$darkmode
Elektra 0.11.0
|
Configuration in <abbr title="Free/Libre and Open Source Software">FLOSS</abbr> unfortunately is often stored completely without validation. Notable exceptions are sudo (visudo
), or user accounts (adduser
) but in most cases you only get feedback of non-validating configuration when the application fails to start.
Elektra provides a generic way to validate any configuration before it is written to disc.
Any of Elektra's user interfaces will work with the technique described in this tutorial, e.g.:
kdb qt-gui
: graphical user interfacekdb editor
: starts up your favorite text editor and allows you to edit configuration in any syntax. (generalization of visudo
)kdb set
: manipulate or add individual configuration entries. (generalization of adduser
)The most direct way to validate keys is
The approach is not limited to validation via regular expressions, but any values-validation plugin can be used, e.g. type. For a full list refer to the section "Value Validation" in the list of all plugins.
Note that it's also easy to write your own (value validation) plugin.
The drawbacks of this approach are:
check/validation
) needs to be stored next to the key which won't work with most configuration files. This is the reason why we explicitly used dump
as storage in kdb mount
.These issues are resolved straightforward by separating the configuration from its configuration specification (often called schemata in XML or JSON). The purpose of the spec namespace is to hold the configuration specification, i.e., the description of how to validate the keys of all other namespaces.
To make this work, we need a plugin that applies all metadata found in the spec
-namespace to all other namespaces. This plugin is called spec
and needs to be mounted globally (will be added by default and also with any kdb global-mount
call).
Before we start, let us make a backup of the current data in the spec and user namespace:
We write metadata to the namespace spec
and the plugin spec
applies it to every cascading key:
But it also supports globbing (_
for any key, ?
for any char, []
for character classes):
So let us combine this functionality with validation plugins. So we would specify:
If we now set a new key with
this key has adopted all metadata from the spec namespace:
Note that this key should not have passed the validation that we defined in the spec namespace. Nonetheless we were able to set this key, because the validation plugin was not active for this key. On that behalf we have to make sure that the validation plugin is loaded for this key with:
This mounts the backend tutorial.dump
to the mount point **/tests/spec** and activates the validation plugin for the keys below the mount point. The validation plugin now uses the metadata of the keys below **/tests/spec** to validate values before storing them in tutorial.dump
.
If we try setting the key again, we will get an error:
However, if we add a key that adheres to the validation rules, it will work:
Although this is better than defining metadata in the same place as the data itself, we can still do better. The reason for that is that one of the aims of Elektra is to remove the trouble of validation and finding the files that hold your configuration from the users. At the moment a user still has to know which files should hold the configuration and which plugins must be loaded when they mount configuration files.
This problem can be addressed by recognizing that the location of the configuration files and the plugins that must be loaded is part of the schema of our configuration and therefore should be stored in the spec namespace.
We call the files, that contain a complete schema for configuration below a specific path in form of metadata, Specfiles.
A Specfile contains metadata, among others, that defines how the configuration settings should be validated.
Let us create an example Specfile in the dump format, which supports metadata. Although the specfile is stored in the dump format, we can still create it using the human-readable ni format by using kdb import
(note that the \\
are due to Markdown Shell Recorder, do not copy them to your shell):
We now have all the metadata that we need to mount and validate the data below /tutorial
in one file.
For a description which metadata is available, have a look in METADATA.ini.
Now we apply this Specfile to the key database to all keys below tests/tutorial
.
This command automatically mounts /tests/tutorial
to the backend tutorial.dump
. Furthermore it adds all plugins necessary for all metadata within the specification. So in this example the validation plugin will be loaded automatically for us. spec-mount
basically does a normal mount except that it automatically selects plugins. As a result there is no spec-umount
command since the normal umount
is sufficient.
Please be aware that if you require many plugins for the same mount point, you can run into this error.
Note that the backend tutorial.dump
is mounted for all namespaces:
If you want to go without validation, you can work around that by setting the keys with the -f
(--force
) option:
Up to now we only discussed how to reject keys that have unwanted values. Sometimes, however, applications require the presence or absence of keys. There are many ways to do so directly supported by the spec plugin. Another way is to trigger errors with the error plugin:
If we want to reject every optional key (and only want to allow required keys) we can use the plugin required
as further discussed below.
Before we look further let us undo the modifications to the key database.
To check if an existing set of keys can be read and written with the current validation rules kdb validate
should be used. Validate will read the values of all string keys under the point defined as argument in the command line, sets the key value to something different, then back to the original and finally writes that original value back to the key database. All loaded validation plugins are now used to validate the values of keys with the necessary meta-keys (see above).
Only string keys are validated! Binary keys are skipped!