stackoom
  简体   繁体   中英

puppet, augeas and properties lens: file not saved because no difference detected

 原文  2018-07-17 21:42:57       configuration/ puppet/ augeas

Question

I want to edit a java properties file using puppet and augeas. I'm using this code which seems to be correct but actually this do not modify the file. 

$disabledalgo = "SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224"

$incl = "/tmp/java.security"

augeas { "tlsconf":
 lens           => "Properties.lns",
 incl           => "$incl",
 changes        => "set 'jdk.tls.disabledAlgorithms' '$disabledalgo'",
 onlyif         => "get 'jdk.tls.disabledAlgorithms' != '$disabledalgo'",
}

the properties file is like that 

grep jdk.tls.disabledAlgorithms -A 1 /tmp/java.security
jdk.tls.disabledAlgorithms=TLSv1.1, SSLv3, RC4, MD5withRSA, DH keySize < 768, \
    EC keySize < 224

When I launch puppet I have this output. 

Debug: Augeas[tlsconf](provider=augeas): Opening augeas with root /, lens path , flags 64
Debug: Augeas[tlsconf](provider=augeas): Augeas version 1.4.0 is installed
Debug: Augeas[tlsconf](provider=augeas): Will attempt to save and only run if files changed
Debug: Augeas[tlsconf](provider=augeas): sending command 'set' with params ["/files/tmp/java.security/jdk.tls.disabledAlgorithms", "SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224"]
Debug: Augeas[tlsconf](provider=augeas): Skipping because no files were changed

I expect jdk.tls.disabledAlgorithms to contain SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224

edit : I observed the same problem when the values are in a totally different order like 

jdk.tls.disabledAlgorithms=TLSv1, SSLv3, TLSv1.1, RC4, MD5withRSA, DH keySize < 768, \
    EC keySize < 224

and even when I remove RC4 from the file it does not change it.

Before creating the question I read augeas in puppet does not change file but the problem doesn't apply as the context parameter seems to correct.

thanks

1 answers

solution1
 1 ACCPTED  2018-07-18 10:49:19

The Properties lens has a peculiar way of parsing multi line entries, in that it creates sub-nodes with no label, making it impossible to manage them.

What I'd recommend is to remove the key before modifying it: 

augeas { "tlsconf":
 lens           => "Properties.lns",
 incl           => $incl,
 changes        => [
                     'rm jdk.tls.disabledAlgorithms',
                     "set jdk.tls.disabledAlgorithms '$disabledalgo'",
                   ],
}

It won't preserve the location of the entry in the file, but it should work. Note also that onlyif is not necessary here.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I properly create during runtime and read the properties that are stored in the config file that saved during a previous session? Where are the application properties settings actually saved or written to? How to use a template for configuration file in Puppet Puppet 7. How to let several profiles subscribe to some service of which the single config file is generated by Puppet How to modify a SSH configuration file using a puppet module How to Configure puppet client without node entry in the puppet master's manifest file? include properties in another properties file properties file in web app Get Aptana to recognize php if it is saved as an html file Open .mobileconfig file saved in application in safari ios
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM