summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMary Umoh <umohm12@gmail.com>2017-08-26 00:04:06 +0200
committerDylan William Hardison <dylan@hardison.net>2017-08-26 00:04:06 +0200
commit5be760d8cbdcf0d895b0f13a28b579d771bc192c (patch)
treedba77fbb68b1aa01a73fda955f8f7406f91e7958
parent1feabf50777a6f0f4193f467faad9f996e729367 (diff)
downloadbugzilla-5be760d8cbdcf0d895b0f13a28b579d771bc192c.tar.gz
bugzilla-5be760d8cbdcf0d895b0f13a28b579d771bc192c.tar.xz
Bug 1393532 - Document sanitizeme.pl script
-rwxr-xr-xscripts/sanitizeme.pl100
1 files changed, 100 insertions, 0 deletions
diff --git a/scripts/sanitizeme.pl b/scripts/sanitizeme.pl
index 0fc2d74d9..48a618d12 100755
--- a/scripts/sanitizeme.pl
+++ b/scripts/sanitizeme.pl
@@ -236,3 +236,103 @@ sub disable_email_delivery {
# have to be in the profiles table
$dbh->do("UPDATE flagtypes SET cc_list = NULL");
}
+
+=head1 NAME
+
+sanitizeme.pl - remove sensitive information from a bugzilla database
+
+=head1 SYNOPSIS
+
+ perl scripts/sanitizeme.pl [options]
+
+=head1 DESCRIPTION
+
+The sanitizeme.pl script removes the following things from the BMO database. It
+is assumed that everything not removed here is sanitized. B<Sanitized> for the
+purposes of this document means "ready to deployed to the staging and
+development environments"
+
+=over 4
+
+=item 1
+
+user password hashes are cleared (unless --keep-passwords is given)
+
+=item 2
+
+User API keys, session tokens, and other data that can be used for authentication are removed.
+
+=item 3
+
+private products (products that aren't visible when you're not logged in, e.g. Legal or Marketing)
+
+=item 4
+
+security bugs (which are bugs that belong to a group)
+
+=item 5
+
+private attachments, or attachments on bugs that are security bugs
+
+=item 6
+
+All attachment *data* is removed. This means the /content/ of all attachments is deleted, but the name remains (except as mentioned above).
+
+=item 7
+
+request logs (last bug visit, user_request_log, audit log)
+
+=item 9
+
+Saved searches are removed.
+
+=item 10
+
+comments (insider group comments, and deleted comments)
+
+=back
+
+=head1 OPTIONS
+
+The following options influence the behavior of this script
+
+=head2 --execute
+
+When present, the script actually makes changes to the DB.
+Without this option, no changes will be made.
+
+=head2 --keep-attachments
+
+Disables removal of attachment content (unless --keep-attachments is given)
+
+=head2 --keep-passwords
+
+Disable resetting passwords (unless --keep-passwords is given)
+
+=head2 --keep-insider
+
+Disable removal of insider comments and attachments (unless --keep-insider is given)
+
+=head2 --keep-group-bugs
+
+Disable removal of the specified groups and associated bugs (unless --keep-group-bugs is given)
+
+=head2 --keep-groups
+
+Disable removal of group definitions (unless --keep-groups is given)
+
+=head2 --enable-email
+
+Do not disable email for all users
+
+=head2 --dry-run
+
+Do not update the database, just output what will be deleted
+
+=head2 --from-cron
+
+Quite mode - suppress non-warning/error output
+
+=head2 --trace
+
+Output sql statements