pwmc: set the error source from dot commands.

[libpwmd.git] / doc / tutorial.sgml

<!DOCTYPE article  PUBLIC "-//OASIS//DTD DocBook V4.2//EN"
 [ <!ENTITY % output.print.png "IGNORE">
<!ENTITY % output.print.pdf "IGNORE">
<!ENTITY % output.print.eps "IGNORE">
<!ENTITY % output.print.bmp "IGNORE">
 ]>

<!-- SGML file was created by LyX 2.0.0rc3
  See http://www.lyx.org/ for more information -->
<article lang="en">
<articleinfo>
<title>Libpwmd Tutorial</title>
<date>5-8-2011</date><author>
Ben Kibbey<footnote><dummy>bjk@luxsci.net</dummy></footnote><toc></toc></author></articleinfo><sect1>
<title>Introduction</title>
<para>This is a tutorial showing the basic usage of libpwmd<footnote><dummy>http://libpwmd.sourceforge.net/</dummy></footnote>. Libpwmd<emphasis> </emphasis>is a library making it easy to access pwmd<footnote><dummy>http://pwmd.sourceforge.net/</dummy></footnote> or <emphasis>Password Manager Daemon</emphasis>.</para></sect1><sect1>
<title>What is PWMD?</title>
<para><emphasis>Password Manager Daemon</emphasis> is a universal data server. It began as a way to keep track of my passwords for accounts like email and websites but can be used to store anything you want.</para>
<para>There are other password management tools but pwmd has a couple of distinguishing features:</para><itemizedlist>
<listitem><para>It does not depend on a desktop environment but has the ability for applications to connect to it like a desktop solution provides.</para></listitem><listitem><para>Some portion of a stored data can be shared with another portion in the same data file. This feature behaves a lot like a symbolic link on a file system, XML entities, or HTML targets if you're familiar with those, but implemented in a different way.</para></listitem></itemizedlist></sect1><sect1>
<title>Element paths</title>
<para>The document is saved as an XML file and is manipulated by commands sent from a client. Commands that access data take what is called an <emphasis>element path</emphasis> as an argument. An element path is a character string containing XML element names representing branches of an element tree. The branches are separated with a TAB (ASCII 0x09) character. Why a TAB? So other characters can be used in the element name. If for example a '/' were used as the separator, then a URL (i.e., http://sf.net/) could not be used as an element name.</para>
<para>For the rest of this tutorial, when you see &lt;TAB&gt;, replace it with a real TAB character. For example, the element path "a&lt;TAB&gt;child&lt;TAB&gt;last" has the following element tree:</para><screen>
<![CDATA[<a>
    <child>
        <last>
Content or XML CDATA of the "last" element.
        </last>
    </child>
</a>
]]></screen><para>I should say that the XML structure that pwmd uses is a little more complicated. It really looks like the following internally, but we will use the above format in this tutorial for simplicity:</para><screen>
<![CDATA[<element _name="a">
    <element _name="child">
        <element _name="last">Content or CDATA of the "last" element.
        </element>
    </element>
</element>
]]></screen><para>Every element created has an element named <emphasis>element</emphasis> with an attribute <emphasis>_name</emphasis> associated with it. The value of the <emphasis>_name</emphasis> attribute is what an element in an element path refers to. It is done this way so that a wider range of characters can be used in an element name while maintaining valid XML. In fact, the only restriction of an element name is that it not contain whitespace characters and not begin with an exclamation point (ASCII 0x21 or !). See <emphasis><xref linkend="sec.Linking-elements-1"> </emphasis>for an exception.</para>
<para>There is one other difference from your normal XML document in that only the first match of an element is considered for the current element tree depth. When an element of the current depth of an element tree is found, the next element in the element path is searched for beginning at the child node of the found element. From the example above:</para><screen>
<![CDATA[<a>
    <child>
        <last>Content or XML CDATA of the "last" element.
        </last>
    </child>
    <child>This element will never be reached.
    </child>
</a>
]]></screen><para>The second "child" element is never reached, although an element of a different name may be accessed.</para></sect1><sect1>
<title>Clients</title>
<para>You will need a client to send commands to the pwmd server. If you are making your own application or need a simple client to connect to the server then <emphasis>libpwmd</emphasis> may be used. It has few dependencies and - as mentioned - includes a client named <emphasis>pwmc</emphasis>. The rest of this tutorial will use pwmc. It is command-line based and there are not any fancy graphics, but it is good for understanding how commands are processed.</para>
<para>If you want a more user friendly client that looks like a file manager and has a point and click interface, try pwmdEdit<footnote><dummy>http://qpwmc.sourceforge.net/</dummy></footnote> which uses the Qt4 toolkit.</para></sect1><sect1>
<title>Connecting</title>
<para>We are using the <emphasis>pwmc</emphasis> client included in libpwmd. pwmc has two modes that commands are read from: interactive and stdin. The interactive mode uses the readline library and has command history while reading from standard input (stdin) makes shell scripting and automation easy. For the examples, we will be connecting to the default local unix domain socket that pwmd waits for connections on. Remote connections are possible over an SSH channel but that is not covered here. Read the pwmc(1) manual page for how to do that.</para>
<para>The example filename we will use is "datafile". It is initially a non-existent file but it will be created once we have saved to it. Now let us connect to the server in interactive mode and open the data file:</para><screen>
<![CDATA[$ pwmc --interactive datafile
Connected.
pwm>
]]></screen><para>The "pwm&gt;" prompt is a readline prompt that has command history and can do filename completion. It also is annoying because, as mentioned, elements in element paths are TAB delimited, but command completion in readline uses the TAB character, too. To insert a real TAB character in interactive mode rather than do readline completion, you will need to first press CTRL-V and then press TAB.</para></sect1><sect1>
<title>Commands</title>
<para>To store some data in an element path, you will need to know what element path to create. It is up to you how you want your data organized. If for example you will be storing account information it may be a good idea to categorize what the account is for: email, instant messaging, blogging, etc.</para>
<para>In the following example we will setup mail server element paths which can be used for other applications requiring a mail server configuration. First, lets create the hostname element path:</para><screen>
<![CDATA[pwm> STORE
]]></screen><para>The STORE command is a pwmd protocol command. This command and some other commands use what is called a <emphasis>server inquire</emphasis> to retrieve data from the client, while other commands may retrieve required data only from the command arguments. The server inquire will wait for the client to finish sending its data before completing the command. When responding to a server inquire in pwmc, pwmc will show a message telling you that it is waiting for data to be sent. Enter the element path and its content, then press &lt;CTRL-D&gt; twice to finish sending the data and let pwmd complete the command:</para><screen>
<![CDATA[pwm> STORE
email<TAB>isp<TAB>IMAP<TAB>hostname<TAB>imap.server.com<CTRL-D><CTRL-D>
]]></screen><para>Remember that you should replace &lt;TAB&gt; in the examples with a real TAB character. I should mention that when sending data via a server inquire there is no need to press CTRL-V to insert the TAB character. That is only needed from the readline command prompt and when not doing a server inquire.</para>
<para>After pressing the first CTRL-D, the line that was entered is sent to pwmd and the inquire continues. To terminate the inquire and finish sending data for the command, press CTRL-D a second time.</para>
<para>If you were to have pressed RETURN before any CTRL-D then the inquired line would have been sent in full including a newline character. Since in this example a newline character in a hostname is not a valid hostname, this is not what we want.</para>
<para>We have just created an element path whose XML structure looks like the following:</para><screen>
<![CDATA[<email>
    <isp>
        <IMAP>
            <hostname>imap.server.com</hostname>
        </IMAP>
    </isp>
</email>
]]></screen><para>When an application needs to retrieve the content for the element path we have just created, it will send the GET command (libpwmd does this part) to the pwmd server. You can retrieve the content of an element path by using the GET command in pwmc, too:</para><screen>
<![CDATA[pwm> GET email<TAB>isp<TAB>IMAP<TAB>hostname
XFER 0 15
XFER 15 15
imap.server.com
]]></screen><para>Remember that in interactive mode and when not doing a server inquire, you will need to press CTRL-V before pressing TAB.</para>
<para>The XFER lines are status messages. They show the current and total length of the data transfered in bytes. The last line is the value of the element path we just created.</para>
<para>Let us create the rest of the needed elements:</para><screen>
<![CDATA[pwm> STORE email<TAB>isp<TAB>IMAP<TAB>port<TAB>993<CTRL-D><CTRL-D>
pwm> STORE
email<TAB>isp<TAB>IMAP<TAB>ssl<TAB>1<CTRL-D><CTRL-D>
pwm> STORE
email<TAB>isp<TAB>username<TAB>myusername<CTRL-D><CTRL-D>
pwm> STORE
email<TAB>isp<TAB>password<TAB>mypassword<CTRL-D><CTRL-D>
]]></screen><para>Now the element structure for the root "email" element looks like this:</para><screen>
<![CDATA[<email>
    <isp>
        <IMAP>
              <hostname>imap.server.com</hostname>
              <port>993</port>
              <ssl>1</ssl>
        </IMAP>
        <username>myusername</username>
        <password>mypassword</password>
    </isp>
</email>
]]></screen><para>If you wanted to change your password (after changing it on the mail server, of course) just do as you did when initially creating the password element path. The new content will overwrite the existing content:</para><screen>
<![CDATA[pwm> STORE
email<TAB>isp<TAB>password<TAB>newpassword<CTRL-D><CTRL-D>
]]></screen><para>An application using libpwmd that needs to know mail server information now has all the information it needs. The only thing left to do now is to save the changes:</para><screen>
<![CDATA[pwm> <CTRL-D>
]]></screen><para>After pressing &lt;CTRL-D&gt; a prompt will be shown asking what to do. Press &ldquo;s&rdquo; to save what we have created.</para>
<para>Since this is a new file, you will be prompted for a passphrase to use for encryption. Once done, the data file is encrypted and written to disk and the passphrase is cached in pwmd so you do not need to enter it the next time your data file is opened or saved. There are a few pwmd configuration parameters that affect how this operates. See the pwmd documentation for details.</para>
<para>Various applications using libpwmd may have different element path requirements. Refer to the documentation of each application that supports pwmd for the required elements.</para></sect1><sect1 id='sec.Linking-elements-1' >
<title><!-- anchor id="sec.Linking-elements-1" -->Linking elements</title>
<para>One distinguishing feature of pwmd is the ability to share data of an element path with another. For example, if your ISP lets you host a blog on their server and you use a blogging client that supports pwmd to edit your posts, you can share authentication information with the email example above when the account details are the same. When element linking is used, this avoids the need to change the content for both the blogging and email password elements.</para>
<para>This is done by setting a special &ldquo;target&rdquo; attribute for an element. It behaves similarly to the HTML &ldquo;target&rdquo; attribute or XML entities or a symbolic link on a filesystem. </para>
<para>Let's create an example blogging element path:</para><screen>
<![CDATA[pwm> STORE
blog<TAB>isp<TAB>hostname<TAB>blog.myisp.com<CTRL-D><CTRL-D>

pwm> ATTR SET target blog<TAB>isp<TAB>username email<TAB>isp<TAB>username
pwm> ATTR SET target blog<TAB>isp<TAB>password email<TAB>isp<TAB>password
]]></screen><para>Now each access of the "blog/isp/username" and "blog/isp/password" element paths, which were created if they did not already exist, will point to "email/isp/username" and "email/isp/password" respectively. To get the value or content of an element that contains a "target" attribute without following any &ldquo;target&rdquo; attribute, prefix the element with a '!' when specifying it in an element path. For example:</para><screen>
<![CDATA[pwm> GET blog<TAB>isp<TAB>!password
ERR 536870938: No value
]]></screen><para>An error is returned because we have not assigned a value to the literal element. A literal element is an element that either contains no "target" attribute or ignores it by prefixing the element with the mentioned literal element character '!'. Let us try storing an example password to the literal element to show usage:</para><screen>
<![CDATA[pwmd> STORE
blog<TAB>isp<TAB>!password<TAB>newpassword<CTRL-D><CTRL-D>
]]></screen><para>Now when we redo the previous GET command:</para><screen>
<![CDATA[pwm> GET blog<TAB>isp<TAB>!password
XFER 0 11
XFER 11 11
newpassword
]]></screen><para>This is the value of the literal password element of the element path. To follow the element path stored in the "target" attribute, omit the '!' in the password element. This will return the &ldquo;email/isp/password&rdquo; element content:</para><screen>
<![CDATA[pwm> GET blog<TAB>isp<TAB>password
XFER 0 10
XFER 10 10
mypassword
]]></screen><para>A "target" attribute may also refer to another element with a "target" attribute. Every "target" attribute will be followed until there are no others to resolve. To get the real element path and resolve all "target" attributes, use the REALPATH command:</para><screen>
<![CDATA[pwm> REALPATH blog<TAB>isp<TAB>password
XFER 0 30
XFER 30 30
!email<TAB>!isp<TAB>!password
]]></screen><para>As you can see each element is prefixed with the literal '!' character meaning that no "target" attribute exists in any element of the resulting element path.</para>
<para>Using the LIST command is useful to show the element structure of a document. The XFER status messages have been omitted:</para><screen>
<![CDATA[pwm> LIST
!email
!blog
pwm> LIST !email
!email
!email<TAB>!isp
!email<TAB>!isp<TAB>!username
!email<TAB>!isp<TAB>!password
!email<TAB>!isp<TAB>!IMAP<TAB>!hostname
!email<TAB>!isp<TAB>!IMAP<TAB>!port
!email<TAB>!isp<TAB>!IMAP<TAB>!ssl
pwm> LIST !blog
!blog
!blog<TAB>!isp
!blog<TAB>!isp<TAB>!username
!blog<TAB>!isp<TAB>username
!blog<TAB>!isp<TAB>!password
!blog<TAB>!isp<TAB>password
]]></screen><para>Notice that there are two username and password elements in the &ldquo;blog&rdquo; element path: each with and without the literal element character prefix. This shows that both the username and password elements contain a "target" attribute.</para>
<para>For the final example, we will remove the &ldquo;target&rdquo; attribute of the blogging password element:</para><screen>
<![CDATA[pwm> ATTR DELETE target blog<TAB>isp<TAB>!password
]]></screen><para>If we were to have omitted the '!' from the password element then pwmd would try to remove the "target" attribute from the "email/isp/password" element path. That would return an error because no &ldquo;target&rdquo; attribute had been set for that element.</para>
<para>Note that the "blog" and "isp" elements have no literal element character prepended to them in the example. It is not needed because they have no &ldquo;target&rdquo; attribute themselves.</para>
<para>Using &ldquo;target&rdquo; attributes can be confusing. The best way to get the hang of linking elements is to experiment and use the LIST and DUMP commands to show the document structure. Remember to use the literal element prefix '!' when you do not want to follow any "target" attributes.</para></sect1></article>