我正在尝试编写一些RHEL安全加固自动化脚本,并且我有一个CSV文件,我试图将这些信息生成可读内容。这是我到目前为止...用逗号分隔CSV文本?
#!/bin/bash
# loop through the file
while read line; do
# get all of the content
vulnid=`echo $line | cut -d',' -f1`
ruleid=`echo $line | cut -d',' -f2`
stigid=`echo $line | cut -d',' -f3`
title=`echo $line | cut -d',' -f4`
discussion=`echo $line | cut -d',' -f5`
check=`echo $line | cut -d',' -f6`
fix=`echo $line | cut -d',' -f7`
# Format the content
echo "########################################################"
echo "# Vulnerability ID: $vulnid"
echo "# Rule ID: $ruleid"
echo "# STIG ID: $stigid"
echo "#"
echo "# Rule: $title"
echo "#"
echo "# Discussion:"
echo "# $discussion"
echo "# Check:"
echo "# $check"
echo "# Fix:"
echo "# $fix"
echo "########################################################"
echo "# Start Check"
echo
echo "# Start Remediation"
echo
echo "########################################################"
done < STIG.csv
我遇到的问题是,我在CSV中的文本包含逗号。这实际上非常好,符合IETF标准(http://tools.ietf.org/html/rfc4180#page-2第2.4节)。但是,正如您可以想象的那样,剪切命令不会展望查看逗号后是否有尾随空格(正如您通常使用英文)。这导致我的所有领域都搞砸了,我无法弄清楚如何让这一切都正常工作。
现在,我有一种感觉,有一种神奇的正则表达式,我可以像'','[:blank:]'一样使用,但是如果我知道如何利用它,我会被诅咒的。我习惯于使用剪切只是因为它快速而肮脏,但也许有人使用awk或sed可能会有更好的建议。这主要是为了生成我自己的程序的批量结构,这个结构是重复的,并且是评论的TON。
需要注意的是,它必须在干净的RHEL6上运行。我会用Ruby,Python等写这个。但是,其中大部分是必须安装的额外软件包。该脚本将部署的环境是机器没有任何互联网访问或额外软件包的地方。 Python 2.6默认在CentOS6上,但是RHEL6(我认为)。否则,请相信我,我会用Ruby写这篇文章。
这里的CSV样本:
V-38447,SV-50247r1_rule,RHEL-06-000519,The system package management tool must verify contents of all files associated with packages.,The hash on important files like system executables should match the information given by the RPM database. Executables with erroneous hashes could be a sign of nefarious activity on the system.,"The following command will list which files on the system have file hashes different from what is expected by the RPM database. # rpm -Va | grep '$1 ~ /..5/ && $2 != 'c''If there is output, this is a finding.","The RPM package management system can check the hashes of installed software packages, including many that are important to system security. Run the following command to list which files on the system have hashes that differ from what is expected by the RPM database: # rpm -Va | grep '^..5'A 'c' in the second column indicates that a file is a configuration file, which may appropriately be expected to change. If the file that has changed was not expected to then refresh from distribution media or online repositories. rpm -Uvh [affected_package]OR yum reinstall [affected_package]"
而且,如果有人想了解情况,整个项目是out on GitHub.
什么是您的CSV样子? –
老实说,我认为你最好的选择是使用支持CSV的脚本语言。我个人使用Python。它的'csv'模块非常易于使用,并且可以处理任何您可能遇到的(ASCII)CSV。如果你不是Python,但你对Perl感到满意,那也可以。这可能是我会推荐的两位主要候选人。 –
您应该从旧的和过时的抽屉变成括号'$(...)'eks:'fix = $(echo $ line | cut -d','-f7)'。你也可以从'echo $ line |改变cut -d','-f7'到'cut -d','-f7 <<< $ line' – Jotne