fixedsudoers.aug breaks Augeas on Debian

saz / puppet-sudo

Manage sudo with Puppet on Debian-, RedHat- and SUSE-based linux distributions and some BSDs

Other

105 stars 215 forks source link

fixedsudoers.aug breaks Augeas on Debian #84

Closed Farzy closed 8 years ago

Farzy commented 9 years ago

The file fixedsudoers.aug breaks Puppet Augeas on Debian. At each run it prevents Augeas from working and generates a mysterious error message:

Debug: Augeas[PHP MySQL socket](provider=augeas): Opening augeas with root /, lens path /var/lib/puppet/lib/augeas/lenses, flags 32
Error: /Stage[main]/Main/Augeas[PHP MySQL socket]: Could not evaluate: unknown error - Failed to initialize Augeas

Can you install it selectively on Red Hat systems only?

Farzy commented 9 years ago

To be more precise: the sole presence of the .aug file in the module breaks on Debian 6 (& maybe 7).

tosmi commented 9 years ago

hm, i think thats because of the old augeas version in debian 6/7. debian includes 0.10.0 and redhat 5/6 use 1.2.0 (from epel). the old lense does not support upper usernames and a few other things. but if it completely breaks debian we should probably remove it. i do not know if there's a neat way to just sync the lense on rhel5/6...

saz commented 9 years ago

I'm not aware of any way to sync lenses selectivly.

But, I'm running Debian Wheezy 7.8 with augeas-lenses 0.10.0-1 and this module is working without any problems.

Is anyone else running into this issue?

lutter commented 9 years ago

There was a report on puppet-users that having both FixedSudoers and Sudoers causes breakage.

I see two ways to fix this:

Remove the autoload xfm line from FixedSudoers; instead, use the incl/file parameters to augeas resources -- it seems that that is happening already, anyway, and the autoload line is not needed at all
Merge FixedSudoers back into the Sudoers lens upstream (which I would personally prefer a lot)

tosmi commented 9 years ago

i mainly imported the fixedsuders lens for redhat 5 because we had issues with certain usernames. its a copy of the redhat 6 lens.

it seems to me the sudoers lens got updated in one of the last rhel 5 releases. so i'm not sure if the fixedsuders lens is still required.

so there are two possible solutions:

1) remove the xfm line, which works as far as my tests go 2) remove the fixedsuders lens

i would go with 1 to still support older rhel releases, but 2 is also ok with me. if there are no further updates to this issue within next week i'm going to open a pull request with the xfm line removed.

thanks toni

saz commented 9 years ago

@tosmi First sounds good to me. Are you willing to send in a pr?

tosmi commented 9 years ago

sorry, totally forgot about this issue. i'll try to come up with a pull request within the next days.

saz commented 8 years ago

This issue should be resolved in current master.