[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[augeas-devel] adjustment to the krb5.aug lense



The krb5.aug lense is unable to parse my site's krb5.conf (publicly available at http://security.fnal.gov/krb5.conf)

I've almost gotten it to be able to read the v4_name_convert section (line 194) but just can't seem to get it right.

My patch below gets me almost there, but I'm stuck for what to do to fixup the last little bit. I can get

CERN.CH = {
     kdc = cerndc.cern.ch:88
     master_kdc = cerndc.cern.ch:88
     default_domain = cern.ch
     kpasswd_server = afskrb5m.cern.ch
     admin_server = afskrb5m.cern.ch
     v4_name_convert = {
           host = rcmd
          }
}

to work with this patch but not

CERN.CH = {
     kdc = cerndc.cern.ch:88
     master_kdc = cerndc.cern.ch:88
     default_domain = cern.ch
     kpasswd_server = afskrb5m.cern.ch
     admin_server = afskrb5m.cern.ch
     v4_name_convert = {
           host = {
                  rcmd = host
                  }
          }
}

My various attempts all end up breaking v4_instance_convert.

I tried the suggestion offered some ways back of making the v4_name_convert section more top level, but the entry in libdefaults is a true/false while the one in a realm is much more tree like. It seemed that would make matters worse.

May I request a little help?

--- lenses/krb5.aug.orig    2012-02-07 14:00:13.349952582 -0600
+++ lenses/krb5.aug    2012-02-07 16:02:03.465813208 -0600
@@ -24,7 +24,7 @@ let realm_re = /[A-Z][.a-zA-Z0-9-]*/
 let app_re = /[a-z][a-zA-Z0-9_]*/
 let name_re = /[.a-zA-Z0-9_-]+/

-let value = store /[^;# \t\n{}]+/
+let value = store /[^;# \t\n{}]|[^;# \t\n{}][^#\n]*[^;# \t\n{}]/
 let entry (kw:regexp) (sep:lens) (comment:lens)
     = [ indent . key kw . sep . value . (comment|eol) ] | comment

@@ -61,8 +61,8 @@ let appdefaults =
 let realms =
   let simple_option = /kdc|admin_server|database_module|default_domain/
       |/v4_realm|auth_to_local(_names)?|master_kdc|kpasswd_server/
-      |/admin_server/ in
-  let subsec_option = /v4_instance_convert/ in
+      |/admin_server|ticket_lifetime/ in
+  let subsec_option = /v4_instance_convert|v4_name_convert/ in
   let option = entry simple_option eq comment in
   let subsec = [ indent . key subsec_option . eq_openbr .
                    (entry name_re eq comment)* . closebr . eol ] in

--
Pat Riehecky
Scientific Linux Developer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]