[augeas-devel] augeas for hosts.allow

mohammad kashif kashif.alig at gmail.com
Thu May 30 13:12:57 UTC 2013 

Hi Raphael

I know that it is not straight forward but is there any mechanism to remove
a entry from a node.

define ssh::hosts_allow($process,) {

   augeas { "Add ${name} - ${process}":
   context => "/files/etc/hosts.allow",
   changes => [ "set 01/process ${process}", "set 01/client[.='{$name}']
${name}" ],
   onlyif  => "match *[process='${process}'] size == 0",
  }


   augeas { "Add ${name} to ${process}":
   context => "/files/etc/hosts.allow",
   changes => "set *[process='${process}']/client[last()+1] ${name}",
   onlyif  => "match *[process='${process}']/client[.='${name}'] size == 0",
  }
}

I pass parameters like this
 ssh::hosts_allow { [ '1.1.1.1', '2.2.2.2' ]:
       process => 'sshd',


 At some stage if I want to remove 1.1.1.1, there is no straight forward
way to remove it from clients. A purge kind of thing. Any thought about it ?

One the other note there seems to be a bug that puppet can not pass ip with
subnet mask so I can not pass

  ssh::hosts_allow { [ '1.1.1.1', '2.2.2.2/255.255.255.0' ]:

Although I can do same thing with  augtool.

Thanks
Kashif




On Thu, May 30, 2013 at 11:46 AM, mohammad kashif <kashif.alig at gmail.com>wrote:

> Hi Raphael
> Thanks a lot for your quick response. It worked like a charm.
> Cheers
> Kashif
>
>
> On Thu, May 30, 2013 at 11:08 AM, Raphaël Pinson <
> raphael.pinson at camptocamp.com> wrote:
>
>> Hello Mohammad,
>>
>> In order to add entries to hosts.allow, you can use "01" as a number,
>> like:
>>
>> set /files/etc/hosts.allow/01/process[last()+1] xyz
>>
>> If you use this in Puppet, you will have to add an "onlyif" statement to
>> make sure the change is idempotent.
>>
>>
>> Raphaël
>>
>>
>>
>> On Thu, May 30, 2013 at 11:37 AM, mohammad kashif <kashif.alig at gmail.com>wrote:
>>
>>>
>>> Hi
>>>
>>> I want to add a new process in hosts.allow file through augeas. I can do
>>> like this
>>>
>>> set /files/etc/hosts.allow/2/process[last()+1] nrpe
>>>
>>> but here I have to explicitly mention line number (2 )
>>>
>>> so for next process I have to do
>>>
>>> set /files/etc/hosts.allow/3/process[last()+1] xyz
>>>
>>> Is there any way so I don't have to explicitly define this number. I
>>> want to use through puppet define.
>>>
>>>
>>> Thanks
>>> Kashif
>>>
>>> _______________________________________________
>>> augeas-devel mailing list
>>> augeas-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/augeas-devel
>>>
>>
>>
>>
>> --
>> Raphaël Pinson
>> Développeur et Formateur Infrastructure
>> +33 479 926 57 93
>>
>> Camptocamp France
>> Savoie Technolac
>> BP 352
>> 48, avenue du Lac du Bourget
>> 73372 Le Bourget du Lac, Cedex
>> www.camptocamp.com
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20130530/cfce2451/attachment.htm>

More information about the augeas-devel mailing list