[augeas-devel] [PATCH] Add sudoers lens and associated test
David Lutterkort
dlutter at redhat.com
Wed Aug 13 01:04:45 UTC 2008
On Tue, 2008-08-12 at 23:44 +0200, Raphaël Pinson wrote:
> One question about this:
>
> > +
> (***********************************************************************************
> > + * Parameter ::= Parameter '=' Value |
> > + * Parameter '+=' Value |
> > + * Parameter '-=' Value |
> > + * '!'* Parameter
> > +
> ***********************************************************************************)
> > + let parameter = [ label "parameter" .
> sto_to_com ]
>
>
> What do you think about splitting the values from the
> parameter names in
> the tree ?
>
> I thought about that, too. I stayed with a very simple description of
> it so far, because I'm not sure how to represent the different
> attributions. Something like:
>
> Defaults param1="value1", param2+="value2", param3-="value3", !param4
>
> could become
>
> { "Defaults"
> { "parameter"
> { "name" = "param1" }
> { "type" = "=" }
> { "value" = "value1" } }
> { "parameter"
> { "name" = "param2" }
> { "type" = "+=" }
> { "value" = "value2" } }
> { "parameter"
> { "name" = "param3" }
> { "type" = "-=" }
> { "value" = "value3" } }
> { "parameter"
> { "name" = "param4" }
> { "negate" = "!" } } }
I would turn it into
{ "Defaults"
{ "parameter"
{ "name" = "param1" }
{ "value" = "value1" } }
{ "parameter"
{ "add" }
{ "name" = "param2" }
{ "value" = "value2" } }
{ "parameter"
{ "remove" }
{ "name" = "param3" }
{ "value" = "value3" } }
{ "parameter"
{ "negate" }
{ "name" = "param4" }
{ "negate" = "!" } } }
> Somehow I'm not sure it's any easier to use than the way it currently
> is. It might even be confusing because there's different fields for
> key/value pairs and for flags. Not sure, really...
I agree .. for now probably best left alone; we can always revisit this
if somebody needs more finegrained access to parameters.
> Maybe you're talking about the '!'* part here. This is another thing
> that would be quite hard for us to parse, if even possible. The
> parameter can be preceded by any amount of '!', each overriding the
> other. an even amount of them will cancel the effect of it. It's
> really this kind of syntax that made me choose to stay away from
> analyzing what takes place inside the Parameter fields.
Yeah, evaluating the '!' and producing the right tree node would be
somewhat nasty, but you could do it by matching either '(!!)*' or
'!(!!)*' and producing different trees depending on which of those two
would match.
But I agree that it's probably more trouble than it's worth.
David
More information about the augeas-devel
mailing list