ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: usr / share / augeas / lenses / dist

(*
Module: Sshd
  Parses /etc/ssh/sshd_config

Author: David Lutterkort lutter@redhat.com
        Dominique Dumont dominique.dumont@hp.com

About: Reference
  sshd_config man page.
  See http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

About: License
  This file is licensed under the LGPL v2+.

About: Lens Usage
  Sample usage of this lens in augtool:

* Get your current setup
      > print /files/etc/ssh/sshd_config
      ...

* Set X11Forwarding to "no"
      > set /files/etc/ssh/sshd_config/X11Forwarding "no"

More advanced usage:

* Set a Match section
      > set /files/etc/ssh/sshd_config/Match[1]/Condition/User "foo"
      > set /files/etc/ssh/sshd_config/Match[1]/Settings/X11Forwarding "yes"

Saving your file:

> save

About: CAVEATS

In sshd_config, Match blocks must be located at the end of the file.
  This means that any new "global" parameters (i.e. outside of a Match
  block) must be written before the first Match block. By default,
  Augeas will write new parameters at the end of the file.

I.e. if you have a Match section and no ChrootDirectory parameter,
  this command:

> set /files/etc/ssh/sshd_config/ChrootDirectory "foo"

will be stored in a new node after the Match section and Augeas will
  refuse to save sshd_config file.

To create a new parameter as the right place, you must first create
  a new Augeas node before the Match section:

> ins ChrootDirectory before /files/etc/ssh/sshd_config/Match

Then, you can set the parameter

> set /files/etc/ssh/sshd_config/ChrootDirectory "foo"

About: Configuration files
  This lens applies to /etc/ssh/sshd_config

module Sshd =
   autoload xfm

let eol = del /[ \t]*\n/ "\n"

let sep = Util.del_ws_spc

let comment = Util.comment
   let empty = Util.empty

let array_entry (k:string) =
     let value = store /[^ \t\n]+/ in
     [ key k . [ sep . seq k . value]* . eol ]

let other_entry =
     let value = store /[^ \t\n]+([ \t]+[^ \t\n]+)*/ in
     [ key key_re . sep . value . eol ]

let accept_env = array_entry "AcceptEnv"

let allow_groups = array_entry "AllowGroups"
   let allow_users = array_entry "AllowUsers"
   let deny_groups = array_entry "DenyGroups"
   let deny_users = array_entry "DenyUsers"

let subsystemvalue =
     let value = store (/[^ \t\n](.*[^ \t\n])?/) in
     [ key /[A-Za-z0-9\-]+/ . sep . value . eol ]

let subsystem =
     [ key "Subsystem" .  sep .  subsystemvalue ]

let macs =
     let mac_value = store /[^, \t\n]+/ in
     [ key "MACs" . sep .
         [ seq "macs" . mac_value ] .
         ([ seq "macs" . Util.del_str "," . mac_value])* .
         eol ]

let condition_entry =
    let value = store  /[^ \t\n]+/ in
    [ sep . key /[A-Za-z0-9]+/ . sep . value ]

let match_cond =
     [ label "Condition" . condition_entry+ . eol ]

let match_entry =
     ( comment | empty | (Util.indent . other_entry) )

let match =
     [ key "Match" . match_cond
        . [ label "Settings" .  match_entry+ ]
     ]

let xfm = transform lns (incl "/etc/ssh/sshd_config")

(* Local Variables: *)
(* mode: caml       *)
(* End:             *)

[+] ..
[-] mailscanner.aug [edit]
[-] access.aug [edit]
[-] gshadow.aug [edit]
[-] activemq_conf.aug [edit]
[-] gtkbookmarks.aug [edit]
[-] activemq_xml.aug [edit]
[-] hostname.aug [edit]
[-] afs_cellalias.aug [edit]
[-] mcollective.aug [edit]
[-] aliases.aug [edit]
[-] mdadm_conf.aug [edit]
[-] anacron.aug [edit]
[-] memcached.aug [edit]
[-] approx.aug [edit]
[-] group.aug [edit]
[-] phpvars.aug [edit]
[-] apt_update_manager.aug [edit]
[-] grub.aug [edit]
[-] puppet.aug [edit]
[-] aptcacherngsecurity.aug [edit]
[-] mongodbserver.aug [edit]
[-] aptconf.aug [edit]
[-] host_conf.aug [edit]
[-] aptpreferences.aug [edit]
[-] hosts.aug [edit]
[-] aptsources.aug [edit]
[-] hosts_access.aug [edit]
[-] authorized_keys.aug [edit]
[-] htpasswd.aug [edit]
[-] automaster.aug [edit]
[-] jettyrealm.aug [edit]
[-] automounter.aug [edit]
[-] mke2fs.aug [edit]
[-] avahi.aug [edit]
[-] jaas.aug [edit]
[-] backuppchosts.aug [edit]
[-] modprobe.aug [edit]
[-] bbhosts.aug [edit]
[-] jmxaccess.aug [edit]
[-] bootconf.aug [edit]
[-] modules.aug [edit]
[-] build.aug [edit]
[-] jmxpassword.aug [edit]
[-] cachefilesd.aug [edit]
[-] modules_conf.aug [edit]
[-] carbon.aug [edit]
[-] json.aug [edit]
[-] cgconfig.aug [edit]
[-] nagiosobjects.aug [edit]
[-] cgrules.aug [edit]
[-] kdump.aug [edit]
[-] channels.aug [edit]
[-] monit.aug [edit]
[-] chrony.aug [edit]
[-] multipath.aug [edit]
[-] clamav.aug [edit]
[-] keepalived.aug [edit]
[-] cobblermodules.aug [edit]
[-] known_hosts.aug [edit]
[-] cobblersettings.aug [edit]
[-] koji.aug [edit]
[-] collectd.aug [edit]
[-] mysql.aug [edit]
[-] cpanel.aug [edit]
[-] nagioscfg.aug [edit]
[-] cron.aug [edit]
[-] krb5.aug [edit]
[-] crypttab.aug [edit]
[-] netmasks.aug [edit]
[-] cups.aug [edit]
[-] ldif.aug [edit]
[-] cyrus_imapd.aug [edit]
[-] networkmanager.aug [edit]
[-] darkice.aug [edit]
[-] networks.aug [edit]
[-] debctrl.aug [edit]
[-] nrpe.aug [edit]
[-] desktop.aug [edit]
[-] ldso.aug [edit]
[-] device_map.aug [edit]
[-] lightdm.aug [edit]
[-] dhclient.aug [edit]
[-] nginx.aug [edit]
[-] dhcpd.aug [edit]
[-] limits.aug [edit]
[-] dhcpd_140.aug [edit]
[-] login_defs.aug [edit]
[-] dns_zone.aug [edit]
[-] ntpd.aug [edit]
[-] dnsmasq.aug [edit]
[-] nsswitch.aug [edit]
[-] dovecot.aug [edit]
[-] ntp.aug [edit]
[-] dpkg.aug [edit]
[-] odbc.aug [edit]
[-] dput.aug [edit]
[-] openshift_http.aug [edit]
[-] erlang.aug [edit]
[-] openshift_config.aug [edit]
[-] ethers.aug [edit]
[-] pamconf.aug [edit]
[-] exports.aug [edit]
[-] logrotate.aug [edit]
[-] fai_diskconfig.aug [edit]
[-] openvpn.aug [edit]
[-] fonts.aug [edit]
[-] pagekite.aug [edit]
[-] fstab.aug [edit]
[-] pam.aug [edit]
[-] fuse.aug [edit]
[-] passwd.aug [edit]
[-] gdm.aug [edit]
[-] httpd.aug [edit]
[-] postfix_access.aug [edit]
[-] inetd.aug [edit]
[-] pbuilder.aug [edit]
[-] inifile.aug [edit]
[-] pg_hba.aug [edit]
[-] inittab.aug [edit]
[-] pgbouncer.aug [edit]
[-] inputrc.aug [edit]
[-] logwatch.aug [edit]
[-] interfaces.aug [edit]
[-] lokkit.aug [edit]
[-] iproute2.aug [edit]
[-] mailscanner_rules.aug [edit]
[-] iptables.aug [edit]
[-] php.aug [edit]
[-] iscsid.aug [edit]
[-] lvm.aug [edit]
[-] util.aug [edit]
[-] openshift_quickstarts.aug [edit]
[-] xinetd.aug [edit]
[-] postfix_main.aug [edit]
[-] xendconfsxp.aug [edit]
[-] postfix_master.aug [edit]
[-] vfstab.aug [edit]
[-] postfix_sasl_smtpd.aug [edit]
[-] vmware_config.aug [edit]
[-] postfix_transport.aug [edit]
[-] xml.aug [edit]
[-] postfix_virtual.aug [edit]
[-] xorg.aug [edit]
[-] postgresql.aug [edit]
[-] xymon.aug [edit]
[-] properties.aug [edit]
[-] xymon_alerting.aug [edit]
[-] protocols.aug [edit]
[-] yum.aug [edit]
[-] puppet_auth.aug [edit]
[-] puppetfile.aug [edit]
[-] vsftpd.aug [edit]
[-] puppetfileserver.aug [edit]
[-] anaconda.aug [edit]
[-] pylonspaste.aug [edit]
[-] pythonpaste.aug [edit]
[-] qpid.aug [edit]
[-] quote.aug [edit]
[-] rabbitmq.aug [edit]
[-] redis.aug [edit]
[-] webmin.aug [edit]
[-] reprepro_uploaders.aug [edit]
[-] resolv.aug [edit]
[-] rhsm.aug [edit]
[-] rmt.aug [edit]
[-] rsyncd.aug [edit]
[-] rsyslog.aug [edit]
[-] rx.aug [edit]
[-] samba.aug [edit]
[-] schroot.aug [edit]
[-] securetty.aug [edit]
[-] sep.aug [edit]
[-] services.aug [edit]
[-] shadow.aug [edit]
[-] shells.aug [edit]
[-] shellvars.aug [edit]
[-] shellvars_list.aug [edit]
[-] simplelines.aug [edit]
[-] simplevars.aug [edit]
[-] sip_conf.aug [edit]
[-] slapd.aug [edit]
[-] slapd_140.aug [edit]
[-] smbusers.aug [edit]
[-] solaris_system.aug [edit]
[-] soma.aug [edit]
[-] spacevars.aug [edit]
[-] splunk.aug [edit]
[-] squid.aug [edit]
[-] ssh.aug [edit]
[-] sshd.aug [edit]
[-] sshd_140.aug [edit]
[-] sssd.aug [edit]
[-] stunnel.aug [edit]
[-] subversion.aug [edit]
[-] sudoers.aug [edit]
[-] sysconfig.aug [edit]
[-] sysconfig_route.aug [edit]
[-] sysctl.aug [edit]
[-] syslog.aug [edit]
[-] systemd.aug [edit]
[-] thttpd.aug [edit]
[-] tuned.aug [edit]
[-] up2date.aug [edit]
[-] updatedb.aug [edit]
[-] wine.aug [edit]