On Fri, Apr 15, 2011 at 3:11 PM, David Lutterkort <[email protected]> wrote: > On Fri, 2011-04-15 at 14:34 -0700, Jeff Schroeder wrote: >> I'm seeing a weird error with augeas 0.7.3. While adding a pam_access >> definition to /etc/pam.d/sshd, everything looks good and the save >> fails. > > You're being hit by a double-whammy: (1) 0.7.3 has a bug that makes > 'print /augeas//error' not print anything. > > And part (2): > >> /files/etc/pam.d/sshd/2 >> /files/etc/pam.d/sshd/2/type = "account" >> /files/etc/pam.d/sshd/2/control = "required" >> /files/etc/pam.d/sshd/2/module = "pam_nologin.so" >> /files/etc/pam.d/sshd/access >> /files/etc/pam.d/sshd/access/type = "account" >> /files/etc/pam.d/sshd/access/control = "required" >> /files/etc/pam.d/sshd/access/module = "pam_access.so" >> /files/etc/pam.d/sshd/3 >> /files/etc/pam.d/sshd/3/type = "account" >> /files/etc/pam.d/sshd/3/control = "include" >> /files/etc/pam.d/sshd/3/module = "system-auth" > > You can't use the word 'access' as the label for the tree node - it has > to be an integer. I recommend using '01'. The technical explanation is > that the 'seq' lens which is responsible for producing the 1,2,3 etc. > underneath /files/etc/pam.d/sshd requires that the tree node has a > numeric label when it is saving the tree. > > Change your commands to > > ins 01 after /files/etc/pam.d/sshd/*[type = 'account' and module = > 'pam_nologin.so'] > set /files/etc/pam.d/sshd/01/type account > set /files/etc/pam.d/sshd/01/control required > set /files/etc/pam.d/sshd/01/module pam_access.so > print /files/etc/pam.d/sshd > save > print /augeas//error > > and enjoy the weekend ;)
Worked like a champ. I'll look into backporting Fedora 15's 0.7.4-1 to use. Have a good weekend yourself! -- Jeff Schroeder Don't drink and derive, alcohol and analysis don't mix. http://www.digitalprognosis.com _______________________________________________ augeas-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/augeas-devel
