Sudoers - files /etc/sudoers and /etc/sudoers.d/*

Module for processing each of the /etc/sudoers and /etc/sudoers.d/* files.

Note

These files is filtered to skip the sensitive information.

Note

Please use the insigths.combiners.suoders.Sudoers for global checking.

class insights.parsers.sudoers.EtcSudoers(context)[source]

Bases: Parser, SudoersBase

Class to parse the files /etc/sudoers or /etc/sudoers.d/*

Typical content of the /etc/sudoers and /etc/sudoers.d/* is:

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
lines

The list of RAW lines of the file.

Type:

list

Note

The super-class SudoersBase providers two helper functions: SudoersBase.get() and SudoersBase.last().

Examples

>>> type(sudo)
<class 'insights.parsers.sudoers.EtcSudoers'>
>>> len(sudo.lines)
2
>>> sudo.get(['wheel', 'ALL=(ALL)', 'ALL'])
['%wheel  ALL=(ALL)       ALL']
>>> sudo.last("#includedir")
'#includedir /etc/sudoers.d'
parse_content(content)[source]

This method must be implemented by classes based on this class.

class insights.parsers.sudoers.SudoersBase[source]

Bases: object

Base class for parsing the files /etc/sudoers or /etc/sudoers.d/*, it provides the following two helper functions get and last.

get(s, check=<built-in function all>)[source]

Returns all lines that contain s anywhere and return the list of RAW line directly. s can be either a single string or a string list. For list, all keywords in the list must be found in each line.

Parameters:

  • s (str or list) -- one or more strings to search for

  • check (func) -- built-in function all or any applied to each line

Returns:

list of lines that contain the s.

Return type:

(list)

Raises:

TypeError -- When s is not a string or a list of strings, or num is not an integer.

last(s, check=<built-in function all>)[source]

Returns the last line that contain s anywhere and return the RAW line directly. s can be either a single string or a string list. For list, all keywords in the list must be found in each line.

Parameters:

  • s (str or list) -- one or more strings to search for

  • check (func) -- built-in function all or any applied to each line

Returns:

The line that contains the s. None by default.

Return type:

(str)

Raises:

TypeError -- When s is not a string or a list of strings, or num is not an integer.