CFEngine considers files writable by other users a security exception. A save hook to ensure restrictive permissions can be very useful to avoid these kinds of errors.
4.8 KiB
4.8 KiB
CFEngine layer
Description
This layer makes working with CFEngine policy easier:
- Syntax highlighting
- On the fly syntax checks
- Auto completion
Install & Configuration
Add cfengine
to the dotspacemacs-configuration-layers
in your ~/.spacemacs
to use this layer.
For working with CFEngine policy I highly recommend the syntax-checking
, and
auto-completion
layers.
Here is an example:
(defun dotspacemacs/layers ()
"Configuration Layers declaration.
You should not put any user code in this function besides modifying the variable
values."
(setq-default
dotspacemacs-configuration-layers
'(
;; ----------------------------------------------------------------
;; Example of useful layers you may want to use right away.
;; Uncomment some layer names and press <SPC f e R> (Vim style) or
;; <M-m f e R> (Emacs style) to install them.
;; ----------------------------------------------------------------
;; ----------------------------------------------------------------
;; CFEngine Related Layers
;; ----------------------------------------------------------------
cfengine
syntax-checking
auto-completion
;; ----------------------------------------------------------------
;; Other Userful Layers
;; ----------------------------------------------------------------
git
github
markdown
org
spell-checking
)
;; Delete whitespace while saving buffer. Possible values are `all'
;; to aggressively delete empty line and long sequences of whitespace,
;; `trailing' to delete only the whitespace at end of lines, `changed'to
;; delete only whitespace for changed lines or `nil' to disable cleanup.
;; (default nil)
;;
;; ----------------------------------------------------------------
;; This is conservative, if you want to cleanup traling whitespace
;; left by the efforts from others consider setting it to `trailing'.
;; ----------------------------------------------------------------
dotspacemacs-whitespace-cleanup 'changed
;; ----------------------------------------------------------------)
(defun dotspacemacs/user-config ()
"Configuration function for user code.
This function is called at the very end of Spacemacs initialization after
layers configuration. You are free to put any user code."
;; ----------------------------------------------------------------
;; Function to set permissions to 600
;; - Helps avoid errors
;; - =error: File ./example.cf (owner 1000) is writable by others (security exception)=
;; ----------------------------------------------------------------
(defun cfengine-permissions-policy-owner-only ()
"If file starts with a shebang, make `buffer-file-name' executable"
(save-excursion
(set-file-modes buffer-file-name #o600)
(message (concat "Made " buffer-file-name " accessibly only by the owner (600)."))))
;; ----------------------------------------------------------------
;; Enable line numbering for CFEngine policy files
;; Automatically set permissions on save
;; ----------------------------------------------------------------
(add-hook 'cfengine3-mode-hook
(lambda ()
(linum-mode 1)
(add-hook 'after-save-hook 'cfengine-permissions-policy-owner-only nil 'make-it-local)))))
;; ----------------------------------------------------------------
;; "Easy template" for quickly inserting cfengine3 code blocks in
;; org-mode. Simply type =<cfe= and then press TAB
;; ----------------------------------------------------------------
(eval-after-load 'org
'(progn
(add-to-list 'org-structure-template-alist
'("cfe" "#+begin_src cfengine3\n?\n#+end_src"))))
;; ----------------------------------------------------------------)
Use M-x customize-group RET cfengine
to customize CFEngine Mode.
If you like attributes to be intended from the promiser set Indentation amount
from anchor
to 2
. For example:
bundle agent main
{
vars:
"promiser"
string => "value",
comment => "Indented 2 spaces from promiser";
}
Key bindings
Key Binding | Description |
---|---|
<SPC> m j |
Reformats JSON string |