wallet 1.0


The wallet is a system management tool for storing and retrieving secure data. I originally wrote it as part of our Kerberos v5 migration project to replace the old Kerberos v4 system we had for distributing srvtabs. It's still mostly used at Stanford for distributing keytabs, but it's extensible and supports storing arbitrary secure data. We also use it internally for storing database passwords, SSL private keys, and anything else that needs to be kept secure and retrieved later. It supports a rich ACL mechanism and namespace enforcement and is built on top of remctl for security and confidentiality.

I did a bunch of development on it originally in 2006 and 2007, but then it solved our immediate problems and I didn't have much time to work on it. I used pre-1.0 versions because there was so much more on it that I wanted to do. But we've been running it in production for years, and while there's still tons more work that needs to be done, it really deserves a 1.0 version. Jon Robertson converted the database backend to DBIx::Class (which added PostreSQL support) and implemented schema upgrading, which were two of the major things that were keeping me from putting a 1.0 version on it. So it's time.

Other new features since the previous release include a change to the default ACLs so that owners of objects can destroy them by default, a new ldap-attr ACL type that checks whether the caller has a particular attribute set in LDAP (which will let us use our entitlement system to control access), and support for storing and managing key rotation for WebAuth keyrings. There's also a new acl check command to determine whether an ACL exists and a new comment field and command to store an arbitrary comment about an object.

Our local naming policy has also gotten much more complex, so I turned it into a module to provide an example to others of how to implement some reasonably detailed namespace and object autocreation controls.

You can get the latest version from the wallet distribution page. I'm going to upgrade Debian packages to experimental or unstable (depending on the freeze status) as soon as I get a chance to write a bit more documentation and hopefully figure out debconf integration with the database setup support inside Debian for the server piece.

Posted: 2013-03-27 20:39 — Why no comments?

Last spun 2022-02-06 from thread modified 2013-03-28