Linux : Matching result with a fix variable

(imported topic written by MeeWeeNg91)

Hi All

I am trying to write a Linux property to match the contain of the file /etc/nsswitch.conf

Example : in /etc/nsswitch.conf we have passwd: files nis

How do i write a correct property and audit the file configuration matching the above mention. We do have scenerio that some systems contain might contain addition spacing such as

system1

passwd: files nis

system2

passwd: files nis

system3

passwd: files nis

Thanks

-Mee Wee

(imported comment written by BenKus)

Hi Mee Wee,

You can use regular expressions to deal with this type of issue… We use Boost-style regular expressions… (more info here: http://www.boost.org/libs/regex/doc/syntax_basic.html)

Here is my attempt at solving your problem… you can put this property into an analysis for Linux computers:

(parenthesized parts of matches (regex “passwd:\s*(\w\w\s*)$”) of it ) of lines of file “/etc/nsswitch.conf”

Hope that helps,

Ben

(imported comment written by MeeWeeNg91)

Hi Ben

Thanks for another help. Looks like it returned with no error nor any answer at all if this statement is true or false.

BTW, i am not good at all on Boost.Regex

Thanks

-Mee Wee

(imported comment written by BenKus)

Hi MeeWeeNg,

Do you mind posting the file(s) so I can run tests against it? Also, what version of the BES Client are you running?

Ben

(imported comment written by MeeWeeNg91)

Hi Ben

Attached is the file i have the /etc/nsswitch.conf

(imported comment written by MeeWeeNg91)

Hi Ben

I am running on 6.0 and the rpm is 6.0.16

(imported comment written by BenKus)

Ah crap… I forgot that Unix/Linux agents use POSIX style regular expressions (http://en.wikipedia.org/wiki/Regular_expression#POSIX_extended_regular_expressions)… let me try again:

(parenthesized parts of matches (regex “^passwd:[ ]*(A-Za-z0-9 +)$”) of it ) of lines of file “/etc/nsswitch.conf”

Let me know if that works,

Ben

(imported comment written by MeeWeeNg91)

Hi Ben

Thanks again for the prompt respond.

YES ! It works …

But when i try to put into a analysis property, example :

(parenthesized parts of matches (regex "^passwd:[ ]*(

A-Za-z0-9

+)$") of it ) of lines of file “/etc/nsswitch.conf” as string = “files nis”

It returnes : A singular expression is required.

I wonder why ?

Actually i wanted to do something like this.

if no exists file “/etc/nsswitch.conf” then “Missing file” else if exists file “/etc/nsswitch.conf” and (parenthesized parts of matches (regex "^passwd:[ ]*(

A-Za-z0-9

+)$") of it ) of lines of file “/etc/nsswitch.conf” as string = “files nis” then “PASS” else “Wrong setting”

Thanks

-Mee Wee

(imported comment written by BenKus)

Hey Mee Wee,

The issue with the “singular expression is required” is that you have a plural expression 'parenthesized part

s

', and plural values can’t be compared to a singular value.

You can rewrite it slightly to handle this using a ‘whose’ clause:

(parenthesized parts whose (it as string = “files nis”) of matches (regex “^passwd:[ ]*(A-Za-z0-9 +)$”) of it ) of lines of file “/etc/nsswitch.conf”

And to put it all together:

if (not exists file “/etc/nsswitch.conf”) then “Missing file” else if (exists file “/etc/nsswitch.conf” and (parenthesized parts whose (it as string = “files nis”) of matches (regex “^passwd:[ ]*(A-Za-z0-9 +)$”) of it ) of lines of file “/etc/nsswitch.conf”) then “PASS” else “Wrong setting”

I didn’t test, let us know if that works…

Ben

(imported comment written by MeeWeeNg91)

Hi Ben

I tried to break it to validate,

he what i got

Q: if ( not exists file “/etc/nsswitch.conf”) then “File Missing”

if ( not exists file “/etc/nsswitch.conf”) then “File Missing”

E: This expression could not be parsed.

Q: if ( exists file “/etc/nsswitch.conf” and (parenthesized parts whose (it as string = “files nis”) of matches (regex "^passwd:[ ]*(

A-Za-z0-9

+)$") of it) of lines of file “/etc/nsswitch.conf”) then “PASS” else “FAILED”

if ( exists file “/etc/nsswitch.conf” and (parenthesized parts whose (it as string = “files nis”) of matches (regex "^passwd:[ ]*(

A-Za-z0-9

+)$") of it) of lines of file “/etc/nsswitch.conf”) then “PASS” else “FAILED”

E: A boolean expression is required.

Thanks

-Mee Wee

(imported comment written by BenKus)

Hi Mee Wee,

Oops… I think I forgot the “exists” in the second if clause… sorry… Try this:

if (not exists file “/etc/nsswitch.conf”) then “Missing file” else if ((exists file “/etc/nsswitch.conf”) and (exists (parenthesized parts whose (it as string = “files nis”) of matches (regex “^passwd:[ ]*(A-Za-z0-9 +)$”) of it ) of lines of file “/etc/nsswitch.conf”)) then “PASS” else “Wrong setting”

Hopefully I got that right… I don’t have a linux computer to test on at the moment…

Ben

(imported comment written by MeeWeeNg91)

Hi Ben

Cool ! you get it again !

Thanks alot of help on this property.

-Mee Wee