Site Navigation

Date:      Fri, 20 Nov 2015 14:36:37 -0500
From:      "Michael B. Eichorn" <ike@michaeleichorn.com>
To:        Allan Jude <allanjude@freebsd.org>, freebsd-hackers@freebsd.org
Subject:   Re: libUCL / UCL as FreeBSD config question
Message-ID:  <1448048197.2765.74.camel@michaeleichorn.com>
In-Reply-To: <564F6118.5030702@freebsd.org>
References:  <5B598F72-C5DD-48FD-866D-F90E117D646E@rdsor.ro> <564F6118.5030702@freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
On Fri, 2015-11-20 at 13:06 -0500, Allan Jude wrote:
> 
> Although some limitation in libucl mean that, if you have a config
> that
> has comments in it, the comments are lost, as they are not
> represented
> in the in-memory version of the object that then gets serialized for
> output. If you treat the config files as a database, then this is
> fine,
> but if the user expects to still hand edit them with an editor, this
> is
> a fairly big POLA violation.
> 

Even if someday we stop editing by hand, comments are far to useful
IMHO to drop yet. Context is very important to what we do, and
sometimes keys are just to cryptic.

I think I see two ways to avoid the POLA violation (but I am still
rather new at this so be gentle)

1) Add special keys for use in memory 'value' and 'comment' such that
the file:

FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  # A comment about fingerprints
  # More comments
  fingerprints: "/usr/share/keys/pkg", # an inline comment
  enabled: yes
}

becomes in memory:

FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
 
mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: {
 
  value: "/usr/share/keys/pkg"
    comment: {
      above: "A comment
about fingerprints\nMore comments"
      inline: "an inline comment"
   
}
  }
  enabled: yes
}

uclcmd should just return value like:

# uclcmd get -f /etc/pkg/FreeBSD.conf FreeBSD.fingerprints

returns
/usr/share/keys/pkg

unless the comment (C?) flag is used:
# uclcmd get -f -C /etc/pkg/FreeBSD.conf FreeBSD.fingerprints

returns
# A comment about fingerprints
# More comments
/usr/share/keys/pkg	# an inline comment

Finally if uclcmd set is used, if the session is interactive, ask the user what to do about the existing comment. If not append a note of the change to the comment so that the file becomes:

FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  # A comment about fingerprints
  # More comments
  ## Comments may be outdated, non-interactive edit 20151120T1400
  ## /usr/share/keys/pkg -> /root/keys/pkg
  fingerprints: "/root/keys/pkg", # an inline comment
  enabled: yes
}

2) Assume everything can be commented, everything gets an extra pointer for a potential comment string. Output all comments as the 'above' style (bonus: comments become predictible in style). Same uclcmd behavior as described above.

The above are just ideas (and I know next to nothing about the guts of libucl), but I think comments are important, if this or something else works I am willing to help with the implementation.

Regards,
Ike
[-- Attachment #2 --]
0�	*�H��

��0�

10
	`�H
e
0�	*�H��


���0�00��
]�0
	*�H��


0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0
150613202446Z
160614003550Z0H10Uike@michaeleichorn.com1%0#	*�H��

	
ike@michaeleichorn.com0�
"0
	*�H��



�
0�

�

�UՀ,���k9�D �%�Z|�Y6J<���r���rK��
�g�;&���|����uN�lUE9�)�V�.[ט�̊�:q�S]�(�#v�SYDz�*���C�p�u���g�Yݔ����,�v��<`�j(���w�����
aS��#�ڒ6�n�(K�5�'K�V�LåE�rv�<J��=�[�}W
�b��LA%g�ޭnV���b�|�����	I��?M7D�:�$�����׃��b���M��_T�[�,��ƃ�\��

���0��0	U00U�0U%0+
+
0U�jj�:	�γ����+39�啖0U#0�Sr풜���
\|~�5N�ԸQ�0!U0�ike@michaeleichorn.com0�
LU �
C0�
?0�
;+

��7
0�
*0.+

"http://www.startssl.com/policy.pdf0��+
0��0' StartCom Certification Authority0

��This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.06U/0-0+�)�'�%http://crl.startssl.com/crtu1-crl.crl0��+


��009+
0
�-http://ocsp.startssl.com/sub/class1/client/ca0B+
0�6http://aia.startssl.com/certs/sub.class1.client.ca.crt0#U0�http://www.startssl.com/0
	*�H��


�

x+Ȑ��F}�pw��.�X�vF��?�r�g����
�P�]EO�p��)L˻���y�A�
;h�i0�u2��]�m ���[Sb�p$_�
���g��r���
X��m*�YP��3#���H>�m�KAǠt�)�HO|�=@}�3���ӝ
��'iO81��>��03	v'h�5U�
"H��;��E�CZtp��җ4rWHu�^�6+i*�k��JL8sh��AV�|5��;?HM�����c\�	�j[��j���|�+0�00��
]�0
	*�H��


0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0
150613202446Z
160614003550Z0H10Uike@michaeleichorn.com1%0#	*�H��

	
ike@michaeleichorn.com0�
"0
	*�H��



�
0�

�

�UՀ,���k9�D �%�Z|�Y6J<���r���rK��
�g�;&���|����uN�lUE9�)�V�.[ט�̊�:q�S]�(�#v�SYDz�*���C�p�u���g�Yݔ����,�v��<`�j(���w�����
aS��#�ڒ6�n�(K�5�'K�V�LåE�rv�<J��=�[�}W
�b��LA%g�ޭnV���b�|�����	I��?M7D�:�$�����׃��b���M��_T�[�,��ƃ�\��

���0��0	U00U�0U%0+
+
0U�jj�:	�γ����+39�啖0U#0�Sr풜���
\|~�5N�ԸQ�0!U0�ike@michaeleichorn.com0�
LU �
C0�
?0�
;+

��7
0�
*0.+

"http://www.startssl.com/policy.pdf0��+
0��0' StartCom Certification Authority0

��This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.06U/0-0+�)�'�%http://crl.startssl.com/crtu1-crl.crl0��+


��009+
0
�-http://ocsp.startssl.com/sub/class1/client/ca0B+
0�6http://aia.startssl.com/certs/sub.class1.client.ca.crt0#U0�http://www.startssl.com/0
	*�H��


�

x+Ȑ��F}�pw��.�X�vF��?�r�g����
�P�]EO�p��)L˻���y�A�
;h�i0�u2��]�m ���[Sb�p$_�
���g��r���
X��m*�YP��3#���H>�m�KAǠt�)�HO|�=@}�3���ӝ
��'iO81��>��03	v'h�5U�
"H��;��E�CZtp��җ4rWHu�^�6+i*�k��JL8sh��AV�|5��;?HM�����c\�	�j[��j���|�+0�40��

0
	*�H��


0}10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1)0'U StartCom Certification Authority0
071024210155Z
171024210155Z0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0�
"0
	*�H��



�
0�

�

�	���-��)�.����2����A�UG��o��#G�
�B|N�D�����Rp�M-��B��=o���-�we�5��J�Qpa>O��.�#������.���_�<���V��
[~�*��*�p�z��~�3�W�G�.ᘟ����Ml�r[�<C�e�6���f����q������O���"��u��xf�WN�#�u����i���c�gk��v$����Lb�%�������y��`�����_�{`���xK'G�N��

��
�0�
�0U

�0

�0U

�
0USr풜���
\|~�5N�ԸQ�0U#0�N��@[�i�0�4hC�A��0f+


Z0X0'+
0
�http://ocsp.startssl.com/ca0-+
0�!http://www.startssl.com/sfsca.crt0[UT0R0'�%�#�!http://www.startssl.com/sfsca.crl0'�%�#�!http://crl.startssl.com/sfsca.crl0��U y0w0u+

��7

0f0.+

"http://www.startssl.com/policy.pdf04+

(http://www.startssl.com/intermediate.pdf0
	*�H��


�

�}x�,\�c�^��#wM�q�}��>UK/��^y��X֏y	����f�rMIŲ�B6�1ymQ󸟆�ҨݬZ���0���&��;�@��#13qۑ��&	��̢����
��o�	6�r��_��;�GO>*I�(	7�4���XS1r3��)!�LJ�y��6Ko����tˆ#
_�w�S�r���
�;�B
A�Dp�(f��s�������䰷6%�����.W0J3�:b�C�<�8t X����1�<��C��n�=�����t==�wS���T������~���\�wkB�f�|1��5���zU��P)��(���I��j��VB��!����OfI=b
��b�\4�-*em��/нSJm�7���N�����[�]'��@ڽ��D9�Kr>���R��7/��|�o���^I@�ټ'��Pa$ z��9�a'L�)��(�
�I��}v��c�H]�۸�D����*�W�}
m�>Q����|�C.�(,�l��Q�1�0�{

0��0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]�0
	`�H
e
��
�0	*�H��

	1	*�H��


0	*�H��

	1
151120193637Z0/	*�H��

	1" ăe6g�G_���d�f�&sgך�i��$�O0��	+

�71��0��0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]�0��*�H��

	1�����0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]�0
	*�H��



�
CnK�A�J�&H�:q��'�кP��;����v_O�Z�̄�j8x�[�G�[0c�hO��v�'VM��v-�buC�u���`g�Y31�Nؑ���t�Ķv���u"��Ner�TI��8�5'��{٦EXny�|^����\�>b�[$���G愚�` �����VZ����}�����k�i�Lh3���C��qv�y�|mc3�rx�LG+\r
z0єRJX�~�1w�l���ep���)��@�Ѵ6~�{�

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1448048197.2765.74.camel>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact