[augeas-devel] possible bug with krb5.conf lense
Dominic Cleal
dcleal at redhat.com
Thu Nov 14 08:47:22 UTC 2013
On 13/11/13 17:09, James Eckersall wrote:
> Hi,
>
>
>
> I'm using augeas-0.9.0-4.el6.x86_64 under CentOS 6.4and I believe I have
> discovered a bug with the lense that handles /etc/krb5.conf.
>
>
>
> The file has a section like the following:
>
>
>
> [appdefaults]
>
> pam = { debug = false
>
> }
>
>
>
> This causes errors in /var/log/secure like the following (and breaks
> kerberos auth):
>
>
>
> pam_krb5[30146]: error initializing kerberos: -1765328248 (Improper
> format of Kerberos configuration file)
>
>
>
> I have narrowed it down to the fact that there is no newline after the {
>
>
>
> If I change the file to the following, it works fine.
>
>
>
> [appdefaults]
>
> pam = {
>
> debug = false
>
> }
>
>
>
> I'm using augeas via puppet as per the following:
>
[snip]
>
>
> If I manually add the newline, the puppet run detects no changes, so it
> looks to me like augeas is making no distinction between the newline and
> not.
>
>
>
> Could someone please confirm whether this is indeed a bug?
It seems to have been fixed between 0.9.0 and the current release,
1.1.0. I can reproduce it on the former, but not the latter:
augtool> set /augeas/context /files/etc/krb5.conf
augtool> set appdefaults/forwardable true
augtool> set appdefaults/application pam
augtool> set appdefaults/application/debug false
augtool> save
Saved 1 file(s)
augtool> ^Z
[1]+ Stopped augtool -r /tmp/k5
$ cat /tmp/k5/etc/krb5.conf
[appdefaults]
forwardable = true
pam = {
debug = false
}
The syntax looks correct now.
--
Dominic Cleal
Red Hat Engineering
More information about the augeas-devel
mailing list