[augeas-devel] Match question!
Raphaël Pinson
raphink at gmail.com
Fri Sep 14 07:43:15 UTC 2012
Hi James,
sshd_config and match groups are nearly impossible to manage directly
with the augeas provider in puppet. For this reason, I added an
sshd_config ruby provider [0] to the augeasproviders project a few
months ago:
sshd_config { 'PermitTunnel':
value => 'yes',
}
will do what you need, whether there is a match group or not.
Raphaël
[0] http://forge.puppetlabs.com/domcleal/augeasproviders
On Fri, Sep 14, 2012 at 8:49 AM, James Patterson
<jamespatterson at operamail.com> wrote:
>
> Two questions about Match, both using sshd_config as an example.
>
> Calling augeas from Puppet, I can do this:
>
> context => '/files/etc/ssh/sshd_config',
> changes => [
> 'ins PermitTunnel before Match[1]',
> 'set PermitTunnel yes',
> ],
> onlyif => 'get PermitTunnel != yes',
>
> My problem is that I normally don't have a Match block (and would like
> to avoid creating a dummy one).
>
> 1. How can I insert the parameter before the Match block if the Match
> block exists, otherwise just insert the parameter?
>
> 2. How does it work with this line? (the line already exists in the
> config)
>
> Set Subsystem sftp /usr/libexec/openssh/sftp-server
>
> context => '/files/etc/ssh/sshd_config',
> changes => [
> 'ins Subsystem before Match[1]',
> 'set Subsystem/sftp "internal-sftp"',
> ],
> onlyif => 'get Subsystem/sftp != "internal-sftp"',
>
> (do I really need the onlyif part?)
>
> Thanks.
> --
> James Patterson
> jamespatterson at operamail.com
>
> --
> http://www.fastmail.fm - Send your email first class
>
> _______________________________________________
> augeas-devel mailing list
> augeas-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/augeas-devel
More information about the augeas-devel
mailing list