blob: 2ef5cad2f2e59cebb05027a7913a027c2dda870e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
<?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<refentry id="secret-tool">
<refentryinfo>
<title>secret-tool</title>
<productname>XDG</productname>
<authorgroup>
<author>
<contrib>Maintainer</contrib>
<firstname>Stef</firstname>
<surname>Walter</surname>
<email>stefw@gnome.org</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>secret-tool</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="manual">User Commands</refmiscinfo>
</refmeta>
<refnamediv>
<refname>secret-tool</refname>
<refpurpose>Store and retrieve passwords</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>secret-tool store <arg choice="plain">--label='Label'</arg> <arg choice="req">attribute</arg> <arg choice="req">value</arg> ...</command>
</cmdsynopsis>
<cmdsynopsis>
<command>secret-tool lookup <arg choice="req">attribute</arg> <arg choice="req">value</arg> ...</command>
</cmdsynopsis>
<cmdsynopsis>
<command>secret-tool clear <arg choice="req">attribute</arg> <arg choice="req">value</arg> ...</command>
</cmdsynopsis>
<cmdsynopsis>
<command>secret-tool search <arg choice="opt">--all</arg><arg choice="req">attribute</arg> <arg choice="req">value</arg> ...</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><command>secret-tool</command> is a command line tool that
can be used to store and retrieve passwords.</para>
<para>Each password is stored in an item. Items are uniquely
identified by a set of attribute keys and values. When storing
a password you must specify unique pairs of attributes names
and values, and when looking up a password you provide the same
attribute name and value pairs.</para>
</refsect1>
<refsect1>
<title>Store</title>
<para>To store a password run <command>secret-tool</command>
with the <arg choice="plain">store</arg> argument. You must
also specify a label for the password with the
<arg choice="plain">--label</arg> argument. This label will be
displayed in the password manager.</para>
<para>Make sure to pass a unique set of attributes names and
values when storing a password. If the attributes match an
already existing item, it will be updated instead of creating
a new item.</para>
<para>If invoked from a terminal or tty, then the password to store
will be prompted for and only one line will be accepted.</para>
<para>A password to store can also be piped in via stdin. The
password will be the contents of stdin until EOF. If you provide
a newline via stdin it will be stored as part of the password.</para>
</refsect1>
<refsect1>
<title>Lookup</title>
<para>To lookup a password run <command>secret-tool</command>
with the <arg choice="plain">lookup</arg> argument. Specify the
same same attribute names and value pairs that you passed when
storing the password.</para>
<para>If multiple items match the attribute provided, then the
first password that is already unlocked will be returned. If
necessary an item will be unlocked.</para>
<para>When printing the password to a terminal or tty, an extra
newline will be added after the password.</para>
</refsect1>
<refsect1>
<title>Clear</title>
<para>To remove a password run <command>secret-tool</command>
with the <arg choice="plain">clear</arg> argument. Specify the
same attribute name and value pairs that you passed when
storing the password.</para>
<para>All unlocked items that match the attributes will be
removed.</para>
</refsect1>
<refsect1>
<title>Search</title>
<para>This command searches for and prints details on matching
items in secret service. Specify the same attribute and value
pairs that you passed in when storing the password. You can use the
following options:</para>
<variablelist>
<varlistentry>
<term><option>--all</option></term>
<listitem><para>Return all matching results, rather than
just the one of the matches. Without this option, the
first unlocked match returned from the service will
be printed.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--unlock</option></term>
<listitem><para>Unlock items that are locked and then
print out their details. Without this option, locked items
are skipped.</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Exit status</title>
<para>On success 0 is returned, a non-zero failure code otherwise.</para>
</refsect1>
<refsect1>
<title>Examples</title>
<example>
<title>Storing, retrieving, and clearing a password</title>
<programlisting>
$ secret-tool store --label='My password' key1 value1 key2 value2
Password: My password
</programlisting>
<programlisting>
$ secret-tool lookup key1 value1 key2 value2
My password
</programlisting>
<programlisting>
$ secret-tool clear key1 value1 key2 value2
</programlisting>
</example>
</refsect1>
</refentry>
|
