Configuration File Validation Check

adminResourcesLeave a Comment

Looking for a way to validate a certain configuration file? We have compiled a list of configuration validation commands of popular software. We hope you find the list useful. If you know of a software or command that's not in our list, please let us know so we can add it.

If you are looking for a way to manage your configuration files, please check out Config.

Ansible

ansible-playbook --check will not make any changes on remote systems. Any module instrumented to support "check mode" will report what changes they would have made rather than making them.

Command:

ansible-playbook sample.yml --check

Apache HTTP Server

configtest runs a configuration file syntax test. It parses the configuration files and either reports Syntax Ok or detailed information about the particular syntax error.

Commands:

apachectl configtest
apachectl -t
httpd -t

BIND

named-checkconf checks the syntax, but not the semantics, of a named configuration file. named-checkzone checks the syntax and integrity of a zone file.

Commands:

named-checkconf
named-checkconf /etc/named.conf
named-checkzone domain.com /var/named/zone.domain.com

CoreOS

The online tool validates the Ignition and coreos-cloudinit configs used with CoreOS Container Linux servers.

Tool: https://coreos.com/validate
Documentation: https://coreos.com/validate

CUPS

cupsd -f -t runs cupsd in the foreground and tests the configuration file for syntax errors.

Commands:

cupsd -f -t
cupsd -f -t -c cupsd.conf

DHCP

dhcpd -t will test the configuration file for correct syntax, but will not attempt to perform any network operations. dhcpd -T can be used to test the lease database file in a similar way.

Commands:

dhcpd -t
dhcpd -t -cf dhcpd.conf
dhcpd -T

Docker Compose

docker-compose config validates the Docker Compose file.

Command:

docker-compose -f docker-compose.yml config

Exim

exim -bV checks that the configuration file is syntactically valid.

Command:

exim -bV

Fluentd

fluentd --dry-run checks the Fluentd configuration without plugins start.

Command:

fluentd --dry-run -c fluent.conf

HAProxy

haproxy -c checks the config file and exits with code 0 if no error was found, or exits with code 1 if a syntax error was found.

Command:

haproxy -c -f haproxy.cfg

JSON

python -m json.tool provides a simple command line interface to validate and pretty-print JSON objects.

Command:

python -m json.tool sample.json > /dev/null

Kickstart

ksvalidator verifies the syntax of a kickstart file, a text file that contains configuration information for a Red Hat Enterprise Linux installation.

Command:

ksvalidator -i

Lighttpd

lighttpd -t tests the configuration file for syntax errors and exits.

Command:

lighttpd -t -f lighttpd.conf

monit

monit -t run the syntax check for the control file.

Command:

monit -t

MySQL

mysqld --help --verbose checks the MySQL configuration.

Command:

mysqld --help --verbose 1>/dev/null

Nagios

nagios -v verifies the information in the configuration files. Nagios will not start monitoring any hosts.

Commands:

nagios -v
nagios -v nagios.cfg

NGINX

nginx -t checks the configuration file for correct syntax and tries to open files referred in configuration. gixy is a NGINX configuration static analyzer.

Commands:

nginx -t
nginx -t -c nginx.conf
gixy

OpenNTPD

ntpd -n runs Configtest mode. It only checks the configuration file for validity.

Command:

ntpd -n

OpenLDAP

slapd -Tt tests whether the configuration file is correct or not.

Commands:

slapd -Tt
slapd -Tt -f /etc/openldap/slapd.conf

PHP

php -i shows PHP information.

Command:

php -i

Postfix

postfix check warns about bad directory/file ownership or permissions, and creates missing directories.

Command:

postfix check

PostgreSQL

pg_ctl reload sends the postgres process a SIGHUP signal, causing it to reread its configuration files (postgresql.conf, pg_hba.conf). Validation errors will prevent the config from being reloaded, and errors will be logged into the Postgres log file.

Command:

pg_ctl reload

Puppet

puppet parser validate validates the syntax of one or more Puppet manifests. It validates the Puppet DSL syntax without compiling a catalog or syncing any resources.

Commands:

puppet parser validate
puppet parser validate manifest.pp

Rsyslogd

rsyslogd -N 1 checks the configuration file for correctness. This option is meant to verify a config file.

Command:

rsyslogd -N 1 -f /etc/rsyslog.conf

Samba

testparm is a simple test program to check an smbd configuration file for internal correctness.

Command:

testparam -s

Splunk

splunk cmd btool check checks for typos in stanza and setting names. This is the same conf checker that runs on splunk start.

Command:

splunk cmd btool check

Squid

squid -k parse verifies the squid.conf file is valid.

Command:

squid -k parse

SSH

sshd -t is test mode. Only checks the validity of the configuration file and sanity of the keys. sshd -T is extended test mode. Checks the validity of the configuration file, outputs the effective configuration to stdout and then exits.

Commands:

sshd -t
sshd -T

Syslogd

syslogd -d turns on debug mode, and writes much debug information on the current tty.

Commands:

syslogd -d
syslogd -d -f /etc/syslog.conf

syslog-ng

syslog-ng -s verifies the syslog-ng configuration file is syntactically correct and exits.

Commands:

syslog-ng -s -f syslog-ng.conf
syslog-ng --syntax-only --cfgfile=syslog-ng.conf

tcpd

tcpdchk examines your tcp wrapper configuration and reports all potential and real problems it can find.

Command:

tcpdchk

Terraform

terraform validate validates the syntax of the terraform files. Terraform performs a syntax check on all the terraform files in the directory.

Command:

terraform validate

Travis

travis lint validates a .travis.yml reduces common build errors such as invalid YAML, missing language keys and unsupported runtime versions.

Command:

travis lint .travis.yml

Varnish

varnishd -C compiles the vlc file and if there's a problem, displays a compiler error.

Command:

varnishd -C -f sample.vlc

vsftpd

vsftpd olisten=NO starts vsftpd and runs the configuration check, without listening on the network.

Command:

vsftpd olisten=NO

XML

xmllint --schema validates an XML file against an XML schema. xmllink is part of libxml.

Command:

xmllint --noout --schema sample.xsd sample.xml

Xorg

Xorg -config tests manually created Xorg configuration files.

Command:

Xorg -config xorg.conf

YAML

yaml.rb module provides a Ruby interface for data serialization in YAML format.

Command:

ruby -e "require 'yaml'; puts YAML.load_file('./data.yaml')"

We will update the page as we learn of more commands. If you know of any configuration validation commands from popular software that we missed, please add them to the comments below.

Leave a Reply

Your email address will not be published. Required fields are marked *