-
Notifications
You must be signed in to change notification settings - Fork 123
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plugins: Plugin ideas added #2169
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you, there are good ideas!
@@ -24,9 +25,45 @@ is allowed to occur for both device and mountpoint. When checking for | |||
relative files, it is not enough to look at the first character if it is | |||
a `/`, because remote file systems and some special names are valid, too. | |||
|
|||
If `check/permission = [permission], [user]` is also present it will check for the correct permissions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
check/permissions also needs to be added to infos/metadata and doc/METADATA.ini
src/plugins/path/README.md
Outdated
@@ -24,9 +25,45 @@ is allowed to occur for both device and mountpoint. When checking for | |||
relative files, it is not enough to look at the first character if it is | |||
a `/`, because remote file systems and some special names are valid, too. | |||
|
|||
If `check/permission = [permission], [user]` is also present it will check for the correct permissions | |||
of the file/directory. `check/permission = rw, tomcat` for example will check if the user `tomcat` has read and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its better to separate permissions and ownership.
For ownership an option to refer to the "current" user would be interesting.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about check/permission = rwx
and
check/permission/user = tomcat
in order to split up the permission and ownership?
When the user types in "current" in the user part, I would simply replace it with the user who caused the "kdb set". Does this make sense for you?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about check/permission = rwxand
check/permission/user = tomcat in order to split up the permission and ownership?
The ownership has actually little to do with permission. So maybe check/owner/user
and check/owner/group
?
When the user types in "current" in the user part, I would simply replace it with the user who caused the "kdb set". Does this make sense for you?
This would create a problem if there is a user called "current". What about an empty string? I think this is not allowed as actual user name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My question here is, if the owner is actually that much needed.
I just want to check if a certain user can read/write/etc. on a certain file.
If for example user "java" can write to /var/log/abc.log. Why is the owner of the file of any relevance?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right, it makes sense to make this check as simple as this.
So the "user" refers to for whom the permissions are checked, not to the owner. This should be said very clearly, not only hidden in the example.
Permissions available: | ||
- `r`: **R**ead | ||
- `w`: **W**rite | ||
- `x`: e**X**ecute |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can fully implement this, missing are:
- sticky bit
- and then all of these permissions also for groups and others
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alright, I will add it in the next commit!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you agree and have/will fix it, a "thumbs up" 👍 or similar is enough.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The sticky bit does not change the behavior of the program at all so I think it is better to ignore it.
I am thinking the same about groups. In the end its a a user who executes or uses the file in the setting. So probably its the best to keep it that simple and only provide rwx.
I am unclear now if you really want to split up permission and user as for me it is more intuitive to have them both in one metadata, eg. check/permission "rwx, java" (or maybe without the colon). If check/permission "rwx, " is given, the current user is taken?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the implementation it matters: if the file does not exist, it is the sticky bit of the parent directory which may decide if the user can create the file.
Btw. did you check if there an "access (2)" which allows us to say for which user it should be checked? Then the implementation would be trivial.
Maybe there should also be a flag if the file already needs to be present. For log files there are many differences in this area. Actually, if the software does not allow the creation of files, we could simply create it.
I am unclear now if you really want to split up permission
Yes, the split is a must. Otherwise we get problems if the user names contains ",", spaces or similar.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Btw. did you check if there an "access (2)" which allows us to say for which user it should be checked? Then the implementation would be trivial.
Unfortunately I do not understand what you mean by this 😕
Maybe there should also be a flag if the file already needs to be present. For log files there are many differences in this area.
Maybe we could add a check/path/exists
setting which indicated if it has to exist already?
Actually, if the software does not allow the creation of files, we could simply create it.
The idea sound good but especially with logs there are rollovers and this could simply lead to a delayed configuration error which isn't wanted. I guess the user setting the specification should just give the executing user the creation (write) permission to the directory.
Yes, the split is a must. Otherwise we get problems if the user names contains ",", spaces or similar.
What about
check/permission = rw
check/permission/user = tomcat
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately I do not understand what you mean by this confused
I mean to use the syscall access (2) http://man7.org/linux/man-pages/man2/access.2.html
logs there are rollovers and this could simply lead to a delayed configuration error which isn't wanted.
Yes, this is certainly not wanted. I think we need to gather more data here for what applications do here.
One more advanced idea is that Elektra already opens a file and then passes /proc/self/fd/ instead of the real file name. Then it is impossible that the file disappears (but it needs additionally resources, namely an open file descriptor).
What about
Simply propose it in the PR. We can take a look tomorrow.
- `r`: **R**ead | ||
- `w`: **W**rite | ||
- `x`: e**X**ecute | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checks for regular file/directory/symbolic link/... would be interesting, too. But they are only nice-to-have.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will leave this open for now and see in my thesis if it is needed that often. But the idea is good!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, making everything complete is not a good idea anyway. It easily happens that stuff is added nobody ever needs. I just mentioned it so that you are aware that such a check might be relevant for some software.
src/plugins/path/README.md
Outdated
kdb set /tests/path/value /var/log/application-file.log | ||
|
||
#This checks if the file actually exists | ||
kdb setmeta user/tests/path/value check/path |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sudo kdb setmeta /tests ...
to use keys in spec.
src/plugins/recursion/README.md
Outdated
3) Forcing users to define non-recursive settings first on which they can build up | ||
recursive settings is inconvenient and could lead to orphan settings. | ||
4) We can only check right after calling `kdb set` and not a whole config. | ||
This means that user can have "unfinished" configurations while setting new values. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not understand this limitation. Within "kdb set" you can check the whole configuration and reject everything that is unfinished.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's correct, but this would force the user to have a specified ordering when creating the configuration. Either "bottom-up" (you have to create leaf settings before recursive ones) or "top-down" (you have to create top level settings first before adding lower level ones).
Klemens said that some plugins which take a config do not have a specific ordering once you load them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some storage plugins do not remember the order of entries within the configuration files. But the order of the configuration structure should have nothing to do with that.
src/plugins/recursion/README.md
Outdated
``` | ||
kdb mount config.dump /recursive dump recursion | ||
kdb setmeta user/recursive check/recursion/vertex "menu, submenu" | ||
kdb setmeta user/recursive check/recursion/leaf "param, menupoint" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use Elektra arrays, for example:
kdb setmeta user/recursive check/recursion/vertex/#0 menu
kdb setmeta user/recursive check/recursion/vertex/#1 submenu
kdb setmeta user/recursive check/recursion/leaf/#0 param
kdb setmeta user/recursive check/recursion/leaf/#1 menupoint
See #1010
A kdb set-meta-array
would be nice to have.
src/plugins/recursion/README.md
Outdated
|
||
`check/recursion/vertex` basically means that keys containing `menu` or `submenu` after `/recursive` | ||
will have further configurations below them. So users would build up structures like this: | ||
`/recursive/<vertex>/#[0-9]+/<vertex>/#[0-9]+/.....` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you give a concrete example? Why is #[0-9]+
allowed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will change the example in the next commit
src/plugins/recursion/README.md
Outdated
will have further configurations below them. So users would build up structures like this: | ||
`/recursive/<vertex>/#[0-9]+/<vertex>/#[0-9]+/.....` | ||
|
||
`check/recursion/leaf` means that there is no subvertex allowed anymore. So this is not allowed: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does "param, menupoint" mean?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will change the example in the next commit
src/plugins/recursion/README.md
Outdated
|
||
A command will fail if users want to set settings for non-existent vertices, eg. `kdb set /recursive/menu/#5/....` | ||
|
||
The validation solely happens on the structure, not on the values of the keys. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it makes sense to separate this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most of the comments from the previous review are still not fixed.
doc/METADATA.ini
Outdated
status= idea | ||
usedby/plugin= path | ||
type= string | ||
description= A check to see if a certain user has correct permissions on a file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How to specify the user? Specification of which values are allowed are missing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
how to specify any combination or rwx?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are many ways, I am sure you will find one 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
well, of course I could find one but I have no idea what this file does or how it is used or if it is used. I mean I could provide a regex under "type" or enumerate all possibilities or give a textual description. But I have no idea if I break anything or if I write something illegal then. Is there any documentation for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -1209,3 +1209,9 @@ severity:error | |||
ingroup:plugin | |||
module:typechecker | |||
macro:PLUGIN_TYPECHECKER_SET | |||
|
|||
number:194 | |||
description:The given path does not meet the correct permissions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should try to reuse/reduce the errors and make a nice classification system. Hopefully you can contribute to improve the error system.
src/plugins/network/README.md
Outdated
## Future Work | ||
|
||
`check/port/ping` to check if the port can be pinged/reached (usually for clients). | ||
This potentially could prohibit users from setting correct settings as the server application |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not if it is a warning.
The problem is rather that a timeout is needed.
src/plugins/path/README.md
Outdated
@@ -26,7 +27,7 @@ relative files, it is not enough to look at the first character if it is | |||
a `/`, because remote file systems and some special names are valid, too. | |||
|
|||
If `check/permission = [permission], [user]` is also present it will check for the correct permissions | |||
of the file/directory. `check/permission = rw, tomcat` for example will check if the user `tomcat` has read and | |||
of the file/directory. `check/permission = rw` and `check/permission/user = tomcat` for example will check if the user `tomcat` has read and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is still no explanation of check/permission, check/permission/user. It is good to have an example but there should also be an explanation without example.
src/plugins/path/README.md
Outdated
@@ -48,10 +49,10 @@ sudo kdb mount some_file.ecf /tests/path some_file dump | |||
kdb set /tests/path/value /var/log/application-file.log | |||
|
|||
#This checks if the file actually exists | |||
kdb setmeta user/tests/path/value check/path | |||
sudo kdb setmeta user/tests/path/value check/path |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"user" needs to be removed, otherwise the change does not make sense.
src/plugins/path/README.md
Outdated
# RET:X | ||
# ERROR:XXX | ||
# ERROR:194 | ||
# Reason: User tomcat has no permission to read the given file. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reason should state what was expected and what is actual.
src/plugins/recursion/README.md
Outdated
@@ -23,25 +23,37 @@ Users have to define recursive setting specifications in the following way: | |||
|
|||
``` | |||
kdb mount config.dump /recursive dump recursion | |||
kdb setmeta user/recursive check/recursion/vertex "menu, submenu" | |||
kdb setmeta user/recursive check/recursion/leaf "param, menupoint" | |||
kdb setmeta user/recursive check/recursion/vertex "A, B" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Still without array syntax.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will take a look at it on the weekend. For understanding purposes I think it is fine
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not easy to review something which actually should be changed.
src/plugins/recursion/README.md
Outdated
``` | ||
|
||
`check/recursion/vertex` basically means that keys containing `menu` or `submenu` after `/recursive` | ||
will have further configurations below them. So users would build up structures like this: | ||
`check/recursion/vertex` basically means that keys containing `A` or `B` after `/recursive` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The word "basically" is useless. Say it like it is. And again: with+without example.
src/plugins/recursion/README.md
Outdated
@@ -81,10 +81,186 @@ kdb set /recursive/define/#2/ref/#1 /recursive/define/#5 | |||
Arbitrary additional data can be saved too such as: | |||
`kdb set /recursive/define/#2/permission admin` | |||
|
|||
## A more real example |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@markus2330 I hope that this example is much more illustrative for you. Please take a look at it and tell me anything which is unclear. It really took me quite some time to get this right
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you, much more clear now!
src/plugins/recursion/README.md
Outdated
@@ -81,10 +81,186 @@ kdb set /recursive/define/#2/ref/#1 /recursive/define/#5 | |||
Arbitrary additional data can be saved too such as: | |||
`kdb set /recursive/define/#2/permission admin` | |||
|
|||
## A more real example | |||
|
|||
In order to better show how this plugin can be used, a more sophisticated example will be given. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its better if the examples show different aspects, not one "less real" and another "more real".
src/plugins/recursion/README.md
Outdated
## A more real example | ||
|
||
In order to better show how this plugin can be used, a more sophisticated example will be given. | ||
Imagine that you want to create your own menu with arbitrary submenus possible. The following example |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Menu like in a restaurant?
src/plugins/recursion/README.md
Outdated
The following picture illustrates the menu tree: | ||
![menu-example](example.png?raw=true "Example") | ||
|
||
So how can we map this into an elektra configuration? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
configuration or specification?
src/plugins/recursion/README.md
Outdated
``` | ||
kdb mount config.dump /editor dump recursion | ||
sudo kdb setmeta /editor check/recursion/vertex "menu" | ||
sudo kdb setmeta /editor check/recursion/ref "menuref" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Specification still not explained, what are these two lines for?
src/plugins/recursion/README.md
Outdated
sudo kdb setmeta /editor check/recursion/vertex "menu" | ||
sudo kdb setmeta /editor check/recursion/ref "menuref" | ||
``` | ||
Each key definition in the form of `/editor/menu` will now be treated as recursive entry. You can define arbitrary |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/editor/menu is not a form but rather an example?
src/plugins/recursion/README.md
Outdated
``` | ||
#Link "Macro Basics" to the parent menu "Macros" and create an endless loop | ||
kdb set /editor/menu/#9/menuref/#0 /editor/menu/#7 | ||
ERR: 198 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use shell recorder syntax
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you have a link to a tutorial for that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The following documents should be helpful:
. Many of the plugins also contain some basic MSR tests. For example, the ReadMe of YAML CPP contains a few example tests.
src/plugins/recursion/README.md
Outdated
#Link to something which does not exist | ||
kdb set /editor/menu/#9/menuref/#0 /editor/menu/#10 | ||
ERR: 199 | ||
Reason: Could not find vertex with #10. Maybe it does not exist yet? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why isn't the term also used in the tutorial?
src/plugins/recursion/README.md
Outdated
Their approach is not array based but name based. | ||
Their reference keyword (`check/recursion/ref`) to other settings is `Entry`. | ||
|
||
They do not use an array based approach though but give names instead. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add a name-based approach or does it confict with the array-based approach?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It doesn't conflict imo, as discussed in your comment below it needs to know if it is a vertex or some arbitrary setting unrelated to the recursive structure. With the array based approach this is clear.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Imho, the array does not make a difference. Without some external knowledge you never know if a string is a reference or a value interpreted otherwise.
src/plugins/recursion/README.md
Outdated
kdb set /editor/AutocorrectOptions/DisplayName "Autocorrect Options" | ||
``` | ||
|
||
This would at least guarantee reusability of settings. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why "at least"? What is missing?
src/plugins/recursion/README.md
Outdated
This would at least guarantee reusability of settings. | ||
|
||
The plugin could theoretically support an arbitrary name instead of an array. But how does the | ||
specification know what is actually a menu entry and what is just some arbitrary other setting. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Metadata?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How could this look like?
I updated the documentation.
Concerning the "named" recursion it would be interesting to have your feedback. |
[b] | ||
``` | ||
|
||
which could cause an error since `a` cannot be loaded as `b` is yet non existent. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This order should not matter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you explain why? How exactly are keys loaded into the kdb?
I assume that it is loaded in the order of the file, i.e. it would be the same if I call kdb set ... in the same order as the config file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The plugins receive a whole keyset and can do whatever they want to do with it. So in the implementation you can lookup if something is present, it does not matter where in the keyset it is.
I redesigned the recursion plugin to only have the "named" approach now. The array approach might be confusing and isn't superior. Now we can easily adopt LCDproc's configuration |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you. Quite some problems in error/specification and METADATA.ini.
doc/METADATA.ini
Outdated
type= enum | ||
description= A check to see if a certain user has correct permissions on a file. Permissions are | ||
either r (read) w (write) x (execute) and any combination of them. | ||
The respective user which must have these permissions is declared in check/permission/user. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if check/permission/user is missing?
[check/permission] | ||
status= idea | ||
usedby/plugin= path | ||
type= enum |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
specify all cases.
doc/METADATA.ini
Outdated
description= A check to see if a certain user has correct permissions on a file. Permissions are | ||
either r (read) w (write) x (execute) and any combination of them. | ||
The respective user which must have these permissions is declared in check/permission/user. | ||
example = "rwx ; rw ; r ; x ; w ; wx" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is not an example, ;
is not allowed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is a valid example? They are all just some descriptions as i can see. I made it more verbose now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The example needs to be something that actually could be a value of the metavalue.
E.g. "rwx" would be a valid example.
doc/METADATA.ini
Outdated
status= idea | ||
usedby/plugin= path | ||
type= string | ||
empty |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
empty or string?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
either or. If empty then the current user is taken, if a string is given it is interpreted as the desired user. It is also written in the description
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
string automatically includes empty. Elektra does not have sum types, so specifying "string empty" does not make sense. (The result would be "empty")
doc/METADATA.ini
Outdated
usedby/plugin= path | ||
type= string | ||
empty | ||
description= Used be check/permission to see if the given user has the correct permissions. If empty |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
empty or non-existent?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't it the same question as above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it is the same problem.
src/error/specification
Outdated
module:network | ||
|
||
number:196 | ||
description:The desired port is already in use. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please be consistent with the already existing errors if you put a . in the end or not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some descriptions have a dot and some do not. Which one should i take now?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, this is something to unify later.
We can also make that sentences get a .
src/error/specification
Outdated
description:Referring to the desired key would lead to an endless loop | ||
severity:error | ||
ingroup:plugin | ||
module:network |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
network or recursive?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
woops, copy and paste error
src/plugins/network/README.md
Outdated
@@ -14,6 +14,8 @@ This plugin is a check plugin that checks if a key contains a valid ip | |||
address. It uses the `POSIX.1-2001` interface `getaddrinfo()` in order | |||
to check if an ip address is valid. | |||
|
|||
The plugin can also check for valid port numbers and if the set port is free to use. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The port should actually also passed to getaddrinfo. Better to rewrite the intro.
src/plugins/network/README.md
Outdated
|
||
## Future Work | ||
|
||
`check/port/ping` to check if the port can be pinged/reached (usually for clients). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe connect is better, as ping somehow implies ICMP.
src/plugins/recursion/README.md
Outdated
``` | ||
|
||
It is not needed to add `/recursive` before every key as it is only possible to choose keys | ||
below this rootkey anyway. Referring to other keys is done by |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
directly below?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small things...
doc/METADATA.ini
Outdated
@@ -682,17 +682,24 @@ description= Support of some standards for a date specification. | |||
[check/permission] | |||
status= idea | |||
usedby/plugin= path | |||
type= enum | |||
type= r |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
enum and then the possibilities
src/error/specification
Outdated
module:recursion |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its better to have a new-line in the end of files.
src/plugins/network/README.md
Outdated
@@ -14,7 +14,9 @@ This plugin is a check plugin that checks if a key contains a valid ip | |||
address. It uses the `POSIX.1-2001` interface `getaddrinfo()` in order | |||
to check if an ip address is valid. | |||
|
|||
The plugin can also check for valid port numbers and if the set port is free to use. | |||
Furthermore `getaddrinfo()` is used in `check/port` to resolve a port by its service name | |||
which is defined under `/etc/services`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and it also transforms to the number?
Hopefully now everything is accordingly. Could you take a look at the new recursion plugin? It just contains a single check metadata now instead of 2. |
@markus2330 I updated the recursion plugin README with results from a talk between me and @Piankero I would also suggest renaming the recursion plugin to I propose:
An example of such reference checking without recursion would be the references to driver configurations in the lcdproc server configuration. I would also suggest either closing this PR entirely and opening separate PRs for the proposed plugins, or at least opening a separate PR for the recursion/reference plugin, to keep things a bit more organized. |
Yes, please let us open a new PR once we decided on the new name. If the checks are not limited to recursive checks, it makes sense to rename it. How can a user distinguish if a reference check is recursive or only a single check? What if we remove the old "struct" check and call the new plugin also "struct"? Is this plugin able to check some arbitrary recursive structure of configuration? Btw. if possible we should avoid "override" because this already has a meaning within Elektra (it is a link to be preferred, see doc/METADATA.ini). |
[/tests/keywithref]
check/reference = ref
[/tests/keywithrec]
check/reference = ref
check/reference/recursive = true Here An alternative would be the following: [/tests/keywithref/ref]
check/reference = single
[/tests/keywithrec/ref]
check/reference = recursive Here the type of Personally I like the second option better. It makes more sense to me to specify the metadata on the actual reference key.
The current proposed plugin would only check references. Checking the remaining structure could simply be done with the [/tests/base/ref]
check/reference = recursive
check/reference/restrict = typeA
[/tests/base/typeA/_/name]
check/type = string
; etc
[/tests/base/typeA/_/size]
check/type = long
; etc The basic idea is to restrict the references to a certain path |
Yes, I also like the second option better.
Good example. Could you please incorporate it into the README? But please continue using typeA (if I understood correctly it is changed to X later in the explanation). |
@markus2330 The problem lies in the Is is a bit difficult to explain: So it is absolutely required that check/permission/user and check/permission/types are both present. I hope I could explain the problem so that it is understandable. Do you have a better solution or do we simply require the coexistence of both metadatas? |
What is "check/permission/types"?
I am not sure if it is fruitless. There are now many kernel extensions (and also file system features) to disallow root to do something. And I would prefer the "current user" and not root as default. And in the "current user" scenario no switching of egid is necessary. If two options are absolutely required so that the plugin can do something useful it is of course possible to demand the presence of both options. Afaik this would be the first plugin, though. |
It is used for the actual permissions, e.g. "rwx"
I wish for the same but when programming I could not circumvent the problem described above. But I have to switch egid since access only checks with one egid active. If you wish I could also demonstrate it on our next Elektra meeting. |
All plugin ideas are now in implementation stage in their respective PR. Closing this PR |
I want to propose 3 new plugin ideas. For the recursion plugin I will need some more advise though from more experienced programmers.