[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [augeas-devel] sudoers lens not working





2009/3/20 David Lutterkort <lutter redhat com>
On Fri, 2009-03-20 at 20:06 +0100, Raphaël Pinson wrote:


> OK. That would have us parse the contents of each parameter in
> Defaults, though, and in my man sudoers, I can count 31 flags, 1
> integer, 4 integer/boolean, 10 strings, 17 strings/boolean, 3
> lists/boolean.

I think we only need three differnt lenses to pick Defaults values
apart: flag, simple value, and list.

The lens would of course have to know what parameters are legal and what
'type' they have, which would make it more sensitive to changes in the
sudoers config file format. But that shouldn't keep us from producing
the most useful tree from the file.

> That makes quite a bit of work, although it surely add nice
> functionality.

Yes, I think it would make it much nicer to use, since you can then
query the tree to see if PS1 is exported with a fairly simple path
_expression_. Or at the very least find all places where PS1 is mentioned
in the config.

Not sure it would always be possible to find PS1 in this case, if env_keep can take wildcards, such as LC_* (like sshd_config does).

 
> It could also make the lens much slower.

Typechecking will definitely become slower, though that's not that much
of a concern since it doesn't affect normal operation, and affects
mostly test runs.

I doubt that it will have a noticable effect on parsing the config file.


Most sudoers files are quite simple, which is quite surprising when you consider that theorically, sudoers are supposed to be written for a whole production.



Raphaël




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]