inspec 0.20.1 → 0.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +45 -2
- data/docs/dsl_inspec.rst +2 -2
- data/docs/resources.rst +9 -9
- data/docs/ruby_usage.rst +145 -0
- data/inspec.gemspec +1 -0
- data/lib/bundles/inspec-compliance/cli.rb +15 -2
- data/lib/inspec/cli.rb +23 -10
- data/lib/inspec/dsl.rb +0 -52
- data/lib/inspec/objects/or_test.rb +1 -0
- data/lib/inspec/objects/test.rb +4 -4
- data/lib/inspec/profile.rb +76 -61
- data/lib/inspec/profile_context.rb +12 -11
- data/lib/inspec/rspec_json_formatter.rb +93 -40
- data/lib/inspec/rule.rb +7 -29
- data/lib/inspec/runner.rb +15 -4
- data/lib/inspec/runner_mock.rb +1 -1
- data/lib/inspec/runner_rspec.rb +26 -24
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +3 -3
- data/lib/resources/auditd_rules.rb +2 -2
- data/lib/resources/host.rb +1 -1
- data/lib/resources/interface.rb +1 -1
- data/lib/resources/kernel_parameter.rb +1 -1
- data/lib/resources/mount.rb +2 -1
- data/lib/resources/mysql_session.rb +1 -1
- data/lib/resources/os_env.rb +2 -2
- data/lib/resources/passwd.rb +33 -93
- data/lib/resources/port.rb +47 -3
- data/lib/resources/processes.rb +3 -3
- data/lib/resources/service.rb +33 -1
- data/lib/resources/user.rb +15 -15
- data/lib/utils/base_cli.rb +1 -3
- data/lib/utils/filter.rb +30 -7
- data/test/cookbooks/os_prepare/recipes/_upstart_service_centos.rb +4 -0
- data/test/functional/helper.rb +1 -0
- data/test/functional/inheritance_test.rb +1 -1
- data/test/functional/inspec_compliance_test.rb +4 -3
- data/test/functional/inspec_exec_json_test.rb +122 -0
- data/test/functional/inspec_exec_test.rb +23 -117
- data/test/functional/{inspec_json_test.rb → inspec_json_profile_test.rb} +13 -15
- data/test/functional/inspec_test.rb +15 -2
- data/test/helper.rb +5 -1
- data/test/integration/default/auditd_rules_spec.rb +3 -3
- data/test/integration/default/kernel_parameter_spec.rb +6 -6
- data/test/integration/default/service_spec.rb +4 -0
- data/test/resource/command_test.rb +9 -9
- data/test/resource/dsl_test.rb +1 -1
- data/test/resource/file_test.rb +17 -17
- data/test/unit/control_test.rb +1 -1
- data/test/unit/mock/cmd/hpux-netstat-inet +10 -0
- data/test/unit/mock/cmd/hpux-netstat-inet6 +11 -0
- data/test/unit/mock/profiles/skippy-profile-os/controls/one.rb +1 -1
- data/test/unit/profile_context_test.rb +2 -2
- data/test/unit/profile_test.rb +11 -14
- data/test/unit/resources/passwd_test.rb +13 -14
- data/test/unit/resources/port_test.rb +14 -0
- data/test/unit/resources/processes_test.rb +3 -3
- data/test/unit/resources/service_test.rb +103 -39
- data/test/unit/utils/filter_table_test.rb +35 -3
- metadata +25 -4
@@ -22,15 +22,13 @@ describe 'inspec exec' do
|
|
22
22
|
out.stdout.must_include '1 example, 0 failures'
|
23
23
|
end
|
24
24
|
|
25
|
-
it 'can execute the profile with the json formatter' do
|
26
|
-
out = inspec('exec ' + example_profile + ' --format json')
|
25
|
+
it 'can execute the profile with the mini json formatter' do
|
26
|
+
out = inspec('exec ' + example_profile + ' --format json-min')
|
27
27
|
out.stderr.must_equal ''
|
28
28
|
out.exit_status.must_equal 0
|
29
29
|
JSON.load(out.stdout).must_be_kind_of Hash
|
30
30
|
end
|
31
31
|
|
32
|
-
let(:example_control) { File.join(example_profile, 'controls', 'example.rb') }
|
33
|
-
|
34
32
|
it 'can execute a simple file with the default formatter' do
|
35
33
|
out = inspec('exec ' + example_control)
|
36
34
|
out.stderr.must_equal ''
|
@@ -38,126 +36,45 @@ describe 'inspec exec' do
|
|
38
36
|
out.stdout.must_include '2 examples, 0 failures'
|
39
37
|
end
|
40
38
|
|
41
|
-
it 'can execute a simple file with the json formatter' do
|
42
|
-
out = inspec('exec ' + example_control + ' --format json')
|
43
|
-
out.stderr.must_equal ''
|
44
|
-
out.exit_status.must_equal 0
|
45
|
-
JSON.load(out.stdout).must_be_kind_of Hash
|
46
|
-
end
|
47
|
-
|
48
|
-
it 'can execute a simple file with the fulljson formatter' do
|
49
|
-
out = inspec('exec ' + example_control + ' --format fulljson')
|
39
|
+
it 'can execute a simple file with the mini json formatter' do
|
40
|
+
out = inspec('exec ' + example_control + ' --format json-min')
|
50
41
|
out.stderr.must_equal ''
|
51
42
|
out.exit_status.must_equal 0
|
52
43
|
JSON.load(out.stdout).must_be_kind_of Hash
|
53
44
|
end
|
54
45
|
|
55
|
-
describe 'execute a profile with json formatting' do
|
56
|
-
let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format json').stdout) }
|
57
|
-
let(:
|
58
|
-
let(:ex1) {
|
59
|
-
let(:ex2) {
|
60
|
-
let(:ex3) {
|
61
|
-
|
62
|
-
it 'must have 5 examples' do
|
63
|
-
json['examples'].length.must_equal 5
|
64
|
-
end
|
65
|
-
|
66
|
-
it 'id in json' do
|
67
|
-
examples.find { |ex| !ex.key? 'id' }.must_be :nil?
|
68
|
-
end
|
69
|
-
|
70
|
-
it 'impact in json' do
|
71
|
-
ex1['impact'].must_equal 0.7
|
72
|
-
ex2['impact'].must_be :nil?
|
73
|
-
end
|
74
|
-
|
75
|
-
it 'status in json' do
|
76
|
-
ex1['status'].must_equal 'passed'
|
77
|
-
ex3['status'].must_equal 'pending'
|
78
|
-
end
|
79
|
-
|
80
|
-
it 'pending message in json' do
|
81
|
-
ex1['pending_message'].must_be :nil?
|
82
|
-
ex3['pending_message'].must_equal 'Not yet implemented'
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
describe 'execute a profile with fulljson formatting' do
|
87
|
-
let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format fulljson').stdout) }
|
88
|
-
let(:examples) { json['examples'] }
|
89
|
-
let(:metadata) { json['profiles'][0] }
|
90
|
-
let(:ex1) { examples.find{|x| x['id'] == 'tmp-1.0'} }
|
91
|
-
let(:ex2) { examples.find{|x| x['id'] =~ /generated/} }
|
92
|
-
let(:ex3) { examples.find{|x| x['id'] == 'gordon-1.0'} }
|
93
|
-
|
94
|
-
it 'has all the metadata' do
|
95
|
-
metadata.must_equal({
|
96
|
-
"name" => "profile",
|
97
|
-
"title" => "InSpec Example Profile",
|
98
|
-
"maintainer" => "Chef Software, Inc.",
|
99
|
-
"copyright" => "Chef Software, Inc.",
|
100
|
-
"copyright_email" => "support@chef.io",
|
101
|
-
"license" => "Apache 2 license",
|
102
|
-
"summary" => "Demonstrates the use of InSpec Compliance Profile",
|
103
|
-
"version" => "1.0.0",
|
104
|
-
"supports" => [{"os-family" => "unix"}]
|
105
|
-
})
|
106
|
-
end
|
46
|
+
describe 'execute a profile with mini json formatting' do
|
47
|
+
let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format json-min').stdout) }
|
48
|
+
let(:controls) { json['controls'] }
|
49
|
+
let(:ex1) { controls.find{|x| x['id'] == 'tmp-1.0'} }
|
50
|
+
let(:ex2) { controls.find{|x| x['id'] =~ /generated/} }
|
51
|
+
let(:ex3) { controls.find{|x| x['id'] == 'gordon-1.0'} }
|
107
52
|
|
108
53
|
it 'must have 5 examples' do
|
109
|
-
json['
|
54
|
+
json['controls'].length.must_equal 5
|
110
55
|
end
|
111
56
|
|
112
|
-
it '
|
113
|
-
|
57
|
+
it 'has an id' do
|
58
|
+
controls.find { |ex| !ex.key? 'id' }.must_be :nil?
|
114
59
|
end
|
115
60
|
|
116
|
-
it '
|
117
|
-
|
61
|
+
it 'has a profile_id' do
|
62
|
+
controls.find { |ex| !ex.key? 'profile_id' }.must_be :nil?
|
118
63
|
end
|
119
64
|
|
120
|
-
it '
|
121
|
-
|
65
|
+
it 'has a code_desc' do
|
66
|
+
ex1['code_desc'].must_equal 'File /tmp should be directory'
|
67
|
+
controls.find { |ex| !ex.key? 'code_desc' }.must_be :nil?
|
122
68
|
end
|
123
69
|
|
124
|
-
it '
|
125
|
-
ex3['code'].wont_be :nil?
|
126
|
-
end
|
127
|
-
|
128
|
-
it 'code_desc in json' do
|
129
|
-
ex3['code_desc'].wont_be :nil?
|
130
|
-
end
|
131
|
-
|
132
|
-
it 'impact in json' do
|
133
|
-
ex1['impact'].must_equal 0.7
|
134
|
-
ex2['impact'].must_be :nil?
|
135
|
-
end
|
136
|
-
|
137
|
-
it 'status in json' do
|
70
|
+
it 'has a status' do
|
138
71
|
ex1['status'].must_equal 'passed'
|
139
|
-
ex3['status'].must_equal '
|
72
|
+
ex3['status'].must_equal 'skipped'
|
140
73
|
end
|
141
74
|
|
142
|
-
it '
|
143
|
-
ex1['
|
144
|
-
|
145
|
-
|
146
|
-
it 'ref_line in json' do
|
147
|
-
ex1['ref_line'].must_equal 16
|
148
|
-
end
|
149
|
-
|
150
|
-
it 'run_time in json' do
|
151
|
-
ex1['run_time'].wont_be :nil?
|
152
|
-
end
|
153
|
-
|
154
|
-
it 'start_time in json' do
|
155
|
-
ex1['start_time'].wont_be :nil?
|
156
|
-
end
|
157
|
-
|
158
|
-
it 'pending message in json' do
|
159
|
-
ex1['pending'].must_be :nil?
|
160
|
-
ex3['pending'].must_equal "Can't find file \"/tmp/gordon/config.yaml\""
|
75
|
+
it 'has a skip_message' do
|
76
|
+
ex1['skip_message'].must_be :nil?
|
77
|
+
ex3['skip_message'].must_equal "Can't find file \"/tmp/gordon/config.yaml\""
|
161
78
|
end
|
162
79
|
end
|
163
80
|
|
@@ -171,17 +88,6 @@ describe 'inspec exec' do
|
|
171
88
|
end
|
172
89
|
end
|
173
90
|
|
174
|
-
describe 'with a profile that is not supported on this OS/platform' do
|
175
|
-
let(:out) { inspec('exec ' + File.join(profile_path, 'skippy-profile-os') + ' --format fulljson') }
|
176
|
-
let(:json) { JSON.load(out.stdout) }
|
177
|
-
|
178
|
-
# TODO: failure handling in json formatters...
|
179
|
-
|
180
|
-
it 'never runs the actual resource' do
|
181
|
-
File.exist?('/tmp/inspec_test_DONT_CREATE').must_equal false
|
182
|
-
end
|
183
|
-
end
|
184
|
-
|
185
91
|
describe 'with a profile that is supported on this version of inspec' do
|
186
92
|
let(:out) { inspec('exec ' + File.join(profile_path, 'supported_inspec')) }
|
187
93
|
|
@@ -42,36 +42,36 @@ describe 'inspec json' do
|
|
42
42
|
json['copyright'].must_equal 'Chef Software, Inc.'
|
43
43
|
end
|
44
44
|
|
45
|
-
it 'has
|
46
|
-
json['
|
45
|
+
it 'has controls' do
|
46
|
+
json['controls'].length.must_equal 4
|
47
47
|
end
|
48
48
|
|
49
|
-
describe 'a
|
50
|
-
let(:
|
49
|
+
describe 'a control' do
|
50
|
+
let(:control) { json['controls']['tmp-1.0'] }
|
51
51
|
|
52
52
|
it 'has a title' do
|
53
|
-
|
53
|
+
control['title'].must_equal 'Create /tmp directory'
|
54
54
|
end
|
55
55
|
|
56
56
|
it 'has a description' do
|
57
|
-
|
57
|
+
control['desc'].must_equal 'An optional description...'
|
58
58
|
end
|
59
59
|
|
60
60
|
it 'has an impact' do
|
61
|
-
|
61
|
+
control['impact'].must_equal 0.7
|
62
62
|
end
|
63
63
|
|
64
64
|
it 'has a ref' do
|
65
|
-
|
65
|
+
control['refs'].must_equal([{'ref' => 'Document A-12', 'url' => 'http://...'}])
|
66
66
|
end
|
67
67
|
|
68
68
|
it 'has a source location' do
|
69
69
|
loc = File.join(example_profile, '/controls/example.rb')
|
70
|
-
|
70
|
+
control['source_location'].must_equal [loc, 8]
|
71
71
|
end
|
72
72
|
|
73
73
|
it 'has a the source code' do
|
74
|
-
|
74
|
+
control['code'].must_match /\Acontrol \"tmp-1.0\" do.*end\n\Z/m
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
@@ -86,10 +86,8 @@ describe 'inspec json' do
|
|
86
86
|
|
87
87
|
it 'only has one control included' do
|
88
88
|
json = JSON.load(out.stdout)
|
89
|
-
|
90
|
-
|
91
|
-
rules = grps.values[0]['rules']
|
92
|
-
rules.keys.must_equal ['tmp-1.0']
|
89
|
+
json['controls'].keys.must_equal %w{tmp-1.0}
|
90
|
+
json['groups'].keys.must_equal %w{controls/example.rb}
|
93
91
|
end
|
94
92
|
end
|
95
93
|
|
@@ -99,6 +97,6 @@ describe 'inspec json' do
|
|
99
97
|
out.exit_status.must_equal 0
|
100
98
|
hm = JSON.load(File.read(dst.path))
|
101
99
|
hm['name'].must_equal 'profile'
|
102
|
-
hm['
|
100
|
+
hm['controls'].length.must_equal 4
|
103
101
|
end
|
104
102
|
end
|
@@ -7,9 +7,9 @@ require 'functional/helper'
|
|
7
7
|
describe 'command tests' do
|
8
8
|
include FunctionalHelper
|
9
9
|
|
10
|
-
describe 'detect' do
|
10
|
+
describe 'detect with json' do
|
11
11
|
it 'runs well on all nodes' do
|
12
|
-
out = inspec('detect')
|
12
|
+
out = inspec('detect --format json')
|
13
13
|
out.stderr.must_equal ''
|
14
14
|
out.exit_status.must_equal 0
|
15
15
|
j = JSON.load(out.stdout)
|
@@ -20,6 +20,19 @@ describe 'command tests' do
|
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
+
describe 'detect without json' do
|
24
|
+
it 'runs well on all nodes' do
|
25
|
+
out = inspec('detect')
|
26
|
+
out.stderr.must_equal ''
|
27
|
+
out.exit_status.must_equal 0
|
28
|
+
std = out.stdout
|
29
|
+
std.must_include 'Name:'
|
30
|
+
std.must_include 'Family:'
|
31
|
+
std.must_include 'Arch:'
|
32
|
+
std.must_include 'Release:'
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
23
36
|
describe 'cmd' do
|
24
37
|
it 'can run arbitrary ruby' do
|
25
38
|
x = rand
|
data/test/helper.rb
CHANGED
@@ -246,7 +246,11 @@ class MockLoader
|
|
246
246
|
#user info on hpux
|
247
247
|
"logins -x -l root" => cmd.call('logins-x'),
|
248
248
|
#packages on hpux
|
249
|
-
"swlist -l product | grep vim" => cmd.call('swlist-l-product')
|
249
|
+
"swlist -l product | grep vim" => cmd.call('swlist-l-product'),
|
250
|
+
# ipv4 ports on hpux
|
251
|
+
'netstat -an -f inet' => cmd.call('hpux-netstat-inet'),
|
252
|
+
#ipv6 ports on hpux
|
253
|
+
'netstat -an -f inet6' => cmd.call('hpux-netstat-inet6'),
|
250
254
|
}
|
251
255
|
|
252
256
|
@backend
|
@@ -4,7 +4,7 @@
|
|
4
4
|
return unless os[:family] == 'centos'
|
5
5
|
|
6
6
|
describe auditd_rules.syscall('open') do
|
7
|
-
its(
|
7
|
+
its('action') { should eq(['always']) }
|
8
8
|
end
|
9
9
|
|
10
10
|
describe auditd_rules.syscall('open').action do
|
@@ -12,7 +12,7 @@ describe auditd_rules.syscall('open').action do
|
|
12
12
|
end
|
13
13
|
|
14
14
|
describe auditd_rules.key('sshd_config') do
|
15
|
-
its(
|
15
|
+
its('permissions') { should contain_match(/x/) }
|
16
16
|
end
|
17
17
|
|
18
18
|
describe auditd_rules.file('/etc/ssh/sshd_config').permissions do
|
@@ -20,7 +20,7 @@ describe auditd_rules.file('/etc/ssh/sshd_config').permissions do
|
|
20
20
|
end
|
21
21
|
|
22
22
|
describe auditd_rules do
|
23
|
-
its(
|
23
|
+
its('lines') { should contain_match(%r{-w /etc/ssh/sshd_config/}) }
|
24
24
|
end
|
25
25
|
|
26
26
|
describe auditd_rules.syscall('open').action('always').list do
|
@@ -30,27 +30,27 @@ end
|
|
30
30
|
# test on all linux systems
|
31
31
|
if os.linux?
|
32
32
|
describe kernel_parameter('kernel.panic') do
|
33
|
-
its(
|
33
|
+
its('value') { should eq test_values[:kernel_panic] }
|
34
34
|
end
|
35
35
|
|
36
36
|
describe kernel_parameter('net.netfilter.nf_log.0') do
|
37
|
-
its(
|
37
|
+
its('value') { should eq test_values[:nf_log] }
|
38
38
|
end
|
39
39
|
|
40
40
|
describe kernel_parameter('kernel.sched_autogroup_enabled') do
|
41
|
-
its(
|
41
|
+
its('value') { should eq test_values[:sched_autogroup_enabled] }
|
42
42
|
end
|
43
43
|
|
44
44
|
describe kernel_parameter('net.ipv4.ip_local_port_range') do
|
45
|
-
its(
|
45
|
+
its('value') { should eq test_values[:ip_local_port_range] }
|
46
46
|
end
|
47
47
|
|
48
48
|
describe kernel_parameter('net.ipv4.conf.all.forwarding') do
|
49
|
-
its(
|
49
|
+
its('value') { should eq test_values[:forwarding] }
|
50
50
|
end
|
51
51
|
|
52
52
|
# serverspec compatability
|
53
53
|
describe linux_kernel_parameter('net.ipv4.conf.all.forwarding') do
|
54
|
-
its(
|
54
|
+
its('value') { should eq test_values[:forwarding] }
|
55
55
|
end
|
56
56
|
end
|
@@ -89,6 +89,9 @@ if os[:family] == 'centos' && os[:release].to_i >= 6
|
|
89
89
|
it { should be_enabled }
|
90
90
|
it { should be_installed }
|
91
91
|
it { should be_running }
|
92
|
+
its('type') { should be 'upstart' }
|
93
|
+
its('name') { should be 'upstart-enabled-and-running' }
|
94
|
+
its('description') { should be nil }
|
92
95
|
end
|
93
96
|
|
94
97
|
describe upstart_service('upstart-enabled-not-running') do
|
@@ -101,6 +104,7 @@ if os[:family] == 'centos' && os[:release].to_i >= 6
|
|
101
104
|
it { should_not be_enabled }
|
102
105
|
it { should_not be_installed }
|
103
106
|
it { should_not be_running }
|
107
|
+
its('type') { should be nil }
|
104
108
|
end
|
105
109
|
end
|
106
110
|
|
@@ -3,21 +3,21 @@
|
|
3
3
|
# author: Christoph Hartmann
|
4
4
|
|
5
5
|
describe command('echo hello') do
|
6
|
-
its(
|
7
|
-
its(
|
8
|
-
its(
|
6
|
+
its('stdout') { should eq "hello\n" }
|
7
|
+
its('stderr') { should eq '' }
|
8
|
+
its('exit_status') { should eq 0 }
|
9
9
|
end
|
10
10
|
|
11
11
|
describe command('>&2 echo error') do
|
12
|
-
its(
|
13
|
-
its(
|
14
|
-
its(
|
12
|
+
its('stdout') { should eq '' }
|
13
|
+
its('stderr') { should eq "error\n" }
|
14
|
+
its('exit_status') { should eq 0 }
|
15
15
|
end
|
16
16
|
|
17
17
|
describe command('exit 123') do
|
18
|
-
its(
|
19
|
-
its(
|
20
|
-
its(
|
18
|
+
its('stdout') { should eq '' }
|
19
|
+
its('stderr') { should eq '' }
|
20
|
+
its('exit_status') { should eq 123 }
|
21
21
|
end
|
22
22
|
|
23
23
|
describe command('/bin/sh').exist? do
|
data/test/resource/dsl_test.rb
CHANGED
data/test/resource/file_test.rb
CHANGED
@@ -11,18 +11,18 @@ describe file('/tmpest') do
|
|
11
11
|
end
|
12
12
|
|
13
13
|
describe file('/tmp') do
|
14
|
-
its(
|
14
|
+
its('type') { should eq :directory }
|
15
15
|
it { should be_directory }
|
16
16
|
end
|
17
17
|
|
18
18
|
describe file('/proc/version') do
|
19
|
-
its(
|
19
|
+
its('type') { should eq :file }
|
20
20
|
it { should be_file }
|
21
21
|
it { should_not be_directory }
|
22
22
|
end
|
23
23
|
|
24
24
|
describe file('/dev/stdout') do
|
25
|
-
its(
|
25
|
+
its('type') { should eq :pipe }
|
26
26
|
its('source.type') { should eq :symlink }
|
27
27
|
it { should be_symlink }
|
28
28
|
it { should be_pipe }
|
@@ -31,29 +31,29 @@ describe file('/dev/stdout') do
|
|
31
31
|
end
|
32
32
|
|
33
33
|
describe file('/dev/zero') do
|
34
|
-
its(
|
34
|
+
its('type') { should eq :character_device }
|
35
35
|
it { should be_character_device }
|
36
36
|
it { should_not be_file }
|
37
37
|
it { should_not be_directory }
|
38
38
|
end
|
39
39
|
|
40
40
|
# describe file('...') do
|
41
|
-
# its(
|
41
|
+
# its('type') { should eq :block_device }
|
42
42
|
# it { should be_block_device }
|
43
43
|
# end
|
44
44
|
|
45
45
|
# describe file('...') do
|
46
|
-
# its(
|
46
|
+
# its('type') { should eq :socket }
|
47
47
|
# it { should be_socket }
|
48
48
|
# end
|
49
49
|
|
50
50
|
# describe file('...') do
|
51
|
-
# its(
|
51
|
+
# its('type') { should eq :pipe }
|
52
52
|
# it { should be_pipe }
|
53
53
|
# end
|
54
54
|
|
55
55
|
describe file('/dev') do
|
56
|
-
its(
|
56
|
+
its('mode') { should eq 00755 }
|
57
57
|
end
|
58
58
|
|
59
59
|
describe file('/dev') do
|
@@ -61,7 +61,7 @@ describe file('/dev') do
|
|
61
61
|
end
|
62
62
|
|
63
63
|
describe file('/root') do
|
64
|
-
its(
|
64
|
+
its('owner') { should eq 'root' }
|
65
65
|
end
|
66
66
|
|
67
67
|
describe file('/dev') do
|
@@ -69,7 +69,7 @@ describe file('/dev') do
|
|
69
69
|
end
|
70
70
|
|
71
71
|
describe file('/root') do
|
72
|
-
its(
|
72
|
+
its('group') { should eq 'root' }
|
73
73
|
end
|
74
74
|
|
75
75
|
describe file('/dev') do
|
@@ -77,7 +77,7 @@ describe file('/dev') do
|
|
77
77
|
end
|
78
78
|
|
79
79
|
describe file('/dev/kcore') do
|
80
|
-
its(
|
80
|
+
its('link_path') { should eq '/proc/kcore' }
|
81
81
|
end
|
82
82
|
|
83
83
|
describe file('/dev/kcore') do
|
@@ -85,7 +85,7 @@ describe file('/dev/kcore') do
|
|
85
85
|
end
|
86
86
|
|
87
87
|
describe file('/proc/cpuinfo') do
|
88
|
-
its(
|
88
|
+
its('content') { should match /^processor/ }
|
89
89
|
end
|
90
90
|
|
91
91
|
describe file('/').mtime.to_i do
|
@@ -94,12 +94,12 @@ describe file('/').mtime.to_i do
|
|
94
94
|
end
|
95
95
|
|
96
96
|
describe file('/') do
|
97
|
-
its(
|
98
|
-
its(
|
97
|
+
its('size') { should be > 64 }
|
98
|
+
its('size') { should be < 10240 }
|
99
99
|
end
|
100
100
|
|
101
101
|
describe file('/proc/cpuinfo') do
|
102
|
-
its(
|
102
|
+
its('size') { should be 0 }
|
103
103
|
end
|
104
104
|
|
105
105
|
# @TODO selinux_label
|
@@ -123,10 +123,10 @@ cpuinfo = file('/proc/cpuinfo').content
|
|
123
123
|
|
124
124
|
md5sum = Digest::MD5.hexdigest(cpuinfo)
|
125
125
|
describe file('/proc/cpuinfo') do
|
126
|
-
its(
|
126
|
+
its('md5sum') { should eq md5sum }
|
127
127
|
end
|
128
128
|
|
129
129
|
sha256sum = Digest::SHA256.hexdigest(cpuinfo)
|
130
130
|
describe file('/proc/cpuinfo') do
|
131
|
-
its(
|
131
|
+
its('sha256sum') { should eq sha256sum }
|
132
132
|
end
|