[augeas-devel] pg_hba.conf lens
Raphaël Pinson
raphink at gmail.com
Wed Jun 1 21:16:30 UTC 2011
Hi Glenn;
On Wed, Jun 1, 2011 at 10:30 PM, Glenn Buckholz <
glenn.buckholz at steelthread.com> wrote:
> I'm using SSL with postgres and am using puppet/augeas to manage the
> configs. The postgress lens is bailing when I do cert mapping to a user as
> follows:
>
>
> hostssl user db 10.0.0.1/24 cert clientcert=1
> map=certmap
>
>
> I think its here:
> let option = [ label "option" . store word ]
>
>
> I think you would need:
> let option_word = /regexforaword(=regexforaword)?/
> let option = [ label "option" . store option_word]
>
> OR
> create a sub tree for the option name value pairs.
>
>
In fact, the current lens doesn't support multiple options either. Here is a
patch to implement your need by allowing multiple options and mapping them
as subtrees. Let me know if it solves your problem. If it does, I'll commit
it.
diff --git a/lenses/pg_hba.aug b/lenses/pg_hba.aug
index 052cd06..dbaae25 100644
--- a/lenses/pg_hba.aug
+++ b/lenses/pg_hba.aug
@@ -43,10 +43,11 @@ module Pg_Hba =
let address = [ label "address" . store ipaddr ]
(* View: option
part of <method> *)
- let option = [ label "option" . store word ]
+ let option = [ label "option" . store Rx.word
+ . [ Sep.equal . label "value" . store Rx.word ]? ]
(* View: method
- can contain an <option> *)
- let method = [ label "method" . store Rx.word . ( Sep.tab . option )? ]
+ can contain <option>s *)
+ let method = [ label "method" . store Rx.word . ( Sep.tab . option )* ]
(* Group: Records definitions *)
diff --git a/lenses/tests/test_pg_hba.aug b/lenses/tests/test_pg_hba.aug
index 4e1aa5e..a4aff4f 100644
--- a/lenses/tests/test_pg_hba.aug
+++ b/lenses/tests/test_pg_hba.aug
@@ -8,6 +8,7 @@ local all all ident
sameuser
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
+hostssl user db 10.0.0.1/24 cert clientcert=1
map=certmap
"
test Pg_Hba.lns get conf =
@@ -36,6 +37,17 @@ host all all ::1/128 md5
{ "address" = "::1/128" }
{ "method" = "md5" }
}
+ { "4"
+ { "type" = "hostssl" }
+ { "database" = "user" }
+ { "user" = "db" }
+ { "address" = "10.0.0.1/24" }
+ { "method" = "cert"
+ { "option" = "clientcert"
+ { "value" = "1" } }
+ { "option" = "map"
+ { "value" = "certmap" } } }
+ }
(* ------------------------------------------------------------- *)
Regards,
Raphaël
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20110601/0e19adb0/attachment.htm>
More information about the augeas-devel
mailing list