[augeas-devel] Re: New example at creating a lens
Jeff Johnson
n3npq at mac.com
Wed Jul 15 17:57:29 UTC 2009
On Jul 15, 2009, at 1:45 PM, David Lutterkort wrote:
> On Wed, 2009-07-15 at 13:30 -0400, Jeff Johnson wrote:
>> How do you wish lenses packaged? With RPM, you have essentially
>> the same chicken <-> egg problem that SELinux policy
>> is fighting, lenses within *.rpm payloads cannot be used
>> with helpers during the transaction that includes
>> the updated lenses.
>
> It should be less complex than SELinux policy: if the package
> contains /usr/share/augeas/lenses/foo.aug, %pre scripts will use the
> old
> version of the lens, and %post scripts will use the new one.
>
The statement "should be less complex", while desireable and
well understood, doesn't change the nature of the problem.
The mechanisms (and implementations) for handling both Augeas
and SELinux metadata are closely similar.
Note that an unbootable machine, because some configuration change
happened incorrectly because of mis-ordering, is perhaps worse than
SELinux policy packaging issues because SELinux can always be
globally disabled until They Get It Right, not true for "configuration
management".
> Of course, if you need to use both, you might have to save the old one
> in %pre in some temp location, and in %post set things up manually
> through /augeas/load and delete the temp lens when you're done.
>
Sure one has to go to great lengths to avoid data loss. Not that
*.rpmnew (and its analogue *.augnew) are very effective, its quite
easy to clobber content when changes are nested more than 1 level
deep.
Note that the better answer is VCS, not .1 ... .2 ... .3 ... Yet More
Suffixing
chaining. But I digress (until I get subversion embedded this summer
for RPM %config handling) ...
73 de Jeff
More information about the augeas-devel
mailing list