David Lutterkort wrote:
> On Wed, 2009-03-04 at 10:48 +1100, Avi Miller wrote:
>> Hi David,
>>
>> David Lutterkort wrote:
>>> You definitely should read up on path expressions[1] for that, and maybe
>>> even have a look at the test cases for them[2], since they show some
>>> more esoteric uses.
>> I'm still having a bit of a brain disconnect on converting Augeas' XPath
>> stuff into Puppet types.
>>
>> Here is my test Puppet entry:
>>
>> augeas { "pam_set_cracklib":
>> context => "/files/etc/pam.d/system-auth",
>> changes => "rm *[module='pam_cracklib.so']/argument",
>> onlyif => "match *[module='pam_cracklib.so'][count(argument)>5]",
>> }
>>
>> Which, theoretically, should remove all the arguments if the entry that
>> contains the pam_cracklib.so module has more than 5 arguments.
>>
>> If I run the match (in the onlyif line) in augtool, I get:
>>
>> augtool> match
>> /files/etc/pam.d/system-auth/*[module='pam_cracklib.so'][count(argument)>5]
>> /files/etc/pam.d/system-auth/8 = (none)
>>
>> Which suggests that line 8 in that file matches.
>>
>> However, when I run this entry in Puppet, I get:
>>
>> err: //Node[testnode]/pam/Augeas[pam_set_cracklib]: Failed to retrieve
>> current state of resource: Error sending command 'match' with params
>> ["/files/etc/pam.d/system-auth/*[module='pam_cracklib.so'][count(argument)>5]"]/Invalid
>>
>> command: match
>> /files/etc/pam.d/system-auth/*[module='pam_cracklib.so'][count(argument)>5]
>>
>> Any ideas?
>>
>> Essentially, what I'm trying to achieve is the capability to change
>> pam.d file entries if they don't match what they're supposed to.
>
> If you have Augeas 0.4.1 on both the puppet client and master (count was
> only added in 0.4.1) this should work. Bryan, any ideas what could be
> wrong ?
For this one, the puppet match is slight different then the augeas
match. Puppet match is
match [AUGEAS_PATH] [size = [int]| include [string]| == [an array]]
So.. you need to add one of the testers on to the end for that.
-- bk
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
