[augeas-devel] Yet more novice questions, Re: path expression question
Patrick Spinler
spinler.patrick at mayo.edu
Sun Oct 6 20:50:54 UTC 2013
NVM -- apologies again. I wanted "--noautoload" option. Examining the
/augeas tree and the /files tree with "--noload" and "--noautoload"
helped me understand which option did what.
Sorry to bother.
-- Pat
On 10/6/13 3:43 PM, Patrick Spinler wrote:
>
> Still more questions on this and would appreciate more help please.
>
> I still have an error someplace, and I'm struggling to track it down. I
> thought to try to manually specify a lens and incl path, but get another
> error, and wonder if I'm specifying this correctly.
>
> Observe what happens when I try to manually load iptables specifically:
>
> $ sudo augtool --noload
> augtool> print /augeas//errors
> augtool> set /augeas/load/Iptables/lens Iptables.lns
> augtool> set /augeas/load/Iptables/incl /etc/sysconfig/iptables
> error: Too many matches for path expression
>
> Yet, I can't find error info on this:
>
> augtool> print /augeas//error
> (no output)
>
> It appears to load iptables cleanly if I don't try to force a lens and
> incl, so:
>
> ap00375 at ROFOMI901A sysconfig $ sudo augtool
> augtool> print /augeas//error
> (some output, but nothing related to iptables)
> augtool> print /files/etc/sysconfig/iptables
> (lots of output)
>
> Advice, please?
> -- Pat
>
>
> On 10/3/13 7:42 PM, David Lutterkort wrote:
>> The simplest path expression for what you want is probably
>>
>> /files/etc/sysconfig/iptables/table/append[dport = '22']
>>
>> Writing just 'append' is the same as writing 'append[*]'; if you wanted
>> to find the dport entry, you'd write
>>
>> /files/etc/sysconfig/iptables/table/append/dport[. = '22']
>>
>> David
>>
>>
>> On Mon, Sep 30, 2013 at 2:30 PM, Patrick Spinler
>> <spinler.patrick at mayo.edu <mailto:spinler.patrick at mayo.edu>> wrote:
>>
>>
>> NVM, sorry. I see I had included an extra "/" in my expression. Found
>> my error only 2 minutes after sending out my inquiry, of course. :-(
>>
>> -- Pat, professional botherer of email lists with inane questions
>>
>> On 9/30/13 4:25 PM, Patrick Spinler wrote:
>> >
>> > Apologies for asking yet another novice question, but if I may,
>> please?
>> >
>> > I'd like to construct an expression to match any iptables nodes with a
>> > dport = <specific value>. Here's an example:
>> >
>> > augtool> print /files/etc/sysconfig/iptables/table/append[28]
>> > /files/etc/sysconfig/iptables/table/append[28] = "Mayo-Firewall-INPUT"
>> > /files/etc/sysconfig/iptables/table/append[28]/protocol = "tcp"
>> > /files/etc/sysconfig/iptables/table/append[28]/match = "tcp"
>> > /files/etc/sysconfig/iptables/table/append[28]/dport = "21"
>> > /files/etc/sysconfig/iptables/table/append[28]/jump = "ACCEPT"
>> >
>> > So, I thought I'd just have to say somethine like
>> >
>> > match .../append[*]/*[dport = 'XXXX']
>> >
>> > but I'm not finding what I expect:
>> >
>> > augtool> match
>> /files/etc/sysconfig/iptables/table/append[*]/*[dport = "21"]
>> > (no matches)
>> > augtool> match /files/etc/sysconfig/iptables/table/*/*[dport = "21"]
>> > (no matches)
>> > augtool> match /files/etc/sysconfig/iptables/table/*/*["dport" = "21"]
>> > (no matches)
>> > augtool> match
>> /files/etc/sysconfig/iptables/table/append[28]/*["dport"
>> > = "21"]
>> > (no matches)
>> >
>> >
>> > Guidance, please? (And yes, I have read over the examples in the
>> "Path
>> > Expressions" page on the hercules-team/augeas Wiki).
>> >
>> >
>> > Apologies for the questions,
>> > -- Pat
>> >
>> > On 9/30/13 3:48 PM, Patrick Spinler wrote:
>> >>
>> >> Fantastic, and thank you! This did indeed do the trick. :-)
>> >>
>> >> insert append before "/files/etc/sysconfig/iptables/table/append[. =
>> >> 'Mayo-Firewall-INPUT'][1]"
>> >>
>> >> Thank you muchly for your patience with my novice questions. :-)
>> >>
>> >> -- Pat
>> >>
>> >> On 9/30/13 3:31 PM, Raphaël Pinson wrote:
>> >>> Hi Pat,
>> >>>
>> >>>
>> >>> You need to select the first node matching your expression, by
>> filtering
>> >>> a second time:
>> >>>
>> >>> insert append before "/files/etc/sysconfig/
>> >>> iptables/table/append[position(. =
>> >>> 'Mayo-Firewall-INPUT')][1]"
>> >>>
>> >>>
>> >>> Regards,
>> >>>
>> >>> Raphaël
>> >>>
>> >>>
>> >>>
>> >>> On Mon, Sep 30, 2013 at 9:54 PM, Patrick Spinler
>> >>> <spinler.patrick at mayo.edu <mailto:spinler.patrick at mayo.edu>
>> <mailto:spinler.patrick at mayo.edu <mailto:spinler.patrick at mayo.edu>>>
>> wrote:
>> >>>
>> >>>
>> >>> Okay, so I have a structure like this:
>> >>>
>> >>> augtool> ls "/files/etc/sysconfig/iptables/table/"
>> >>> chain[1]/ = INPUT
>> >>> chain[2]/ = FORWARD
>> >>> chain[3]/ = OUTPUT
>> >>> chain[4]/ = Mayo-Firewall-INPUT
>> >>> append[1]/ = INPUT
>> >>> append[2]/ = INPUT
>> >>> append[3]/ = INPUT
>> >>> append[4]/ = INPUT
>> >>> append[5]/ = INPUT
>> >>> append[6]/ = INPUT
>> >>> append[7]/ = FORWARD
>> >>> append[8]/ = Mayo-Firewall-INPUT
>> >>> append[9]/ = Mayo-Firewall-INPUT
>> >>> append[10]/ = Mayo-Firewall-INPUT
>> >>> (...snip...)
>> >>> append[27]/ = Mayo-Firewall-INPUT
>> >>> append[28]/ = Mayo-Firewall-INPUT
>> >>> append[29]/ = Mayo-Firewall-INPUT
>> >>>
>> >>> I'd like to insert a new node immediately before the first
>> >>>
>> >>> append[. = 'Mayo-Firewall-INPUT']
>> >>>
>> >>> node, that is, in this case, before append[8]. However,
>> that position
>> >>> in the tree, [8], is obviously not constant.
>> >>>
>> >>> How might I do this?
>> >>>
>> >>> I've tried expressions like this:
>> >>>
>> >>> augtool> insert append before
>> >>> "/files/etc/sysconfig/iptables/table/append[. =
>> 'Mayo-Firewall-INPUT']"
>> >>> error: Too many matches for path expression
>> >>>
>> >>> and expressions involving [position(...)], like this
>> >>>
>> >>> augtool> insert append before
>> >>> "/files/etc/sysconfig/iptables/table/append[position(. =
>> >>> 'Mayo-Firewall-INPUT')]"
>> >>> error: Invalid path expression
>> >>>
>> >>>
>> >>> which obviously both fail. Thoughts?
>> >>>
>> >>> Thanks,
>> >>> -- Pat
>> >>>
>> >>> _______________________________________________
>> >>> augeas-devel mailing list
>> >>> augeas-devel at redhat.com <mailto:augeas-devel at redhat.com>
>> <mailto:augeas-devel at redhat.com <mailto:augeas-devel at redhat.com>>
>> >>> https://www.redhat.com/mailman/listinfo/augeas-devel
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> --
>> >>> Raphaël Pinson
>> >>> Infrastructure Developer & Trainer
>> >>> +33 479 26 57 93 <tel:%2B33%20479%2026%2057%2093>
>> >>> +33 781 90 00 79 <tel:%2B33%20781%2090%2000%2079>
>> >>>
>> >>> Camptocamp France
>> >>> Savoie Technolac
>> >>> BP 352
>> >>> 48, avenue du Lac du Bourget
>> >>> 73372 Le Bourget du Lac, Cedex
>> >>> www.camptocamp.com <http://www.camptocamp.com>
>> <http://www.camptocamp.com>
>> >>
>> >> _______________________________________________
>> >> augeas-devel mailing list
>> >> augeas-devel at redhat.com <mailto:augeas-devel at redhat.com>
>> >> https://www.redhat.com/mailman/listinfo/augeas-devel
>> >>
>> >
>>
>> _______________________________________________
>> augeas-devel mailing list
>> augeas-devel at redhat.com <mailto:augeas-devel at redhat.com>
>> https://www.redhat.com/mailman/listinfo/augeas-devel
>>
>>
>
> _______________________________________________
> augeas-devel mailing list
> augeas-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/augeas-devel
>
More information about the augeas-devel
mailing list