[augeas-devel] [Augeas] #341: augtool fails to write the sudoers file when negating syslog logging

Augeas trac at fedorahosted.org
Wed Apr 24 17:36:03 UTC 2013 

#341: augtool fails to write the sudoers file when negating syslog logging
---------------------+---------------------
 Reporter:  sirinek  |       Owner:  lutter
     Type:  defect   |      Status:  new
 Priority:  major    |   Milestone:  next
Component:  Augeas   |     Version:  1.0.0
 Keywords:  sudoers  |  Blocked By:
 Blocking:           |
---------------------+---------------------
 I cannot get augtool to write out a sudoers file when I set !syslog in the
 Defaults section. It works with other default parameters such as
 requiretty, so I don't believe it's an error on my part.

 If I manually add !syslog to the Defaults in my sudoers file and then run
 augtool and save the file, there are no errors reading and writing the
 file.

 Here's some output... prior to when I ran augtool, neither the !requiretty
 nor the !syslog were present in the file, they were both new defaults
 added in augtool.

 root at myhost # augtool[[BR]]

 augtool> set /files/usr/local/etc/sudoers.d/defaults
 /Defaults[count(type)=0]/requiretty/negate ""[[BR]]


 augtool> save[[BR]]

 Saved 1 file(s)

 augtool> set
 /files/usr/local/etc/sudoers.d/defaults/Defaults[count(type)=0]/syslog/negate
 ""

 augtool> save

 error: Failed to execute command[[BR]]
 saving failed (run 'print /augeas/ /error' for details)[[BR]]


 {{{
 augtool> print /augeas/files/usr/local/etc/sudoers.d/defaults/error/
 /augeas/files/usr/local/etc/sudoers.d/defaults/error = "put_failed"
 /augeas/files/usr/local/etc/sudoers.d/defaults/error/path =
 "/files/usr/local/etc/sudoers.d/defaults/Defaults"
 /augeas/files/usr/local/etc/sudoers.d/defaults/error/lens =
 "/usr/local/share/augeas/lenses/dist/sudoers.aug:432.17-433.52:"
 /augeas/files/usr/local/etc/sudoers.d/defaults/error/message = "Failed to
 match \n    { /type/ = /[!:>@][^\\001-\\004\\t\\n \\\\]+/ }?({
 /always_set_home|authenticate|env_editor|env_reset|fqdn|ignore_dot|ignore_local_sudoers|insults|log_host|log_year|long_otp_prompt|mail_always|mail_badpass|mail_no_host|mail_no_perms|mail_no_user|noexec|path_info|passprompt_override|preserve_groups|requiretty|root_sudo|rootpw|runaspw|set_home|set_logname|setenv|shell_noargs|stay_setuid|targetpw|tty_tickets|visiblepw|closefrom_override|closefrom_override|compress_io|fast_glob|log_input|log_output|pwfeedback|umask_override|use_pty/
 } | { /passwd_tries/ = /[0-9]+/ } | {
 /loglinelen|passwd_timeout|timestamp_timeout|umask|loglinelen|passwd_timeout|timestamp_timeout|umask/
 = /[0-9]+/ } | {
 /badpass_message|editor|mailsub|noexec_file|passprompt|runas_default|syslog_badpri|syslog_goodpri|timestampdir|timestampowner|secure_path/
 = /[^\\001-\\004\\t\\n \"#,=\\\\]+|\"[^\\001-\\004\\n\"#,=\\\\]+\"/ } | {
 /exempt_group|lecture|lecture_file|listpw|logfile|mailerflags|mailerpath|mailto|exempt_group|syslog|verifypw|logfile|mailerflags|mailerpath|mailto|syslog|verifypw|exempt_group|lecture|lecture_file|listpw|logfile|mailerflags|mailerpath|mailto|exempt_group|syslog|verifypw|logfile|mailerflags|mailerpath|mailto|syslog|verifypw/
 = /[^\\001-\\004\\t\\n \"#,=\\\\]+/ } | {
 /env_check|env_delete|env_keep|env_check|env_delete|env_keep/ })({
 /always_set_home|authenticate|env_editor|env_reset|fqdn|ignore_dot|ignore_local_sudoers|insults|log_host|log_year|long_otp_prompt|mail_always|mail_badpass|mail_no_host|mail_no_perms|mail_no_user|noexec|path_info|passprompt_override|preserve_groups|requiretty|root_sudo|rootpw|runaspw|set_home|set_logname|setenv|shell_noargs|stay_setuid|targetpw|tty_tickets|visiblepw|closefrom_override|closefrom_override|compress_io|fast_glob|log_input|log_output|pwfeedback|umask_override|use_pty/
 } | { /passwd_tries/ = /[0-9]+/ } | {
 /loglinelen|passwd_timeout|timestamp_timeout|umask|loglinelen|passwd_timeout|timestamp_timeout|umask/
 = /[0-9]+/ } | {
 /badpass_message|editor|mailsub|noexec_file|passprompt|runas_default|syslog_badpri|syslog_goodpri|timestampdir|timestampowner|secure_path/
 = /[^\\001-\\004\\t\\n \"#,=\\\\]+|\"[^\\001-\\004\\n\"#,=\\\\]+\"/ } | {
 /exempt_group|lecture|lecture_file|listpw|logfile|mailerflags|mailerpath|mailto|exempt_group|syslog|verifypw|logfile|mailerflags|mailerpath|mailto|syslog|verifypw|exempt_group|lecture|lecture_file|listpw|logfile|mailerflags|mailerpath|mailto|exempt_group|syslog|verifypw|logfile|mailerflags|mailerpath|mailto|syslog|verifypw/
 = /[^\\001-\\004\\t\\n \"#,=\\\\]+/ } | {
 /env_check|env_delete|env_keep|env_check|env_delete|env_keep/ })*({
 /#comment/ = /[^\\001-\\004\\t\\n\\r
 ][^\\001-\\004\\n]*[^\\001-\\004\\t\\n\\r ]|[^\\001-\\004\\t\\n\\r ]/ } |
 ())\n  with tree\n    { \"log_year\" } { \"logfile\" =
 \"/var/log/sudo.log\" } { \"requiretty\" } { \"syslog\" }"
 augtool>
 }}}

-- 
Ticket URL: <https://fedorahosted.org/augeas/ticket/341>
Augeas <http://augeas.net/>
a configuration API

More information about the augeas-devel mailing list