木偶,奥古斯像和物镜:未保存文件,因为未检测到差异
[英]puppet, augeas and properties lens: file not saved because no difference detected
问题描述
I want to edit a java properties file using puppet and augeas. 
我想使用puppet和augeas编辑Java属性文件。 I'm using this code which seems to be correct but actually this do not modify the file. 我正在使用此似乎正确的代码,但实际上这不会修改文件。
$disabledalgo = "SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224"
$incl = "/tmp/java.security"
augeas { "tlsconf":
lens => "Properties.lns",
incl => "$incl",
changes => "set 'jdk.tls.disabledAlgorithms' '$disabledalgo'",
onlyif => "get 'jdk.tls.disabledAlgorithms' != '$disabledalgo'",
}
the properties file is like that 属性文件就是这样
grep jdk.tls.disabledAlgorithms -A 1 /tmp/java.security
jdk.tls.disabledAlgorithms=TLSv1.1, SSLv3, RC4, MD5withRSA, DH keySize < 768, \
EC keySize < 224
When I launch puppet I have this output. 当我启动人偶时,我有这个输出。
Debug: Augeas[tlsconf](provider=augeas): Opening augeas with root /, lens path , flags 64
Debug: Augeas[tlsconf](provider=augeas): Augeas version 1.4.0 is installed
Debug: Augeas[tlsconf](provider=augeas): Will attempt to save and only run if files changed
Debug: Augeas[tlsconf](provider=augeas): sending command 'set' with params ["/files/tmp/java.security/jdk.tls.disabledAlgorithms", "SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224"]
Debug: Augeas[tlsconf](provider=augeas): Skipping because no files were changed
I expect jdk.tls.disabledAlgorithms to contain SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224 我希望jdk.tls.disabledAlgorithms包含SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224
edit : I observed the same problem when the values are in a totally different order like 编辑 :当值以完全不同的顺序排列时,我观察到相同的问题
jdk.tls.disabledAlgorithms=TLSv1, SSLv3, TLSv1.1, RC4, MD5withRSA, DH keySize < 768, \
EC keySize < 224
and even when I remove RC4 from the file it does not change it. 即使我从文件中删除RC4 ,它也不会更改。
Before creating the question I read augeas in puppet does not change file but the problem doesn't apply as the context parameter seems to correct. 在创建问题之前,我阅读了puppet中的augeas不会更改文件,但是该问题并不适用,因为context参数似乎正确。
thanks 谢谢
1 个解决方案
解决方案1
1 已采纳 2018-07-18 10:49:19
The Properties lens has a peculiar way of parsing multi line entries, in that it creates sub-nodes with no label, making it impossible to manage them. “ Properties镜头具有一种解析多行条目的独特方式,因为它创建了没有标签的子节点,因此无法管理它们。
What I'd recommend is to remove the key before modifying it: 我建议您在修改密钥之前先删除它:
augeas { "tlsconf":
lens => "Properties.lns",
incl => $incl,
changes => [
'rm jdk.tls.disabledAlgorithms',
"set jdk.tls.disabledAlgorithms '$disabledalgo'",
],
}
It won't preserve the location of the entry in the file, but it should work. 它不会保留条目在文件中的位置,但是应该可以工作。 Note also that onlyif is not necessary here. 还要注意,这里仅onlyif是不必要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.