将 Augeas 翻译成 Puppet speak Augeas
Translate Augeas into Puppet speak Augeas
使用 puppet 的 augeas 功能我想修改配置文件:
/etc/ssh/sshd_config
没有 puppet,我尝试使用 Augeas 的 "augtool" 并发现了几行似乎有效:
augtool> set /files/etc/ssh/sshd_config/Match[1]/Condition/User "bill","ben"
augtool> set /files/etc/ssh/sshd_config/Match/Settings/PasswordAuthentication "no"
augtool> save
虽然看起来还可以,但我不太明白[1]在这里的作用是什么。
我尝试将这些行放入 Puppet 中但没有成功:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "bill","ben"',
'set Settings/PasswordAuthentication "no"',
],
}
报错:
错误:/Stage[main]/Samipermissions/Augeas[sshd_config]:无法评估:保存失败,请参阅调试
运行调试模式下的 Puppet 告诉我同样的事情。
有人知道这是怎么回事吗?
谢谢你 m0dlx。
您的回答使我克服了遇到的错误,但是我认为我仍然对 Matches 数组感到迷茫。使用 "augtool" 我可以执行以下操作:
set /files/etc/ssh/sshd_config/Match[1]/Condition/User "neil","nigel"
set /files/etc/ssh/sshd_config/Match[1]/Settings/PasswordAuthentication "no"
set /files/etc/ssh/sshd_config/Match[2]/Condition/User "yvonne","yvette"
set /files/etc/ssh/sshd_config/Match[2]/Settings/PasswordAuthentication "yes"
在配置文件中显示为:
Match User neil,nigel
PasswordAuthentication no
Match User yvonne,yvette
PasswordAuthentication yes
太完美了。我将其翻译成 Puppet 为:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "neil","nigel"',
'set Match[1]/Settings/PasswordAuthentication "no"',
'set Match[2]/Condition/User "yvonne","yvette"',
'set Match[2]/Settings/PasswordAuthentication "yes"',
],
}
但是配置文件中的结果完全不同:
Match User neil
PasswordAuthentication no
Match User yvonne
PasswordAuthentication yes
Although it seems to work OK, I don't really understand what purpose the [1] serves here.
[1]类似于访问一个数组元素,如果有多个则表示要访问第一个Match项。
'set Settings/PasswordAuthentication "no"',
您错过了 augtool 测试中的前导 Match/,这可能会导致 Puppet 保存失败。
如果您仍有问题,请在问题中包含 Puppet 的完整调试输出。
m0dlx 的回答和后来的评论让我得到了以下完美的效果:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "neil,nigel"',
'set Match[1]/Settings/PasswordAuthentication "no"',
'set Match[2]/Condition/User "yvonne,yvette"',
'set Match[2]/Settings/PasswordAuthentication "yes"',
],
}
谢谢m0dlx。
使用 puppet 的 augeas 功能我想修改配置文件:
/etc/ssh/sshd_config
没有 puppet,我尝试使用 Augeas 的 "augtool" 并发现了几行似乎有效:
augtool> set /files/etc/ssh/sshd_config/Match[1]/Condition/User "bill","ben"
augtool> set /files/etc/ssh/sshd_config/Match/Settings/PasswordAuthentication "no"
augtool> save
虽然看起来还可以,但我不太明白[1]在这里的作用是什么。
我尝试将这些行放入 Puppet 中但没有成功:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "bill","ben"',
'set Settings/PasswordAuthentication "no"',
],
}
报错: 错误:/Stage[main]/Samipermissions/Augeas[sshd_config]:无法评估:保存失败,请参阅调试
运行调试模式下的 Puppet 告诉我同样的事情。
有人知道这是怎么回事吗?
谢谢你 m0dlx。 您的回答使我克服了遇到的错误,但是我认为我仍然对 Matches 数组感到迷茫。使用 "augtool" 我可以执行以下操作:
set /files/etc/ssh/sshd_config/Match[1]/Condition/User "neil","nigel"
set /files/etc/ssh/sshd_config/Match[1]/Settings/PasswordAuthentication "no"
set /files/etc/ssh/sshd_config/Match[2]/Condition/User "yvonne","yvette"
set /files/etc/ssh/sshd_config/Match[2]/Settings/PasswordAuthentication "yes"
在配置文件中显示为:
Match User neil,nigel
PasswordAuthentication no
Match User yvonne,yvette
PasswordAuthentication yes
太完美了。我将其翻译成 Puppet 为:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "neil","nigel"',
'set Match[1]/Settings/PasswordAuthentication "no"',
'set Match[2]/Condition/User "yvonne","yvette"',
'set Match[2]/Settings/PasswordAuthentication "yes"',
],
}
但是配置文件中的结果完全不同:
Match User neil
PasswordAuthentication no
Match User yvonne
PasswordAuthentication yes
Although it seems to work OK, I don't really understand what purpose the [1] serves here.
[1]类似于访问一个数组元素,如果有多个则表示要访问第一个Match项。
'set Settings/PasswordAuthentication "no"',
您错过了 augtool 测试中的前导 Match/,这可能会导致 Puppet 保存失败。
如果您仍有问题,请在问题中包含 Puppet 的完整调试输出。
m0dlx 的回答和后来的评论让我得到了以下完美的效果:
augeas { "sshd_config":
context => "/files/etc/ssh/sshd_config",
changes => [
'set Match[1]/Condition/User "neil,nigel"',
'set Match[1]/Settings/PasswordAuthentication "no"',
'set Match[2]/Condition/User "yvonne,yvette"',
'set Match[2]/Settings/PasswordAuthentication "yes"',
],
}
谢谢m0dlx。