Server IP : 85.214.239.14 / Your IP : 18.223.195.30 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /proc/2/root/usr/share/augeas/lenses/dist/ |
Upload File : |
(* Module: Access Parses /etc/security/access.conf Author: Lorenzo Dalrio <lorenzo.dalrio@gmail.com> About: Reference Some examples of valid entries can be found in access.conf or "man access.conf" About: License This file is licensed under the LGPL v2+, like the rest of Augeas. About: Lens Usage Sample usage of this lens in augtool * Add a rule to permit login of all users from local sources (tty's, X, cron) > set /files/etc/security/access.conf[0] + > set /files/etc/security/access.conf[0]/user ALL > set /files/etc/security/access.conf[0]/origin LOCAL About: Configuration files This lens applies to /etc/security/access.conf. See <filter>. About: Examples The <Test_Access> file contains various examples and tests. *) module Access = autoload xfm (* Group: Comments and empty lines *) (* Variable: comment *) let comment = Util.comment (* Variable: empty *) let empty = Util.empty (* Group: Useful primitives *) (* Variable: colon * this is the standard field separator " : " *) let colon = del (Rx.opt_space . ":" . Rx.opt_space) " : " (************************************************************************ * Group: ENTRY LINE *************************************************************************) (* View: access * Allow (+) or deny (-) access *) let access = label "access" . store /[+-]/ (* Variable: identifier_re Regex for user/group identifiers *) let identifier_re = /[A-Za-z0-9_.\\-]+/ (* View: user_re * Regex for user/netgroup fields *) let user_re = identifier_re - /[Ee][Xx][Cc][Ee][Pp][Tt]/ (* View: user * user can be a username, username@hostname or a group *) let user = [ label "user" . ( store user_re | store Rx.word . Util.del_str "@" . [ label "host" . store Rx.word ] ) ] (* View: group * Format is (GROUP) *) let group = [ label "group" . Util.del_str "(" . store identifier_re . Util.del_str ")" ] (* View: netgroup * Format is @NETGROUP[@@NISDOMAIN] *) let netgroup = [ label "netgroup" . Util.del_str "@" . store user_re . [ label "nisdomain" . Util.del_str "@@" . store Rx.word ]? ] (* View: user_list * A list of users or netgroups to apply the rule to *) let user_list = Build.opt_list (user|group|netgroup) Sep.space (* View: origin_list * origin_list can be a single ipaddr/originname/domain/fqdn or a list of those values *) let origin_list = let origin_re = Rx.no_spaces - /[Ee][Xx][Cc][Ee][Pp][Tt]/ in Build.opt_list [ label "origin" . store origin_re ] Sep.space (* View: except * The except operator makes it possible to write very compact rules. *) let except (lns:lens) = [ label "except" . Sep.space . del /[Ee][Xx][Cc][Ee][Pp][Tt]/ "EXCEPT" . Sep.space . lns ] (* View: entry * A valid entry line * Definition: * > entry ::= access ':' user ':' origin_list *) let entry = [ access . colon . user_list . (except user_list)? . colon . origin_list . (except origin_list)? . Util.eol ] (************************************************************************ * Group: LENS & FILTER *************************************************************************) (* View: lns The access.conf lens, any amount of * <empty> lines * <comments> * <entry> *) let lns = (comment|empty|entry) * (* Variable: filter *) let filter = incl "/etc/security/access.conf" (* xfm *) let xfm = transform lns filter