<html><head><meta name="color-scheme" content="light dark"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;">--- server/wallet-report	2016-01-17 19:13:02.000000000 -0800
+++ /dev/null	2016-01-23 14:00:27.000000000 -0800
@@ -1,360 +0,0 @@
-#!/usr/bin/perl
-#
-# Wallet server reporting interface.
-
-use 5.008;
-use strict;
-use warnings;
-
-use Wallet::Report;
-
-# The help output, sent in reply to the help command.  Lists each supported
-# report command with a brief description of what it does.
-our $HELP = &lt;&lt;'EOH';
-Wallet reporting help:
-  acls                          All ACLs
-  acls duplicate                ACLs that duplicate another
-  acls empty                    All empty ACLs
-  acls entry &lt;scheme&gt; &lt;id&gt;      ACLs containing this entry (wildcarded)
-  acls nesting &lt;acl&gt;            ACLs containing this ACL as a nested entry
-  acls unused                   ACLs that are not referenced by any object
-  audit acls name               ACLs failing the naming policy
-  audit objects name            Objects failing the naming policy
-  objects                       All objects
-  objects acl &lt;acl&gt;             Objects granting permissions to that ACL
-  objects flag &lt;flag&gt;           Objects with that flag set
-  objects history               History of all objects
-  objects host &lt;hostname&gt;       All host-based objects for a specific host
-  objects owner &lt;owner&gt;         Objects owned by that owner
-  objects type &lt;type&gt;           Objects of that type
-  objects unused                Objects that have never been gotten
-  objects unstored              Objects that have never been stored
-  owners &lt;type&gt; &lt;name&gt;          All ACL entries owning matching objects
-  schemes                       All configured ACL schemes
-  types                         All configured wallet types
-EOH
-
-##############################################################################
-# Implementation
-##############################################################################
-
-# Parse and execute a command.  We wrap this in a subroutine call for easier
-# testing.
-sub command {
-    die "Usage: wallet-report &lt;command&gt; [&lt;args&gt; ...]\n" unless @_;
-    my $report = Wallet::Report-&gt;new;
-
-    # Parse command-line options and dispatch to the appropriate calls.
-    my ($command, @args) = @_;
-    if ($command eq 'acls') {
-        die "too many arguments to acls\n" if @args &gt; 3;
-        my @acls = $report-&gt;acls (@args);
-        if (!@acls and $report-&gt;error) {
-            die $report-&gt;error, "\n";
-        }
-        if (@args &amp;&amp; $args[0] eq 'duplicate') {
-            for my $group (@acls) {
-                print join (' ', @$group), "\n";
-            }
-        } else {
-            for my $acl (sort { $$a[1] cmp $$b[1] } @acls) {
-                print "$$acl[1] (ACL ID: $$acl[0])\n";
-            }
-        }
-    } elsif ($command eq 'audit') {
-        die "too many arguments to audit\n" if @args &gt; 2;
-        die "too few arguments to audit\n" if @args &lt; 2;
-        my @result = $report-&gt;audit (@args);
-        if (!@result and $report-&gt;error) {
-            die $report-&gt;error, "\n";
-        }
-        for my $item (@result) {
-            if ($args[0] eq 'acls') {
-                print "$$item[1] (ACL ID: $$item[0])\n";
-            } else {
-                print join (' ', @$item), "\n";
-            }
-        }
-    } elsif ($command eq 'help') {
-        print $HELP;
-    } elsif ($command eq 'objects') {
-        die "too many arguments to objects\n" if @args &gt; 2;
-        my @objects;
-        if (@args &amp;&amp; $args[0] eq 'history') {
-            @objects = $report-&gt;objects_history (@args);
-        } elsif (@args &amp;&amp; $args[0] eq 'host') {
-            @objects = $report-&gt;objects_hostname (@args);
-        } else {
-            @objects = $report-&gt;objects (@args);
-        }
-        if (!@objects and $report-&gt;error) {
-            die $report-&gt;error, "\n";
-        }
-        for my $object (@objects) {
-            print join (' ', @$object), "\n";
-        }
-    } elsif ($command eq 'owners') {
-        die "too many arguments to owners\n" if @args &gt; 2;
-        die "too few arguments to owners\n" if @args &lt; 2;
-        my @entries = $report-&gt;owners (@args);
-        if (!@entries and $report-&gt;error) {
-            die $report-&gt;error, "\n";
-        }
-        for my $entry (@entries) {
-            print join (' ', @$entry), "\n";
-        }
-    } elsif ($command eq 'schemes') {
-        die "too many arguments to schemes\n" if @args &gt; 0;
-        my @schemes = $report-&gt;acl_schemes;
-        for my $entry (@schemes) {
-            print join (' ', @$entry), "\n";
-        }
-
-    } elsif ($command eq 'types') {
-        die "too many arguments to types\n" if @args &gt; 0;
-        my @types = $report-&gt;types;
-        for my $entry (@types) {
-            print join (' ', @$entry), "\n";
-        }
-
-    } else {
-        die "unknown command $command\n";
-    }
-}
-command (@ARGV);
-__END__
-
-##############################################################################
-# Documentation
-##############################################################################
-
-=head1 NAME
-
-wallet-report - Wallet server reporting interface
-
-=for stopwords
-metadata ACL hostname backend acl acls wildcard SQL Allbery remctl
-MERCHANTABILITY NONINFRINGEMENT sublicense unstored
-
-=head1 SYNOPSIS
-
-B&lt;wallet-report&gt; I&lt;type&gt; [I&lt;args&gt; ...]
-
-=head1 DESCRIPTION
-
-B&lt;wallet-report&gt; provides a command-line interface for running reports on
-the wallet database.  It is intended to be run on the wallet server as a
-user with access to the wallet database and configuration, but can also be
-made available via remctl to users who should have reporting privileges.
-
-This program is a fairly thin wrapper around Wallet::Report that
-translates command strings into method calls and returns the results.
-
-=head1 OPTIONS
-
-B&lt;wallet-report&gt; takes no traditional options.
-
-=head1 COMMANDS
-
-=over 4
-
-=item acls
-
-=item acls duplicate
-
-=item acls empty
-
-=item acls entry &lt;scheme&gt; &lt;identifier&gt;
-
-=item acls unused
-
-Returns a list of ACLs in the database.  Except for the C&lt;duplicate&gt;
-report, ACLs will be listed in the form:
-
-    &lt;name&gt; (ACL ID: &lt;id&gt;)
-
-where &lt;name&gt; is the human-readable name and &lt;id&gt; is the numeric ID.  The
-numeric ID is what's used internally by the wallet system.  There will be
-one line per ACL.
-
-For the C&lt;duplicate&gt; report, the output will instead be one duplicate set
-per line.  This will be a set of ACLs that all have the same entries.
-Only the names will be given, separated by spaces.
-
-If no search type is given, all the ACLs in the database will be returned.
-If a search type (and possible search arguments) are given, then the ACLs
-will be limited to those that match the search.
-
-The currently supported ACL search types are:
-
-=over 4
-
-=item acls duplicate
-
-Returns all sets of ACLs that are duplicates, meaning that they contain
-exactly the same entries.  Each line will be the names of the ACLs in a
-set of duplicates, separated by spaces.
-
-=item acls empty
-
-Returns all ACLs which have no entries, generally so that abandoned ACLs
-can be destroyed.
-
-=item acls entry &lt;scheme&gt; &lt;identifier&gt;
-
-Returns all ACLs containing an entry with given scheme and identifier.
-The scheme must be an exact match, but the &lt;identifier&gt; string will match
-any identifier containing that string.
-
-=item acls nested &lt;acl&gt;
-
-Returns all ACLs that contain this ACL as a nested entry.
-
-=item acls unused
-
-Returns all ACLs that are not referenced by any of the objects in the
-wallet database, either as an owner or on one of the more specific ACLs.
-
-=back
-
-=item audit acls name
-
-=item audit objects name
-
-Returns all ACLs or objects that violate the current site naming policy.
-Objects will be listed in the form:
-
-    &lt;type&gt; &lt;name&gt;
-
-and ACLs in the form:
-
-    &lt;name&gt; (ACL ID: &lt;id&gt;)
-
-where &lt;name&gt; is the human-readable name and &lt;id&gt; is the numeric ID.  The
-numeric ID is what's used internally by the wallet system.  There will be
-one line per object or ACL.
-
-=item help
-
-Displays a summary of all available commands.
-
-=item objects
-
-=item objects acl &lt;acl&gt;
-
-=item objects flag &lt;flag&gt;
-
-=item objects owner &lt;owner&gt;
-
-=item objects type &lt;type&gt;
-
-=item objects unused
-
-=item objects unstored
-
-Returns a list of objects in the database.  Objects will be listed in the
-form:
-
-    &lt;type&gt; &lt;name&gt;
-
-There will be one line per object.
-
-If no search type is given, all objects in the database will be returned.
-If a search type (and possible search arguments) are given, the objects
-will be limited to those that match the search.
-
-The currently supported object search types are:
-
-=over 4
-
-=item objects acl &lt;acl&gt;
-
-Returns all objects for which the given ACL name or ID has any
-permissions.  This includes those objects owned by the ACL as well as
-those where that ACL has any other, more limited permissions.
-
-=item objects flag &lt;flag&gt;
-
-Returns all objects which have the given flag set.
-
-=item objects host &lt;hostname&gt;
-
-Returns all objects that belong to the given host.  This requires adding
-local configuration to identify objects that belong to a given host.  See
-L&lt;Wallet::Config/"OBJECT HOST-BASED NAMES"&gt; for more information.
-
-=item objects owner &lt;acl&gt;
-
-Returns all objects owned by the given ACL name or ID.
-
-=item objects type &lt;type&gt;
-
-Returns all objects of the given type.
-
-=item objects unused
-
-Returns all objects that have never been downloaded (have never been the
-target of a get command).
-
-=back
-
-=item owners &lt;type-pattern&gt; &lt;name-pattern&gt;
-
-Returns a list of all ACL entries in owner ACLs for all objects matching
-both &lt;type-pattern&gt; and &lt;name-pattern&gt;.  These can be the type or name of
-objects or they can be patterns using C&lt;%&gt; as the wildcard character
-following the normal rules of SQL patterns.
-
-The output will be one line per ACL line in the form:
-
-    &lt;scheme&gt; &lt;identifier&gt;
-
-with duplicates suppressed.
-
-=item schemes
-
-Returns a list of all registered ACL schemes.
-
-=item types
-
-Returns a list of all registered object types.
-
-=back
-
-=head1 AUTHOR
-
-Russ Allbery &lt;eagle@eyrie.org&gt;
-
-=head1 COPYRIGHT AND LICENSE
-
-Copyright 2016 Russ Allbery &lt;eagle@eyrie.org&gt;
-
-Copyright 2008, 2009, 2010, 2013, 2015 The Board of Trustees of the Leland
-Stanford Junior University
-
-Permission is hereby granted, free of charge, to any person obtaining a
-copy of this software and associated documentation files (the "Software"),
-to deal in the Software without restriction, including without limitation
-the rights to use, copy, modify, merge, publish, distribute, sublicense,
-and/or sell copies of the Software, and to permit persons to whom the
-Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
-THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
-DEALINGS IN THE SOFTWARE.
-
-=head1 SEE ALSO
-
-Wallet::Config(3), Wallet::Report(3), wallet-backend(8)
-
-This program is part of the wallet system.  The current version is
-available from L&lt;http://www.eyrie.org/~eagle/software/wallet/&gt;.
-
-=cut
--- /dev/null	2016-01-23 14:00:27.000000000 -0800
+++ server/wallet-report.in	2016-01-17 19:13:02.000000000 -0800
@@ -0,0 +1,360 @@
+#!@PERL@
+#
+# Wallet server reporting interface.
+
+use 5.008;
+use strict;
+use warnings;
+
+use Wallet::Report;
+
+# The help output, sent in reply to the help command.  Lists each supported
+# report command with a brief description of what it does.
+our $HELP = &lt;&lt;'EOH';
+Wallet reporting help:
+  acls                          All ACLs
+  acls duplicate                ACLs that duplicate another
+  acls empty                    All empty ACLs
+  acls entry &lt;scheme&gt; &lt;id&gt;      ACLs containing this entry (wildcarded)
+  acls nesting &lt;acl&gt;            ACLs containing this ACL as a nested entry
+  acls unused                   ACLs that are not referenced by any object
+  audit acls name               ACLs failing the naming policy
+  audit objects name            Objects failing the naming policy
+  objects                       All objects
+  objects acl &lt;acl&gt;             Objects granting permissions to that ACL
+  objects flag &lt;flag&gt;           Objects with that flag set
+  objects history               History of all objects
+  objects host &lt;hostname&gt;       All host-based objects for a specific host
+  objects owner &lt;owner&gt;         Objects owned by that owner
+  objects type &lt;type&gt;           Objects of that type
+  objects unused                Objects that have never been gotten
+  objects unstored              Objects that have never been stored
+  owners &lt;type&gt; &lt;name&gt;          All ACL entries owning matching objects
+  schemes                       All configured ACL schemes
+  types                         All configured wallet types
+EOH
+
+##############################################################################
+# Implementation
+##############################################################################
+
+# Parse and execute a command.  We wrap this in a subroutine call for easier
+# testing.
+sub command {
+    die "Usage: wallet-report &lt;command&gt; [&lt;args&gt; ...]\n" unless @_;
+    my $report = Wallet::Report-&gt;new;
+
+    # Parse command-line options and dispatch to the appropriate calls.
+    my ($command, @args) = @_;
+    if ($command eq 'acls') {
+        die "too many arguments to acls\n" if @args &gt; 3;
+        my @acls = $report-&gt;acls (@args);
+        if (!@acls and $report-&gt;error) {
+            die $report-&gt;error, "\n";
+        }
+        if (@args &amp;&amp; $args[0] eq 'duplicate') {
+            for my $group (@acls) {
+                print join (' ', @$group), "\n";
+            }
+        } else {
+            for my $acl (sort { $$a[1] cmp $$b[1] } @acls) {
+                print "$$acl[1] (ACL ID: $$acl[0])\n";
+            }
+        }
+    } elsif ($command eq 'audit') {
+        die "too many arguments to audit\n" if @args &gt; 2;
+        die "too few arguments to audit\n" if @args &lt; 2;
+        my @result = $report-&gt;audit (@args);
+        if (!@result and $report-&gt;error) {
+            die $report-&gt;error, "\n";
+        }
+        for my $item (@result) {
+            if ($args[0] eq 'acls') {
+                print "$$item[1] (ACL ID: $$item[0])\n";
+            } else {
+                print join (' ', @$item), "\n";
+            }
+        }
+    } elsif ($command eq 'help') {
+        print $HELP;
+    } elsif ($command eq 'objects') {
+        die "too many arguments to objects\n" if @args &gt; 2;
+        my @objects;
+        if (@args &amp;&amp; $args[0] eq 'history') {
+            @objects = $report-&gt;objects_history (@args);
+        } elsif (@args &amp;&amp; $args[0] eq 'host') {
+            @objects = $report-&gt;objects_hostname (@args);
+        } else {
+            @objects = $report-&gt;objects (@args);
+        }
+        if (!@objects and $report-&gt;error) {
+            die $report-&gt;error, "\n";
+        }
+        for my $object (@objects) {
+            print join (' ', @$object), "\n";
+        }
+    } elsif ($command eq 'owners') {
+        die "too many arguments to owners\n" if @args &gt; 2;
+        die "too few arguments to owners\n" if @args &lt; 2;
+        my @entries = $report-&gt;owners (@args);
+        if (!@entries and $report-&gt;error) {
+            die $report-&gt;error, "\n";
+        }
+        for my $entry (@entries) {
+            print join (' ', @$entry), "\n";
+        }
+    } elsif ($command eq 'schemes') {
+        die "too many arguments to schemes\n" if @args &gt; 0;
+        my @schemes = $report-&gt;acl_schemes;
+        for my $entry (@schemes) {
+            print join (' ', @$entry), "\n";
+        }
+
+    } elsif ($command eq 'types') {
+        die "too many arguments to types\n" if @args &gt; 0;
+        my @types = $report-&gt;types;
+        for my $entry (@types) {
+            print join (' ', @$entry), "\n";
+        }
+
+    } else {
+        die "unknown command $command\n";
+    }
+}
+command (@ARGV);
+__END__
+
+##############################################################################
+# Documentation
+##############################################################################
+
+=head1 NAME
+
+wallet-report - Wallet server reporting interface
+
+=for stopwords
+metadata ACL hostname backend acl acls wildcard SQL Allbery remctl
+MERCHANTABILITY NONINFRINGEMENT sublicense unstored
+
+=head1 SYNOPSIS
+
+B&lt;wallet-report&gt; I&lt;type&gt; [I&lt;args&gt; ...]
+
+=head1 DESCRIPTION
+
+B&lt;wallet-report&gt; provides a command-line interface for running reports on
+the wallet database.  It is intended to be run on the wallet server as a
+user with access to the wallet database and configuration, but can also be
+made available via remctl to users who should have reporting privileges.
+
+This program is a fairly thin wrapper around Wallet::Report that
+translates command strings into method calls and returns the results.
+
+=head1 OPTIONS
+
+B&lt;wallet-report&gt; takes no traditional options.
+
+=head1 COMMANDS
+
+=over 4
+
+=item acls
+
+=item acls duplicate
+
+=item acls empty
+
+=item acls entry &lt;scheme&gt; &lt;identifier&gt;
+
+=item acls unused
+
+Returns a list of ACLs in the database.  Except for the C&lt;duplicate&gt;
+report, ACLs will be listed in the form:
+
+    &lt;name&gt; (ACL ID: &lt;id&gt;)
+
+where &lt;name&gt; is the human-readable name and &lt;id&gt; is the numeric ID.  The
+numeric ID is what's used internally by the wallet system.  There will be
+one line per ACL.
+
+For the C&lt;duplicate&gt; report, the output will instead be one duplicate set
+per line.  This will be a set of ACLs that all have the same entries.
+Only the names will be given, separated by spaces.
+
+If no search type is given, all the ACLs in the database will be returned.
+If a search type (and possible search arguments) are given, then the ACLs
+will be limited to those that match the search.
+
+The currently supported ACL search types are:
+
+=over 4
+
+=item acls duplicate
+
+Returns all sets of ACLs that are duplicates, meaning that they contain
+exactly the same entries.  Each line will be the names of the ACLs in a
+set of duplicates, separated by spaces.
+
+=item acls empty
+
+Returns all ACLs which have no entries, generally so that abandoned ACLs
+can be destroyed.
+
+=item acls entry &lt;scheme&gt; &lt;identifier&gt;
+
+Returns all ACLs containing an entry with given scheme and identifier.
+The scheme must be an exact match, but the &lt;identifier&gt; string will match
+any identifier containing that string.
+
+=item acls nested &lt;acl&gt;
+
+Returns all ACLs that contain this ACL as a nested entry.
+
+=item acls unused
+
+Returns all ACLs that are not referenced by any of the objects in the
+wallet database, either as an owner or on one of the more specific ACLs.
+
+=back
+
+=item audit acls name
+
+=item audit objects name
+
+Returns all ACLs or objects that violate the current site naming policy.
+Objects will be listed in the form:
+
+    &lt;type&gt; &lt;name&gt;
+
+and ACLs in the form:
+
+    &lt;name&gt; (ACL ID: &lt;id&gt;)
+
+where &lt;name&gt; is the human-readable name and &lt;id&gt; is the numeric ID.  The
+numeric ID is what's used internally by the wallet system.  There will be
+one line per object or ACL.
+
+=item help
+
+Displays a summary of all available commands.
+
+=item objects
+
+=item objects acl &lt;acl&gt;
+
+=item objects flag &lt;flag&gt;
+
+=item objects owner &lt;owner&gt;
+
+=item objects type &lt;type&gt;
+
+=item objects unused
+
+=item objects unstored
+
+Returns a list of objects in the database.  Objects will be listed in the
+form:
+
+    &lt;type&gt; &lt;name&gt;
+
+There will be one line per object.
+
+If no search type is given, all objects in the database will be returned.
+If a search type (and possible search arguments) are given, the objects
+will be limited to those that match the search.
+
+The currently supported object search types are:
+
+=over 4
+
+=item objects acl &lt;acl&gt;
+
+Returns all objects for which the given ACL name or ID has any
+permissions.  This includes those objects owned by the ACL as well as
+those where that ACL has any other, more limited permissions.
+
+=item objects flag &lt;flag&gt;
+
+Returns all objects which have the given flag set.
+
+=item objects host &lt;hostname&gt;
+
+Returns all objects that belong to the given host.  This requires adding
+local configuration to identify objects that belong to a given host.  See
+L&lt;Wallet::Config/"OBJECT HOST-BASED NAMES"&gt; for more information.
+
+=item objects owner &lt;acl&gt;
+
+Returns all objects owned by the given ACL name or ID.
+
+=item objects type &lt;type&gt;
+
+Returns all objects of the given type.
+
+=item objects unused
+
+Returns all objects that have never been downloaded (have never been the
+target of a get command).
+
+=back
+
+=item owners &lt;type-pattern&gt; &lt;name-pattern&gt;
+
+Returns a list of all ACL entries in owner ACLs for all objects matching
+both &lt;type-pattern&gt; and &lt;name-pattern&gt;.  These can be the type or name of
+objects or they can be patterns using C&lt;%&gt; as the wildcard character
+following the normal rules of SQL patterns.
+
+The output will be one line per ACL line in the form:
+
+    &lt;scheme&gt; &lt;identifier&gt;
+
+with duplicates suppressed.
+
+=item schemes
+
+Returns a list of all registered ACL schemes.
+
+=item types
+
+Returns a list of all registered object types.
+
+=back
+
+=head1 AUTHOR
+
+Russ Allbery &lt;eagle@eyrie.org&gt;
+
+=head1 COPYRIGHT AND LICENSE
+
+Copyright 2016 Russ Allbery &lt;eagle@eyrie.org&gt;
+
+Copyright 2008, 2009, 2010, 2013, 2015 The Board of Trustees of the Leland
+Stanford Junior University
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the "Software"),
+to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
+THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+=head1 SEE ALSO
+
+Wallet::Config(3), Wallet::Report(3), wallet-backend(8)
+
+This program is part of the wallet system.  The current version is
+available from L&lt;http://www.eyrie.org/~eagle/software/wallet/&gt;.
+
+=cut
</pre></body></html>