editing conf file

[chip9munk]

Hi all!

I would like to use conf file to get all the variables in my code. And
it works great. I use the following (simple example):

execfile("example.conf", config)
print config["value1"]

and it works like a charm.

Now the problem is I do not know how to edit the conf file...
let us say that I calculate something and would like to save it in the
conf file so that it is set for the next run of some program.

How do I edit a specific value in the conf file? (I would like to avoid
editing txt if possible)...

I should also mention that I use Python 3.. so some of the solutions I
came across are not compatible...

Thanks!!

 

[chip9munk]

ok, I've got it:
http://docs.python.org/3.1/library/configparser.html

works like a charm!

Sorry for the unnecessary question. :/

 

[rusi]

ok, I've got it:http://docs.python.org/3.1/library/configparser.html

works like a charm!

Sorry for the unnecessary question. :/

Not an issue.

And there may be better options (allows nested sections)
http://www.voidspace.org.uk/python/configobj.html

A more broadbased comparison
http://wiki.python.org/moin/ConfigParserShootout

 

[chip9munk]

And there may be better options (allows nested sections)
http://www.voidspace.org.uk/python/configobj.html

but it does not seem to work with python 3

I have an issue...
configparser has four functions: get, getboolean, getfloat and getint.

how do I get list from cfg file?!

any ideas?

 

[Ulrich Eckhardt]

Am 16.11.2012 13:06, schrieb chip9munk:

I would like to use conf file to get all the variables in my code. And
it works great. I use the following (simple example):

execfile("example.conf", config)
print config["value1"]

and it works like a charm.

This works, but in general importing configuration data by loading and
executing code is a questionable approach. The problem is in particular
that the code parser is always more strict with the syntax than a
configuration file should be. Also, it presents the danger of code
injection, especially when exec'ing or importing untrusted code.

That said, if you really want full programmability inside that
configuration and are aware of the implications, you can do that. In
that case, I would rather call this a Python module though and instead
"from settings.py import *" to import any setting from this module (this
is similar to exec(), but less hack-ish). I use something similar to
import settings for automated tests, but still wouldn't recommend it for
general use.

If you don't want that, use a configuration file parser instead. Python
comes with one, see the section "13.2 Configuration file parser" at
http://docs.python.org/2/library/, which can both read and write simple
configuration files.

I should also mention that I use Python 3.. so some of the solutions I
came across are not compatible...

No you don't, Above code clearly uses a print statement instead of a
print function. Anyhow, concerning the link above, replace the 2 with
a 3 and skip to section 14.2.

Uli

 

[Thomas Bach]

configparser has four functions: get, getboolean, getfloat and getint.

how do I get list from cfg file?!

AFAIK you have to parse the list yourself. Something like

my_list = [ s.strip() for s in cp.get('section', 'option').split(',') ]

if you use a comma as a separator.

Have a look at YAML if this is not enough for you, as I think lists
are supported there. Haven't had a look myself though, yet.

Regards,
Thomas Bach.

 

[chip9munk]

Am 16.11.2012 13:06, schrieb chip9munk:

I would like to use conf file to get all the variables in my code. And
it works great. I use the following (simple example):

execfile("example.conf", config)
print config["value1"]

and it works like a charm.

This works, but in general importing configuration data by loading and
executing code is a questionable approach. The problem is in particular
that the code parser is always more strict with the syntax than a
configuration file should be. Also, it presents the danger of code
injection, especially when exec'ing or importing untrusted code.

huh... ok, the thing is that there will actually be no code in the
config file, just some variables and values.. it will be more like a
"setting file"... so no execution of the config file is necessary, just
getting and setting variables...

That said, if you really want full programmability inside that
configuration and are aware of the implications, you can do that. In
that case, I would rather call this a Python module though and instead
"from settings.py import *" to import any setting from this module (this
is similar to exec(), but less hack-ish). I use something similar to
import settings for automated tests, but still wouldn't recommend it for
general use.

thank you for the tip!

If you don't want that, use a configuration file parser instead. Python
comes with one, see the section "13.2 Configuration file parser" at
http://docs.python.org/2/library/, which can both read and write simple
configuration files.

yes I will use it

No you don't, Above code clearly uses a print statement instead of a
print function.

Yes i do i just did not c/p code from my script but from some webpage
) i have print (config["value1"])

Anyhow, concerning the link above, replace the 2 with
a 3 and skip to section 14.2.

thank you i am using configparser... the only problem as i mention in
another post is that it reads lists as string... so some additional
parsing is necessary..

thanks!

 

[chip9munk]

configparser has four functions: get, getboolean, getfloat and getint.

how do I get list from cfg file?!

AFAIK you have to parse the list yourself. Something like

my_list = [ s.strip() for s in cp.get('section', 'option').split(',') ]

if you use a comma as a separator.

yes i guess this is needed, thanks!

Have a look at YAML if this is not enough for you, as I think lists
are supported there. Haven't had a look myself though, yet.

I will check it out!

Thank you!

 

[Tim Chase]

configparser has four functions: get, getboolean, getfloat and getint.

how do I get list from cfg file?!

AFAIK you have to parse the list yourself. Something like

my_list = [ s.strip() for s in cp.get('section', 'option').split(',') ]

if you use a comma as a separator.

For slightly more complex option text, you can use the CSV module to
do the heavy lifting, so if you have something like

[section]
option="one, one, one",two,3

then you can have Python give you

my_list = next(csv.reader([cp.get("section", "option")]))

or alternatively use the shlex module and separate them like shell
options:

[section]
option="one, one, one" two 3

then do

my_list = list(shlex.shlex(cp.get("section", "option")))

Or yet one more way using Python list syntax for literals:

[section]
option=["one, one, one", "two", 3]

and get them with

my_list = ast.literal_eval(cp.get("section", "option))

Lots of fun (and batteries-included) ways depending on how you want
to represent the list in the config file and what sorts of data it
can contain.

-tkc

 

[Roy Smith]

in general importing configuration data by loading and
executing code is a questionable approach. The problem is in particular
that the code parser is always more strict with the syntax than a
configuration file should be. Also, it presents the danger of code
injection, especially when exec'ing or importing untrusted code.

huh... ok, the thing is that there will actually be no code in the
config file, just some variables and values.. it will be more like a
"setting file"... so no execution of the config file is necessary, just
getting and setting variables...

I've been using django for the past couple of years, and I have to say
I'm really addicted to their style of executable config files. The
ability to put conditional logic in your settings.py file is extremely
powerful. Even simple stuff like:

DEBUG = songza.config['build_type'] != 'production'

adds value.

But, yes, Ulrich is 100% correct that it can lead to code injection
attacks if you allow reading configs from untrusted sources. Like all
powerful tools, it needs to be used with care.

These days, if I was writing something that needed a config file and I
didn't want to do "import settings" for whatever reason, I would go with
YAML. It seems to give an attractive mix of:

* supporting complex data structures
* easy to for humans to hand-edit
* easy for humans to read
* safe from code injection attacks

 

[rusi]

These days, if I was writing something that needed a config file and I
didn't want to do "import settings" for whatever reason, I would go with
YAML.  It seems to give an attractive mix of:

* supporting complex data structures
* easy to for humans to hand-edit
* easy for humans to read
* safe from code injection attacks

+1 except for a caveat on the last:
Use safe_load and safe_dump.
dump and load are vulnerable to code injection attacks