makefqdn  misc/stack_makefqdn.py
+#   exec /usr/bin/bar             bar/bar.sh
+#   read /usr/man/man1/bar.1      bar/bar.1.man
+#   0444 /etc/foo.conf            bar/foo.conf
+
+set -e
+
+# Parameters for this DEB:
+PACKAGENAME=${1?"First arg must be the package name."}
+shift
+
+# Defaults that can be overridden:
+# All packages are 1.0 unless otherwise specifed:
+: ${PKGVERSION:=1.0} ;
+# If there is no iteration setting, assume "1":
+: ${PKGRELEASE:=1}
+# If there is no epoch, assume 0
+: ${PKGEPOCH:=0}
+
+# The DEB is output here: (should be a place that can be wiped)
+OUTPUTDIR="${HOME}/debbuild-$PACKAGENAME"
+# The TeamCity templates expect to find the list of artifacts here:
+DEB_BIN_LIST="${OUTPUTDIR}/bin-packages.txt"
+
+# -- Now the real work can be done.
+
+# Clean the output dir.
+rm -rf "$OUTPUTDIR"
+mkdir -p "$OUTPUTDIR/installroot"
+
+# Copy the files into place:
+set -o pipefail  # Error out if any manifest is not found.
+cat """$@""" | while read -a arr ; do
+  PERM="${arr[0]}"
+  case $PERM in
+    \#*)  continue ;;   # Skip comments.
+    exec) PERM=0755 ;;
+    read) PERM=0744 ;;
+    *) ;;
+  esac
+  DST="$OUTPUTDIR/installroot/${arr[1]}"
+  SRC="${arr[2]}"
+  if [[ $SRC == "cmd/"* || $SRC == *"/cmd/"* ]]; then
+    ( cd $(dirname "$SRC" ) && go build -a -v ) 
+  fi
+  install -D -T -b -m "$PERM" -T "$SRC" "$DST"
+done
+
+# Build the DEB:
+cd "$OUTPUTDIR" && fpm -s dir -t deb \
+  -a all \
+  -n "${PACKAGENAME}" \
+  --epoch "${PKGEPOCH}" \
+  --version "${PKGVERSION}" \
+  --iteration "${PKGRELEASE}" \
+  ${PKGDESCRIPTION:+ --description="${PKGDESCRIPTION}"} \
+  ${PKGVENDOR:+ --vendor="${PKGVENDOR}"} \
+  -C "$OUTPUTDIR/installroot" \
+  .
+
+# TeamCity templates for DEBS expect to find
+# the list of all packages created in bin-packages.txt.
+# Generate that list:
+find "$OUTPUTDIR" -maxdepth 1 -name '*.deb' >"$DEB_BIN_LIST"
+# Output it for debugging purposes:
+cat "$DEB_BIN_LIST"

tools/mk_deb_fpmdir.stack_blackbox.txt

@@ -0,0 +1,18 @@
+exec /usr/bin/_blackbox_common.sh       ../bin/_blackbox_common.sh
+exec /usr/bin/_stack_lib.sh             ../bin/_stack_lib.sh
+exec /usr/bin/blackbox_addadmin         ../bin/blackbox_addadmin
+exec /usr/bin/blackbox_cat              ../bin/blackbox_cat
+exec /usr/bin/blackbox_decrypt_all_files  ../bin/blackbox_decrypt_all_files
+exec /usr/bin/blackbox_deregister_file  ../bin/blackbox_deregister_file
+exec /usr/bin/blackbox_diff             ../bin/blackbox_diff
+exec /usr/bin/blackbox_edit             ../bin/blackbox_edit
+exec /usr/bin/blackbox_edit_end         ../bin/blackbox_edit_end
+exec /usr/bin/blackbox_edit_start       ../bin/blackbox_edit_start
+exec /usr/bin/blackbox_initialize       ../bin/blackbox_initialize
+exec /usr/bin/blackbox_list_files       ../bin/blackbox_list_files
+exec /usr/bin/blackbox_postdeploy       ../bin/blackbox_postdeploy
+exec /usr/bin/blackbox_register_new_file ../bin/blackbox_register_new_file
+exec /usr/bin/blackbox_removeadmin      ../bin/blackbox_removeadmin
+exec /usr/bin/blackbox_shred_all_files  ../bin/blackbox_shred_all_files
+exec /usr/bin/blackbox_update_all_files ../bin/blackbox_update_all_files
+exec /usr/bin/blackbox_whatsnew         ../bin/blackbox_whatsnew

tools/mk_macports

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+
+# Install files into MacPorts DESTDIR
+
+# Usage:
+#   mk_macports MANIFEST MANIFEST1 ...
+
+# Where "manifest.txt" contains:
+#   exec /usr/bin/stack_makefqdn  misc/stack_makefqdn.py
+#   exec /usr/bin/bar             bar/bar.sh
+#   read /usr/man/man1/bar.1      bar/bar.1.man
+#   0444 /etc/foo.conf            bar/foo.conf
+# (NOTE: "exec" means 0755; "read" means 0744)
+
+set -e
+
+# Fail if DESTDIR is not set.
+DESTDIR="${DESTDIR?"Envvar DESTDIR must be set to destination dir."}"
+
+# Copy the files into place:
+cat """$@""" | while read -a arr ; do
+  PERM="${arr[0]}"
+  case $PERM in
+    \#*)  continue ;;   # Skip comments.
+    exec) PERM=0755 ;;
+    read) PERM=0744 ;;
+    *) ;;
+  esac
+  DST="$DESTDIR/${arr[1]}"
+  SRC="${arr[2]}"
+  install -m "$PERM" "$SRC" "$DST"
+done

tools/mk_macports.vcs_blackbox.txt

@@ -0,0 +1,18 @@
+exec bin/_blackbox_common.sh       ../bin/_blackbox_common.sh
+exec bin/_stack_lib.sh             ../bin/_stack_lib.sh
+exec bin/blackbox_addadmin         ../bin/blackbox_addadmin
+exec bin/blackbox_cat              ../bin/blackbox_cat
+exec bin/blackbox_decrypt_all_files  ../bin/blackbox_decrypt_all_files
+exec bin/blackbox_deregister_file  ../bin/blackbox_deregister_file
+exec bin/blackbox_diff             ../bin/blackbox_diff
+exec bin/blackbox_edit             ../bin/blackbox_edit
+exec bin/blackbox_edit_end         ../bin/blackbox_edit_end
+exec bin/blackbox_edit_start       ../bin/blackbox_edit_start
+exec bin/blackbox_initialize       ../bin/blackbox_initialize
+exec bin/blackbox_list_files       ../bin/blackbox_list_files
+exec bin/blackbox_postdeploy       ../bin/blackbox_postdeploy
+exec bin/blackbox_register_new_file ../bin/blackbox_register_new_file
+exec bin/blackbox_removeadmin      ../bin/blackbox_removeadmin
+exec bin/blackbox_shred_all_files  ../bin/blackbox_shred_all_files
+exec bin/blackbox_update_all_files ../bin/blackbox_update_all_files
+exec bin/blackbox_whatsnew         ../bin/blackbox_whatsnew

tools/mk_rpm_fpmdir

@@ -0,0 +1,76 @@
+#! /usr/bin/env bash
+
+# Use fpm to package up files into an RPM.
+
+# Usage:
+#   mk_rpm_fpmdir PACKAGENAME MANIFEST1 MANIFEST2 ...
+
+# Example:
+#   Make a package foopkg manifest.txt
+# Where "manifest.txt" contains:
+#   exec /usr/bin/stack_makefqdn  misc/stack_makefqdn.py
+#   exec /usr/bin/bar             bar/bar.sh
+#   read /usr/man/man1/bar.1      bar/bar.1.man
+#   0444 /etc/foo.conf            bar/foo.conf
+
+set -e
+
+# Parameters for this RPM:
+PACKAGENAME=${1?"First arg must be the package name."}
+shift
+
+# Defaults that can be overridden:
+# All packages are 1.0 unless otherwise specifed:
+: ${PKGVERSION:=1.0} ;
+# If there is no iteration setting, assume "1":
+: ${PKGRELEASE:=1}
+# If there is no epoch, assume 0
+: ${PKGEPOCH:=0}
+
+# The RPM is output here: (should be a place that can be wiped)
+OUTPUTDIR="${HOME}/rpmbuild-$PACKAGENAME"
+# The TeamCity templates expect to find the list of artifacts here:
+RPM_BIN_LIST="${OUTPUTDIR}/bin-packages.txt"
+
+# -- Now the real work can be done.
+
+# Clean the output dir.
+rm -rf "$OUTPUTDIR"
+mkdir -p "$OUTPUTDIR/installroot"
+
+# Copy the files into place:
+set -o pipefail  # Error out if any manifest is not found.
+cat """$@""" | while read -a arr ; do
+  PERM="${arr[0]}"
+  case $PERM in
+    \#*)  continue ;;   # Skip comments.
+    exec) PERM=0755 ;;
+    read) PERM=0744 ;;
+    *) ;;
+  esac
+  DST="$OUTPUTDIR/installroot/${arr[1]}"
+  SRC="${arr[2]}"
+  if [[ $SRC == "cmd/"* || $SRC == *"/cmd/"* ]]; then
+    ( cd $(dirname "$SRC" ) && go build -a -v ) 
+  fi
+  install -D -T -b -m "$PERM" -T "$SRC" "$DST"
+done
+
+# Build the RPM:
+cd "$OUTPUTDIR" && fpm -s dir -t rpm \
+  -a all \
+  -n "${PACKAGENAME}" \
+  --epoch "${PKGEPOCH}" \
+  --version "${PKGVERSION}" \
+  --iteration "${PKGRELEASE}" \
+  ${PKGDESCRIPTION:+ --description="${PKGDESCRIPTION}"} \
+  ${PKGVENDOR:+ --vendor="${PKGVENDOR}"} \
+  -C "$OUTPUTDIR/installroot" \
+  .
+
+# TeamCity templates for RPMS expect to find
+# the list of all packages created in bin-packages.txt.
+# Generate that list:
+find "$OUTPUTDIR" -maxdepth 1 -name '*.rpm' >"$RPM_BIN_LIST"
+# Output it for debugging purposes:
+cat "$RPM_BIN_LIST"

tools/mk_rpm_fpmdir.stack_blackbox.txt

@@ -0,0 +1,20 @@
+# Update tools/mk_rpm_fpmdir.stack_blackbox.txt.  Other files generate from it.
+read /etc/profile.d/usrblackbox.sh               profile.d-usrblackbox.sh
+exec /usr/blackbox/bin/_blackbox_common.sh       ../bin/_blackbox_common.sh
+exec /usr/blackbox/bin/_stack_lib.sh             ../bin/_stack_lib.sh
+exec /usr/blackbox/bin/blackbox_addadmin         ../bin/blackbox_addadmin
+exec /usr/blackbox/bin/blackbox_cat              ../bin/blackbox_cat
+exec /usr/blackbox/bin/blackbox_decrypt_all_files  ../bin/blackbox_decrypt_all_files
+exec /usr/blackbox/bin/blackbox_deregister_file  ../bin/blackbox_deregister_file
+exec /usr/blackbox/bin/blackbox_diff             ../bin/blackbox_diff
+exec /usr/blackbox/bin/blackbox_edit             ../bin/blackbox_edit
+exec /usr/blackbox/bin/blackbox_edit_end         ../bin/blackbox_edit_end
+exec /usr/blackbox/bin/blackbox_edit_start       ../bin/blackbox_edit_start
+exec /usr/blackbox/bin/blackbox_initialize       ../bin/blackbox_initialize
+exec /usr/blackbox/bin/blackbox_list_files       ../bin/blackbox_list_files
+exec /usr/blackbox/bin/blackbox_postdeploy       ../bin/blackbox_postdeploy
+exec /usr/blackbox/bin/blackbox_register_new_file ../bin/blackbox_register_new_file
+exec /usr/blackbox/bin/blackbox_removeadmin      ../bin/blackbox_removeadmin
+exec /usr/blackbox/bin/blackbox_shred_all_files  ../bin/blackbox_shred_all_files
+exec /usr/blackbox/bin/blackbox_update_all_files ../bin/blackbox_update_all_files
+exec /usr/blackbox/bin/blackbox_whatsnew         ../bin/blackbox_whatsnew

tools/rpm_filelist.txt

@@ -1,14 +0,0 @@
-read /etc/profile.d/usrblackbox.sh                tools/profile.d-usrblackbox.sh
-exec /usr/blackbox/bin/_blackbox_common.sh        bin/_blackbox_common.sh
-exec /usr/blackbox/bin/_stack_lib.sh              bin/_stack_lib.sh
-exec /usr/blackbox/bin/blackbox_addadmin          bin/blackbox_addadmin
-exec /usr/blackbox/bin/blackbox_cat             bin/blackbox_cat
-exec /usr/blackbox/bin/blackbox_edit              bin/blackbox_edit
-exec /usr/blackbox/bin/blackbox_edit_end          bin/blackbox_edit_end
-exec /usr/blackbox/bin/blackbox_edit_start        bin/blackbox_edit_start
-exec /usr/blackbox/bin/blackbox_initialize        bin/blackbox_initialize
-exec /usr/blackbox/bin/blackbox_postdeploy        bin/blackbox_postdeploy
-exec /usr/blackbox/bin/blackbox_register_new_file bin/blackbox_register_new_file
-exec /usr/blackbox/bin/blackbox_removeadmin       bin/blackbox_removeadmin
-exec /usr/blackbox/bin/blackbox_shred_all_files   bin/blackbox_shred_all_files
-exec /usr/blackbox/bin/blackbox_update_all_files  bin/blackbox_update_all_files

tools/test_functions.sh

@@ -0,0 +1,134 @@
+#!/usr/bin/env bash
+
+function PHASE() {
+  echo '********************'
+  echo '********************'
+  echo '*********' """$@"""
+  echo '********************'
+  echo '********************'
+}
+
+function md5sum_file() {
+  # Portably generate the MD5 hash of file $1.
+  case $(uname -s) in
+    Darwin )
+      md5 -r "$1" | awk '{ print $1 }'
+      ;;
+    Linux )
+      md5sum "$1" | awk '{ print $1 }'
+      ;;
+    CYGWIN* )
+      md5sum "$1" | awk '{ print $1 }'
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+}
+
+function assert_file_missing() {
+  if [[ -e "$1" ]]; then
+    echo "ASSERT FAILED: ${1} should not exist."
+    exit 1
+  fi
+}
+
+function assert_file_exists() {
+  if [[ ! -e "$1" ]]; then
+    echo "ASSERT FAILED: ${1} should exist."
+    echo "PWD=$(/bin/pwd -P)"
+    #echo "LS START"
+    #ls -la
+    #echo "LS END"
+    exit 1
+  fi
+}
+function assert_file_md5hash() {
+  local file="$1"
+  local wanted="$2"
+  assert_file_exists "$file"
+  local found
+  found=$(md5sum_file "$file")
+  if [[ "$wanted" != "$found" ]]; then
+    echo "ASSERT FAILED: $file hash wanted=$wanted found=$found"
+    exit 1
+  fi
+}
+function assert_file_group() {
+  local file="$1"
+  local wanted="$2"
+  local found
+  assert_file_exists "$file"
+
+  case $(uname -s) in
+    Darwin|FreeBSD )
+      found=$(stat -f '%Sg' "$file")
+      ;;
+    Linux )
+      found=$(stat -c '%G' "$file")
+      ;;
+    CYGWIN* )
+      echo "ASSERT_FILE_GROUP: Running on Cygwin. Not being tested."
+      return 0
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+
+  if [[ "$wanted" != "$found" ]]; then
+    echo "ASSERT FAILED: $file chgrp wanted=$wanted found=$found"
+    exit 1
+  fi
+}
+function assert_file_perm() {
+  local wanted="$1"
+  local file="$2"
+  local found
+  assert_file_exists "$file"
+
+  case $(uname -s) in
+    Darwin|FreeBSD )
+      found=$(stat -f '%Sp' "$file")
+      ;;
+    # NB(tlim): CYGWIN hasn't been tested. It might be more like Darwin.
+    Linux | CYGWIN* )
+      found=$(stat -c '%A' "$file")
+      ;;
+    * )
+      echo 'ERROR: Unknown OS. Exiting.'
+      exit 1
+      ;;
+  esac
+
+  if [[ "$wanted" != "$found" ]]; then
+    echo "ASSERT FAILED: $file chgrp wanted=$wanted found=$found"
+    exit 1
+  fi
+}
+function assert_line_not_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should not exist in file $file"
+    echo "==== file contents: START $file"
+    cat "$file"
+    echo "==== file contents: END $file"
+    exit 1
+  fi
+}
+function assert_line_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if ! grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should exist in file $file"
+    echo "==== file contents: START $file"
+    cat "$file"
+    echo "==== file contents: END $file"
+    exit 1
+  fi
+}