假设文件中有以下内容/etc/syslog.conf:
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
我想将其更改为kern.* /var/log/kern.log获取内核日志的人类可读的时间戳。
Puppet 可以做到:
class syslog::config {
file { "/etc/syslog.conf":
ensure => present,
source => "puppet:///modules/syslog/syslog.conf",
require => Class["syslog::install"],
notify => Class["syslog::service"],
}
}
或者我也可以使用sed -i。
和奥杰阿斯,我可以将这一行附加到文件末尾:
class syslog::config {
augeas { "syslogkern":
context => "/files/etc/syslog.conf",
changes => [
"set entry[last()+1]/selector/facility kern",
"set entry[last()]/selector/level *",
"set entry[last()]/action/file '/var/log/kern.log'",
],
}
}
或修改目的地:
class syslog::config {
augeas { "syslogkern":
context => "/files/etc/syslog.conf",
onlyif => "get #comment[3] == 'kern.*\t\t\t\t\t\t\t/dev/console'",
changes => [
"set #comment[3] 'kern.*\t\t\t\t\t\t\t/var/log/kern.log'",
],
}
}
但是我该如何取消注释这一行呢?
更新
以下是我尝试在后面插入的一行#comment[3]:
augtool> ins facle after /files/etc/syslog.conf/#comment[3]
augtool> set /files/etc/syslog.conf/facle/selector/facility kern
augtool> set /files/etc/syslog.conf/facle/selector/level *
augtool> set /files/etc/syslog.conf/facle/action/file /var/log/kern.log
或者:
augtool> ins facle after /files/etc/syslog.conf/#comment[3]
augtool> set /files/etc/syslog.conf/facle[last()] kernlog
augtool> set /files/etc/syslog.conf/facle[. = 'kernlog']/selector/facility kern
augtool> set /files/etc/syslog.conf/facle[. = 'kernlog']/selector/level *
augtool> set /files/etc/syslog.conf/facle[. = 'kernlog']/action/file /var/log/kern.log
但它不起作用:
augtool> save
error: Failed to execute command
error: saving failed (run 'print /augeas//error' for details)
augtool> print /augeas//error
/augeas/files/etc/syslog.conf/error = "put_failed"
/augeas/files/etc/syslog.conf/error/path = "/files/etc/syslog.conf"
/augeas/files/etc/syslog.conf/error/lens = "/usr/share/augeas/lenses/dist/syslog.aug:243.18-.51:"
/augeas/files/etc/syslog.conf/error/message = "Failed to match \n ({ } | { /#comment/ = /[^\\001-\\004\\t\\n !+-][^\\001-\\004\\n]*[^\\001-\\004\\t\\n ]|[^\\001-\\004\\t\\n !+-]/ } | { /entry/ })*({ /program/ } | { /hostname/ })*\n with tree\n { \"#comment\" = \"Log all kernel messages to the console.\" } { \"#comment\" = \"Logging much else clutters up the screen.\" } { \"#comment\" = \"kern.*\t\t\t\t\t\t\t/var/log/kern.log\" } { \"facle\" = \"kernlog\" } { \"entry\" } { } { \"#comment\" = \"Log anything (except mail) of level info or higher.\" } { \"#comment\" = \"Don't log private authentication messages!\" } { \"entry\" } { } { \"#comment\" = \"The authpriv file has restricted access.\" } { \"entry\" } { } { \"#comment\" = \"Log all the mail messages in one place.\" } { \"entry\" } { } { } { \"#comment\" = \"Log cron stuff\" } { \"entry\" } { } { \"#comment\" = \"Everybody gets emergency messages\" } { \"entry\" } { } { \"#comment\" = \"Save news errors of level crit and higher in a special file.\" } { \"entry\" } { } { \"#comment\" = \"Save boot messages also to boot.log\" } { \"entry\" } { } { } { \"#comment\" = \"INN\" } { } { \"entry\" } { \"entry\" } { \"entry\" }"
答案1
由于 Augeas 的性质,{,取消}注释是一件复杂的事情。简而言之,Augeas 目前无法{,取消}注释节点。
原因(以及建议的解决方案)详述于这张票。
至于插入失败的原因,那是因为您创建了一个facle节点而不是一个entry节点。facle不是中的已知节点名称syslog.aug。
因此你可以做以下事情:
augtool> print /files/etc/syslog.conf/
/files/etc/syslog.conf
/files/etc/syslog.conf/#comment[1] = "titi"
/files/etc/syslog.conf/#comment[2] = "kern.* /dev/console"
/files/etc/syslog.conf/#comment[3] = "toto"
augtool> defvar kerncomment /files/etc/syslog.conf/#comment[. =~ regexp('kern.* +/dev/console')][count(/files/etc/syslog.conf/entry[selector/facility = "kern" and selector/level = "*" and action/file = "/var/log/kern.log"]) = 0]
augtool> ins entry after $kerncomment
augtool> defvar kernentry /files/etc/syslog.conf/entry[preceding-sibling::*[1][$kerncomment]]
augtool> set $kernentry/selector/facility kern
augtool> set $kernentry/selector/level *
augtool> set $kernentry/action/file /var/log/kern.log
augtool> rm $kerncomment
augtool> print /files/etc/syslog.conf/
/files/etc/syslog.conf
/files/etc/syslog.conf/#comment[1] = "titi"
/files/etc/syslog.conf/entry
/files/etc/syslog.conf/entry/selector
/files/etc/syslog.conf/entry/selector/facility = "kern"
/files/etc/syslog.conf/entry/selector/level = "*"
/files/etc/syslog.conf/entry/action
/files/etc/syslog.conf/entry/action/file = "/var/log/kern.log"
/files/etc/syslog.conf/#comment[3] = "toto"
augtool> save
Saved 1 file(s)
augtool>
第一行确保此更改是幂等的。如果使用 Puppet,可以简化此过程:您可以使用 来避免第一行的复杂性onlyif。
答案2
据我所知,Augeas 中没有简单的“取消注释此行”功能。您可以使用它ins来查找现有注释,使用set现有命令插入新条目,然后删除注释。
根据要求,下面是我为 GRUB 的串行控制台设置“串行”和“终端”的示例:
augeas { "grub-serial-ttyS${portnum}":
context => "/files/etc/grub.conf",
changes => [
'rm serial',
'ins serial after timeout',
"set serial/unit '${portnum}'",
"set serial/speed '${portspeed}'",
'rm terminal',
'ins terminal after serial',
"set terminal/timeout '5'",
"clear terminal/console",
"clear terminal/serial",
],
}
唯一的警告是它timeout必须存在。
实际上,我不确定这是否真的是一个很好的例子,但无论如何,这里是它。