1CLUFTER(1)                       User Commands                      CLUFTER(1)
2
3
4

NAME

6       clufter - ccs-obfuscate
7

SYNOPSIS

9       clufter [<global option> ...] ccs-obfuscate [<cmd option ...>]
10

DESCRIPTION

12       Obfuscate credentials/IDs in CMAN-based cluster config.
13
14       Either obfuscation pass can be suppressed by skip parameter, by default
15       they are performed both in row.
16
17       Following conventions are  used  for  substituted  ids/credentials:  1.
18       identifiers  used  for crosslinking (referential integrity) ought to be
19       converted in a way not violating this integrity 2. identifiers  clearly
20       out  of  referential  integrity (i.e., arbitrary value unrelated to the
21       rest of the XML tree) ought to be  substituted  with  strings  starting
22       with  'REL-' 3. credentials ought to be substituted with strings start‐
23       ing with 'SECRET-' 4. overall, any affected item should be  substituted
24       with capitalized string to visually emphasize the substitution
25

OPTIONS

27       -h, --help
28              show help message and exit
29
30       -H, --help-full
31              full help message and exit
32
33              Command options:
34
35       -i INPUT, --input=INPUT
36              input  CMAN-based cluster configuration file [/etc/cluster/clus‐
37              ter.conf]
38
39       -o OUTPUT, --output=OUTPUT
40              output file  with  obfuscated  credentials/identifiers  [c  lus‐
41              ter-obfuscated-{ccs-obfuscate-credentials.in.hash}.  conf]
42
43       -s SKIP, --skip=SKIP
44              pass to skip (none/ids/creds), neater than --noop [none]
45
46       --noop=NOOP
47              (Advanced)  debug only: NOOPize filter (2+: repeat) [none out of
48              ccs-obfuscate-credentials, ccs-obfuscate-identifiers]
49
50       --dump=DUMP
51              (Advanced) debug only: dump (intermediate) output of the  filter
52              (2+:  repeat) [none out of ccs-obfuscate-credentials, ccs-obfus‐
53              cate-identifiers, ANY]
54
55              Common options:
56
57              Either in global (before <cmd>) or command scope (after <cmd>).
58
59       --sys=SYS
60              (Advanced) override autodetected system [linux]
61
62       --dist=DIST
63              override  target  distro  (for  SYS=linux;   see   --list-dists)
64              [fedora,31,Thirty one]
65
66       -q, --quiet
67              refrain from unnecesary messages (usually on stderr)
68
69       --color=[WHEN]
70              colorize messages if available [auto out of auto, never, always]
71
72       -d, --debug
73              shortcut for --loglevel=DEBUG
74
75       --logfile=FILE
76              specify log file (instead of stderr)
77
78       --loglevel=LEVEL
79              specify  log level [WARNING out of NOTSET, DEBUG, INFO, WARNING,
80              ERROR, CRITICAL]
81
82       Arguments to value-based `command options' can go without  labels  when
83       the  order  wrt.  parsing  logic  respected;  skipping  those backed by
84       default values otherwise requiring specification then allowed  by  syn‐
85       tactic  sugar: all can be passed as a single, first, ::-delimited argu‐
86       ment; magic files: `-', `@DIGIT+'.  `{formula}' in  output  file  spec:
87       input-backed  (e.g.  hash) substitution recipe.  All available commands
88       listed as `clufter --list'.
89

AUTHOR

91       Written by Jan  Pokorný  <jpokorny+pkg-clufter@redhat.com>  and  plugin
92       authors.
93

REPORTING BUGS

95       Report    bugs    to   <https://bugzilla.redhat.com/enter_bug.cgi?prod
96       uct=Fedora&component=clufter>
97
99       Copyright © 2019 Red Hat, Inc.  Licensed under GPLv2+.
100

SEE ALSO

102       cluster.conf(5), ccs(7), clufter(1),
103
104       clufter-ccs-artefacts(1), clufter-ccs-disable-rg(1),  clufter-ccs-revi‐
105       talize(1), and perhaps more
106
107
108
109clufter 0.77.2                    August 2019                       CLUFTER(1)
Impressum