[augeas-devel] Saving failed error

[David Lutterkort]

On Fri, 2011-04-15 at 14:34 -0700, Jeff Schroeder wrote:
> I'm seeing a weird error with augeas 0.7.3. While adding a pam_access
> definition to /etc/pam.d/sshd, everything looks good and the save
> fails.

You're being hit by a double-whammy: (1) 0.7.3 has a bug that makes
'print /augeas//error' not print anything.

And part (2):

> /files/etc/pam.d/sshd/2
> /files/etc/pam.d/sshd/2/type = "account"
> /files/etc/pam.d/sshd/2/control = "required"
> /files/etc/pam.d/sshd/2/module = "pam_nologin.so"
> /files/etc/pam.d/sshd/access
> /files/etc/pam.d/sshd/access/type = "account"
> /files/etc/pam.d/sshd/access/control = "required"
> /files/etc/pam.d/sshd/access/module = "pam_access.so"
> /files/etc/pam.d/sshd/3
> /files/etc/pam.d/sshd/3/type = "account"
> /files/etc/pam.d/sshd/3/control = "include"
> /files/etc/pam.d/sshd/3/module = "system-auth"

You can't use the word 'access' as the label for the tree node - it has
to be an integer. I recommend using '01'. The technical explanation is
that the 'seq' lens which is responsible for producing the 1,2,3 etc.
underneath /files/etc/pam.d/sshd requires that the tree node has a
numeric label when it is saving the tree.

Change your commands to
        
        ins 01 after /files/etc/pam.d/sshd/*[type = 'account' and module = 'pam_nologin.so']
        set /files/etc/pam.d/sshd/01/type account
        set /files/etc/pam.d/sshd/01/control required
        set /files/etc/pam.d/sshd/01/module pam_access.so
        print /files/etc/pam.d/sshd
        save
        print /augeas//error

and enjoy the weekend ;)

David