[augeas-devel] pg_hba.conf lens

Raphaël Pinson raphink at gmail.com
Wed Jun 1 21:16:30 UTC 2011 

Hi Glenn;

On Wed, Jun 1, 2011 at 10:30 PM, Glenn Buckholz <
glenn.buckholz at steelthread.com> wrote:

> I'm using SSL with postgres and am using puppet/augeas to manage the
> configs. The postgress lens is bailing when I do cert mapping to a user as
> follows:
>
>
> hostssl        user      db       10.0.0.1/24          cert clientcert=1
> map=certmap
>
>
> I think its here:
> let option = [ label "option" . store word ]
>
>
> I think you would need:
> let option_word = /regexforaword(=regexforaword)?/
> let option = [ label "option" . store option_word]
>
> OR
> create a sub tree for the option name value pairs.
>
>
In fact, the current lens doesn't support multiple options either. Here is a
patch to implement your need by allowing multiple options and mapping them
as subtrees. Let me know if it solves your problem. If it does, I'll commit
it.

diff --git a/lenses/pg_hba.aug b/lenses/pg_hba.aug
index 052cd06..dbaae25 100644
--- a/lenses/pg_hba.aug
+++ b/lenses/pg_hba.aug
@@ -43,10 +43,11 @@ module Pg_Hba =
     let address = [ label "address" . store ipaddr ]
     (* View: option
        part of <method> *)
-    let option = [ label "option" . store word ]
+    let option = [ label "option" . store Rx.word
+                 . [ Sep.equal . label "value" . store Rx.word ]? ]
     (* View: method
-       can contain an <option> *)
-    let method = [ label "method" . store Rx.word . ( Sep.tab . option )? ]
+       can contain <option>s *)
+    let method = [ label "method" . store Rx.word . ( Sep.tab . option )* ]

     (* Group: Records definitions *)

diff --git a/lenses/tests/test_pg_hba.aug b/lenses/tests/test_pg_hba.aug
index 4e1aa5e..a4aff4f 100644
--- a/lenses/tests/test_pg_hba.aug
+++ b/lenses/tests/test_pg_hba.aug
@@ -8,6 +8,7 @@ local   all         all                               ident
sameuser
 host    all         all         127.0.0.1/32          md5
 # IPv6 local connections:
 host    all         all         ::1/128               md5
+hostssl        user      db       10.0.0.1/24          cert clientcert=1
map=certmap
 "

     test Pg_Hba.lns get conf =
@@ -36,6 +37,17 @@ host    all         all         ::1/128               md5
             { "address" = "::1/128" }
             { "method" = "md5" }
         }
+        { "4"
+            { "type" = "hostssl" }
+            { "database" = "user" }
+            { "user"  = "db" }
+            { "address" = "10.0.0.1/24" }
+            { "method" = "cert"
+               { "option" = "clientcert"
+                   { "value" = "1" } }
+               { "option" = "map"
+                   { "value" = "certmap" } } }
+        }

 (* ------------------------------------------------------------- *)


Regards,

Raphaël
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20110601/0e19adb0/attachment.htm>

More information about the augeas-devel mailing list