There is a new (0.2.7) version of Astrails-Safe.
New features since 0.2.5:
- default options for gpg now include --no-use-agent
- support for command option for gpg
- quote values in mysql password file
- add lib to $:
- [EXPERIMENTAL] Rackspace Cloud Files support
H. Wade Minter contributed support for Rackspace cloud files. I have no way of testing this, so please tell me if it works :)
To easy the development process, I added the 'lib' directory of the 'currently running' safe to the library load path"$:". This enables to work on a new version of safe even though you have some version already installed. The files in ./lib will come first in the load path.
I just stumbled upon a problem with the gpg encryption on a freshly installed Ubuntu EC2 instance. The gpg was asking for a password on the console even though it was passed the --passphrase-file option with the file containing the password.
After some investigation I found out that gnupg's default template configuration file now contains 'use-agent' options.
The result of it is that on the first invocation of astrails-safe it will work, but gpg will create a new ~/gnupg/gpg.conf file with 'use-agent' setting, so the next time you run astrails-safe it will fail and ask for the password on the console!
if you are running gpg 1.x series, just pass --no-use-agent to the "options" setting in the astrails-safe config in the 'gpg' section (since this 0.2.7 version this options is set in the default astrails-safe template config).
For gpg2 series, I suppose you'll need to run the gpg-agent (actually I'm not sure, I didn't research it too deeply, so I'll be happy to get feedback on the issue)
I also added 'command' option support for gpg which allows to override the executable astrails-safe is using for the enctyption. For example you can have command "/usr/loca/bin/gpg" in the gpg section.