Try this http://www.cfengine.org/manuals/cf3-solutions.html#Add-variable-definitions-to-a-file
On 08/18/2010 11:14 AM, Ed Voncken wrote: > Hi all, > > I'm trying to wrap my head around CF3 file editing, and I'm probably > trying to do things the wrong way. I'd appreciate if you could point > me in the right direction. > > I have searched Google for advice (most is still on CF2), tried > cfengine_stdlib.cf, read > https://cfengine.org/pipermail/help-cfengine/2010-February/007611.html > about "Multiple edit_lines in one promise" but I'm trying to achieve > something different. > > Situation: > - I have an /etc/ssh/sshd_config with "keyword value" pairs. > - I wish to modify some of these settings, for example the setting > "PermitRootLogin <whatever>" should be changed into "PermitRootLogin > without-password". > - My approach is a "Replace Line if Pattern Match"; a simple "Append > if No Such Line" would not work as it would just leave the old > keyword/value in place and append a new line. > > I've tried the promise bundle below with multiple edit_lines, and it > turns out that only the last edit_line is performed: > > [r...@hal tmp]# diff sshd_config.cf-before-edit sshd_config > 92c92 > < #X11Forwarding no > --- >> X11Forwarding yes > > These are the promises I've used: > > bundle agent ssh { > files: > "/tmp/sshd_config" > edit_line => AppendOrReplaceLineMatching("Protocol.*", "Protocol 2"), > edit_line => AppendOrReplaceLineMatching("PermitRootLogin.*", > "PermitRootLogin without-password"), > edit_line => > AppendOrReplaceLineMatching("UsePrivilegeSeparation.*", > "UsePrivilegeSeparation yes"), > edit_line => > AppendOrReplaceLineMatching("PermitUserEnvironment.*", > "PermitUserEnvironment yes"), > edit_line => AppendOrReplaceLineMatching("X11Forwarding.*", > "X11Forwarding yes"); > } > > # Replace line matching pattern with line. If no match, append line instead. > # > bundle edit_line AppendOrReplaceLineMatching(pattern,line) > { > replace_patterns: > "^${pattern}$" > replace_with => value("${line}"), > classes => if_ok("replace_done"); > insert_lines: > replace_done:: > "${line}"; > } > > I've read the February discussion. There, it is suggested to use a > list of lines to append, but I'm trying to replace any existing lines > matching a keyword with the new keyword/value pair. This means I'd > have to pass lists of lists (pattern/replacement)? And this is the > point where I feel there has to be a better way ;-) > > Am I using the wrong concepts (still rooted in CF2?) here? > > > P.S. There's something strange about AppendOrReplaceLineMatching - I > borrowed that implementation and to my surprise the "replace_done" > class works opposite to what I expect. If I understand correctly, the > "replace_done" class is set if the pattern was replaced (i.e. if there > is NO need to append the line). So I initially put "!replace_done::" > in insert_lines. That didn't work, it changed AND appended the new > line... Perhaps I'm suffering a serious caffeine deficiency? > _______________________________________________ Help-cfengine mailing list [email protected] https://cfengine.org/mailman/listinfo/help-cfengine
