[augeas-devel] [Augeas] #250: Changes to grub lens

Augeas trac at fedorahosted.org
Sat Jan 14 10:21:29 UTC 2012 

#250: Changes to grub lens
---------------------+--------------------
  Reporter:  erinn   |      Owner:  lutter
      Type:  defect  |     Status:  closed
  Priority:  major   |  Milestone:  next
 Component:  Augeas  |    Version:  0.9.0
Resolution:  fixed   |   Keywords:
Blocked By:          |   Blocking:
---------------------+--------------------
Changes (by domcleal):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Replying to [ticket:250 erinn]:
 > The password section for the grub lens is a bit strange, at least to my
 eyes.
 >
 >     (* View: password_arg *)
 >     let password_arg = [ key "password" .
 >       (spc . [ switch "md5" ])? .
 >       spc . store (/[^ \t\n]+/ - "--md5") .
 >       (spc . [ label "file" . store /[^ \t\n]+/ ])? .
 >       eol ]
 >
 > This ends up with a tree that has password = <password hash> and then a
 sub node that is md5 = clear. I am no expert here but it seems like a more
 intuitive flow would be password/md5 = <hash>.

 I agree that it's more intuitive in isolation, but it works consistently
 with the other GRUB commands such as terminal and serial that also take
 "--" long arguments.  In these, each argument gets added as a subnode in
 the same way as md5 is an option to the password command.

 Setting the md5 node's value to the password hash would make more sense if
 the syntax was "password --md5=$1$...".

 > Second bit, Red Hat has, as of 6.1, added support for sha256/512 hashes
 not just md5 (see here: http://docs.redhat.com/docs/en-
 US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/grub.html) and this
 is supported via a --encrypted flag, so the line looks like this:
 > password --encrypted <hash>
 >
 > So that needs to be added to the lens because right now it falls under
 the file section. As a side note I noticed there is no test for file,
 unfortunately I don't know much about the file directive.

 Thanks for the info, I've fixed this in
 90e76d70053b14e74c9c04f2e17b1581beab7a07 and added tests for the file
 directive as you suggested.

 > This was all tested on RHEL 6, but it is applicable to 0.10.0 and head
 as well.

 I've filed a bug against RHEL6 based on this fix:
 https://bugzilla.redhat.com/show_bug.cgi?id=781690

 If it's affecting you, I'd suggest you file a support case with Red Hat to
 expedite the fix.

-- 
Ticket URL: <https://fedorahosted.org/augeas/ticket/250#comment:1>
Augeas <http://augeas.net/>
a configuration API

More information about the augeas-devel mailing list