[config-model-users] [augeas-devel] Re: Semantic problem in augeas sshd lens ?
David Lutterkort
lutter at redhat.com
Tue Sep 2 17:36:23 UTC 2008
On Mon, 2008-09-01 at 14:08 +0200, Dominique Dumont wrote:
> Once we agree on the expected structure, I'll modify sshd lense
> according to the test case.
One general note on tests (and I know that you've just followed examples
in mercurial): I _much_ prefer it if the tests are short and succinct,
since it makes it much easier to figure out what a test is trying to
achieve and, more importantly, what a certain test breakage means. I
know we have lots of tests that use large files as input - that's
usually good to get started, but for the most part shorter tests are
preferrable, e.g.
test Sshd.lens get "HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key\n" =
{ "HostKey" = "/etc/ssh/ssh_host_rsa_key" }
{ "HostKey" = "/etc/ssh/ssh_host_dsa_key" }
> test Sshd.lns get accept_env =
> { "Protocol" = "2" }
> @@ -12,6 +50,54 @@
> { "AcceptEnv"
> { "6" = "LC_IDENTIFICATION" }
> { "7" = "LC_ALL" } }
> + { "Port" = "22" }
> + { "HostKey"
> + { "1" = "/etc/ssh/ssh_host_rsa_key" }
> + { "2" = "/etc/ssh/ssh_host_dsa_key" } }
Here you're much better off if you map multiple 'HostKey' lines into
separate nodes, i.e.
{ "HostKey" = "/etc/ssh/ssh_host_rsa_key" }
{ "HostKey" = "/etc/ssh/ssh_host_dsa_key" }
No need to treat HostKey special. If you need all host keys, you can
call aug_match with the path '/files/etc/ssh/sshd_config/HostKey' - that
will list all entries with a host key.
The problem is that HostKey lines don't need to be consecutive, and you
the order of entries in the tree must follow the order in the file.
> + { "Subsystem"
> + { "sftp" = "/usr/lib/openssh/sftp-server" } }
Ok.
> + { "Match"
> + { "1"
> + { "User" = "sarko" }
> + { "Group" = "pres.*" }
> + { "Elements"
> + { "Banner" = "/etc/bienvenue.txt" }
> + { "X11Forwarding" = "no" } } }
I would map that into
{ "Match"
{ "Condition" { "User" = "sarko" }}
{ "Condition" { "Group" = "pres.*" }}
{ "Banner" = "/etc/bienvenue.txt" }
{ "X11Forwarding" = "no" } }
David
More information about the augeas-devel
mailing list