feat(bkgpslog):Add additional validation for age pubkeys
[EVA-2020-02.git] / exec / bkgpslog-plan.org
CommitLineData
872c737e
SBS
1* bkgpslog task list
2** DONE Add job control for short buffer length
3 CLOSED: [2020-07-02 Thu 16:04]
42020-07-02T14:56Z; bktei> File write operations were bundled into a
5magicWriteBuffer function that is called then detached from the script
6shell (job control), but the detached job is not tracked by the main
7script. A problem may arise if two instances of magicWriteBuffer
8attempt to write to the same tar simultaneously. Two instances of
9magicWriteBuffer may exist if the buffer length is low (ex: 1 second);
10the default buffer length of 60 seconds should reduce the probability
11of a collision but it should be possible for the main script to track
12the process ID of a magicWriteBuffer() as soon as it detaches and then
13checking (via ~$!~ as described [[https://bashitout.com/2013/05/18/Ampersands-on-the-command-line.html][here]]) that the process is still alive.
142020-07-02T15:23Z; bktei> I found that the Bash ~wait~ built-in can be
15used to delay processing until a specified job completes. The ~wait~
16command will pause script execution until all backgrounded processes
17complete.
182020-07-02T16:03Z; bktei> Added ~wait~.
f6fb18bd
SBS
19** DONE Rewrite tar initialization function
20 CLOSED: [2020-07-02 Thu 17:23]
212020-07-02T17:23Z; bktei> Simplify tar initialization function so
22VERSION file is used to test appendability of tar as well as to mark
23when a new session is started.
24** DONE Consolidate tar checking/creation into function
25 CLOSED: [2020-07-02 Thu 18:33]
262020-07-02T18:33Z; bktei> Simplify how the output tar file's existence
27is checked and its status as a valid tar file is validated. This was
28done using a new function ~checkMakeTar~.
3df184eb 29** DONE Add VERSION if output tar deleted between writes
f75428fe 30
3df184eb
SBS
31 CLOSED: [2020-07-02 Thu 20:22]
322020-07-02T20:21Z; bktei> Added bkgpslog-specified function
33magicWriteVersion() to be called whenever a new time-stamped ~VERSION~
34file needs to be generated and appended to the output tar file
35~PATHOUT_TAR~.
3592a7e9 36** DONE Rewrite buffer loop to reduce lag between gpspipe runs
9ae33467 37
3592a7e9 38 CLOSED: [2020-07-03 Fri 20:57]
f75428fe
SBS
392020-07-03T17:10Z; bktei> As is, there is still a 5-6 second lag
40between when ~gpspipe~ times out at the end of a buffer round and when
41~gpspipe~ is called by the subsequent buffer round. I believe this can
42be reduced by moving variable manipulations inside the
43asynchronously-executed magicWriteBuffer() function. Ideally, the
44while loop should look like:
45
46#+BEGIN_EXAMPLE
47while( $SECONDS < $SCRIPT_TTL); do
48 gpspipe-r > "$DIR_TMP"/buffer.nmea
49 writeBuffer &
50done
51#+END_EXAMPLE
3592a7e9
SBS
522020-07-03T20:56Z; bktei> I simplified it futher to something like
53this:
54#+BEGIN_EXAMPLE
55while( $SECONDS < $SCRIPT_TTL); do
56 writeBuffer &
57 sleep $SCRIPT_TTL
58done
59#+END_EXAMPLE
9ae33467 60
3592a7e9
SBS
61Raspberry Pi Zero W shows approximately 71ms of drift per buffer round
62with 10s buffer.
9ae33467
SBS
63** TODO Feature: Recipient watch folder
642020-07-03T21:28Z; bktei> This feature would be to scan the contents
65of a specified directory at the start of every buffer round in order
66to determine encryption (age) recipients. This would allow a device to
67dynamically encrypt location data in response to automated changes
68made by other tools. For example, if such a directory were
69synchronized via Syncthing and changes to such a directory were
70managed by a trusted remote server, then that server could respond to
71human requests to secure location data.
72
73Two specific privacy subfeatures come to mind:
74
751. Parallel encryption: Given a set of ~n~ public keys, encrypt data
76 with a single ~age~ command with options causing all ~n~ pubkeys to
77 be recipients. In order to decrypt the data, any individual private
78 key could be used. No coordination between key owners would be
79 required to decrypt.
80
812. Sequential encryption: Given a set of ~n~ public keys, encrypt data
82 with ~n~ sequential ~age~ commands all piped in series with each
83 ~age~ command utilizing only one of the ~n~ public keys. In order
84 to decrypt the data, all ~n~ private keys would be required to
85 decrypt the data. Since coordination is required, it is less
86 convenient than parallel encryption.
87
88In either case, a directory would be useful for holding configuration
89files specifying how to execute which or combination of which features
90at the start of every buffer round.
91
92I don't yet know how to program the rules, although I think it'd be
93easier to simply add an option providing ~bkgpslog~ with a directory
94to watch. When examining the directory, check for a file with the
95appropriate file extension (ex: .pubkey) and then read the first line
96into the script's pubKey array.
97
98** TODO Feature: Simplify option to reduce output size
99
100~gpsbabel~ [[https://www.gpsbabel.org/htmldoc-development/filter_simplify.html][features]] a ~simplify~ option to trim data points from GPS
101data. There are several methods for prioritizing which points to keep
102and which to trim, although the following seems useful given some
103sample data I've recorded in a test run of ninfacyzga-01:
104
105#+BEGIN_EXAMPLE
106gpsbabel -i nmea -f all.nmea -x simplify,error=10,relative -o gpx \
107-F all-simp-rel-10.gpx
108#+END_EXAMPLE
109
110An error level of "10" with the "relative" option seems to retain all
111desireable features for GPS data while reducing the number of points
112along straightaways. File size is reduced by a factor of
113about 11. Noise from local stay-in-place drift isn't removed; a
114relative error of about 1000 is required to remove stay-in-place drift
115noise but this also trims all but 100m-size features of the recorded
116path. A relative error of 1000 reduces file size by a factor of
117about 450.
118
119#+BEGIN_EXAMPLE
120 67M relerror-0.001.kml
121 66M relerror-0.01.kml
122 58M relerror-0.1.kml
123 21M relerror-1.kml
1245.8M relerror-10.kml
125797K relerror-100.kml
126152K relerror-1000.kml
127#+END_EXAMPLE
128
6c30388f
SBS
129* bkgpslog narrative
130** Initialize environment
131*** Init variables
132**** Save timeStart (YYYYmmddTHHMMSS±zz)
133*** Define Functions
134**** Define Debugging functions
135**** Define Argument Processing function
136**** Define Main function
137** Run Main Function
138*** Process Arguments
139*** Set output encryption and compression option strings
140*** Check that critical apps and dirs are available, displag missing ones.
141*** Set lifespans of script and buffer
142*** Init temp working dir ~DIR_TMP~
143Make temporary dir in tmpfs dir: ~/dev/shm/$(nonce)..bkgpslog/~ (~DIR_TMP~)
144*** Initialize ~tar~ archive
145**** Write ~bkgpslog~ version to ~$DIR_TMP/VERSION~
146**** Create empty ~tar~ archive in ~DIR_OUT~ at ~PATHOUT_TAR~
147
148Set output file name to:
149: PATHOUT_TAR="$DIR_OUT/YYYYmmdd..hostname_location.gz.age.tar"
150Usage: ~iso8601Period $timeStart $timeEnd~
151
152**** Append ~VERSION~ file to ~PATHOUT_TAR~
153
154Append ~$DIR_TMP/VERSION~ to ~PATHOUT_TAR~ via ~tar --append~
155
156*** Read/Write Loop (Record gps data until script lifespan ends)
157**** Determine output file paths
158**** Define GPS conversion commands
159**** Fill Bash variable buffer from ~gpspipe~
160**** Process bufferBash, save secured chunk set to ~DIR_TMP~
161**** Append each secured chunk to ~PATHOUT_TAR~
162: tar --append --directory=DIR_TMP --file=PATHOUT_TAR $(basename PATHOUT_{NMEA,GPX,KML} )
163**** Remove secured chunk from ~DIR_TMP~