--- server/wallet-report 2016-01-17 19:13:02.000000000 -0800
+++ /dev/null 2016-01-23 14:00:27.000000000 -0800
@@ -1,360 +0,0 @@
-#!/usr/bin/perl
-#
-# Wallet server reporting interface.
-
-use 5.008;
-use strict;
-use warnings;
-
-use Wallet::Report;
-
-# The help output, sent in reply to the help command. Lists each supported
-# report command with a brief description of what it does.
-our $HELP = <<'EOH';
-Wallet reporting help:
- acls All ACLs
- acls duplicate ACLs that duplicate another
- acls empty All empty ACLs
- acls entry <scheme> <id> ACLs containing this entry (wildcarded)
- acls nesting <acl> ACLs containing this ACL as a nested entry
- acls unused ACLs that are not referenced by any object
- audit acls name ACLs failing the naming policy
- audit objects name Objects failing the naming policy
- objects All objects
- objects acl <acl> Objects granting permissions to that ACL
- objects flag <flag> Objects with that flag set
- objects history History of all objects
- objects host <hostname> All host-based objects for a specific host
- objects owner <owner> Objects owned by that owner
- objects type <type> Objects of that type
- objects unused Objects that have never been gotten
- objects unstored Objects that have never been stored
- owners <type> <name> All ACL entries owning matching objects
- schemes All configured ACL schemes
- types All configured wallet types
-EOH
-
-##############################################################################
-# Implementation
-##############################################################################
-
-# Parse and execute a command. We wrap this in a subroutine call for easier
-# testing.
-sub command {
- die "Usage: wallet-report <command> [<args> ...]\n" unless @_;
- my $report = Wallet::Report->new;
-
- # Parse command-line options and dispatch to the appropriate calls.
- my ($command, @args) = @_;
- if ($command eq 'acls') {
- die "too many arguments to acls\n" if @args > 3;
- my @acls = $report->acls (@args);
- if (!@acls and $report->error) {
- die $report->error, "\n";
- }
- if (@args && $args[0] eq 'duplicate') {
- for my $group (@acls) {
- print join (' ', @$group), "\n";
- }
- } else {
- for my $acl (sort { $$a[1] cmp $$b[1] } @acls) {
- print "$$acl[1] (ACL ID: $$acl[0])\n";
- }
- }
- } elsif ($command eq 'audit') {
- die "too many arguments to audit\n" if @args > 2;
- die "too few arguments to audit\n" if @args < 2;
- my @result = $report->audit (@args);
- if (!@result and $report->error) {
- die $report->error, "\n";
- }
- for my $item (@result) {
- if ($args[0] eq 'acls') {
- print "$$item[1] (ACL ID: $$item[0])\n";
- } else {
- print join (' ', @$item), "\n";
- }
- }
- } elsif ($command eq 'help') {
- print $HELP;
- } elsif ($command eq 'objects') {
- die "too many arguments to objects\n" if @args > 2;
- my @objects;
- if (@args && $args[0] eq 'history') {
- @objects = $report->objects_history (@args);
- } elsif (@args && $args[0] eq 'host') {
- @objects = $report->objects_hostname (@args);
- } else {
- @objects = $report->objects (@args);
- }
- if (!@objects and $report->error) {
- die $report->error, "\n";
- }
- for my $object (@objects) {
- print join (' ', @$object), "\n";
- }
- } elsif ($command eq 'owners') {
- die "too many arguments to owners\n" if @args > 2;
- die "too few arguments to owners\n" if @args < 2;
- my @entries = $report->owners (@args);
- if (!@entries and $report->error) {
- die $report->error, "\n";
- }
- for my $entry (@entries) {
- print join (' ', @$entry), "\n";
- }
- } elsif ($command eq 'schemes') {
- die "too many arguments to schemes\n" if @args > 0;
- my @schemes = $report->acl_schemes;
- for my $entry (@schemes) {
- print join (' ', @$entry), "\n";
- }
-
- } elsif ($command eq 'types') {
- die "too many arguments to types\n" if @args > 0;
- my @types = $report->types;
- for my $entry (@types) {
- print join (' ', @$entry), "\n";
- }
-
- } else {
- die "unknown command $command\n";
- }
-}
-command (@ARGV);
-__END__
-
-##############################################################################
-# Documentation
-##############################################################################
-
-=head1 NAME
-
-wallet-report - Wallet server reporting interface
-
-=for stopwords
-metadata ACL hostname backend acl acls wildcard SQL Allbery remctl
-MERCHANTABILITY NONINFRINGEMENT sublicense unstored
-
-=head1 SYNOPSIS
-
-B<wallet-report> I<type> [I<args> ...]
-
-=head1 DESCRIPTION
-
-B<wallet-report> provides a command-line interface for running reports on
-the wallet database. It is intended to be run on the wallet server as a
-user with access to the wallet database and configuration, but can also be
-made available via remctl to users who should have reporting privileges.
-
-This program is a fairly thin wrapper around Wallet::Report that
-translates command strings into method calls and returns the results.
-
-=head1 OPTIONS
-
-B<wallet-report> takes no traditional options.
-
-=head1 COMMANDS
-
-=over 4
-
-=item acls
-
-=item acls duplicate
-
-=item acls empty
-
-=item acls entry <scheme> <identifier>
-
-=item acls unused
-
-Returns a list of ACLs in the database. Except for the C<duplicate>
-report, ACLs will be listed in the form:
-
- <name> (ACL ID: <id>)
-
-where <name> is the human-readable name and <id> is the numeric ID. The
-numeric ID is what's used internally by the wallet system. There will be
-one line per ACL.
-
-For the C<duplicate> report, the output will instead be one duplicate set
-per line. This will be a set of ACLs that all have the same entries.
-Only the names will be given, separated by spaces.
-
-If no search type is given, all the ACLs in the database will be returned.
-If a search type (and possible search arguments) are given, then the ACLs
-will be limited to those that match the search.
-
-The currently supported ACL search types are:
-
-=over 4
-
-=item acls duplicate
-
-Returns all sets of ACLs that are duplicates, meaning that they contain
-exactly the same entries. Each line will be the names of the ACLs in a
-set of duplicates, separated by spaces.
-
-=item acls empty
-
-Returns all ACLs which have no entries, generally so that abandoned ACLs
-can be destroyed.
-
-=item acls entry <scheme> <identifier>
-
-Returns all ACLs containing an entry with given scheme and identifier.
-The scheme must be an exact match, but the <identifier> string will match
-any identifier containing that string.
-
-=item acls nested <acl>
-
-Returns all ACLs that contain this ACL as a nested entry.
-
-=item acls unused
-
-Returns all ACLs that are not referenced by any of the objects in the
-wallet database, either as an owner or on one of the more specific ACLs.
-
-=back
-
-=item audit acls name
-
-=item audit objects name
-
-Returns all ACLs or objects that violate the current site naming policy.
-Objects will be listed in the form:
-
- <type> <name>
-
-and ACLs in the form:
-
- <name> (ACL ID: <id>)
-
-where <name> is the human-readable name and <id> is the numeric ID. The
-numeric ID is what's used internally by the wallet system. There will be
-one line per object or ACL.
-
-=item help
-
-Displays a summary of all available commands.
-
-=item objects
-
-=item objects acl <acl>
-
-=item objects flag <flag>
-
-=item objects owner <owner>
-
-=item objects type <type>
-
-=item objects unused
-
-=item objects unstored
-
-Returns a list of objects in the database. Objects will be listed in the
-form:
-
- <type> <name>
-
-There will be one line per object.
-
-If no search type is given, all objects in the database will be returned.
-If a search type (and possible search arguments) are given, the objects
-will be limited to those that match the search.
-
-The currently supported object search types are:
-
-=over 4
-
-=item objects acl <acl>
-
-Returns all objects for which the given ACL name or ID has any
-permissions. This includes those objects owned by the ACL as well as
-those where that ACL has any other, more limited permissions.
-
-=item objects flag <flag>
-
-Returns all objects which have the given flag set.
-
-=item objects host <hostname>
-
-Returns all objects that belong to the given host. This requires adding
-local configuration to identify objects that belong to a given host. See
-L<Wallet::Config/"OBJECT HOST-BASED NAMES"> for more information.
-
-=item objects owner <acl>
-
-Returns all objects owned by the given ACL name or ID.
-
-=item objects type <type>
-
-Returns all objects of the given type.
-
-=item objects unused
-
-Returns all objects that have never been downloaded (have never been the
-target of a get command).
-
-=back
-
-=item owners <type-pattern> <name-pattern>
-
-Returns a list of all ACL entries in owner ACLs for all objects matching
-both <type-pattern> and <name-pattern>. These can be the type or name of
-objects or they can be patterns using C<%> as the wildcard character
-following the normal rules of SQL patterns.
-
-The output will be one line per ACL line in the form:
-
- <scheme> <identifier>
-
-with duplicates suppressed.
-
-=item schemes
-
-Returns a list of all registered ACL schemes.
-
-=item types
-
-Returns a list of all registered object types.
-
-=back
-
-=head1 AUTHOR
-
-Russ Allbery <eagle@eyrie.org>
-
-=head1 COPYRIGHT AND LICENSE
-
-Copyright 2016 Russ Allbery <eagle@eyrie.org>
-
-Copyright 2008, 2009, 2010, 2013, 2015 The Board of Trustees of the Leland
-Stanford Junior University
-
-Permission is hereby granted, free of charge, to any person obtaining a
-copy of this software and associated documentation files (the "Software"),
-to deal in the Software without restriction, including without limitation
-the rights to use, copy, modify, merge, publish, distribute, sublicense,
-and/or sell copies of the Software, and to permit persons to whom the
-Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
-THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
-DEALINGS IN THE SOFTWARE.
-
-=head1 SEE ALSO
-
-Wallet::Config(3), Wallet::Report(3), wallet-backend(8)
-
-This program is part of the wallet system. The current version is
-available from L<http://www.eyrie.org/~eagle/software/wallet/>.
-
-=cut
--- /dev/null 2016-01-23 14:00:27.000000000 -0800
+++ server/wallet-report.in 2016-01-17 19:13:02.000000000 -0800
@@ -0,0 +1,360 @@
+#!@PERL@
+#
+# Wallet server reporting interface.
+
+use 5.008;
+use strict;
+use warnings;
+
+use Wallet::Report;
+
+# The help output, sent in reply to the help command. Lists each supported
+# report command with a brief description of what it does.
+our $HELP = <<'EOH';
+Wallet reporting help:
+ acls All ACLs
+ acls duplicate ACLs that duplicate another
+ acls empty All empty ACLs
+ acls entry <scheme> <id> ACLs containing this entry (wildcarded)
+ acls nesting <acl> ACLs containing this ACL as a nested entry
+ acls unused ACLs that are not referenced by any object
+ audit acls name ACLs failing the naming policy
+ audit objects name Objects failing the naming policy
+ objects All objects
+ objects acl <acl> Objects granting permissions to that ACL
+ objects flag <flag> Objects with that flag set
+ objects history History of all objects
+ objects host <hostname> All host-based objects for a specific host
+ objects owner <owner> Objects owned by that owner
+ objects type <type> Objects of that type
+ objects unused Objects that have never been gotten
+ objects unstored Objects that have never been stored
+ owners <type> <name> All ACL entries owning matching objects
+ schemes All configured ACL schemes
+ types All configured wallet types
+EOH
+
+##############################################################################
+# Implementation
+##############################################################################
+
+# Parse and execute a command. We wrap this in a subroutine call for easier
+# testing.
+sub command {
+ die "Usage: wallet-report <command> [<args> ...]\n" unless @_;
+ my $report = Wallet::Report->new;
+
+ # Parse command-line options and dispatch to the appropriate calls.
+ my ($command, @args) = @_;
+ if ($command eq 'acls') {
+ die "too many arguments to acls\n" if @args > 3;
+ my @acls = $report->acls (@args);
+ if (!@acls and $report->error) {
+ die $report->error, "\n";
+ }
+ if (@args && $args[0] eq 'duplicate') {
+ for my $group (@acls) {
+ print join (' ', @$group), "\n";
+ }
+ } else {
+ for my $acl (sort { $$a[1] cmp $$b[1] } @acls) {
+ print "$$acl[1] (ACL ID: $$acl[0])\n";
+ }
+ }
+ } elsif ($command eq 'audit') {
+ die "too many arguments to audit\n" if @args > 2;
+ die "too few arguments to audit\n" if @args < 2;
+ my @result = $report->audit (@args);
+ if (!@result and $report->error) {
+ die $report->error, "\n";
+ }
+ for my $item (@result) {
+ if ($args[0] eq 'acls') {
+ print "$$item[1] (ACL ID: $$item[0])\n";
+ } else {
+ print join (' ', @$item), "\n";
+ }
+ }
+ } elsif ($command eq 'help') {
+ print $HELP;
+ } elsif ($command eq 'objects') {
+ die "too many arguments to objects\n" if @args > 2;
+ my @objects;
+ if (@args && $args[0] eq 'history') {
+ @objects = $report->objects_history (@args);
+ } elsif (@args && $args[0] eq 'host') {
+ @objects = $report->objects_hostname (@args);
+ } else {
+ @objects = $report->objects (@args);
+ }
+ if (!@objects and $report->error) {
+ die $report->error, "\n";
+ }
+ for my $object (@objects) {
+ print join (' ', @$object), "\n";
+ }
+ } elsif ($command eq 'owners') {
+ die "too many arguments to owners\n" if @args > 2;
+ die "too few arguments to owners\n" if @args < 2;
+ my @entries = $report->owners (@args);
+ if (!@entries and $report->error) {
+ die $report->error, "\n";
+ }
+ for my $entry (@entries) {
+ print join (' ', @$entry), "\n";
+ }
+ } elsif ($command eq 'schemes') {
+ die "too many arguments to schemes\n" if @args > 0;
+ my @schemes = $report->acl_schemes;
+ for my $entry (@schemes) {
+ print join (' ', @$entry), "\n";
+ }
+
+ } elsif ($command eq 'types') {
+ die "too many arguments to types\n" if @args > 0;
+ my @types = $report->types;
+ for my $entry (@types) {
+ print join (' ', @$entry), "\n";
+ }
+
+ } else {
+ die "unknown command $command\n";
+ }
+}
+command (@ARGV);
+__END__
+
+##############################################################################
+# Documentation
+##############################################################################
+
+=head1 NAME
+
+wallet-report - Wallet server reporting interface
+
+=for stopwords
+metadata ACL hostname backend acl acls wildcard SQL Allbery remctl
+MERCHANTABILITY NONINFRINGEMENT sublicense unstored
+
+=head1 SYNOPSIS
+
+B<wallet-report> I<type> [I<args> ...]
+
+=head1 DESCRIPTION
+
+B<wallet-report> provides a command-line interface for running reports on
+the wallet database. It is intended to be run on the wallet server as a
+user with access to the wallet database and configuration, but can also be
+made available via remctl to users who should have reporting privileges.
+
+This program is a fairly thin wrapper around Wallet::Report that
+translates command strings into method calls and returns the results.
+
+=head1 OPTIONS
+
+B<wallet-report> takes no traditional options.
+
+=head1 COMMANDS
+
+=over 4
+
+=item acls
+
+=item acls duplicate
+
+=item acls empty
+
+=item acls entry <scheme> <identifier>
+
+=item acls unused
+
+Returns a list of ACLs in the database. Except for the C<duplicate>
+report, ACLs will be listed in the form:
+
+ <name> (ACL ID: <id>)
+
+where <name> is the human-readable name and <id> is the numeric ID. The
+numeric ID is what's used internally by the wallet system. There will be
+one line per ACL.
+
+For the C<duplicate> report, the output will instead be one duplicate set
+per line. This will be a set of ACLs that all have the same entries.
+Only the names will be given, separated by spaces.
+
+If no search type is given, all the ACLs in the database will be returned.
+If a search type (and possible search arguments) are given, then the ACLs
+will be limited to those that match the search.
+
+The currently supported ACL search types are:
+
+=over 4
+
+=item acls duplicate
+
+Returns all sets of ACLs that are duplicates, meaning that they contain
+exactly the same entries. Each line will be the names of the ACLs in a
+set of duplicates, separated by spaces.
+
+=item acls empty
+
+Returns all ACLs which have no entries, generally so that abandoned ACLs
+can be destroyed.
+
+=item acls entry <scheme> <identifier>
+
+Returns all ACLs containing an entry with given scheme and identifier.
+The scheme must be an exact match, but the <identifier> string will match
+any identifier containing that string.
+
+=item acls nested <acl>
+
+Returns all ACLs that contain this ACL as a nested entry.
+
+=item acls unused
+
+Returns all ACLs that are not referenced by any of the objects in the
+wallet database, either as an owner or on one of the more specific ACLs.
+
+=back
+
+=item audit acls name
+
+=item audit objects name
+
+Returns all ACLs or objects that violate the current site naming policy.
+Objects will be listed in the form:
+
+ <type> <name>
+
+and ACLs in the form:
+
+ <name> (ACL ID: <id>)
+
+where <name> is the human-readable name and <id> is the numeric ID. The
+numeric ID is what's used internally by the wallet system. There will be
+one line per object or ACL.
+
+=item help
+
+Displays a summary of all available commands.
+
+=item objects
+
+=item objects acl <acl>
+
+=item objects flag <flag>
+
+=item objects owner <owner>
+
+=item objects type <type>
+
+=item objects unused
+
+=item objects unstored
+
+Returns a list of objects in the database. Objects will be listed in the
+form:
+
+ <type> <name>
+
+There will be one line per object.
+
+If no search type is given, all objects in the database will be returned.
+If a search type (and possible search arguments) are given, the objects
+will be limited to those that match the search.
+
+The currently supported object search types are:
+
+=over 4
+
+=item objects acl <acl>
+
+Returns all objects for which the given ACL name or ID has any
+permissions. This includes those objects owned by the ACL as well as
+those where that ACL has any other, more limited permissions.
+
+=item objects flag <flag>
+
+Returns all objects which have the given flag set.
+
+=item objects host <hostname>
+
+Returns all objects that belong to the given host. This requires adding
+local configuration to identify objects that belong to a given host. See
+L<Wallet::Config/"OBJECT HOST-BASED NAMES"> for more information.
+
+=item objects owner <acl>
+
+Returns all objects owned by the given ACL name or ID.
+
+=item objects type <type>
+
+Returns all objects of the given type.
+
+=item objects unused
+
+Returns all objects that have never been downloaded (have never been the
+target of a get command).
+
+=back
+
+=item owners <type-pattern> <name-pattern>
+
+Returns a list of all ACL entries in owner ACLs for all objects matching
+both <type-pattern> and <name-pattern>. These can be the type or name of
+objects or they can be patterns using C<%> as the wildcard character
+following the normal rules of SQL patterns.
+
+The output will be one line per ACL line in the form:
+
+ <scheme> <identifier>
+
+with duplicates suppressed.
+
+=item schemes
+
+Returns a list of all registered ACL schemes.
+
+=item types
+
+Returns a list of all registered object types.
+
+=back
+
+=head1 AUTHOR
+
+Russ Allbery <eagle@eyrie.org>
+
+=head1 COPYRIGHT AND LICENSE
+
+Copyright 2016 Russ Allbery <eagle@eyrie.org>
+
+Copyright 2008, 2009, 2010, 2013, 2015 The Board of Trustees of the Leland
+Stanford Junior University
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the "Software"),
+to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+=head1 SEE ALSO
+
+Wallet::Config(3), Wallet::Report(3), wallet-backend(8)
+
+This program is part of the wallet system. The current version is
+available from L<http://www.eyrie.org/~eagle/software/wallet/>.
+
+=cut