Re: What config file for a .pm perl module ?
On Thu, Dec 27, 2001 at 09:19:16AM -0600, Steve Langasek wrote:
> On Thu, Dec 27, 2001 at 02:18:15PM +0100, Eric Van Buggenhaut wrote:
> > Hi,
>
> > I'm currently packaging libdbix-password-perl.
>
> > The upstream code requires the administrator to introduce the user
> > data (username, password, port, database, etc.) in the same Password.pm file,
> > which looks horrible to me.
>
> > So my idea is to create a config file in /etc sourced by the module. I
> > have never done this though, so I ask all Perl Mongers out there:
>
> > - what should the file be called ? /etc/Password.conf ?
>
> > - how should I source it from within the perl module ?
>
> Although creating perl config files that can be sourced is a very quick
> and easy way to make use of config files in perl (since your parser is
> already built-in), I've always considered it a somewhat hackish
> approach. Certainly, anyone not familiar with perl programming can
> easily break your script beyond all recognition just by incorrectly
> editing the sourced config file, in the process making it impossible for
> you to generate your own warning/error messages (well, without a fair
> deal of effort :). In addition, we occasionally get hosting customers
> here who want to have CGIs that use sourced config files, with other
> CGIs to edit those config files -- which means a clever attacker who was
> able to guess or learn the admin password could arbitrarily change the
> CGIs to do his bidding. Probably not an issue with what you're doing
> in your package, but it's definitely not something we want happening on
> a virtualhosting webserver. :)
>
> My own approach? Write your own parser for a simple 'key = value' style
> config file. This can usually be done in ten lines or less[1] using
> perl's powerful regexp engine.
>
The key=value strategy may not work in my case because I must generate
a hash of hashes, this style:
my $virtual1 = {
'acs' => {
'username' => 'root',
'password' => 'o.e,13',
'port' => '',
'database' => 'acs',
'attributes' => {},
'connect' => 'DBI:mysql:database=acs;host=localhost',
'driver' => 'mysql',
'host' => 'localhost'
},
'personales' => {
'username' => 'root',
'password' => 'v.rc,3',
'port' => '',
'database' => 'acs',
'attributes' => {},
'connect' => 'DBI:mysql:database=PaginasPersonales;host=
localhost',
'driver' => 'mysql',
'host' => 'localhost'
},
};
I wanted to be able to use a config file similar to /etc/passwd like:
#This is the list of users needed by DBIx::Password
#(/usr/lib/perl5/DBIx/Password.pm)
#
#Syntax is:
#host:username:password:port:database:attributes:connect:driver:host
#
#You can use simple quotes when field contains colon(s)
acs:root:op.re,13::acs:{}:'DBI:mysql:database=acs:host=localhost':mysql:localhost
personales:root:op.re,13::acs:{}:'DBI:mysql:database=PaginasPersonales:host=localhost':mysql:localhost
And wrote the parser:
#!/usr/bin/perl -w
#open (IN,"/etc/dbix-password.conf");
open (IN,"dbix-password.conf");
while (<IN>) {
next if (/^#/ || /^$/);
@host = m/:?([^':]*)||:?'([^']*)'/g;
foreach (@host) {print "$_ "};
print "\n";
}
close IN;
But this misteriously matches empty fields and I haven't been able to find out where my parser fails ... Something like that:
acs root op.re,13 acs {} DBI:mysql:database=acs:host=localhost mysql localhost
personales root op.re,13 acs {} DBI:mysql:database=PaginasPersonales:host=localhost mysql localhost
So if anyone has an idea ...
Thanks to all people who helped me.
--
Eric VAN BUGGENHAUT "Hay tampones y tampones ..."
(Eva Serrano)
\_|_/ Andago
\/ \/ Av. Santa Engracia, 54
a n d a g o |-- E-28010 Madrid - tfno:+34(91)2041100
/\___/\ http://www.andago.com
/ | \ "Innovando en Internet"
eric@andago.com
Reply to: