1536514da377e5589e637cb7680436c720d00eb2 — Evan Tann 8 months ago f97d0b6
add sf.1 man page
1 files changed, 62 insertions(+), 0 deletions(-)

A man/man1/sf.1
A man/man1/sf.1 => man/man1/sf.1 +62 -0
@@ 0,0 1,62 @@
.Dd $Mdocdate$
.Dt SF 1
.Nm sf
.Nd declarative sql user management
.Nm sf
.Bk -words
.Op Fl d
.Op Fl f Ar file
.Op Fl H Ar host
.Op Fl P Ar port
.Op Fl p Ar password
.Op Fl ssl-key Ar key Fl ssl-ca Ar ca Fl ssl-cert Ar cert Fl ssl-server Ar name
.Op Fl u Ar user
utility enforces privileges in your sql database according to
.Xr sf.conf 5 .
It wipes existing privileges and re-applies new ones, whitelisting and
blacklisting access to databases, tables, statements, and columns on a per-user
is declarative; it will produce the same privileges on each run and is safe to
run multiple times.
Only MySQL v5.7 is currently supported. MariaDB is not compatible.
The options are as follows:
.Bl -tag -width Ds
.It Fl d
Dry run. Print JSON of all denied columns to stdout without modifying the
database directly.
.It Fl f Ar file
Update the current privileges with the rules contained in
.Ar file .
.Ar file
may contain macros, tables, and privilege rules.
.It Fl p Ar password
The password for the SQL
.Ar user .
If not provided, the password will be requested via stdin.
.It Fl ssl-ca Ar ca
PEM file containing the server CA for the server.
.It Fl ssl-cert Ar cert
PEM file containing the client certificate for the server.
.It Fl sl-key Ar key
PEM file containing the client key for the server.
.It Fl ssl-server Ar name
Name of the SQL server.
.It Fl u Ar user
User in the SQL database.
.Ex -std
.Xr sf.conf 5
.An Evan Tann Aq Mt os@evantann.com