[augeas-devel] Re: [config-model-users] Semantic problem in augeas sshd lens ?

Raphaël Pinson raphink at gmail.com
Fri Aug 1 12:09:10 UTC 2008 

2008/8/1 Dominique Dumont <dominique.dumont at hp.com>

>
> Hello
>
> I'm still testing Augeas with Config::Model [1] by loading sshd_config
> in Config::Model through Config::Model::OpenSsh [2] and Augeas [3].
>
> This currently fails because the semantic of sshd_config Subsystem is
> interpreted differently on Augeas and in Config::Model::OpenSsh (the
> model of sshd_config)
>
> Augeas considers Subsystem to be a simple value (a leaf in
> config-model terminology):
>
> /files/etc/ssh/sshd_config/Subsystem = "sftp /usr/lib/openssh/sftp-server"
>
> Where as, from the sshd_config man page and ssh man page, I
> interpreted this as a hash:
>
> man sshd_config:
>
> Subsystem Configures an external subsystem (e.g. file transfer
>             daemon).  Arguments should be a subsystem name and a
>             command (with optional arguments) to execute upon
>             subsystem request. The command sftp-server(8) implements
>             the "sftp" file transfer subsystem. Alternately the
>             name "internal-sftp" implements an in-process "sftp"
>             server.  This may simplify configurations using
>             ChrootDirectory to force a different filesystem root on
>             clients. By default no subsystems are defined.  Note that
>             this option applies to protocol version 2 only.
>
>
> man ssh:
>
>   -s   May be used to request invocation of a subsystem on the remote
>        system.  Subsystems are a feature of the SSH2 protocol which
>        facili‐tate the use of SSH as a secure transport for other
>        applications (eg. sftp(1)).  The subsystem is specified as the
>        remote command.
>
>
> So, it looks like more than one subsystem can be configured in
> sshd_config so the lens should load it as an array.
>


It is an array as it is from what I understand. If you have several
Subsystem entries, they will be represented as :
/files/etc/ssh/sshd_config/Subsystem[1] = "sftp
/usr/lib/openssh/sftp-server"
/files/etc/ssh/sshd_config/Subsystem[2] = "internal-sftp /another/command"

Although I think it could well be split into :

{ "Subsystem"
    { "name" = "sftp" }
    { "command" = "/usr/lib/openssh/sftp-server" } }
{ "Subsystem"
    { "name" = "internal-sftp" }
    { "command" = "/another/command" } }


but that's another problem ;)



Raphaël
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20080801/38b4bf4d/attachment.htm>

More information about the augeas-devel mailing list