[Oneiric-Topic] Augeas Integration

Raphaël Pinson raphink at ubuntu.com
Fri Apr 1 11:05:23 UTC 2011


In a (more or less) related subject to the Puppet integration thread,
I would like to raise the idea of integrating Augeas [0] deeper in

Augeas is a unified configuration API which allows to parse and modify
configuration files using XPath expressions. It features a C API,
bindings for many languages (Python, Ruby, Perl, Haskell, Java, PHP,
etc.) and a command line utility called augtool. The Ruby bindings
have been used to provide a native Augeas Puppet type since Puppet

Augeas works by using bidirectional pieces of code called lenses. A
lens is a grammar file which allows to parse a configuration file
format and turn it into a tree, and then take a modified tree and
write it back to the configuration files. Lenses ensure that only
proper trees are written back to files, i.e. the syntax of the file
written by Augeas is ensured by the lens.

Currently, 90+ lenses are provided by Augeas. On a rather standard
Lucid machine I have at work, Augeas is able to parse 141 files and
produces 8054 nodes:

rpinson at rpinson:~$ augtool match /augeas/files//path | wc -l
rpinson at rpinson:~$ augtool print /files | wc -l

On the long run, Augeas is not meant to provide all these lenses, but
instead we would like lenses to be shipped with each project, as a
standard parsing and writing facility for configuration files across
Unix systems. This would allow for example to bind the lenses with the
version of the program providing the configuration files, ensuring
that the lens parses and writes the proper configuration stanzas for
the given version.

This journey of sending lenses upstream and making Augeas a standard
has to begin somewhere, and I'm suggesting to make it begin in Ubuntu,
by including the lenses in each package they are related to.

For example, the mysql.aug lens would be provided by the mysql-common
package, and the httpd.aug package would be provided by
apache2.2-common, etc. I would be happy to train package maintainers
willing to take that step so they can maintain the lenses and make
them evolve with time, or even send them to their upstream if they

I would like to go even a step further in Ubuntu (and Debian if
possible). Debian Policy, which Ubuntu developers follow, states
(section 10.7.4, "Sharing configuration files" [1]):

``One of the related packages (the "owning" package) will manage the
configuration file with maintainer scripts as described in the
previous section.

The owning package should also provide a program that the other
packages may use to modify the configuration file.

The related packages must use the provided program to make any desired
modifications to the configuration file. They should either depend on
the core package to guarantee that the configuration modifier program
is available or accept gracefully that they cannot modify the
configuration file if it is not. (This is in addition to the fact that
the configuration file may not even be present in the latter

There are few packages currently that provide a program to manage
their configuration files, making it hard for other packages to tune
system configuration. One of the workarounds that are implemented in
quite a few packages is to allow 'foo.d'  kind of directories (e.g.
sudoers.d, xinetd.d, pam.d, etc.). This allows packages to drop their
configuration file without affecting other files, but it doesn't allow
them to modify generic parameters.

Once packages are shipped with their own Augeas lens, I suggest that
policy could be adapted to allow the use of Augeas lenses provided by
the owning packages as an alternative to using a program. This would
allow for much more freedom to safely manipulate configuration files
in package maintainer scripts.

What are your thoughts on the subject?



[0] http://www.augeas.net
[1] http://www.debian.org/doc/debian-policy/ch-files.html#s10.7.4

More information about the ubuntu-server mailing list