Feature Request: dump current policy to standard output
Lockszmith-GH opened this issue · 2 comments
Background
In the blog, the default policy is presented. It also linked to github at https://github.com/ubuntu/zsys/blob/master/internal/config/zsys.conf
Scenario A - convenience
While those two are great, when dealing with zsysctl in the command line, maybe even in a situation where using copy-paste from the web isn't really an option (an offline machine or a physical console), the ability to have zsysctl output the policy would be beneficial.
Scenario B - troubleshooting
Another case would be to make sure the policy has loaded properly, and that whatever changes you've applied to the /etc/zsys.conf file, they have been loaded.
The Suggestion / Request
have a command (say: dump config) that would take whatever current settings are in memory, and dump them into the standard output.
This would allow a command like the one below to quickly generate the zsys.conf file:
zsysctl dump config | sudo tee /etc/zsys.confAnother good point, thanks for the suggestion! Unsure about the command name itself at this point (maybe a child of service to not polluate the root command namespace with "debug" commands?). Maybe something around zsysctl service dump-config or else?
For B/ logs are already telling you this, but that doesn’t invalidate the name of the command.
Sorry for not responding sooner, was 'out-of-it' for a while.
I would agree, the service command block makes much more sense.
I'll be keeping an eye on such an implementation.