- SEE ALSO
- BUGS AND LIMITATIONS
- LICENSE AND COPYRIGHT
BuzzSaw::UserClassifier - Classifies the type of a username
This documentation refers to BuzzSaw::UserClassifier version 0.12.0
my $classifier = BuzzSaw::UserClassifier->new(); my $user = "R00t"; my $cleaned_username = $classifier->mangle_username($user); my $user_type = $classifier->classify($cleaned_username); print "Type for $user is $user_type\n";
The BuzzSaw project provides a suite of tools for processing log file entries. Entries in files are parsed and filtered into a set of events of interest which are stored in a database. A report generation framework is also available which makes it easy to generate regular reports regarding the events discovered.
This is the GID of the group in which your "real" users are all members.
This is a reference to a hash of usernames which are considered to be "non-personal". That is normally a list of users for running daemons, and other system tools. It might also include names of teams, units and other generic usernames.
This can be specified via a string in which case it is assumed to be the name of a file which contains one username per line. This is very useful when you have a long list of usernames.
Note that existence in this list is not the only criteria for a username to be considered as "non-personal", see below for full details.
This class has the following methods:
This method returns a boolean which states whether (or not) the specified username exists in the local passwd database.
This method returns a boolean which states whether (or not) the specified username is a user (see
is_user) AND is a member of the group specified in the
This method returns a boolean which states whether (or not) the username looks like a username. Currently this just does simplistic regular expression matching to spot usernames which look like University of Edinburgh student or visitor accounts. The intention being that this method is used to spot usernames which are most likely spelling mistakes (or user mistakes of some type).
This method returns a boolean which states whether (or not) the username looks like
root. This is done using a case-insensitive match on the string
rootand allows either or both of the
ocharacters to be replaced with a
This method returns a boolean which states whether (or not) the username is a non-personal account. If the username matches the
looks_like_personmethods then this method returns false. Otherwise, if the username exists in the local passwd database then it will return true. As a final check when nothing else matches the hash of non-personal account names will be checked. This hash lookup is particularly useful for known daemon and team names which are not in the passwd DB for the machine on which the checks are being run.
This method is used to clean and canonicalise the username. It will lowercase the whole string and strip some undesirable characters. It also makes an attempt to canonicalise certain common forms of usernames. For example, any string starting with
adminwill result in
adminbeing returned (
This uses the previously described methods to classify the specified username. If it matches the
is_rootmethod then the string
rootwill be returned. If it matches either of the
looks_like_personmethods then the string
realwill be returned. If it matches the
is_nonpersonalmethod then the string
nonpersonwill be returned. Finally, if nothing matches then the string
otherswill be returned.
This method returns a boolean which states whether (or not) the specified username exists in the non-personal users hash.
This is the list of platforms on which we have tested this software. We expect this software to work on any Unix-like platform which is supported by Perl.
Please report any bugs or problems (or praise!) to email@example.com, feedback and patches are also always very welcome.
Stephen Quinney <firstname.lastname@example.org>
Copyright (C) 2013 University of Edinburgh. All rights reserved.
This library is free software; you can redistribute it and/or modify it under the terms of the GPL, version 2 or later.