~egtann/sum

1536514da377e5589e637cb7680436c720d00eb2 — Evan Tann 4 months ago f97d0b6
add sf.1 man page
1 files changed, 62 insertions(+), 0 deletions(-)

A man/man1/sf.1
A man/man1/sf.1 => man/man1/sf.1 +62 -0
@@ 0,0 1,62 @@
.Dd $Mdocdate$
.Dt SF 1
.Os
.Sh NAME
.Nm sf
.Nd declarative sql user management
.Sh SYNOPSIS
.Nm sf
.Bk -words
.Op Fl d
.Op Fl f Ar file
.Op Fl H Ar host
.Op Fl P Ar port
.Op Fl p Ar password
.Op Fl ssl-key Ar key Fl ssl-ca Ar ca Fl ssl-cert Ar cert Fl ssl-server Ar name
.Op Fl u Ar user
.Ek
.Sh DESCRIPTION
The
.Nm
utility enforces privileges in your sql database according to
.Xr sf.conf 5 .
It wipes existing privileges and re-applies new ones, whitelisting and
blacklisting access to databases, tables, statements, and columns on a per-user
basis.
.Nm
is declarative; it will produce the same privileges on each run and is safe to
run multiple times.
.Pp
Only MySQL v5.7 is currently supported. MariaDB is not compatible.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl d
Dry run. Print JSON of all denied columns to stdout without modifying the
database directly.
.It Fl f Ar file
Update the current privileges with the rules contained in
.Ar file .
This
.Ar file
may contain macros, tables, and privilege rules.
.It Fl p Ar password
The password for the SQL
.Ar user .
If not provided, the password will be requested via stdin.
.It Fl ssl-ca Ar ca
PEM file containing the server CA for the server.
.It Fl ssl-cert Ar cert
PEM file containing the client certificate for the server.
.It Fl sl-key Ar key
PEM file containing the client key for the server.
.It Fl ssl-server Ar name
Name of the SQL server.
.It Fl u Ar user
User in the SQL database.
.Sh EXIT STATUS
.Ex -std
.Sh SEE ALSO
.Xr sf.conf 5
.Sh AUTHORS
.An Evan Tann Aq Mt os@evantann.com