thr3ads.net - Puppet users - [Puppet Users] Vagrant, puppet, augeas path expression problem [May 2014]

If this information is useful, please help other people find it:
Share via:
jwilkicki@gmail.com
2014-May-14 04:37 UTC
[Puppet Users] Vagrant, puppet, augeas path expression problem

Hi!

I'm trying to update /etc/ssh/sshd_config on a Vagrant vm using the puppet 
provider.  When I do:

ins PermitRootLogin after /files/etc/ssh/sshd_config/#comment[. = 
'PermitRootLogin yes']

in augtool, it works fine.

But nothing I try in my puppet rules works.  I've tried a few variants, 
including:

augeas {'sshd_ins_root_login':
    incl => '/etc/ssh/sshd_config',
    lens => 'Sshd.lns',
    changes => [
      "ins PermitRootLogin after #comment[.='PermitRootLogin
yes']"
    ]
 }

augeas {'sshd_ins_root_login':
    context => '/files/etc/ssh/sshd_config',
    changes => [
      "ins PermitRootLogin after #comment[.='PermitRootLogin
yes']"
    ]
 }

and

augeas {'sshd_ins_root_login':
    changes => [
      "ins PermitRootLogin after 
/files/etc/ssh/sshd_config/#comment[.='PermitRootLogin yes']"    
    ]
  }

I've also tried a path like:   /files/etc/ssh/sshd_config/#comment[. =~ 
regexp('PermitRootLogin.*')]

No matter what I do, I get this when I run vagrant provision:

Debug: Augeas[sshd_ins_root_login](provider=augeas): Will attempt to save 
and only run if files changed
Debug: Augeas[sshd_ins_root_login](provider=augeas): sending command
'ins'
with params ["PermitRootLogin", "after", 
"/files/etc/ssh/sshd_config/#comment[.='PermitRootLogin
yes']"]
Debug: Augeas[sshd_ins_root_login](provider=augeas): Put failed on one or 
more files, output from /augeas//error:
Debug: Augeas[sshd_ins_root_login](provider=augeas): 
/augeas/files/etc/ssh/sshd_config/error/path = /files/etc/ssh/sshd_config
Debug: Augeas[sshd_ins_root_login](provider=augeas): 
/augeas/files/etc/ssh/sshd_config/error/lens = 
/usr/share/augeas/lenses/dist/sshd.aug:123.12-125.36:
Debug: Augeas[sshd_ins_root_login](provider=augeas): 
/augeas/files/etc/ssh/sshd_config/error/message = Failed to match
    ({ /#comment/ = /[^\001-\004\t\n ][^\001-\004\n]*[^\001-\004\t\n 
]|[^\001-\0
04\t\n ]/ } | { } | { /AcceptEnv/ } | { /AllowGroups/ } | { /AllowUsers/ } 
| { /
DenyGroups/ } | { /Subsystem/ } | { /DenyUsers/ } | { /MACs/ } | { 
/AcceptEn((v[
0-9A-Za-z]|[0-9A-Za-uw-z])[0-9A-Za-z]*|)|AcceptE([0-9A-Za-mo-z][0-9A-Za-z]*|)|Ac
cept([0-9A-DF-Za-z][0-9A-Za-z]*|)|Accep([0-9A-Za-su-z][0-9A-Za-z]*|)|Acce([0-9A-
Za-oq-z][0-9A-Za-z]*|)|Acc([0-9A-Za-df-z][0-9A-Za-z]*|)|Allow(Group((s[0-9A-Za-z
]|[0-9A-Za-rt-z])[0-9A-Za-z]*|)|Grou([0-9A-Za-oq-z][0-9A-Za-z]*|)|Gro([0-9A-Za-t
v-z][0-9A-Za-z]*|)|Gr([0-9A-Za-np-z][0-9A-Za-z]*|)|User((s[0-9A-Za-z]|[0-9A-Za-r
t-z])[0-9A-Za-z]*|)|Use([0-9A-Za-qs-z][0-9A-Za-z]*|)|Us([0-9A-Za-df-z][0-9A-Za-z
]*|)|U([0-9A-Za-rt-z][0-9A-Za-z]*|)|G([0-9A-Za-qs-z][0-9A-Za-z]*|)|[0-9A-FH-TV-Z
a-z][0-9A-Za-z]*|)|Allo([0-9A-Za-vx-z][0-9A-Za-z]*|)|All([0-9A-Za-np-z][0-9A-Za-
z]*|)|Al([0-9A-Za-km-z][0-9A-Za-z]*|)|Ac([0-9A-Zabd-z][0-9A-Za-z]*|)|DenyGroup((
s[0-9A-Za-z]|[0-9A-Za-rt-z])[0-9A-Za-z]*|)|DenyGrou([0-9A-Za-oq-z][0-9A-Za-z]*|)
|DenyGro([0-9A-Za-tv-z][0-9A-Za-z]*|)|DenyGr([0-9A-Za-np-z][0-9A-Za-z]*|)|DenyUs
er((s[0-9A-Za-z]|[0-9A-Za-rt-z])[0-9A-Za-z]*|)|DenyUse([0-9A-Za-qs-z][0-9A-Za-z]
*|)|DenyUs([0-9A-Za-df-z][0-9A-Za-z]*|)|DenyU([0-9A-Za-rt-z][0-9A-Za-z]*|)|DenyG
([0-9A-Za-qs-z][0-9A-Za-z]*|)|Deny([0-9A-FH-TV-Za-z][0-9A-Za-z]*|)|Den([0-9A-Za-
xz][0-9A-Za-z]*|)|De([0-9A-Za-mo-z][0-9A-Za-z]*|)|MAC((s[0-9A-Za-z]|[0-9A-Za-rt-
z])[0-9A-Za-z]*|)|Matc((h[0-9A-Za-z]|[0-9A-Za-gi-z])[0-9A-Za-z]*|)|Mat([0-9A-Zab
d-z][0-9A-Za-z]*|)|Ma([0-9A-Za-su-z][0-9A-Za-z]*|)|MA([0-9ABD-Za-z][0-9A-Za-z]*|
)|Subsyste((m[0-9A-Za-z]|[0-9A-Za-ln-z])[0-9A-Za-z]*|)|Subsyst([0-9A-Za-df-z][0-
9A-Za-z]*|)|Subsys([0-9A-Za-su-z][0-9A-Za-z]*|)|Subsy([0-9A-Za-rt-z][0-9A-Za-z]*
|)|Subs([0-9A-Za-xz][0-9A-Za-z]*|)|Sub([0-9A-Za-rt-z][0-9A-Za-z]*|)|Su([0-9A-Zac
-z][0-9A-Za-z]*|)|(S[0-9A-Za-tv-z]|M[0-9B-Zb-z]|D[0-9A-Za-df-z]|A[0-9A-Zabd-km-z
]|[0-9BCE-LN-RT-Za-z][0-9A-Za-z])[0-9A-Za-z]*|S|M|D|A|[0-9BCE-LN-RT-Za-z]/ 
= /[^
\001-\004\t\n ]+([\t ]+[^\001-\004\t\n ]+)*/ })*{ /Match/ }*
    with tree
    { "#comment" = "$OpenBSD: sshd_config,v 1.80 2008/07/02
02:24:18 djm
Exp $"
} {  } { "#comment" = "This is the sshd server system-wide
configuration
file.
See" } { "#comment" = "sshd_config(5) for more
information." } {  } {
"#comment"
 = "This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin" } {
} {
"#co
mment" = "The strategy used for options in the default sshd_config
shipped
with"
 } { "#comment" = "OpenSSH is to specify options with their
default value
where"
 } 
...snip... { "#comment" = "PermitRootLogin yes" } {
"PermitRootLogin" } {
"#comme
nt" = "StrictModes yes" } 
...snip...
{ "#comment" = "AllowTcpForwarding no" } {
"#comment" = "For
ceCommand cvs server" }

I'm currently running:

 rpm -q puppet
puppet-3.2.1-1.el6.noarch
rpm -q augeas
augeas-0.9.0-4.el6.x86_64

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/843ac69a-adc8-47da-b5c9-312eb29e0aad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Puppet users - May 2014 - Vagrant, puppet, augeas path expression problem

[Puppet Users] Vagrant, puppet, augeas path expression problem
