│
│ # Which accounts on the system are authorized?
│ "authorized_users_on_system"
│ slist => intersection( auth_users, all_users );
│
│ # Which accounts on the system are not authorized?
│ "users_on_system_who_are_not_authorized"
│ slist => difference( all_users, authorized_users_on_system );
│
│ # filter() is useful when you want to operate on a regular expression.
│ # Which users start with the letter s?
│ "users_starting_with_s" slist => filter("s.*", all_users, "true", "false", 32767);
│
│ # Which users do not start with the letter s?
│ "users_not_starting_with_s" slist => filter("s.*", all_users, "true", "true", 32767);
│
│ reports:
│ cfengine_3::
│ "The following users are found on the system, but not explicitly authorized";
│ 'They should be automatically removed ( users: "$(const.dollar)(users_on_system_who_are_not_authorized)" policy => "absent";';
│ "$(users_on_system_who_are_not_authorized)";
│ }
└────
Listing 1: Example using `intersection()', `difference()', and
`filter()'.
┌────
│ R: The following users are found on the system, but not explicitly authorized
│ R: They should be automatically removed ( users: "$(users_on_system_who_are_not_authorized)" policy => "absent";
│ R: sync
│ R: whoopsie
│ R: CFEngine Version 3.7.4
└────
[`intersection()']
https://docs.cfengine.com/lts/reference-functions-intersection.html[`difference()']
https://docs.cfengine.com/lts/reference-functions-difference.html[`filter()']
https://docs.cfengine.com/lts/reference-functions-filter.html