.gear/rules | 2 + .../tags/d71bd9b5523ee788f50c3298c18cb73091a58943 | 6 + .gear/tags/list | 1 + .gear/upstream/filter-tag | 1 + .gear/upstream/remotes | 3 + .gear/upstream/transform-tag | 1 + .gitignore | 1 - augeas.spec | 139 +++++++++++++++++++++ bootstrap | 10 +- lenses/aliases.aug | 4 +- lenses/aptsources.aug | 2 +- lenses/authorized_keys.aug | 5 +- lenses/clamav.aug | 5 +- lenses/dns_zone.aug | 3 +- lenses/dnsmasq.aug | 2 +- lenses/hostname.aug | 1 + lenses/htpasswd.aug | 2 +- lenses/httpd.aug | 25 ++-- lenses/known_hosts.aug | 6 +- lenses/mongodbserver.aug | 1 + lenses/monit.aug | 1 + lenses/mysql.aug | 2 +- lenses/nginx.aug | 5 +- lenses/rabbitmq.aug | 3 +- lenses/resolv.aug | 2 + lenses/shadow.aug | 1 + lenses/spacevars.aug | 4 +- lenses/ssh.aug | 5 +- lenses/sshd.aug | 2 +- lenses/vsftpd.aug | 2 +- src/Makefile.am | 2 + tests/Makefile.am | 16 +-- tests/root/etc/openssh/ssh_config | 66 ++++++++++ tests/root/etc/openssh/sshd_config | 131 +++++++++++++++++++ tests/root/etc/ssh/ssh_config | 66 ---------- tests/root/etc/ssh/sshd_config | 131 ------------------- tests/test-api.c | 6 + tests/test-augtool/sshd-add-acceptenv.sh | 8 +- tests/xpath.tests | 10 +- 39 files changed, 421 insertions(+), 262 deletions(-) diff --git a/.gear/rules b/.gear/rules new file mode 100644 index 000000000..54b0f18d5 --- /dev/null +++ b/.gear/rules @@ -0,0 +1,2 @@ +tar: release-@version@:. base=@name@-@version@ +diff: release-@version@:. . diff --git a/.gear/tags/d71bd9b5523ee788f50c3298c18cb73091a58943 b/.gear/tags/d71bd9b5523ee788f50c3298c18cb73091a58943 new file mode 100644 index 000000000..9214a1415 --- /dev/null +++ b/.gear/tags/d71bd9b5523ee788f50c3298c18cb73091a58943 @@ -0,0 +1,6 @@ +object fc9e31f037d486af7e407fb251386d1d7b55bbac +type commit +tag release-1.13.0 +tagger George Hansper 1635059302 +1100 + +Version 1.13.0 diff --git a/.gear/tags/list b/.gear/tags/list new file mode 100644 index 000000000..8afc7b7c6 --- /dev/null +++ b/.gear/tags/list @@ -0,0 +1 @@ +d71bd9b5523ee788f50c3298c18cb73091a58943 release-1.13.0 diff --git a/.gear/upstream/filter-tag b/.gear/upstream/filter-tag new file mode 100755 index 000000000..4afc9395d --- /dev/null +++ b/.gear/upstream/filter-tag @@ -0,0 +1 @@ +grep '^release-' diff --git a/.gear/upstream/remotes b/.gear/upstream/remotes new file mode 100644 index 000000000..9b7aa5078 --- /dev/null +++ b/.gear/upstream/remotes @@ -0,0 +1,3 @@ +[remote "upstream"] + url = https://github.com/hercules-team/augeas + fetch = +refs/heads/*:refs/remotes/upstream/* diff --git a/.gear/upstream/transform-tag b/.gear/upstream/transform-tag new file mode 100755 index 000000000..f0f25bc80 --- /dev/null +++ b/.gear/upstream/transform-tag @@ -0,0 +1 @@ +sed 's/^release-//' diff --git a/.gitignore b/.gitignore index 27eeae252..989bf7c83 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,6 @@ .cproject .project augeas.pc -augeas.spec build/ gnulib/ config.h diff --git a/augeas.spec b/augeas.spec new file mode 100644 index 000000000..99443cfea --- /dev/null +++ b/augeas.spec @@ -0,0 +1,139 @@ +Name: augeas +Version: 1.13.0 +Release: alt1 +Summary: A library for changing configuration files + +Group: System/Configuration/Other +License: LGPLv2+ +Url: http://augeas.net/ +Vcs: https://github.com/hercules-team/augeas +Source: %name-%version.tar +Patch: %name-%version-%release.patch + +BuildRequires: readline-devel libselinux-devel gnulib flex perl-podlators ruby-stdlibs libxml2-devel +Requires: vim-common + +%description +A library for programmatically editing configuration files. Augeas parses +configuration files into a tree structure, which it exposes through its +public API. Changes made through the API are written back to the initially +read files. + +The transformation works very hard to preserve comments and formatting +details. It is controlled by ``lens'' definitions that describe the file +format and the transformation into a tree. + +%package -n lib%name-devel +Summary: Development files for %name +Group: Development/C +Requires: lib%name = %version-%release + +%description -n lib%name-devel +The %name-devel package contains libraries and header files for +developing applications that use %name. + +%package -n lib%name +Summary: Libraries for %name +Group: System/Libraries + +%description -n lib%name +The libraries for %name. + +%prep +%setup -q +%patch -p1 + +%build +./autogen.sh --gnulib-srcdir=/usr/share/gnulib +%configure --disable-static --disable-gnulib-tests +%make_build + +%install +%makeinstall_std + +%check +%make check + +%files +%_bindir/* +%_mandir/man1/* +%_datadir/vim/vimfiles/syntax/augeas.vim +%_datadir/vim/vimfiles/ftdetect/augeas.vim + +%files -n lib%name +%_datadir/augeas +%_libdir/*.so.* +%doc AUTHORS COPYING NEWS + +%files -n lib%name-devel +%doc +%_includedir/* +%_libdir/*.so +%_libdir/pkgconfig/augeas.pc + +%changelog +* Wed Jan 05 2022 Anton Farygin 1.13.0-alt1 +- 1.13.0 + +* Thu Apr 18 2019 Anton Farygin 1.12.0-alt1 +- 1.12.0 + +* Wed Feb 06 2019 Anton Farygin 1.11.0-alt2 +- rebuilt with recent gnulib + +* Mon Oct 08 2018 Anton Farygin 1.11.0-alt1 +- 1.11.0 + +* Sun Apr 01 2018 Anton Farygin 1.10.1-alt1 +- new version + +* Fri Aug 18 2017 Andrey Cherepanov 1.8.1-alt1 +- New version + +* Thu Apr 06 2017 Andrey Cherepanov 1.8.0-alt1 +- new version + +* Sun Jun 21 2015 Terechkov Evgenii 1.4.0-alt1 +- new version + +* Fri Nov 21 2014 Anton Farygin 1.3.0-alt1 +- new version + +* Thu Feb 20 2014 Anton Farygin 1.2.0-alt1 +- new version + +* Wed Jul 31 2013 Slava Dubrovskiy 1.1.0-alt1 +- New version + +* Sun Mar 17 2013 Slava Dubrovskiy 1.0.0-alt1 +- New version (closes: #28696) +- Fix CVE-2012-0786, CVE-2012-0787 +- Apply patch for fix test-run https://fedorahosted.org/augeas/ticket/332 + +* Thu Dec 08 2011 Slava Dubrovskiy 0.10.0-alt1 +- New version + +* Thu Sep 22 2011 Slava Dubrovskiy 0.9.0-alt1 +- New version + +* Wed Jul 20 2011 Slava Dubrovskiy 0.8.1-alt1 +- New version + +* Fri Feb 25 2011 Slava Dubrovskiy 0.8.0-alt1 +- New version +- Fix bootstrap for make shared lib gnulib +- Use system gnulib +- Enable tests and fix it +- Build with libselinux support + +* Thu Dec 02 2010 Anton Farygin 0.7.4-alt1 +- new version + +* Wed Nov 24 2010 Igor Vlasenko 0.7.3-alt1.1 +- repair after perl 5.12 upgrade using girar-nmu + +* Fri Oct 01 2010 Anton Farygin 0.7.3-alt1 +- new version + +* Mon Nov 09 2009 Anton Farygin 0.5.3-alt1 +- first build for Sisyphus diff --git a/bootstrap b/bootstrap index a84eb3912..0dc31e45c 100755 --- a/bootstrap +++ b/bootstrap @@ -45,15 +45,7 @@ case ${GNULIB_SRCDIR--} in *) # Redirect the gnulib submodule to the directory on the command line # if possible. - if test -d "$GNULIB_SRCDIR"/.git && \ - git config --file .gitmodules submodule.gnulib.url >/dev/null; then - git submodule init - GNULIB_SRCDIR=`cd $GNULIB_SRCDIR && pwd` - git config --replace-all submodule.gnulib.url $GNULIB_SRCDIR - echo "$0: getting gnulib files..." - git submodule update || exit $? - GNULIB_SRCDIR=.gnulib - else + if [ ! -d "$GNULIB_SRCDIR" ]; then echo >&2 "$0: invalid gnulib srcdir: $GNULIB_SRCDIR" exit 1 fi diff --git a/lenses/aliases.aug b/lenses/aliases.aug index 10c2d66bd..ab626945e 100644 --- a/lenses/aliases.aug +++ b/lenses/aliases.aug @@ -82,7 +82,9 @@ module Aliases = (* View: lns *) let lns = (comment | empty | alias)* - let xfm = transform lns (incl "/etc/aliases") + let xfm = transform lns (incl "/etc/aliases" + . incl "/etc/postfix/aliases" + . incl "/etc/exim/aliases") (* Local Variables: *) (* mode: caml *) diff --git a/lenses/aptsources.aug b/lenses/aptsources.aug index d7a6b3b15..e09634c76 100644 --- a/lenses/aptsources.aug +++ b/lenses/aptsources.aug @@ -60,7 +60,7 @@ module Aptsources = (* View: filter *) let filter = (incl "/etc/apt/sources.list") - . (incl "/etc/apt/sources.list.d/*") + . (incl "/etc/apt/sources.list.d/*.list") . Util.stdexcl let xfm = transform lns filter diff --git a/lenses/authorized_keys.aug b/lenses/authorized_keys.aug index e913d4b27..e5c7a8f93 100644 --- a/lenses/authorized_keys.aug +++ b/lenses/authorized_keys.aug @@ -66,7 +66,8 @@ let authorized_key = let lns = ( Util.empty | Util.comment | authorized_key)* (* Variable: filter *) -let filter = incl (Sys.getenv("HOME") . "/.ssh/authorized_keys") - +let filter =(incl (Sys.getenv("HOME") . "/.ssh/authorized_keys")) + .(incl (Sys.getenv("HOME") . "/.ssh/authorized_keys")) + .(incl ("/etc/openssh/authorized_keys*/*")) let xfm = transform lns filter diff --git a/lenses/clamav.aug b/lenses/clamav.aug index eeb08c02e..f7901c984 100644 --- a/lenses/clamav.aug +++ b/lenses/clamav.aug @@ -45,8 +45,7 @@ let clamd_entry = [ key word . some_value . Util.eol ] let lns = (Util.empty | example_entry | clamd_entry | comment )* (* Variable: filter *) -let filter = (incl "/etc/clamd.conf") - . (incl "/etc/freshclam.conf") - . (incl "/etc/clamd.d/*.conf") +let filter = (incl "/etc/clamav/clamd.conf") + . (incl "/etc/clamav/freshclam.conf") let xfm = transform lns filter diff --git a/lenses/dns_zone.aug b/lenses/dns_zone.aug index 4db194c94..309afdf60 100644 --- a/lenses/dns_zone.aug +++ b/lenses/dns_zone.aug @@ -109,5 +109,6 @@ let lns = opt_eol . ( (root_records|non_root_records) . (control|any_record_block)* )? -let filter = incl "/var/bind/pri/*.zone" +let filter = incl "/var/lib/bind/zone/*" + . incl "/var/lib/bind/zone/*/*" let xfm = transform Dns_Zone.lns filter diff --git a/lenses/dnsmasq.aug b/lenses/dnsmasq.aug index f7ef9070e..6c19fe321 100644 --- a/lenses/dnsmasq.aug +++ b/lenses/dnsmasq.aug @@ -55,7 +55,7 @@ let server = let lns = (comment|empty|address|server|entry) * let filter = incl "/etc/dnsmasq.conf" - . incl "/etc/dnsmasq.d/*" + . incl "/etc/dnsmasq.conf.d/*" . excl ".*" . Util.stdexcl diff --git a/lenses/hostname.aug b/lenses/hostname.aug index 61cf90b82..678e891da 100644 --- a/lenses/hostname.aug +++ b/lenses/hostname.aug @@ -18,5 +18,6 @@ let lns = [ label "hostname" . store Rx.word . Util.eol ] | Util.empty (* View: filter *) let filter = incl "/etc/hostname" . incl "/etc/mailname" + . incl "/etc/HOSTNAME" let xfm = transform lns filter diff --git a/lenses/htpasswd.aug b/lenses/htpasswd.aug index 6e51745a3..0416386b2 100644 --- a/lenses/htpasswd.aug +++ b/lenses/htpasswd.aug @@ -35,7 +35,7 @@ let entry = Build.key_value_line Rx.word Sep.colon (store Rx.space_in) let lns = (Util.empty | Util.comment | entry)* let filter = incl "/etc/httpd/htpasswd" - . incl "/etc/apache2/htpasswd" + . incl "/etc/httpd2/htpasswd" . incl "/etc/rsyncd.secrets" let xfm = transform lns filter diff --git a/lenses/httpd.aug b/lenses/httpd.aug index 5600088cf..69c24faa2 100644 --- a/lenses/httpd.aug +++ b/lenses/httpd.aug @@ -24,13 +24,13 @@ About: Lens Usage be quoted when containing a space. Create a new VirtualHost section with one directive: - > clear /files/etc/apache2/sites-available/foo/VirtualHost - > set /files/etc/apache2/sites-available/foo/VirtualHost/arg "172.16.0.1:80" - > set /files/etc/apache2/sites-available/foo/VirtualHost/directive "ServerAdmin" - > set /files/etc/apache2/sites-available/foo/VirtualHost/*[self::directive="ServerAdmin"]/arg "admin@example.com" + > clear /files/etc/httpd2/sites-available/foo/VirtualHost + > set /files/etc/httpd2/sites-available/foo/VirtualHost/arg "172.16.0.1:80" + > set /files/etc/httpd2/sites-available/foo/VirtualHost/directive "ServerAdmin" + > set /files/etc/httpd2/sites-available/foo/VirtualHost/*[self::directive="ServerAdmin"]/arg "admin@example.com" About: Configuration files - This lens applies to files in /etc/httpd and /etc/apache2. See . + This lens applies to files in /etc/httpd and /etc/httpd2. See . *) @@ -189,14 +189,13 @@ let rec content = section (content|directive) let lns = (content|directive|comment|empty)* -let filter = (incl "/etc/apache2/apache2.conf") . - (incl "/etc/apache2/httpd.conf") . - (incl "/etc/apache2/ports.conf") . - (incl "/etc/apache2/conf.d/*") . - (incl "/etc/apache2/conf-available/*.conf") . - (incl "/etc/apache2/mods-available/*") . - (incl "/etc/apache2/sites-available/*") . - (incl "/etc/apache2/vhosts.d/*.conf") . +let filter = (incl "/etc/httpd2/apache2.conf") . + (incl "/etc/httpd2/httpd.conf") . + (incl "/etc/httpd2/ports.conf") . + (incl "/etc/httpd2/conf.d/*") . + (incl "/etc/httpd2/conf-available/*.conf") . + (incl "/etc/httpd2/mods-available/*") . + (incl "/etc/httpd2/sites-available/*") . (incl "/etc/httpd/conf.d/*.conf") . (incl "/etc/httpd/httpd.conf") . (incl "/etc/httpd/conf/httpd.conf") . diff --git a/lenses/known_hosts.aug b/lenses/known_hosts.aug index 6d027d66f..ee6c51dbe 100644 --- a/lenses/known_hosts.aug +++ b/lenses/known_hosts.aug @@ -14,11 +14,11 @@ About: Lens Usage Sample usage of this lens in augtool: * Get a key by name from ssh_known_hosts - > print /files/etc/ssh_known_hosts/*[.="foo.example.com"] + > print /files/etc/openssh/ssh_known_hosts/*[.="foo.example.com"] ... * Change a host's key - > set /files/etc/ssh_known_hosts/*[.="foo.example.com"]/key "newkey" + > set /files/etc/openssh/ssh_known_hosts/*[.="foo.example.com"]/key "newkey" About: Configuration files This lens applies to SSH known_hosts files. See . @@ -64,7 +64,7 @@ let entry = let lns = (Util.empty | Util.comment | entry)* (* Variable: filter *) -let filter = incl "/etc/ssh/ssh_known_hosts" +let filter = incl "/etc/openssh/ssh_known_hosts" . incl (Sys.getenv("HOME") . "/.ssh/known_hosts") let xfm = transform lns filter diff --git a/lenses/mongodbserver.aug b/lenses/mongodbserver.aug index 77d1aa426..400fc42ae 100644 --- a/lenses/mongodbserver.aug +++ b/lenses/mongodbserver.aug @@ -49,5 +49,6 @@ let lns = (Util.empty | Util.comment | entry)* (* Variable: filter *) let filter = incl "/etc/mongodb.conf" + . incl "/etc/mongo/mongod.conf" let xfm = transform lns filter diff --git a/lenses/monit.aug b/lenses/monit.aug index f2f1e9eb0..8528058ba 100644 --- a/lenses/monit.aug +++ b/lenses/monit.aug @@ -66,5 +66,6 @@ let lns = (comment|empty|entry) * let filter = incl "/etc/monit/monitrc" . incl "/etc/monitrc" + . incl "/etc/monitrc.d/*" let xfm = transform lns filter diff --git a/lenses/mysql.aug b/lenses/mysql.aug index 1b8c3158e..9afd09d3a 100644 --- a/lenses/mysql.aug +++ b/lenses/mysql.aug @@ -41,7 +41,7 @@ let lns = (comment|IniFile.empty)* . (record|includedir)* let filter = (incl "/etc/mysql/my.cnf") . (incl "/etc/mysql/conf.d/*.cnf") . (incl "/etc/my.cnf") - . (incl "/etc/my.cnf.d/*.cnf") + . (incl "/var/lib/mysql/my.cnf") let xfm = transform lns filter diff --git a/lenses/nginx.aug b/lenses/nginx.aug index 06989c8d2..fcf74a0ba 100644 --- a/lenses/nginx.aug +++ b/lenses/nginx.aug @@ -122,9 +122,8 @@ let lns = ( Util.comment | Util.empty | directive )* (* Variable: filter *) let filter = incl "/etc/nginx/nginx.conf" - . incl "/etc/nginx/conf.d/*.conf" - . incl "/etc/nginx/sites-available/*" - . incl "/etc/nginx/sites-enabled/*" + . incl "/etc/nginx/conf-enabled.d/*.conf" + . incl "/etc/nginx/sites-enabled.d/*.conf" . incl "/usr/portage/www-servers/nginx/files/nginx.conf" . incl "/usr/local/etc/nginx/nginx.conf" . incl "/usr/local/etc/nginx/conf.d/*.conf" diff --git a/lenses/rabbitmq.aug b/lenses/rabbitmq.aug index 7543de6ad..403f32c5e 100644 --- a/lenses/rabbitmq.aug +++ b/lenses/rabbitmq.aug @@ -120,6 +120,7 @@ let rabbit = Erlang.application "rabbit" parameters let lns = Erlang.config rabbit (* Variable: filter *) -let filter = incl "/etc/rabbitmq/rabbitmq.config" +let filter = incl "/etc/rabbitmq/rabbitmq.conf" + . incl "/etc/rabbitmq/conf.d/*" let xfm = transform lns filter diff --git a/lenses/resolv.aug b/lenses/resolv.aug index ffa260e28..e872edf6a 100644 --- a/lenses/resolv.aug +++ b/lenses/resolv.aug @@ -133,5 +133,7 @@ let lns = ( empty | comment | entry )* (* Variable: filter *) let filter = (incl "/etc/resolv.conf") + . (incl "/etc/ppp/resolv.conf") + . (incl "/etc/net/ifaces/*/resolv.conf*") let xfm = transform lns filter diff --git a/lenses/shadow.aug b/lenses/shadow.aug index 959cb3ace..346f43ef9 100644 --- a/lenses/shadow.aug +++ b/lenses/shadow.aug @@ -76,6 +76,7 @@ let lns = (comment|empty|entry|nisdefault) * let filter = incl "/etc/shadow" + . incl "/etc/tcb/*/shadow" . Util.stdexcl let xfm = transform lns filter diff --git a/lenses/spacevars.aug b/lenses/spacevars.aug index 9f70b0680..2c887ac38 100644 --- a/lenses/spacevars.aug +++ b/lenses/spacevars.aug @@ -37,8 +37,8 @@ let simple_lns = lns (* An alias for compatibility reasons *) (* configuration files that can be parsed without customizing the lens *) let filter = incl "/etc/havp/havp.config" . incl "/etc/ldap.conf" - . incl "/etc/ldap/ldap.conf" - . incl "/etc/libnss-ldap.conf" + . incl "/etc/openldap/ldap.conf" + . incl "/etc/nss_ldap.conf" . incl "/etc/pam_ldap.conf" let xfm = transform lns filter diff --git a/lenses/ssh.aug b/lenses/ssh.aug index e9585d32e..f2c1f8f1d 100644 --- a/lenses/ssh.aug +++ b/lenses/ssh.aug @@ -129,6 +129,5 @@ module Ssh = let lns = entry* . (host | match)* - let xfm = transform lns (incl "/etc/ssh/ssh_config" . - incl (Sys.getenv("HOME") . "/.ssh/config") . - incl "/etc/ssh/ssh_config.d/*.conf") + let xfm = transform lns (incl "/etc/openssh/ssh_config" . + incl (Sys.getenv("HOME") . "/.ssh/config")) diff --git a/lenses/sshd.aug b/lenses/sshd.aug index 398f836c9..fcab82870 100644 --- a/lenses/sshd.aug +++ b/lenses/sshd.aug @@ -144,7 +144,7 @@ module Sshd = let lns = (entry | comment | empty)* . match* - let xfm = transform lns (incl "/etc/ssh/sshd_config") + let xfm = transform lns (incl "/etc/openssh/sshd_config") (* Local Variables: *) (* mode: caml *) diff --git a/lenses/vsftpd.aug b/lenses/vsftpd.aug index 5b54d0467..0cff58943 100644 --- a/lenses/vsftpd.aug +++ b/lenses/vsftpd.aug @@ -26,6 +26,6 @@ let uint_option = option uint_option_re /[0-9]+/ let lns = (bool_option|str_option|uint_option|comment|empty)* -let filter = (incl "/etc/vsftpd.conf") . (incl "/etc/vsftpd/vsftpd.conf") +let filter = (incl "/etc/vsftpd.conf") . (incl "/etc/vsftpd/conf") let xfm = transform lns filter diff --git a/src/Makefile.am b/src/Makefile.am index d14314dda..0e5b37ae0 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -68,3 +68,5 @@ FORCE-datadir.h: Makefile $(top_srcdir)/build/ac-aux/move-if-change datadir.h1 datadir.h datadir.h: FORCE-datadir.h + +lexer.l: parser.h diff --git a/tests/Makefile.am b/tests/Makefile.am index 17289de26..458005166 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -305,22 +305,22 @@ TESTS = $(check_SCRIPTS) $(check_PROGRAMS) INCLUDES = -I$(top_srcdir)/src fatest_SOURCES = fatest.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h -fatest_LDADD = $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) +fatest_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) + +test_run_SOURCES = test-run.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h +test_run_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) test_xpath_SOURCES = test-xpath.c cutest.c cutest.h $(top_srcdir)/src/memory.c -test_xpath_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) +test_xpath_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) test_load_SOURCES = test-load.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h -test_load_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) +test_load_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) test_save_SOURCES = test-save.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h -test_save_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) +test_save_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) test_api_SOURCES = test-api.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h -test_api_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) - -test_run_SOURCES = test-run.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h -test_run_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) +test_api_LDADD = $(top_builddir)/src/libaugeas.la $(top_builddir)/src/libfa.la $(LIBXML_LIBS) $(GNULIB) test_perf_SOURCES = test-perf.c cutest.c cutest.h $(top_srcdir)/src/memory.c $(top_srcdir)/src/memory.h test_perf_LDADD = $(top_builddir)/src/libaugeas.la $(LIBXML_LIBS) $(GNULIB) diff --git a/tests/root/etc/openssh/ssh_config b/tests/root/etc/openssh/ssh_config new file mode 100644 index 000000000..296eea18a --- /dev/null +++ b/tests/root/etc/openssh/ssh_config @@ -0,0 +1,66 @@ +# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $ + +# This is the ssh client system-wide configuration file. See +# ssh_config(5) for more information. This file provides defaults for +# users, and the values can be changed in per-user configuration files +# or on the command line. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# Site-wide defaults for some commonly used options. For a comprehensive +# list of available options, their meanings and defaults, please see the +# ssh_config(5) man page. + +# Host * +# ForwardAgent no +# ForwardX11 no +# RhostsRSAAuthentication no +# RSAAuthentication yes +# PasswordAuthentication yes +# HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no +# GSSAPIKeyExchange no +# GSSAPITrustDNS no +# BatchMode no +# CheckHostIP yes +# AddressFamily any +# ConnectTimeout 0 +# StrictHostKeyChecking ask +# IdentityFile ~/.ssh/identity +# IdentityFile ~/.ssh/id_rsa +# IdentityFile ~/.ssh/id_dsa +# Port 22 +# Protocol 2,1 +# Cipher 3des +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc +# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 +# EscapeChar ~ +# Tunnel no +# TunnelDevice any:any +# PermitLocalCommand no +# VisualHostKey no +# ProxyCommand ssh -q -W %h:%p gateway.example.com +# RekeyLimit 1G 1h +# +# Uncomment this if you want to use .local domain +# Host *.local +# CheckHostIP no + +Host * + GSSAPIAuthentication no +# If this option is set to yes then remote X11 clients will have full access +# to the original X11 display. As virtually no X11 client supports the untrusted +# mode correctly we set this to yes. + ForwardX11Trusted = yes +# Send locale-related environment variables + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT + SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE + SendEnv XMODIFIERS diff --git a/tests/root/etc/openssh/sshd_config b/tests/root/etc/openssh/sshd_config new file mode 100644 index 000000000..b5e816055 --- /dev/null +++ b/tests/root/etc/openssh/sshd_config @@ -0,0 +1,131 @@ +# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +# Disable legacy (protocol version 1) support in the server for new +# installations. In future the default will change to require explicit +# activation of protocol 1 +Protocol 2 + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 1h +#ServerKeyBits 768 + +# Logging +# obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +SyslogFacility AUTHPRIV +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 + +#RSAAuthentication yes +#PubkeyAuthentication yes +#AuthorizedKeysFile .ssh/authorized_keys + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no +# similar for protocol version 2 +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no +PasswordAuthentication yes + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +GSSAPIAuthentication yes +#GSSAPICleanupCredentials yes +GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +#UsePAM no +UsePAM yes + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#ShowPatchLevel no +#UseDNS yes +#PidFile /var/run/sshd.pid +#MaxStartups 10 +#PermitTunnel no + +# no default banner path +#Banner /some/path + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + +# Example of overriding settings on a per-user basis +Match User anoncvs + X11Forwarding no + AllowTcpForwarding no + ForceCommand cvs server + +Match Group restricted + ForceCommand /usr/local/bin/restricted_group_command diff --git a/tests/root/etc/ssh/ssh_config b/tests/root/etc/ssh/ssh_config deleted file mode 100644 index 296eea18a..000000000 --- a/tests/root/etc/ssh/ssh_config +++ /dev/null @@ -1,66 +0,0 @@ -# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for some commonly used options. For a comprehensive -# list of available options, their meanings and defaults, please see the -# ssh_config(5) man page. - -# Host * -# ForwardAgent no -# ForwardX11 no -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# GSSAPIAuthentication no -# GSSAPIDelegateCredentials no -# GSSAPIKeyExchange no -# GSSAPITrustDNS no -# BatchMode no -# CheckHostIP yes -# AddressFamily any -# ConnectTimeout 0 -# StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# Port 22 -# Protocol 2,1 -# Cipher 3des -# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc -# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 -# EscapeChar ~ -# Tunnel no -# TunnelDevice any:any -# PermitLocalCommand no -# VisualHostKey no -# ProxyCommand ssh -q -W %h:%p gateway.example.com -# RekeyLimit 1G 1h -# -# Uncomment this if you want to use .local domain -# Host *.local -# CheckHostIP no - -Host * - GSSAPIAuthentication no -# If this option is set to yes then remote X11 clients will have full access -# to the original X11 display. As virtually no X11 client supports the untrusted -# mode correctly we set this to yes. - ForwardX11Trusted = yes -# Send locale-related environment variables - SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES - SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT - SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE - SendEnv XMODIFIERS diff --git a/tests/root/etc/ssh/sshd_config b/tests/root/etc/ssh/sshd_config deleted file mode 100644 index b5e816055..000000000 --- a/tests/root/etc/ssh/sshd_config +++ /dev/null @@ -1,131 +0,0 @@ -# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options change a -# default value. - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -# Disable legacy (protocol version 1) support in the server for new -# installations. In future the default will change to require explicit -# activation of protocol 1 -Protocol 2 - -# HostKey for protocol version 1 -#HostKey /etc/ssh/ssh_host_key -# HostKeys for protocol version 2 -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key - -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 768 - -# Logging -# obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -SyslogFacility AUTHPRIV -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 - -#RSAAuthentication yes -#PubkeyAuthentication yes -#AuthorizedKeysFile .ssh/authorized_keys - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no -PasswordAuthentication yes - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes -ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -GSSAPIAuthentication yes -#GSSAPICleanupCredentials yes -GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -#UsePAM no -UsePAM yes - -# Accept locale-related environment variables -AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES -AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT -AcceptEnv LC_IDENTIFICATION LC_ALL -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PrintMotd yes -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -#UsePrivilegeSeparation yes -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#ShowPatchLevel no -#UseDNS yes -#PidFile /var/run/sshd.pid -#MaxStartups 10 -#PermitTunnel no - -# no default banner path -#Banner /some/path - -# override default of no subsystems -Subsystem sftp /usr/libexec/openssh/sftp-server - -# Example of overriding settings on a per-user basis -Match User anoncvs - X11Forwarding no - AllowTcpForwarding no - ForceCommand cvs server - -Match Group restricted - ForceCommand /usr/local/bin/restricted_group_command diff --git a/tests/test-api.c b/tests/test-api.c index 4833dfae3..7184cbeab 100644 --- a/tests/test-api.c +++ b/tests/test-api.c @@ -358,6 +358,8 @@ static void testNodeInfo(CuTest *tc) { uint label_start, label_end, value_start, value_end, span_start, span_end; aug = aug_init(root, loadpath, AUG_NO_STDINC|AUG_NO_LOAD|AUG_ENABLE_SPAN); + CuAssertPtrNotNull(tc, aug); + CuAssertIntEquals(tc, AUG_NOERROR, aug_error(aug)); ret = aug_load(aug); CuAssertRetSuccess(tc, ret); @@ -412,6 +414,8 @@ static void testNodeInfo(CuTest *tc) { /* aug_span returns -1 if nodes span are not loaded */ aug_close(aug); aug = aug_init(root, loadpath, AUG_NO_STDINC|AUG_NO_LOAD); + CuAssertPtrNotNull(tc, aug); + CuAssertIntEquals(tc, AUG_NOERROR, aug_error(aug)); ret = aug_load(aug); CuAssertRetSuccess(tc, ret); ret = aug_span(aug, expr, &filename_ac, &label_start, &label_end, @@ -519,6 +523,8 @@ static void testToXml(CuTest *tc) { xmlChar *value; aug = aug_init(root, loadpath, AUG_NO_STDINC|AUG_NO_LOAD); + CuAssertPtrNotNull(tc, aug); + r = aug_load(aug); CuAssertRetSuccess(tc, r); diff --git a/tests/test-augtool/sshd-add-acceptenv.sh b/tests/test-augtool/sshd-add-acceptenv.sh index 7b444764a..ba8cb9108 100644 --- a/tests/test-augtool/sshd-add-acceptenv.sh +++ b/tests/test-augtool/sshd-add-acceptenv.sh @@ -1,12 +1,12 @@ commands=" -set /files/etc/ssh/sshd_config/AcceptEnv[3]/01 FOO +set /files/etc/openssh/sshd_config/AcceptEnv[3]/01 FOO " lens=Sshd.lns -file="/etc/ssh/sshd_config" +file="/etc/openssh/sshd_config" -diff='--- /etc/ssh/sshd_config -+++ /etc/ssh/sshd_config.augnew +diff='--- /etc/openssh/sshd_config ++++ /etc/openssh/sshd_config.augnew @@ -93,7 +93,7 @@ # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES diff --git a/tests/xpath.tests b/tests/xpath.tests index 4278e4336..53df51837 100644 --- a/tests/xpath.tests +++ b/tests/xpath.tests @@ -96,8 +96,8 @@ test last-minus-one /files/etc/hosts/*[ipaddr = "127.0.0.1"]/alias[ last() - 1 ] /files/etc/hosts/1/alias[2] = galia.watzmann.net # Make sure we look at all nodes with a given label (ticket #23) -test transparent-multi-node /files/etc/ssh/sshd_config/AcceptEnv/10 - /files/etc/ssh/sshd_config/AcceptEnv[2]/10 = LC_ADDRESS +test transparent-multi-node /files/etc/openssh/sshd_config/AcceptEnv/10 + /files/etc/openssh/sshd_config/AcceptEnv[2]/10 = LC_ADDRESS test abbrev-descendants /files/etc/pam.d//1 /files/etc/pam.d/login/1 @@ -105,9 +105,9 @@ test abbrev-descendants /files/etc/pam.d//1 /files/etc/pam.d/newrole/1 test descendant-or-self /files/descendant-or-self :: 4 - /files/etc/ssh/sshd_config/AcceptEnv[1]/4 = LC_TIME - /files/etc/ssh/ssh_config/Host/SendEnv[1]/4 = LC_TIME - /files/etc/ssh/ssh_config/Host/SendEnv[2]/4 = LC_TELEPHONE + /files/etc/openssh/sshd_config/AcceptEnv[1]/4 = LC_TIME + /files/etc/openssh/ssh_config/Host/SendEnv[1]/4 = LC_TIME + /files/etc/openssh/ssh_config/Host/SendEnv[2]/4 = LC_TELEPHONE /files/etc/aliases/4 /files/etc/fstab/4 /files/etc/pam.d/login/4