[augeas-devel] sudoers lens not working
Raphaël Pinson
raphink at gmail.com
Fri Mar 20 19:52:39 UTC 2009
2009/3/20 David Lutterkort <lutter at redhat.com>
> On Fri, 2009-03-20 at 20:06 +0100, Raphaël Pinson wrote:
>
>
> > OK. That would have us parse the contents of each parameter in
> > Defaults, though, and in my man sudoers, I can count 31 flags, 1
> > integer, 4 integer/boolean, 10 strings, 17 strings/boolean, 3
> > lists/boolean.
>
> I think we only need three differnt lenses to pick Defaults values
> apart: flag, simple value, and list.
>
> The lens would of course have to know what parameters are legal and what
> 'type' they have, which would make it more sensitive to changes in the
> sudoers config file format. But that shouldn't keep us from producing
> the most useful tree from the file.
>
> > That makes quite a bit of work, although it surely add nice
> > functionality.
>
> Yes, I think it would make it much nicer to use, since you can then
> query the tree to see if PS1 is exported with a fairly simple path
> expression. Or at the very least find all places where PS1 is mentioned
> in the config.
Not sure it would always be possible to find PS1 in this case, if env_keep
can take wildcards, such as LC_* (like sshd_config does).
> > It could also make the lens much slower.
>
> Typechecking will definitely become slower, though that's not that much
> of a concern since it doesn't affect normal operation, and affects
> mostly test runs.
>
> I doubt that it will have a noticable effect on parsing the config file.
>
Most sudoers files are quite simple, which is quite surprising when you
consider that theorically, sudoers are supposed to be written for a whole
production.
Raphaël
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20090320/c378a5b2/attachment.htm>
More information about the augeas-devel
mailing list