I’m trying to do a comparrison of a setting in a file but it seems the setting exists mutiple times in the same file. As I come to understand, the config works on the last setting defined in the file so I’m looking to pull the setting value of the last iteration of this setting in the config. The file is configured like so:
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
# Set net.ipv4.conf.default.send_redirects to 0 per security requirements
net.ipv4.conf.default.send_redirects = 0
# Set net.ipv4.conf.all.send_redirects to 0 per security requirements
net.ipv4.conf.all.send_redirects = 0
# Set net.ipv4.conf.all.accept_source_route to 0 per security requirements
net.ipv4.conf.all.accept_source_route = 0
# Set net.ipv4.conf.default.accept_redirects to 0 per security requirements
So if there are multiple values of “net.ipv4.conf.default.send_redirects = 0”, I want to select the value defined of the last entry of the config. Here is what I’ve got:
following text of substring "net.ipv4.tcp_max_syn_backlog = " of line whose (it starts with "net.ipv4.tcp_max_syn_backlog") of file "sysctl.conf" of folder "/etc" as integer < 1280
This would give me the answer I want if there was only one entry. How do I determine the value of the last entry and completely ignore the first?
Use single recursion: Find the maximum line number containing the string and then return that line.
(it < 1280) of unique value of (it as trimmed string as integer) of (following text of first "=" of it) of lines whose(it starts with "net.ipv4.tcp_max_syn_backlog" AND ( maximum of line numbers of lines whose(it starts with "net.ipv4.tcp_max_syn_backlog") of files "sysctl.conf" of folders "/etc" ) = line number of it ) of files "sysctl.conf" of folders "/etc"
I prefer to keep things plural as much as possible. If you want to assert that it have a singular result, use unique value of at the very end.
Also, you should not use: "net.ipv4.tcp_max_syn_backlog = " becuase there could be an indeterminate number of spaces around the equals sign. Instead use following text of first “=” of … and then trim the white space using as trimmed string
Also, if white space is ignored in the beginning of the line that sets a setting, then you should use (it as trimmed string starts with “net.ipv4.tcp_max_syn_backlog”) instead.
I figured it would be something like that but wasn’t sure how to narrow it down.
I believe all the files this would apply to were based off an image so the files will likely be identical to each other so I wasn;t concerned about the spaces. I even know which endpoints this relevance should work against so if I run into a result that is too little, I can do further research and adjust. Thanks.
The current consistency with the spaces around the equals sign might be true now, but it probably won’t be in all cases, and probably not forever as it gets edited over time. I try to write relevance so that it works for the majority of cases, not just for this specific file, and not just with the current state. I’d like it to be resilient for the past & future cases as well. Ideally the relevance would be as simple as possible while also handling all valid cases.
I’m pretty sure “keys” grabs the first instance. But with (admittedly little) testing I think we can use the “variables of file” inspector that was mentioned in another thread where I requested a list of keys in a file. “variables of file” handles removing spaces around the equal sign, if present, as well as “trimming” the value if there are leading/trailing spaces. If we concat the results together, we can treat it as one long string:
following texts of lasts "=" of concatenations of variables whose (it starts with ".net.ipv4.tcp_max_syn_backlog") of files "sysctl.conf" of folders "/etc"
Notice the leading dot in front of the variable name; the “variables” inspector prepends the dot to any variable that is “global” or outside of an INI-style [stanza].
Well glad I kicked off the dicussion for archive purposes… turns out I wasn’t getting the results I was hoping for because the line didn’t exist on the endpoints I was expecting it to be misconfigured on.
