inspec-core 2.2.55 → 2.2.61
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +24 -8
- data/docs/resources/aide_conf.md.erb +10 -0
- data/docs/resources/apache.md.erb +10 -0
- data/docs/resources/apache_conf.md.erb +10 -0
- data/docs/resources/apt.md.erb +10 -0
- data/docs/resources/audit_policy.md.erb +10 -0
- data/docs/resources/auditd.md.erb +10 -0
- data/docs/resources/auditd_conf.md.erb +10 -0
- data/docs/resources/bash.md.erb +10 -0
- data/docs/resources/bond.md.erb +10 -0
- data/docs/resources/bridge.md.erb +10 -0
- data/docs/resources/bsd_service.md.erb +10 -0
- data/docs/resources/chocolatey_package.md.erb +10 -0
- data/docs/resources/command.md.erb +10 -0
- data/docs/resources/cpan.md.erb +10 -0
- data/docs/resources/cran.md.erb +10 -0
- data/docs/resources/crontab.md.erb +10 -0
- data/docs/resources/csv.md.erb +10 -0
- data/docs/resources/dh_params.md.erb +10 -0
- data/docs/resources/directory.md.erb +10 -0
- data/docs/resources/docker.md.erb +21 -0
- data/docs/resources/docker_container.md.erb +10 -0
- data/docs/resources/docker_image.md.erb +10 -0
- data/docs/resources/docker_plugin.md.erb +80 -0
- data/docs/resources/docker_service.md.erb +10 -0
- data/docs/resources/elasticsearch.md.erb +10 -0
- data/docs/resources/etc_fstab.md.erb +10 -0
- data/docs/resources/etc_group.md.erb +10 -0
- data/docs/resources/etc_hosts.md.erb +10 -0
- data/docs/resources/etc_hosts_allow.md.erb +10 -0
- data/docs/resources/etc_hosts_deny.md.erb +10 -0
- data/docs/resources/file.md.erb +10 -0
- data/docs/resources/filesystem.md.erb +10 -0
- data/docs/resources/firewalld.md.erb +10 -0
- data/docs/resources/gem.md.erb +10 -0
- data/docs/resources/group.md.erb +10 -0
- data/docs/resources/grub_conf.md.erb +10 -0
- data/docs/resources/host.md.erb +10 -0
- data/docs/resources/http.md.erb +10 -0
- data/docs/resources/iis_app.md.erb +10 -0
- data/docs/resources/iis_site.md.erb +10 -0
- data/docs/resources/inetd_conf.md.erb +10 -0
- data/docs/resources/ini.md.erb +10 -0
- data/docs/resources/interface.md.erb +10 -0
- data/docs/resources/iptables.md.erb +10 -0
- data/docs/resources/json.md.erb +10 -0
- data/docs/resources/kernel_module.md.erb +10 -0
- data/docs/resources/kernel_parameter.md.erb +10 -0
- data/docs/resources/key_rsa.md.erb +10 -0
- data/docs/resources/launchd_service.md.erb +10 -0
- data/docs/resources/limits_conf.md.erb +10 -0
- data/docs/resources/login_defs.md.erb +10 -0
- data/docs/resources/mount.md.erb +10 -0
- data/docs/resources/mssql_session.md.erb +10 -0
- data/docs/resources/mysql_conf.md.erb +10 -0
- data/docs/resources/mysql_session.md.erb +10 -0
- data/docs/resources/nginx.md.erb +10 -0
- data/docs/resources/nginx_conf.md.erb +10 -0
- data/docs/resources/npm.md.erb +10 -0
- data/docs/resources/ntp_conf.md.erb +10 -0
- data/docs/resources/oneget.md.erb +10 -0
- data/docs/resources/oracledb_session.md.erb +10 -0
- data/docs/resources/os.md.erb +10 -0
- data/docs/resources/os_env.md.erb +10 -0
- data/docs/resources/package.md.erb +10 -0
- data/docs/resources/packages.md.erb +10 -0
- data/docs/resources/parse_config.md.erb +10 -0
- data/docs/resources/parse_config_file.md.erb +10 -0
- data/docs/resources/passwd.md.erb +10 -0
- data/docs/resources/pip.md.erb +10 -0
- data/docs/resources/port.md.erb +10 -0
- data/docs/resources/postgres_conf.md.erb +10 -0
- data/docs/resources/postgres_hba_conf.md.erb +10 -0
- data/docs/resources/postgres_ident_conf.md.erb +10 -0
- data/docs/resources/postgres_session.md.erb +10 -0
- data/docs/resources/powershell.md.erb +10 -0
- data/docs/resources/processes.md.erb +10 -0
- data/docs/resources/rabbitmq_config.md.erb +10 -0
- data/docs/resources/registry_key.md.erb +38 -2
- data/docs/resources/runit_service.md.erb +10 -0
- data/docs/resources/security_policy.md.erb +10 -0
- data/docs/resources/service.md.erb +10 -0
- data/docs/resources/shadow.md.erb +10 -0
- data/docs/resources/ssh_config.md.erb +10 -0
- data/docs/resources/sshd_config.md.erb +10 -0
- data/docs/resources/ssl.md.erb +10 -0
- data/docs/resources/sys_info.md.erb +10 -0
- data/docs/resources/systemd_service.md.erb +10 -0
- data/docs/resources/sysv_service.md.erb +10 -0
- data/docs/resources/upstart_service.md.erb +10 -0
- data/docs/resources/user.md.erb +10 -0
- data/docs/resources/users.md.erb +10 -0
- data/docs/resources/vbscript.md.erb +10 -0
- data/docs/resources/virtualization.md.erb +10 -0
- data/docs/resources/windows_feature.md.erb +10 -0
- data/docs/resources/windows_hotfix.md.erb +10 -0
- data/docs/resources/windows_task.md.erb +10 -0
- data/docs/resources/wmi.md.erb +10 -0
- data/docs/resources/x509_certificate.md.erb +10 -0
- data/docs/resources/xinetd_conf.md.erb +10 -0
- data/docs/resources/xml.md.erb +10 -0
- data/docs/resources/yaml.md.erb +10 -0
- data/docs/resources/yum.md.erb +10 -0
- data/docs/resources/zfs_dataset.md.erb +10 -0
- data/docs/resources/zfs_pool.md.erb +10 -0
- data/lib/inspec/base_cli.rb +2 -2
- data/lib/inspec/cli.rb +3 -2
- data/lib/inspec/resource.rb +2 -0
- data/lib/inspec/runner.rb +2 -4
- data/lib/inspec/version.rb +1 -1
- data/lib/resources/docker.rb +34 -0
- data/lib/resources/docker_plugin.rb +63 -0
- data/lib/resources/iis_app_pool.rb +116 -0
- metadata +5 -2
@@ -9,6 +9,16 @@ Use the `iptables` InSpec audit resource to test rules that are defined in `ipta
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `iptables` resource block declares tests for rules in IP tables:
|
data/docs/resources/json.md.erb
CHANGED
@@ -9,6 +9,16 @@ Use the `json` InSpec audit resource to test data in a JSON file.
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `json` resource block declares the data to be tested. Assume the following JSON file:
|
@@ -15,6 +15,16 @@ method.
|
|
15
15
|
|
16
16
|
<br>
|
17
17
|
|
18
|
+
## Availability
|
19
|
+
|
20
|
+
### Installation
|
21
|
+
|
22
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
23
|
+
|
24
|
+
### Version
|
25
|
+
|
26
|
+
This resource first became available in v1.0.0 of InSpec.
|
27
|
+
|
18
28
|
## Syntax
|
19
29
|
|
20
30
|
A `kernel_module` resource block declares a module name, and then tests if that
|
@@ -9,6 +9,16 @@ Use the `kernel_parameter` InSpec audit resource to test kernel parameters on Li
|
|
9
9
|
These parameters are located under `/proc/cmdline`.
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `kernel_parameter` resource block declares a parameter and then a value to be tested:
|
@@ -11,6 +11,16 @@ This resource is mainly useful when used in conjunction with the x509_certificat
|
|
11
11
|
|
12
12
|
<br>
|
13
13
|
|
14
|
+
## Availability
|
15
|
+
|
16
|
+
### Installation
|
17
|
+
|
18
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
19
|
+
|
20
|
+
### Version
|
21
|
+
|
22
|
+
This resource first became available in v1.18.0 of InSpec.
|
23
|
+
|
14
24
|
## Syntax
|
15
25
|
|
16
26
|
An `key_rsa` resource block declares a `key file` to be tested.
|
@@ -9,6 +9,16 @@ Use the ``launchd_service`` InSpec audit resource to test a service using Launch
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A ``launchd_service`` resource block declares the name of a service and then one (or more) matchers to test the state of the service:
|
@@ -20,6 +20,16 @@ Entries in the `limits.conf` file are similar to:
|
|
20
20
|
|
21
21
|
<br>
|
22
22
|
|
23
|
+
## Availability
|
24
|
+
|
25
|
+
### Installation
|
26
|
+
|
27
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
28
|
+
|
29
|
+
### Version
|
30
|
+
|
31
|
+
This resource first became available in v1.0.0 of InSpec.
|
32
|
+
|
23
33
|
## Syntax
|
24
34
|
|
25
35
|
A `limits_conf` resource block declares a domain to be tested, along with associated type, item, and value:
|
@@ -9,6 +9,16 @@ Use the `login_defs` InSpec audit resource to test configuration settings in the
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `login_defs` resource block declares the `login.defs` configuration data to be tested:
|
data/docs/resources/mount.md.erb
CHANGED
@@ -9,6 +9,16 @@ Use the `mount` InSpec audit resource to test the mount points on FreeBSD and Li
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
An `mount` resource block declares the synchronization settings that should be tested:
|
@@ -9,6 +9,16 @@ Use the `mssql_session` InSpec audit resource to test SQL commands run against a
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.24.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `mssql_session` resource block declares the username and password to use for the session, and then the command to be run:
|
@@ -9,6 +9,16 @@ Use the `mysql_conf` InSpec audit resource to test the contents of the configura
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
|
@@ -9,6 +9,16 @@ Use the `mysql_session` InSpec audit resource to test SQL commands run against a
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `mysql_session` resource block declares the username and password to use for the session, and then the command to be run:
|
data/docs/resources/nginx.md.erb
CHANGED
@@ -11,6 +11,16 @@ Nginx resource extracts and exposes data reported by the command 'nginx -V'
|
|
11
11
|
|
12
12
|
<br>
|
13
13
|
|
14
|
+
## Availability
|
15
|
+
|
16
|
+
### Installation
|
17
|
+
|
18
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
19
|
+
|
20
|
+
### Version
|
21
|
+
|
22
|
+
This resource first became available in v1.37.6 of InSpec.
|
23
|
+
|
14
24
|
## Syntax
|
15
25
|
|
16
26
|
An `nginx` InSpec audit resource block extracts configuration settings that should be tested:
|
@@ -11,6 +11,16 @@ Use the `nginx_conf` InSpec resource to test configuration data for the NGINX se
|
|
11
11
|
|
12
12
|
<br>
|
13
13
|
|
14
|
+
## Availability
|
15
|
+
|
16
|
+
### Installation
|
17
|
+
|
18
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
19
|
+
|
20
|
+
### Version
|
21
|
+
|
22
|
+
This resource first became available in v1.37.6 of InSpec.
|
23
|
+
|
14
24
|
## Syntax
|
15
25
|
|
16
26
|
An `nginx_conf` resource block declares the client NGINX configuration data to be tested:
|
data/docs/resources/npm.md.erb
CHANGED
@@ -9,6 +9,16 @@ Use the `npm` InSpec audit resource to test if a global NPM package is installed
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `npm` resource block declares a package and (optionally) a package version:
|
@@ -9,6 +9,16 @@ Use the `ntp_conf` InSpec audit resource to test the synchronization settings de
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
An `ntp_conf` resource block declares the synchronization settings that should be tested:
|
@@ -9,6 +9,16 @@ Use the `oneget` InSpec audit resource to test if the named package and/or packa
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `oneget` resource block declares a package and (optionally) a package version:
|
@@ -9,6 +9,16 @@ Use the `oracledb_session` InSpec audit resource to test SQL commands run agains
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `oracledb_session` resource block declares the username and password to use for the session with an optional service to connect to, and then the command to be run:
|
data/docs/resources/os.md.erb
CHANGED
@@ -9,6 +9,16 @@ Use the `os` InSpec audit resource to test the platform on which the system is r
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
An `os` resource block declares the platform to be tested. The platform may specified via matcher or control block name. For example, using a matcher:
|
@@ -9,6 +9,16 @@ Use the `os_env` InSpec audit resource to test the environment variables for the
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `os_env` resource block declares an environment variable, and then declares its value:
|
@@ -9,6 +9,16 @@ Use the `package` InSpec audit resource to test if the named package and/or pack
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `package` resource block declares a package and (optionally) a package version:
|
@@ -9,6 +9,16 @@ Use the `packages` InSpec audit resource to test the properties of multiple pack
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.51.15 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `packages` resource block declares a regular expression search to select packages
|
@@ -9,6 +9,16 @@ Use the `parse_config` InSpec audit resource to test arbitrary configuration fil
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `parse_config` resource block declares the location of the configuration setting to be tested, and then what value is to be tested. Because this resource relies on arbitrary configuration files, the test itself is often arbitrary and relies on custom Ruby code:
|
@@ -9,6 +9,16 @@ Use the `parse_config_file` InSpec audit resource to test arbitrary configuratio
|
|
9
9
|
|
10
10
|
<br>
|
11
11
|
|
12
|
+
## Availability
|
13
|
+
|
14
|
+
### Installation
|
15
|
+
|
16
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
17
|
+
|
18
|
+
### Version
|
19
|
+
|
20
|
+
This resource first became available in v1.0.0 of InSpec.
|
21
|
+
|
12
22
|
## Syntax
|
13
23
|
|
14
24
|
A `parse_config_file` InSpec audit resource block declares the location of the configuration file to be tested, and then which settings in that file are to be tested.
|
@@ -21,6 +21,16 @@ These entries are defined as a colon-delimited row in the file, one row per user
|
|
21
21
|
|
22
22
|
<br>
|
23
23
|
|
24
|
+
## Availability
|
25
|
+
|
26
|
+
### Installation
|
27
|
+
|
28
|
+
This resource is distributed along with InSpec itself. You can use it automatically.
|
29
|
+
|
30
|
+
### Version
|
31
|
+
|
32
|
+
This resource first became available in v1.0.0 of InSpec.
|
33
|
+
|
24
34
|
## Syntax
|
25
35
|
|
26
36
|
A `passwd` resource block declares one (or more) users and associated user information to be tested:
|