| < Wallet::ACL::NetDB::Root API | Russ Allbery > Software > wallet | Wallet::Config API > |
(Wallet system administrative interface)
use Wallet::Admin;
my $admin = Wallet::Admin->new;
unless ($admin->initialize ('user/admin@EXAMPLE.COM')) {
die $admin->error;
}
Wallet::Admin implements the administrative interface to the wallet server and database. It is normally instantiated and used by wallet-admin, a thin wrapper around this object that provides a command-line interface to its actions.
To use this object, several configuration variables must be set (at least the database configuration). For information on those variables and how to set them, see Wallet::Config. For more information on the normal user interface to the wallet server, see Wallet::Server.
Creates a new wallet administrative object and connects to the database. On any error, this method throws an exception.
For all methods that can fail, the caller should call error() after a failure to get the error message.
Destroys the database, deleting all of its data and all of the tables used by the wallet server. Returns true on success and false on failure.
Returns the error of the last failing operation or undef if no operations have failed. Callers should call this function to get the error message after an undef return from any other instance method.
Initializes the database as configured in Wallet::Config and loads the
wallet database schema. Then, creates an ACL with the name ADMIN and adds
an ACL entry of scheme krb5 and instance PRINCIPAL to that ACL. This
bootstraps the authorization system and lets that Kerberos identity make
further changes to the ADMIN ACL and the rest of the wallet database.
Returns true on success and false on failure.
initialize() uses localhost as the hostname and PRINCIPAL as the user
when logging the history of the ADMIN ACL creation and for any subsequent
actions on the object it returns.
Register in the database a mapping from the object type TYPE to the class CLASS. Returns true on success and false on failure (including when the verifier is already registered).
Register in the database a mapping from the ACL scheme SCHEME to the class CLASS. Returns true on success and false on failure (including when the verifier is already registered).
Performs the same actions as initialize(), but first drops any existing wallet database tables from the database, allowing this function to be called on a prior wallet database. All data stored in the database will be deleted and a fresh set of wallet database tables will be created. This method is equivalent to calling destroy() followed by initialize(). Returns true on success and false on failure.
Upgrades the database to the latest schema version, preserving data as much as possible. Returns true on success and false on failure.
wallet-admin(8)
This module is part of the wallet system. The current version is available from <https://www.eyrie.org/~eagle/software/wallet/>.
Russ Allbery <eagle@eyrie.org>
| < Wallet::ACL::NetDB::Root API | Russ Allbery > Software > wallet | Wallet::Config API > |