[augeas-devel] Augeas and likewise-open

Marcello de Sousa lists at area151.com
Tue Sep 29 22:05:04 UTC 2009 

Hi David,

You are right about the whitespace. As soon as I have time I'll test the
more complex regex as you suggested:

>  let value = store /[^;# \t\n{}]|[^;# \t\n{}][^;#\t\n{}]*[^;# \t\n{}]/

For now, I send here a sample of the krb5.conf before and after
likewise-open modifications:
 
krb5.conf_before lw open :
========================
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 EXAMPLE.COM = {
  kdc = kerberos.example.com:88
  admin_server = kerberos.example.com:749
  default_domain = example.com
 }

[domain_realm]
 .example.com = EXAMPLE.COM
 example.com = EXAMPLE.COM

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
========================


Krb5.conf_after lw open:
========================
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 dns_lookup_realm = false
 dns_lookup_kdc = true
 default_tgs_enctypes = RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
 default_tkt_enctypes = RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
 preferred_enctypes = RC4-HMAC DES-CBC-MD5 DES-CBC-CRC

[realms]
 EXAMPLE.COM = {
  kdc = kerberos.example.com:88
  admin_server = kerberos.example.com:749
  default_domain = example.com
 }
 TEST.MYDOMAIN.LOCAL = {
  auth_to_local =
RULE:[1:$0\$1](^TEST\.MYDOMAIN\.LOCAL\\.*)s/^TEST\.MYDOMAIN\.LOCAL/TESTMYDOM
AIN/
  auth_to_local = DEFAULT
 }

[domain_realm]
 .example.com = EXAMPLE.COM
 example.com = EXAMPLE.COM

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
   mappings = TESTMYDOMAIN\\(.*) $1 at TEST.MYDOMAIN.LOCAL
   validate = true
 }
 httpd = {
   mappings = TESTMYDOMAIN\\(.*) $1 at TEST.MYDOMAIN.LOCAL
   reverse_mappings = (.*)@TEST\.MYDOMAIN\.LOCAL TESTMYDOMAIN\$1
 }
========================

Cheers,
Marcello




> -----Original Message-----
> From: augeas-devel-bounces at redhat.com [mailto:augeas-devel-
> bounces at redhat.com] On Behalf Of David Lutterkort
> Sent: dinsdag 29 september 2009 19:29
> To: augeas-devel at redhat.com
> Subject: Re: [augeas-devel] Augeas and likewise-open
> 
> Hi Marcello,
> 
> On Mon, 2009-09-28 at 23:53 +0200, Marcello de Sousa wrote:
> > I wanted to use augeas to manage my /etc/krb5.conf but the standard
> krb5.aug
> > lens doesn't work after likewise-open modifies it.
> 
> Do you have some before/after examples - I am not familiar with
> likewise-open at all.
> 
> > The lens should support white spaces in the value field, and a "kdc"
> section
> > (present on RH4).
> 
> The kdc section is fine to add; allowing spaces in values requires a
> little more finesse, and I am not sure what exactly the krb5 libs allow
> there. But this change is problematic:
> 
> > -let value = store /[^;# \t\n{}]+/
> > +let value = store /[^;#\t\n{}]+/
> >  let entry (kw:regexp) (sep:lens) (comment:lens)
> >      = [ indent . key kw . sep . value . (comment|eol) ] | comment
> 
> since sep matches /[ \t]*=[ \t]*/: it's now not clear whether
> whitespace
> after the '=' should be part of 'sep', and therefore not appear in the
> tree, or be part of 'value'.
> 
> I suspect you'll need a more complicated regexp that essentially says
> 'allow whitespace inside a value', i.e. something like
> 
>         let value = store /[^;# \t\n{}]|[^;# \t\n{}][^;#\t\n{}]*[^;#
> \t\n{}]/
> 
> this becomes a little clearer with abbreviations for the 'allow space'
> and 'no space' regexps:
> 
>         let value =
>           let n = /[^;# \t\n{}]/ in (* no space allowed *)
>           let s = /[^;#\t\n{}]/ in  (* space allowed *)
>           store (n | n . s* . n)
> 
> As for how to submit: you should modify the tests in
> tests/test_krb5.conf to add something that exercises your lens changes
> and run that through 'augparse -I some_dir/
> lenses/tests/test_krb5.conf' (where some_dir is where your modified
> krb5.conf lives)
> 
> As for what to submit: ideally you'd use 'git format-patch' and 'git
> send-email', but a unified diff is good enough for this change.
> 
> David
> 
> 
> _______________________________________________
> augeas-devel mailing list
> augeas-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/augeas-devel

More information about the augeas-devel mailing list