On Thu, Dec 27, 2001 at 09:19:16AM -0600, Steve Langasek wrote: > On Thu, Dec 27, 2001 at 02:18:15PM +0100, Eric Van Buggenhaut wrote: > > Hi, > > > I'm currently packaging libdbix-password-perl. > > > The upstream code requires the administrator to introduce the user > > data (username, password, port, database, etc.) in the same Password.pm > > file, > > which looks horrible to me. > > > So my idea is to create a config file in /etc sourced by the module. I > > have never done this though, so I ask all Perl Mongers out there: > > > - what should the file be called ? /etc/Password.conf ? > > > - how should I source it from within the perl module ? > > Although creating perl config files that can be sourced is a very quick > and easy way to make use of config files in perl (since your parser is > already built-in), I've always considered it a somewhat hackish > approach. Certainly, anyone not familiar with perl programming can > easily break your script beyond all recognition just by incorrectly > editing the sourced config file, in the process making it impossible for > you to generate your own warning/error messages (well, without a fair > deal of effort :). In addition, we occasionally get hosting customers > here who want to have CGIs that use sourced config files, with other > CGIs to edit those config files -- which means a clever attacker who was > able to guess or learn the admin password could arbitrarily change the > CGIs to do his bidding. Probably not an issue with what you're doing > in your package, but it's definitely not something we want happening on > a virtualhosting webserver. :) > > My own approach? Write your own parser for a simple 'key = value' style > config file. This can usually be done in ten lines or less[1] using > perl's powerful regexp engine. >
The key=value strategy may not work in my case because I must generate a hash of hashes, this style: my $virtual1 = { 'acs' => { 'username' => 'root', 'password' => 'o.e,13', 'port' => '', 'database' => 'acs', 'attributes' => {}, 'connect' => 'DBI:mysql:database=acs;host=localhost', 'driver' => 'mysql', 'host' => 'localhost' }, 'personales' => { 'username' => 'root', 'password' => 'v.rc,3', 'port' => '', 'database' => 'acs', 'attributes' => {}, 'connect' => 'DBI:mysql:database=PaginasPersonales;host= localhost', 'driver' => 'mysql', 'host' => 'localhost' }, }; I wanted to be able to use a config file similar to /etc/passwd like: #This is the list of users needed by DBIx::Password #(/usr/lib/perl5/DBIx/Password.pm) # #Syntax is: #host:username:password:port:database:attributes:connect:driver:host # #You can use simple quotes when field contains colon(s) acs:root:op.re,13::acs:{}:'DBI:mysql:database=acs:host=localhost':mysql:localhost personales:root:op.re,13::acs:{}:'DBI:mysql:database=PaginasPersonales:host=localhost':mysql:localhost And wrote the parser: #!/usr/bin/perl -w #open (IN,"/etc/dbix-password.conf"); open (IN,"dbix-password.conf"); while (<IN>) { next if (/^#/ || /^$/); @host = m/:?([^':]*)||:?'([^']*)'/g; foreach (@host) {print "$_ "}; print "\n"; } close IN; But this misteriously matches empty fields and I haven't been able to find out where my parser fails ... Something like that: acs root op.re,13 acs {} DBI:mysql:database=acs:host=localhost mysql localhost personales root op.re,13 acs {} DBI:mysql:database=PaginasPersonales:host=localhost mysql localhost So if anyone has an idea ... Thanks to all people who helped me. -- Eric VAN BUGGENHAUT "Hay tampones y tampones ..." (Eva Serrano) \_|_/ Andago \/ \/ Av. Santa Engracia, 54 a n d a g o |-- E-28010 Madrid - tfno:+34(91)2041100 /\___/\ http://www.andago.com / | \ "Innovando en Internet" [EMAIL PROTECTED]