diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-10-10 22:47:14 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-10-10 22:47:14 +0000 |
| commit | 5370a35b615d5d868829ba52748208d9f1b129a5 (patch) | |
| tree | c1337b976c7f623680d25901c325ab5ba8c545a8 /client/wallet.pod | |
| parent | e339fc12869fe816d448930c44f96627cf780253 (diff) | |
Add history to the wallet-backend and to its documentation and the end-user
documentation. Fix a variety of other problems with the documentation of
the ACLs used and add mentions of getattr and setattr to a few places
where they were missing.
Diffstat (limited to 'client/wallet.pod')
| -rw-r--r-- | client/wallet.pod | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/client/wallet.pod b/client/wallet.pod index 7d70a9d..957cd24 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -114,12 +114,13 @@ options and commands are ignored. As mentioned above, most commands are only available to wallet administrators. The exceptions are C<get>, C<store>, C<show>, C<destroy>, -C<flag clear>, C<flag set>, C<getattr>, and C<setattr>. All of those -commands have their own ACLs except C<getattr>, which uses the C<show> -ACL, and C<setattr>, which uses the C<show> ACL. If the appropriate ACL -is set, it alone is checked to see if the user has access. Otherwise, -C<get>, C<store>, C<show>, C<getattr>, and C<setattr> access is permitted -if the user is authorized by the owner ACL of the object. +C<flag clear>, C<flag set>, C<getattr>, C<setattr>, and C<history>. All +of those commands have their own ACLs except C<getattr> and C<history>, +which use the C<show> ACL, and C<setattr>, which uses the C<store> ACL. +If the appropriate ACL is set, it alone is checked to see if the user has +access. Otherwise, C<get>, C<store>, C<show>, C<getattr>, C<setattr>, and +C<history> access is permitted if the user is authorized by the owner ACL +of the object. Administrators can run any command on any object or ACL except for C<get> and C<store>. For C<get> and C<show>, they must still be authorized by @@ -127,8 +128,9 @@ either the appropriate specific ACL or the owner ACL. If the locked flag is set on an object, no commands can be run on that object that change data except the C<flags> commands, nor can the C<get> -command be used on that object. C<show>, C<getacl>, and C<owner> or -C<expires> without an argument can still be used on that object. +command be used on that object. C<show>, C<history>, C<getacl>, +C<getattr>, and C<owner> or C<expires> without an argument can still be +used on that object. For more information on attributes, see L<ATTRIBUTES>. @@ -230,6 +232,14 @@ underlying object implementation. The attribute values, if any, are printed one per line. If the attribute is not set on this object, nothing is printed. +=item history <type> <name> + +Displays the history for the object identified by <type> and <name>. +This human-readable output will have two lines for each action that +changes the object, plus for any get action. The first line has the +timestamp of the action and the action, and the second line gives the user +who performed the action and the host from which they performed it. + =item owner <type> <name> [<owner>] If <owner> is not given, displays the current owner ACL of the object |