Re: [Puppet Users] Augeas type to edit/append to /etc/pam.d/sshd

Tue, 05 Oct 2010 03:43:51 -0700 

Hi Luke,

I do something similar for a different module, give the following a try:

augeas { "mod_mkhomedir_for_pam_sshd":
    context => "/files/etc/pam.d/sshd",
    changes => ["ins 1000000 before *",
                    "set 1000000/type session",
                    "set 1000000/control required",
                    "set 1000000/module pam_mkhomedir.so",
                    "set 1000000/argument umask=0022"],
    onlyif => "match
*[type='session'][module='pam_mkhomedir.so'][argument='umask=0022']
size == 0"
}

Cheers,
Tim

On 5 October 2010 03:00, luke.bigum <[email protected]> wrote:
> Hi all,
>
> I'm trying to do something that should be pretty simple but can't
> figure it out.
>
> I want to append a line to /etc/pam.d/sshd if a line with a certain
> module doesn't exist.
>
> What I would like to work is this:
>
>  augeas { sshd_pam_mkhomedir:
>    context => "/files/etc/pam.d/sshd",
>    changes => [
>      "set *[module = 'pam_mkhomedir.so']/type session",
>      "set *[module = 'pam_mkhomedir.so']/control required",
>      "set *[module = 'pam_mkhomedir.so']/module pam_mkhomedir.so",
>      "set *[module = 'pam_mkhomedir.so']/argument[1] umask=0022",
>    ],
> }
>
> That "*[module = foo]" fails to match and create a new line, even in
> augtool. This doesn't work either:
>
> augtool> set /files/etc/pam.d/sshd/*[last()+1]/type session
> Failed
>
> Nor can I get an insert to work, as to do that I'd need to know the
> number of entries that already exist in the file in order to create
> the next one.
>
> If no one's already got a solution to this I'll have to ask on augeas-
> devel.
>
> Thanks,
>
> -Luke
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to 
> [email protected].
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Reply via email to