search

saltstack / salt

Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
https://repo.saltproject.io/
Apache License 2.0
14.14k stars 5.47k forks source link

salt.states.augeas.change: changes set command assumes more that 2 arguments #34918

Closed robruma closed 6 years ago

robruma commented 8 years ago

Running a state using augeas.change similar to the documentation example:

update_cipher_suite:
  augeas.change:
    #- lens: httpd.lns
    - context: /files/etc/httpd/conf.d/ssl.conf/VirtualHost
    - changes:
      - set directive[. = 'SSLCipherSuite']/arg AES256+EECDH:AES256+EDH
    - require:
      - pkg: python-augeas

Results in the following error on the master:

----------
          ID: update_cipher_suite
    Function: augeas.change
      Result: False
     Comment: Error: Invalid formatted command, see debug log for details: directive[. = 'SSLCipherSuite']/arg AES256+EECDH:AES256+EDH
     Started: 22:39:27.298611
    Duration: 4.752 ms
     Changes:   
----------

The minion log contains the following suggesting the set command is being interpreted as multiple arguments due to the spaces in the path expression:

2016-07-23 22:39:27,302 [salt.loaded.int.module.augeas_cfg][ERROR   ][11992] set takes (1, 2) args: ['directive[.', '=', 'SSLCipherSuite]/arg', 'AES256+EECDH:AES256+EDH']

I've found quoting the set command argument corrected the problem:

correct_cipher_suite:
  augeas.change:
    #- lens: httpd.lns
    - context: /files/etc/httpd/conf.d/ssl.conf/VirtualHost
    - changes:
      - set "directive[. = 'SSLCipherSuite']/arg" AES256+EECDH:AES256+EDH
    - require:
      - pkg: python-augeas

Versions Report

master

# salt --versions-report
Salt Version:
           Salt: 2016.3.1

Dependency Versions:
           cffi: 0.8.6
       cherrypy: 3.2.2
       dateutil: 1.5
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.7.2
        libgit2: 0.21.0
        libnacl: Not Installed
       M2Crypto: 0.21.1
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.7
   mysql-python: Not Installed
      pycparser: 2.14
       pycrypto: 2.6.1
         pygit2: 0.21.4
         Python: 2.7.5 (default, Nov 20 2015, 02:00:19)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 14.7.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.0.5

System Versions:
           dist: centos 7.2.1511 Core
        machine: x86_64
        release: 3.10.0-327.18.2.el7.x86_64
         system: Linux
        version: CentOS Linux 7.2.1511 Core

minion

# salt-call --versions-report
Salt Version:
           Salt: 2016.3.1

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.7.2
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: 0.21.1
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.7
   mysql-python: 1.2.3
      pycparser: Not Installed
       pycrypto: 2.6.1
         pygit2: Not Installed
         Python: 2.7.5 (default, Nov 20 2015, 02:00:19)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 14.7.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.0.5

System Versions:
           dist: centos 7.2.1511 Core
        machine: x86_64
        release: 3.10.0-327.22.2.el7.x86_64
         system: Linux
        version: CentOS Linux 7.2.1511 Core

Please let me know if additional information is needed.

Ch3LL commented 8 years ago

@robruma just to clarify the issue at hand do you also see this issue when using the docs example of using set:

    - changes:
      - set bind 0.0.0.0
robruma commented 8 years ago

@Ch3LL I do not see the issue using the redis example, only when there are spaces in the set command as a path expression. The redis example seems to work ok.

----------
          ID: redis-conf
    Function: augeas.change
      Result: True
     Comment: Changes have been saved
     Started: 20:02:33.795757
    Duration: 2088.159 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -64 +64 @@
                  -bind 127.0.0.1
                  +bind 0.0.0.0
----------

btw, removing the spaces from the problematic path expression also seems to work.

update_sslciphersuite_directive:
  augeas.change:
    #- lens: httpd.lns
    - context: /files/etc/httpd/conf.d/ssl.conf/VirtualHost
    - changes:
      - rm directive[.='SSLCipherSuite']/arg
      - set directive[.='SSLCipherSuite']/arg[1] AES256+EECDH:AES256+EDH
    - unless: grep -Eq '^SSLCipherSuite AES256\+EECDH\:AES256\+EDH$' /etc/httpd/conf.d/ssl.conf
    - require:
      - pkg: python-augeas
    - watch_in:
      - service: apache
kartiksubbarao commented 8 years ago

I'm running into this problem as well, and the workaround of quoting the set command argument works for me as well. Would be good to see the issue fixed though -- or if this is intentionally new parsing behavior, it would be good to see it documented.

stale[bot] commented 6 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.