NVM -- apologies again. I wanted "--noautoload" option. Examining the /augeas tree and the /files tree with "--noload" and "--noautoload" helped me understand which option did what.
Sorry to bother. -- Pat On 10/6/13 3:43 PM, Patrick Spinler wrote: > > Still more questions on this and would appreciate more help please. > > I still have an error someplace, and I'm struggling to track it down. I > thought to try to manually specify a lens and incl path, but get another > error, and wonder if I'm specifying this correctly. > > Observe what happens when I try to manually load iptables specifically: > > $ sudo augtool --noload > augtool> print /augeas//errors > augtool> set /augeas/load/Iptables/lens Iptables.lns > augtool> set /augeas/load/Iptables/incl /etc/sysconfig/iptables > error: Too many matches for path expression > > Yet, I can't find error info on this: > > augtool> print /augeas//error > (no output) > > It appears to load iptables cleanly if I don't try to force a lens and > incl, so: > > ap00375@ROFOMI901A sysconfig $ sudo augtool > augtool> print /augeas//error > (some output, but nothing related to iptables) > augtool> print /files/etc/sysconfig/iptables > (lots of output) > > Advice, please? > -- Pat > > > On 10/3/13 7:42 PM, David Lutterkort wrote: >> The simplest path expression for what you want is probably >> >> /files/etc/sysconfig/iptables/table/append[dport = '22'] >> >> Writing just 'append' is the same as writing 'append[*]'; if you wanted >> to find the dport entry, you'd write >> >> /files/etc/sysconfig/iptables/table/append/dport[. = '22'] >> >> David >> >> >> On Mon, Sep 30, 2013 at 2:30 PM, Patrick Spinler >> <[email protected] <mailto:[email protected]>> wrote: >> >> >> NVM, sorry. I see I had included an extra "/" in my expression. Found >> my error only 2 minutes after sending out my inquiry, of course. :-( >> >> -- Pat, professional botherer of email lists with inane questions >> >> On 9/30/13 4:25 PM, Patrick Spinler wrote: >> > >> > Apologies for asking yet another novice question, but if I may, >> please? >> > >> > I'd like to construct an expression to match any iptables nodes with a >> > dport = <specific value>. Here's an example: >> > >> > augtool> print /files/etc/sysconfig/iptables/table/append[28] >> > /files/etc/sysconfig/iptables/table/append[28] = "Mayo-Firewall-INPUT" >> > /files/etc/sysconfig/iptables/table/append[28]/protocol = "tcp" >> > /files/etc/sysconfig/iptables/table/append[28]/match = "tcp" >> > /files/etc/sysconfig/iptables/table/append[28]/dport = "21" >> > /files/etc/sysconfig/iptables/table/append[28]/jump = "ACCEPT" >> > >> > So, I thought I'd just have to say somethine like >> > >> > match .../append[*]/*[dport = 'XXXX'] >> > >> > but I'm not finding what I expect: >> > >> > augtool> match >> /files/etc/sysconfig/iptables/table/append[*]/*[dport = "21"] >> > (no matches) >> > augtool> match /files/etc/sysconfig/iptables/table/*/*[dport = "21"] >> > (no matches) >> > augtool> match /files/etc/sysconfig/iptables/table/*/*["dport" = "21"] >> > (no matches) >> > augtool> match >> /files/etc/sysconfig/iptables/table/append[28]/*["dport" >> > = "21"] >> > (no matches) >> > >> > >> > Guidance, please? (And yes, I have read over the examples in the >> "Path >> > Expressions" page on the hercules-team/augeas Wiki). >> > >> > >> > Apologies for the questions, >> > -- Pat >> > >> > On 9/30/13 3:48 PM, Patrick Spinler wrote: >> >> >> >> Fantastic, and thank you! This did indeed do the trick. :-) >> >> >> >> insert append before "/files/etc/sysconfig/iptables/table/append[. = >> >> 'Mayo-Firewall-INPUT'][1]" >> >> >> >> Thank you muchly for your patience with my novice questions. :-) >> >> >> >> -- Pat >> >> >> >> On 9/30/13 3:31 PM, Raphaël Pinson wrote: >> >>> Hi Pat, >> >>> >> >>> >> >>> You need to select the first node matching your expression, by >> filtering >> >>> a second time: >> >>> >> >>> insert append before "/files/etc/sysconfig/ >> >>> iptables/table/append[position(. = >> >>> 'Mayo-Firewall-INPUT')][1]" >> >>> >> >>> >> >>> Regards, >> >>> >> >>> Raphaël >> >>> >> >>> >> >>> >> >>> On Mon, Sep 30, 2013 at 9:54 PM, Patrick Spinler >> >>> <[email protected] <mailto:[email protected]> >> <mailto:[email protected] <mailto:[email protected]>>> >> wrote: >> >>> >> >>> >> >>> Okay, so I have a structure like this: >> >>> >> >>> augtool> ls "/files/etc/sysconfig/iptables/table/" >> >>> chain[1]/ = INPUT >> >>> chain[2]/ = FORWARD >> >>> chain[3]/ = OUTPUT >> >>> chain[4]/ = Mayo-Firewall-INPUT >> >>> append[1]/ = INPUT >> >>> append[2]/ = INPUT >> >>> append[3]/ = INPUT >> >>> append[4]/ = INPUT >> >>> append[5]/ = INPUT >> >>> append[6]/ = INPUT >> >>> append[7]/ = FORWARD >> >>> append[8]/ = Mayo-Firewall-INPUT >> >>> append[9]/ = Mayo-Firewall-INPUT >> >>> append[10]/ = Mayo-Firewall-INPUT >> >>> (...snip...) >> >>> append[27]/ = Mayo-Firewall-INPUT >> >>> append[28]/ = Mayo-Firewall-INPUT >> >>> append[29]/ = Mayo-Firewall-INPUT >> >>> >> >>> I'd like to insert a new node immediately before the first >> >>> >> >>> append[. = 'Mayo-Firewall-INPUT'] >> >>> >> >>> node, that is, in this case, before append[8]. However, >> that position >> >>> in the tree, [8], is obviously not constant. >> >>> >> >>> How might I do this? >> >>> >> >>> I've tried expressions like this: >> >>> >> >>> augtool> insert append before >> >>> "/files/etc/sysconfig/iptables/table/append[. = >> 'Mayo-Firewall-INPUT']" >> >>> error: Too many matches for path expression >> >>> >> >>> and expressions involving [position(...)], like this >> >>> >> >>> augtool> insert append before >> >>> "/files/etc/sysconfig/iptables/table/append[position(. = >> >>> 'Mayo-Firewall-INPUT')]" >> >>> error: Invalid path expression >> >>> >> >>> >> >>> which obviously both fail. Thoughts? >> >>> >> >>> Thanks, >> >>> -- Pat >> >>> >> >>> _______________________________________________ >> >>> augeas-devel mailing list >> >>> [email protected] <mailto:[email protected]> >> <mailto:[email protected] <mailto:[email protected]>> >> >>> https://www.redhat.com/mailman/listinfo/augeas-devel >> >>> >> >>> >> >>> >> >>> >> >>> -- >> >>> Raphaël Pinson >> >>> Infrastructure Developer & Trainer >> >>> +33 479 26 57 93 <tel:%2B33%20479%2026%2057%2093> >> >>> +33 781 90 00 79 <tel:%2B33%20781%2090%2000%2079> >> >>> >> >>> Camptocamp France >> >>> Savoie Technolac >> >>> BP 352 >> >>> 48, avenue du Lac du Bourget >> >>> 73372 Le Bourget du Lac, Cedex >> >>> www.camptocamp.com <http://www.camptocamp.com> >> <http://www.camptocamp.com> >> >> >> >> _______________________________________________ >> >> augeas-devel mailing list >> >> [email protected] <mailto:[email protected]> >> >> https://www.redhat.com/mailman/listinfo/augeas-devel >> >> >> > >> >> _______________________________________________ >> augeas-devel mailing list >> [email protected] <mailto:[email protected]> >> https://www.redhat.com/mailman/listinfo/augeas-devel >> >> > > _______________________________________________ > augeas-devel mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/augeas-devel > _______________________________________________ augeas-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/augeas-devel
