Thanks a bunch. Simplevars works like a charm. :)
-- Kent Brede UNO Linux System Administrator [email protected] ________________________________ From: Raphaël Pinson <[email protected]> Sent: Friday, April 04, 2014 10:25 AM To: Kent Brede Cc: augeas-devel Subject: RE: [augeas-devel] rkhunter.conf As you wish :-) Did you try with Simplevars.lns by any chance? -- Raphaël Pinson Infrastructure Developer & Trainer +33 479 26 57 93 +33 781 90 00 79 Camptocamp France Savoie Technolac BP 352 48, avenue du Lac du Bourget 73372 Le Bourget-du-Lac, Cedex Le 4 avr. 2014 17:23, "Kent Brede" <[email protected]<mailto:[email protected]>> a écrit : As it turns out, I guess unquoted strings are allowed in rkhunter.conf. Until I can learn how to write lenses, I think I'll just quote the two strings and move on. :) -- Kent Brede UNO Linux System Administrator [email protected]<mailto:[email protected]> ________________________________ From: Raphaël Pinson <[email protected]<mailto:[email protected]>> Sent: Friday, April 04, 2014 9:29 AM To: Kent Brede Cc: augeas-devel Subject: Re: [augeas-devel] rkhunter.conf So Shellvars.lns will only work if your unquoted lines were wrong. Otherwise you'll need a specific lens (shouldn't be too hard to write). -- Raphaël Pinson Infrastructure Developer & Trainer +33 479 26 57 93<tel:%2B33%20479%2026%2057%2093> +33 781 90 00 79<tel:%2B33%20781%2090%2000%2079> Camptocamp France Savoie Technolac BP 352 48, avenue du Lac du Bourget 73372 Le Bourget-du-Lac, Cedex Le 4 avr. 2014 16:02, "Kent Brede" <[email protected]<mailto:[email protected]>> a écrit : OK, I'm a bit farther on this. I followed the instructions here: https://github.com/hercules-team/augeas/wiki/Loading-specific-files#loading-even-less After doing a "print" I discovered some errors. Shellvars doesn't like the following two strings that should be quoted. Apparently EPEL forgot to do that. SUSPSCAN_DIRS=/tmp /var/tmp DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps After commenting the strings and doing a quick test via Puppet, I verified Shellvars works with this file. Also just for completeness, in case someone reads this in the future, this is one way to find parse errors: [root@puppet manifests]# augtool --transform "Shellvars.lns incl /etc/rkhunter.conf" augtool> print /augeas/files/etc/rkhunter.conf /augeas/files/etc/rkhunter.conf /augeas/files/etc/rkhunter.conf/path = "/files/etc/rkhunter.conf" /augeas/files/etc/rkhunter.conf/mtime = "1396619823" /augeas/files/etc/rkhunter.conf/lens = "Shellvars.lns" /augeas/files/etc/rkhunter.conf/lens/info = "/usr/share/augeas/lenses/dist/shellvars.aug:163.12-.99:" /augeas/files/etc/rkhunter.conf/error = "parse_failed" /augeas/files/etc/rkhunter.conf/error/pos = "33423" /augeas/files/etc/rkhunter.conf/error/line = "926" /augeas/files/etc/rkhunter.conf/error/char = "13" /augeas/files/etc/rkhunter.conf/error/lens = "/usr/share/augeas/lenses/dist/shellvars.aug:163.12-.99:" /augeas/files/etc/rkhunter.conf/error/message = "Syntax error" Thanks for pointing me in the right direction Ralphael. :) -- Kent Brede UNO Linux System Administrator [email protected]<mailto:[email protected]> ________________________________ From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> on behalf of Kent Brede <[email protected]<mailto:[email protected]>> Sent: Friday, April 04, 2014 8:02 AM To: [email protected]<mailto:[email protected]> Subject: Re: [augeas-devel] rkhunter.conf Thanks for the response Raphael. I tried both version 1.0.0 and 1.1.0. I get no information back from augtool. [root@firefly ~]# augtool --transform "Shellvars.lns incl /etc/rkhunter.conf" augtool> print /files/etc/rkhunter.conf augtool> The file is there. [root@firefly ~]# ll /etc/rkhunter.conf -rw-r----- 1 root root 39322 May 13 2012 /etc/rkhunter.conf The file only contains comments, and options such as: SUSPSCAN_THRESH=200 SUSPSCAN_DIRS="/tmp /var/tmp" What am I missing? -- Kent Brede UNO Linux System Administrator [email protected]<mailto:[email protected]> ________________________________ From: Raphaël Pinson <[email protected]<mailto:[email protected]>> Sent: Friday, April 04, 2014 4:47 AM To: Kent Brede Cc: [email protected]<mailto:[email protected]> Subject: Re: [augeas-devel] rkhunter.conf Hello Kent, You don't need to modify the lens in order to test it againt your file. You can just tell Augeas to use this lens for this file. In Augeas >= 1.0.0, you can use: augtool --transform "Shellvars.lns incl /etc/rkhunter.conf" If your file is present in this location, you should see one of these two: * Parsed content in /files/etc/rkhunter.conf * Errors in /augeas/files/etc/rkhunter.conf/error The only case that I can think of where you wouldn't see any of these (besides the file being absent/empty) is if you're using Augeas 0.7.X, which had a bug in parse error reporting. Cheers, Raphaël Pinson On Thu, Apr 3, 2014 at 11:33 PM, Kent Brede <[email protected]<mailto:[email protected]>> wrote: I'm just getting started with Augeas. Decided I'd like to use it for /etc/rkhunter.conf. It looks to me like shellvars.aug should work for the file. I tried a quick test to see if it would work by adding ". incl "/etc/rkhunter.conf"" under "filter_misc" to shellvars.aug. I realize this isn't probably the approved way of going about this. What I don't understand is, why doesn't "augtool print /files/etc/rkhunter.conf" report anything back? I see nothing in /augeas//error. -- Kent Brede UNO Linux System Administrator [email protected]<mailto:[email protected]> _______________________________________________ augeas-devel mailing list [email protected]<mailto:[email protected]> https://www.redhat.com/mailman/listinfo/augeas-devel -- Raphaël Pinson Infrastructure Developer & Trainer +33 479 26 57 93<tel:%2B33%20479%2026%2057%2093> +33 781 90 00 79<tel:%2B33%20781%2090%2000%2079> Camptocamp France Savoie Technolac BP 352 48, avenue du Lac du Bourget 73372 Le Bourget du Lac, Cedex www.camptocamp.com<http://www.camptocamp.com> _______________________________________________ augeas-devel mailing list [email protected]<mailto:[email protected]> https://www.redhat.com/mailman/listinfo/augeas-devel
_______________________________________________ augeas-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/augeas-devel
