search

hercules-team / augeas

A configuration editing tool and API
http://augeas.net/
GNU Lesser General Public License v2.1
486 stars 199 forks source link

grub.lns unable to handle password entries in grub.conf for specific titles #229

Closed droyden closed 9 years ago

droyden commented 9 years ago

Grub.lns is currently unable to handle a password entry within a specific title (encountered under RHEL6).

It returns this error:

Could not evaluate: Augeas didn't load /boot/grub/grub.conf with Grub.lns: Iterated lens matched less than it should (line:27, character:0)

When line 27 is:

password --md5 <encrypted password>

or

password --encrypted <encrypted password>

Full grub.conf is:

default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
password --encrypted <other encrypted password>
title Red Hat Enterprise Linux Server (2.6.32-504.1.3.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-504.1.3.el6.x86_64 ro root=/dev/mapper/lvgSystem-lvRoot rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=uk rd_LVM_LV=lvgSystem/lvSwap rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=lvgSystem/lvRoot LANG=en_GB rd_NO_DM
        initrd /initramfs-2.6.32-504.1.3.el6.x86_64.img
title Red Hat Enterprise Linux 6 (2.6.32-504.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-504.el6.x86_64 ro root=/dev/mapper/lvgSystem-lvRoot rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=uk rd_LVM_LV=lvgSystem/lvSwap rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=lvgSystem/lvRoot LANG=en_GB rd_NO_DM
        initrd /initramfs-2.6.32-504.el6.x86_64.img
title Password Protected Kernel
        root (hd0,0)
        kernel /vmlinuz-2.6.32-504.1.3.el6.x86_64 ro root=/dev/mapper/lvgSystem-lvRoot rd_NO_LUKS KEYBOARDTYPE=pc KEYTABLE=uk rd_LVM_LV=lvgSystem/lvSwap rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=lvgSystem/lvRoot LANG=en_GB rd_NO_DM
        initrd /initramfs-2.6.32-504.1.3.el6.x86_64.img
        password --md5 <encrypted password>

This can be demonstrated via the example puppet manifest:

    kernel_parameter { "clocksource":
            ensure => present,
            value  => "acpi_pm",
            target => "/tmp/grub_nopasswd.conf",
    }

Error: /Stage[main]/Main/Kernel_parameter[clocksource]: Could not evaluate: Augeas didn't load /tmp/grub_nopasswd.conf with Grub.lns: Iterated lens matched less than it should (line:27, character:0)

lutter commented 9 years ago

Thanks for reporting this. Fixed with commit 16c9bf25