[augeas-devel] Yet more novice questions, Re: path expression question

David Lutterkort lutter at watzmann.net
Fri Oct 4 00:42:41 UTC 2013 

The simplest path expression for what you want is probably

/files/etc/sysconfig/iptables/table/append[dport = '22']

Writing just 'append' is the same as writing 'append[*]'; if you wanted to
find the dport entry, you'd write

/files/etc/sysconfig/iptables/table/append/dport[. = '22']

David


On Mon, Sep 30, 2013 at 2:30 PM, Patrick Spinler
<spinler.patrick at mayo.edu>wrote:

>
> NVM, sorry.  I see I had included an extra "/" in my expression.  Found
> my error only 2 minutes after sending out my inquiry, of course. :-(
>
> -- Pat, professional botherer of email lists with inane questions
>
> On 9/30/13 4:25 PM, Patrick Spinler wrote:
> >
> > Apologies for asking yet another novice question, but if I may, please?
> >
> > I'd like to construct an expression to match any iptables nodes with a
> > dport = <specific value>.  Here's an example:
> >
> > augtool> print /files/etc/sysconfig/iptables/table/append[28]
> > /files/etc/sysconfig/iptables/table/append[28] = "Mayo-Firewall-INPUT"
> > /files/etc/sysconfig/iptables/table/append[28]/protocol = "tcp"
> > /files/etc/sysconfig/iptables/table/append[28]/match = "tcp"
> > /files/etc/sysconfig/iptables/table/append[28]/dport = "21"
> > /files/etc/sysconfig/iptables/table/append[28]/jump = "ACCEPT"
> >
> > So, I thought I'd just have to say somethine like
> >
> >   match .../append[*]/*[dport = 'XXXX']
> >
> > but I'm not finding what I expect:
> >
> > augtool> match /files/etc/sysconfig/iptables/table/append[*]/*[dport =
> "21"]
> >   (no matches)
> > augtool> match /files/etc/sysconfig/iptables/table/*/*[dport = "21"]
> >   (no matches)
> > augtool> match /files/etc/sysconfig/iptables/table/*/*["dport" = "21"]
> >   (no matches)
> > augtool> match /files/etc/sysconfig/iptables/table/append[28]/*["dport"
> > = "21"]
> >   (no matches)
> >
> >
> > Guidance, please?  (And yes, I have read over the examples in the "Path
> > Expressions" page on the hercules-team/augeas Wiki).
> >
> >
> > Apologies for the questions,
> > -- Pat
> >
> > On 9/30/13 3:48 PM, Patrick Spinler wrote:
> >>
> >> Fantastic, and thank you!  This did indeed do the trick. :-)
> >>
> >> insert append before "/files/etc/sysconfig/iptables/table/append[. =
> >> 'Mayo-Firewall-INPUT'][1]"
> >>
> >> Thank you muchly for your patience with my novice questions. :-)
> >>
> >> -- Pat
> >>
> >> On 9/30/13 3:31 PM, Raphaël Pinson wrote:
> >>> Hi Pat,
> >>>
> >>>
> >>> You need to select the first node matching your expression, by
> filtering
> >>> a second time:
> >>>
> >>> insert append before "/files/etc/sysconfig/
> >>> iptables/table/append[position(. =
> >>> 'Mayo-Firewall-INPUT')][1]"
> >>>
> >>>
> >>> Regards,
> >>>
> >>> Raphaël
> >>>
> >>>
> >>>
> >>> On Mon, Sep 30, 2013 at 9:54 PM, Patrick Spinler
> >>> <spinler.patrick at mayo.edu <mailto:spinler.patrick at mayo.edu>> wrote:
> >>>
> >>>
> >>>     Okay, so I have a structure like this:
> >>>
> >>>     augtool> ls "/files/etc/sysconfig/iptables/table/"
> >>>     chain[1]/ = INPUT
> >>>     chain[2]/ = FORWARD
> >>>     chain[3]/ = OUTPUT
> >>>     chain[4]/ = Mayo-Firewall-INPUT
> >>>     append[1]/ = INPUT
> >>>     append[2]/ = INPUT
> >>>     append[3]/ = INPUT
> >>>     append[4]/ = INPUT
> >>>     append[5]/ = INPUT
> >>>     append[6]/ = INPUT
> >>>     append[7]/ = FORWARD
> >>>     append[8]/ = Mayo-Firewall-INPUT
> >>>     append[9]/ = Mayo-Firewall-INPUT
> >>>     append[10]/ = Mayo-Firewall-INPUT
> >>>     (...snip...)
> >>>     append[27]/ = Mayo-Firewall-INPUT
> >>>     append[28]/ = Mayo-Firewall-INPUT
> >>>     append[29]/ = Mayo-Firewall-INPUT
> >>>
> >>>     I'd like to insert a new node immediately before the first
> >>>
> >>>       append[. = 'Mayo-Firewall-INPUT']
> >>>
> >>>     node, that is, in this case, before append[8].  However, that
> position
> >>>     in the tree, [8], is obviously not constant.
> >>>
> >>>     How might I do this?
> >>>
> >>>     I've tried expressions like this:
> >>>
> >>>     augtool> insert append before
> >>>     "/files/etc/sysconfig/iptables/table/append[. =
> 'Mayo-Firewall-INPUT']"
> >>>     error: Too many matches for path expression
> >>>
> >>>     and expressions involving [position(...)], like this
> >>>
> >>>     augtool> insert append before
> >>>     "/files/etc/sysconfig/iptables/table/append[position(. =
> >>>     'Mayo-Firewall-INPUT')]"
> >>>     error: Invalid path expression
> >>>
> >>>
> >>>     which obviously both fail.  Thoughts?
> >>>
> >>>     Thanks,
> >>>     -- Pat
> >>>
> >>>     _______________________________________________
> >>>     augeas-devel mailing list
> >>>     augeas-devel at redhat.com <mailto:augeas-devel at redhat.com>
> >>>     https://www.redhat.com/mailman/listinfo/augeas-devel
> >>>
> >>>
> >>>
> >>>
> >>> --
> >>> Raphaël Pinson
> >>> Infrastructure Developer & Trainer
> >>> +33 479 26 57 93
> >>> +33 781 90 00 79
> >>>
> >>> Camptocamp France
> >>> Savoie Technolac
> >>> BP 352
> >>> 48, avenue du Lac du Bourget
> >>> 73372 Le Bourget du Lac, Cedex
> >>> www.camptocamp.com <http://www.camptocamp.com>
> >>
> >> _______________________________________________
> >> augeas-devel mailing list
> >> augeas-devel at redhat.com
> >> https://www.redhat.com/mailman/listinfo/augeas-devel
> >>
> >
>
> _______________________________________________
> augeas-devel mailing list
> augeas-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/augeas-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20131003/8cda0802/attachment.htm>

More information about the augeas-devel mailing list