remove colon if value is None

[wardancer84]

hey,

i have this comprehension...

extracted_tags = [li['tags'] for li in rule["commands"] if li['tags'] is not None]

works perfectly, thing is this sometimes (when results is None) leaves a lonesome colon in the output...

sag0194 root ALL=(ALL) : ALL

i would be very grateful if someone can tell me how to extend my comprehension to remove this colon.

beware, this should NOT trigger if the output is like this...alphanums before the colon are allowed

sag0193 XSCHED_STAFF ALL=(root) NOPASSWD: SU_BAT, SU_JB19

chris

[ibreeden]

Could you show us an example of the contents of rule["commands"] ? With at least one normal entry and a "None" entry.

[wardancer84]

Could you show us an example of the contents of rule["commands"] ? With at least one normal entry and a "None" entry.

[{'run_as': ['ALL'], 'tags': ['NOPASSWD'], 'command': 'ALL'}]

[{'run_as': ['ALL'], 'tags': None, 'command': 'ALL'}]

[ibreeden]

I tried your inputs against your list comprehension but I see no colon in both cases.

>>> aa = [{'run_as': ['ALL'], 'tags': ['NOPASSWD'], 'command': 'ALL'}]
>>> bb = [{'run_as': ['ALL'], 'tags': None, 'command': 'ALL'}]
>>> [li['tags'] for li in aa if li['tags'] is not None]
[['NOPASSWD']]
>>> [li['tags'] for li in bb if li['tags'] is not None]
[]

I am sorry but you will have to give more hints how to reproduce your problem.

[wardancer84]

oh god sorry, i am an idiot...i am concatenating a string together and insert the colon after the extracted tags.
is there some trick to not insert the colon of no tag is present?

 for rule in sudo_obj.rules:
        extracted_runas = [li['run_as'] for li in rule["commands"]]
        extracted_tags = [li['tags'] for li in rule["commands"] if li['tags'] is not None]
        extracted_commands = [li['command'] for li in rule["commands"]]
        bla =  string_cleaner(str(active_on)
                             + str(" ")
                             + str(rule["users"])
                             + str(" ")
                             + str(rule["hosts"])
                             + str("=")
                             + str("(")
                             + str(list(set(list(chain(*extracted_runas)))))
                             + str(")")
                             + str(" ")
                             + str(list(set(list(chain(*extracted_tags)))))
                             + str(":")
                             + str(" ")
                             + str(extracted_commands))
        print(bla)

[ibreeden]

Still not easy to understand what you are exactly doing. It would have been helpful if you had included what "sudo_obj.rules" contains and what the result of "print(bla)" at the end was. It is also not clear what "string_cleaner()" does. But I guess the problem is the colon in line 16. I also guess the tags and the colon should not be printed if "extracted_tags" would be empty.
Then you could do something like:

for rule in sudo_obj.rules:
       extracted_runas = [li['run_as'] for li in rule["commands"]]
       extracted_tags = [li['tags'] for li in rule["commands"] if li['tags'] is not None]
       extracted_commands = [li['command'] for li in rule["commands"]]
       result = str(active_on)
       result += " "
       result += str(rule["users"])
       result += " "
       result += str(rule["hosts"])
       result += "="
       result += "("
       result += str(list(set(list(chain(*extracted_runas)))))
       result += ")"
       result += " "
       if len(extracted_tags) == 0:
              result += str(list(set(list(chain(*extracted_tags)))))
              result += ":"
              result += " "
       result += str(extracted_commands)
       bla =  string_cleaner(result)
       print(bla)

But I'm not sure. I understand extracted_tags could be a nested list as I understood from you previous posts. In that case you would perhaps have to test for if len(extracted_tags[0]) == 0. You will have to play with that.
I hope this gives you inspiration to get along.

[wardancer84]

#!/usr/bin/env python3


import sys
import os
import re
from itertools import chain
import pymysql
import pymysql.cursors
from SudoersLib import *


def string_cleaner(x):
    pattern = re.sub(r"[\[{}\]\']", "", x)
    return pattern

input_path="/admin/sudoers"
infiles= os.listdir(input_path)

connection = pymysql.connect(host='localhost',
                             user='sudodb',
                             password='sudodb',
                             database='sudoersdb')
cursor = connection.cursor()
qry = "TRUNCATE sudoroles"
cursor.execute(qry)
connection.commit()



for infile in infiles:
    infile=os.path.join(input_path, infile)
    sudo_obj = Sudoers(path=infile)
    file_name = os.path.basename(infile)
    active_on = file_name.split('_')[1]


    for key in sudo_obj.host_aliases:
        hostalias =  string_cleaner(str(key) + str(" = ") + str(sudo_obj.host_aliases[key]))
        qry = "INSERT INTO sudoroles (active_on, hostalias) VALUES (%s, %s)"
        cursor.execute(qry, (active_on, hostalias))
    for key in sudo_obj.cmnd_aliases:
        cmndalias =  string_cleaner(str(key) + str(" = ") + str(sudo_obj.cmnd_aliases[key]))
        qry = "INSERT INTO sudoroles (active_on, cmndalias) VALUES (%s, %s)"
        cursor.execute(qry, (active_on, cmndalias))
    for key in sudo_obj.runas_aliases:
        runasalias =  string_cleaner(str(key) + str(" = ") + str(sudo_obj.runas_aliases[key]))
        qry = "INSERT INTO sudoroles (active_on, runasalias) VALUES (%s, %s)"
        cursor.execute(qry, (active_on, runasalias))
    for key in sudo_obj.user_aliases:
        useralias =  string_cleaner(str(key) + str(" = ") + str(sudo_obj.user_aliases[key]))
        qry = "INSERT INTO sudoroles (active_on, useralias) VALUES (%s, %s)"
        cursor.execute(qry, (active_on, useralias))
    for rule in sudo_obj.rules:
        extracted_runas = [li['run_as'] for li in rule["commands"]]
        extracted_tags = [li['tags'] for li in rule["commands"] if li['tags'] is not None]
        extracted_commands = [li['command'] for li in rule["commands"]]
        result = str(rule["users"])
        result += " "
        result += str(rule["hosts"])
        result += "="
        result += "("
        result += str(list(set(list(chain(*extracted_runas)))))
        result += ")"
        result += " "
        if len(extracted_tags) != 0:
             result += str(list(set(list(chain(*extracted_tags)))))
             result += ":"
             result += " "
        result += str(extracted_commands)
        rule =  string_cleaner(result)
        qry = "INSERT INTO sudoroles (active_on, rules) VALUES (%s, %s)"
        cursor.execute(qry, (active_on, rule))
        print(rule)
    connection.commit()

MariaDB [sudoersdb]> show tables;
+---------------------+
| Tables_in_sudoersdb |
+---------------------+
| sudoroles           |
+---------------------+
1 row in set (0.000 sec)

MariaDB [sudoersdb]> describe sudoroles;
+------------+--------------+------+-----+---------------------+----------------+
| Field      | Type         | Null | Key | Default             | Extra          |
+------------+--------------+------+-----+---------------------+----------------+
| id         | int(11)      | NO   | PRI | NULL                | auto_increment |
| active_on  | varchar(256) | YES  | MUL | NULL                |                |
| hostalias  | text         | YES  | MUL | NULL                |                |
| cmndalias  | text         | YES  | MUL | NULL                |                |
| runasalias | text         | YES  | MUL | NULL                |                |
| useralias  | text         | YES  | MUL | NULL                |                |
| rules      | text         | YES  | MUL | NULL                |                |
| created    | timestamp    | NO   | MUL | current_timestamp() |                |
+------------+--------------+------+-----+---------------------+----------------+
8 rows in set (0.008 sec)

MariaDB [sudoersdb]> select active_on, rules, created from sudoroles where  active_on = "sag0190";
+-----------+-----------------------------------------------------------------------------------------------------------+---------------------+
| active_on | rules                                                                                                     | created             |
+-----------+-----------------------------------------------------------------------------------------------------------+---------------------+
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | NULL                                                                                                      | 2022-02-02 13:23:34 |
| sag0190   | root ALL=(ALL) ALL                                                                                        | 2022-02-02 13:23:34 |
| sag0190   | CTMAGENT ALL=(root) NOPASSWD: DDSITU2, ABBATCH                                                            | 2022-02-02 13:23:34 |
| sag0190   | DDSITU2 ALL=(root) NOPASSWD: CTMAGENT, SUORACLE, DDSITU2                                                  | 2022-02-02 13:23:34 |
| sag0190   | XAMW_STAFF ALL=(root) NOPASSWD: XSU_JBOSS1, XSU_JBOSS2, XSU_JBOSS3, XSU_JBOSS4, AWMPERM, DDSITU2, ABBATCH | 2022-02-02 13:23:34 |
| sag0190   | CTM ALL=(root) NOPASSWD: CTMAGENT                                                                         | 2022-02-02 13:23:34 |
| sag0190   | 31aha ALL=(root) NOPASSWD: XSU_JBOSS1, XSU_JBOSS3                                                         | 2022-02-02 13:23:34 |
| sag0190   | appladm ALL=(root) NOPASSWD: ABBATCH                                                                      | 2022-02-02 13:23:34 |
+-----------+-----------------------------------------------------------------------------------------------------------+---------------------+
15 rows in set (0.001 sec)

cool isnt'it?

one littel flaw is left, as sudo allows multiple tags in a role in the format NOPASSWD:NOEXEC: hence the embedded tags list, i
need a way to format the list from

jboss01 ALL=(magnax, ALL) SETENV, NOPASSWD: /opt/app/wartung/mserver.bin, /opt/app/wartung/tools/get_lieferung.bin

to

jboss01 ALL=(magnax, ALL) SETENV:NOPASSWD: /opt/app/wartung/mserver.bin, /opt/app/wartung/tools/get_lieferung.bin

for keeping sudo format intact.

[ibreeden]

cool isnt'it?

Yes! Well done!