[augeas-devel] [Augeas] #250: Changes to grub lens
Augeas
trac at fedorahosted.org
Sat Jan 14 10:21:29 UTC 2012
#250: Changes to grub lens
---------------------+--------------------
Reporter: erinn | Owner: lutter
Type: defect | Status: closed
Priority: major | Milestone: next
Component: Augeas | Version: 0.9.0
Resolution: fixed | Keywords:
Blocked By: | Blocking:
---------------------+--------------------
Changes (by domcleal):
* status: new => closed
* resolution: => fixed
Comment:
Replying to [ticket:250 erinn]:
> The password section for the grub lens is a bit strange, at least to my
eyes.
>
> (* View: password_arg *)
> let password_arg = [ key "password" .
> (spc . [ switch "md5" ])? .
> spc . store (/[^ \t\n]+/ - "--md5") .
> (spc . [ label "file" . store /[^ \t\n]+/ ])? .
> eol ]
>
> This ends up with a tree that has password = <password hash> and then a
sub node that is md5 = clear. I am no expert here but it seems like a more
intuitive flow would be password/md5 = <hash>.
I agree that it's more intuitive in isolation, but it works consistently
with the other GRUB commands such as terminal and serial that also take
"--" long arguments. In these, each argument gets added as a subnode in
the same way as md5 is an option to the password command.
Setting the md5 node's value to the password hash would make more sense if
the syntax was "password --md5=$1$...".
> Second bit, Red Hat has, as of 6.1, added support for sha256/512 hashes
not just md5 (see here: http://docs.redhat.com/docs/en-
US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/grub.html) and this
is supported via a --encrypted flag, so the line looks like this:
> password --encrypted <hash>
>
> So that needs to be added to the lens because right now it falls under
the file section. As a side note I noticed there is no test for file,
unfortunately I don't know much about the file directive.
Thanks for the info, I've fixed this in
90e76d70053b14e74c9c04f2e17b1581beab7a07 and added tests for the file
directive as you suggested.
> This was all tested on RHEL 6, but it is applicable to 0.10.0 and head
as well.
I've filed a bug against RHEL6 based on this fix:
https://bugzilla.redhat.com/show_bug.cgi?id=781690
If it's affecting you, I'd suggest you file a support case with Red Hat to
expedite the fix.
--
Ticket URL: <https://fedorahosted.org/augeas/ticket/250#comment:1>
Augeas <http://augeas.net/>
a configuration API
More information about the augeas-devel
mailing list