help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editfiles Considered Harmful


From: Chip Seraphine
Subject: Re: Editfiles Considered Harmful
Date: Thu, 4 Dec 2003 10:51:15 -0600
User-agent: KMail/1.5

I think a lot of what you are talking about could be accomodated if editfiles 
got away from lines a little bit, and embraced arbitrary delimiters rather 
than the goode olde \n.   Here's a disposable sugegstion:

"AppendIfNoSuchBlock", "Delete BlocksContaining",  perhaps?  If we replaced 
(or augmented) all the 'Line' commands with 'Block', where the sole 
difference is that a Block is begun/ended with a defined delimiter (kinda 
like SplitOn, but regex instead of a char) instead of always '\n'.

Something like this:

editfiles:
{ /etc/named.conf
        BeginBlockExpr "^[[:space:]]*zone[[:space:]].*{"                #allow 
leading whitespeace
        EndBlockExpr "}[[:space:]]*(#.*)?$"     #allow trailing comments

        AppendIfNoSuchBlock "zone example.org in {
    type master;
    file \"example.org.zone\";
    also-notify { 192.168.1.1; };
};"
}

Okay, the escaping and such is a bit ugly, but you get the gist.

On Thursday 04 December 2003 09:34, Ted Zlatanov wrote:
> On Thu, 4 Dec 2003, Mark.Burgess@iu.hio.no wrote:
> > However, the bottom line is predictability: how do you ensure that?
> > If you can guarantee with high probability that a huge editfiles
> > stanza is predictable - no problem.
>
> I think it would be fascinating if cfengine could provide more
> convergent editfiles functions.  DeleteLinesContaining and
> AppendIfNoSuchLine are convergent, for instance.  Maybe the reference
> should separate convergent functions and explain best usage.  They
> work very well for /etc/hosts editing, for instance.
>
> Considering the wide variety of configuration files, maybe this is
> best handled by modules.  Nevertheless, it would be good if cfengine
> had internal support for some convergent editing of configurations.
> For instance, sshd_config and ssh_config for OpenSSH have a specific
> format so it should be possible to say
>
> {
>  /etc/sshd_config
>  SetConfigStyle "sshd"
>  SetConfigOption "PermitEmptyPasswords" "yes"
>
>  /etc/ssh_config
>  SetConfigStyle "ssh"
>  # auto-create the "Host *" line if it doesn't exist
>  SetConfigOption "*" "ForwardAgent" "yes"
> }
>
> These are convergent functions implemented with a good understanding
> of the configuration syntax, and have the additional benefit of being
> easy to read.  They can be done with the current editfiles syntax,
> but I wouldn't want to use something like that.
>
> Ted
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://mail.gnu.org/mailman/listinfo/help-cfengine





reply via email to

[Prev in Thread] Current Thread [Next in Thread]