On 25/06/12 19:56, Nick Anderson wrote:
> On 06/25/2012 12:50 PM, Marco Marongiu wrote:
>> Summing up, the right way to expand a slist contained in an array
>> element is actually:
>>
>> "list" slist => { "@(array[$(selector)])" } ;
>>
>> However, if you plan to use list as a parameter for a bundle, you'd
>> better prefix the list expansion with the bundle name, e.g.:
>>
>> "list" slist => { "@(testbundle.array[$(selector)])" } ;
>
> Glad you got it working.
>
> Are you iterating over $(selector)?
No, I'm not.
I am preparing a policy to create authorized_keys files on a set of
server. Depending on which classes a server is in, it must get a
different set of keys in its authorized_keys file. I organized my stuff
this way:
I have an sshgroup array, indexed by group name; each element in the
array is a key identifier -- not the key itself.
Based on that $(selector), which is a parameter of the bundle, I unroll
the list in sshgroup[$(selector)] in a separate list -- this is just for
clarity.
Iterating on that list, I update my local copy of the corresponding ssh
keys. Then I pass the list to an edit_line bundle.
The edit_line bundle iterates over this list again, and for each
identifier it reads a key into an array sshkey[$(list)] using readfile
At this point, creating the authorized_keys file is just a matter of
using a single insert_lines promise:
"sshkey[$(list)]" ;
(OK: two promises: one for the header, plus the one above ;)
of course, I use edit_default => empty for this.
Not sure it's the best way to do that, but it works very well for me ;)
Ciao
-- bronto
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
