inspec 0.28.1 → 0.29.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +46 -2
- data/README.md +3 -3
- data/inspec.gemspec +1 -1
- data/lib/inspec/rspec_json_formatter.rb +107 -34
- data/lib/inspec/runner.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/resources/apache.rb +1 -2
- data/lib/resources/auditd_rules.rb +1 -1
- data/lib/resources/command.rb +2 -2
- data/lib/resources/grub_conf.rb +29 -17
- data/lib/resources/kernel_module.rb +1 -1
- data/lib/resources/mysql.rb +1 -1
- data/lib/resources/oneget.rb +1 -1
- data/lib/resources/os_env.rb +1 -1
- data/lib/resources/package.rb +1 -1
- data/lib/resources/parse_config.rb +22 -13
- data/lib/resources/pip.rb +1 -3
- data/lib/resources/port.rb +27 -21
- data/lib/resources/postgres.rb +9 -15
- data/lib/resources/service.rb +27 -26
- data/lib/resources/windows_feature.rb +1 -1
- data/test/cookbooks/os_prepare/recipes/apt.rb +2 -2
- data/test/cookbooks/os_prepare/recipes/default.rb +2 -0
- data/test/cookbooks/os_prepare/recipes/package.rb +1 -2
- data/test/cookbooks/os_prepare/recipes/postgres.rb +2 -0
- data/test/cookbooks/os_prepare/recipes/prep_container.rb +15 -0
- data/test/cookbooks/os_prepare/recipes/service.rb +3 -3
- data/test/docker_test.rb +8 -0
- data/test/functional/inspec_exec_test.rb +4 -3
- data/test/helper.rb +20 -19
- data/test/integration/default/_debug_spec.rb +8 -1
- data/test/integration/default/apache_conf_spec.rb +8 -3
- data/test/integration/default/apt_spec.rb +1 -6
- data/test/integration/default/etc_group_spec.rb +4 -2
- data/test/integration/default/file_spec.rb +4 -3
- data/test/integration/default/iptables_spec.rb +4 -3
- data/test/integration/default/kernel_module_spec.rb +8 -3
- data/test/integration/default/kernel_parameter_spec.rb +4 -3
- data/test/integration/default/mount_spec.rb +8 -3
- data/test/integration/default/package_spec.rb +0 -3
- data/test/integration/default/port_spec.rb +4 -3
- data/test/integration/default/postgres_session_spec.rb +4 -3
- data/test/integration/default/service_spec.rb +4 -3
- data/test/unit/mock/files/sysctl.conf +7 -0
- data/test/unit/profile_context_test.rb +6 -6
- data/test/unit/resources/os_test.rb +5 -5
- data/test/unit/resources/parse_config_test.rb +26 -0
- data/test/unit/resources/port_test.rb +9 -0
- metadata +10 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5774f3ee48a607acb703378f30751ca137f73baa
|
4
|
+
data.tar.gz: ac25e0e4c2033ed592d167979b5be81c23d7b5ea
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8967dac4b642852dee7ea3c21d3b80e54ea33be10a7e517e8a17fbbc93fc8d0e26f014651bf1d1bdf66f2fc9d66eb7a1f1e3fbfd93a904096078229932215da9
|
7
|
+
data.tar.gz: 5ed1b7a369277b8de9c9f2c5742efb202f3b974519b8ac2575aa69642bbf372ac00c54f4bafcb4d6ccab462a41222cce311f9715a453945c08ce39a3347982fc
|
data/CHANGELOG.md
CHANGED
@@ -1,7 +1,51 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
-
## [0.
|
4
|
-
[Full Changelog](https://github.com/chef/inspec/compare/v0.28.
|
3
|
+
## [0.29.0](https://github.com/chef/inspec/tree/0.29.0) (2016-08-08)
|
4
|
+
[Full Changelog](https://github.com/chef/inspec/compare/v0.28.1...0.29.0)
|
5
|
+
|
6
|
+
**Implemented enhancements:**
|
7
|
+
|
8
|
+
- port\(\) could convert string parameter to integer [\#867](https://github.com/chef/inspec/issues/867)
|
9
|
+
- add params and content method to parse\_config [\#876](https://github.com/chef/inspec/pull/876) ([chris-rock](https://github.com/chris-rock))
|
10
|
+
- Activate centos, debian and oracle linux in our travis tests [\#869](https://github.com/chef/inspec/pull/869) ([chris-rock](https://github.com/chris-rock))
|
11
|
+
|
12
|
+
**Fixed bugs:**
|
13
|
+
|
14
|
+
- 1.10.2 missing a space in failed test output [\#872](https://github.com/chef/inspec/issues/872)
|
15
|
+
- inspec fails to determine file\_version for a file on a windows 2012R2 [\#858](https://github.com/chef/inspec/issues/858)
|
16
|
+
- os\[:family\] returns "centos" rather than "redhat" on my Centos 7.2 box [\#847](https://github.com/chef/inspec/issues/847)
|
17
|
+
- Inspec exec output when multiple matchers are used [\#812](https://github.com/chef/inspec/issues/812)
|
18
|
+
- Inspec Detect Issues [\#772](https://github.com/chef/inspec/issues/772)
|
19
|
+
- systemd is-enabled check does not handle backcompat with sysv-init scripts \(e.g. ntp on Ubuntu 16.04\) [\#749](https://github.com/chef/inspec/issues/749)
|
20
|
+
- Update inspec for os\[:family\] change in Train [\#865](https://github.com/chef/inspec/pull/865) ([stevendanna](https://github.com/stevendanna))
|
21
|
+
- Use systemctl's helper command to determine enabled & active status [\#863](https://github.com/chef/inspec/pull/863) ([stevendanna](https://github.com/stevendanna))
|
22
|
+
|
23
|
+
**Closed issues:**
|
24
|
+
|
25
|
+
- bump train dependency [\#870](https://github.com/chef/inspec/issues/870)
|
26
|
+
- parse\_config error when searching for fs.suid\_dumpable [\#866](https://github.com/chef/inspec/issues/866)
|
27
|
+
- Improve integration tests [\#861](https://github.com/chef/inspec/issues/861)
|
28
|
+
- Adapt InSpec to work with latest train OS updates [\#855](https://github.com/chef/inspec/issues/855)
|
29
|
+
|
30
|
+
**Merged pull requests:**
|
31
|
+
|
32
|
+
- revert control\_summary field in output [\#887](https://github.com/chef/inspec/pull/887) ([arlimus](https://github.com/arlimus))
|
33
|
+
- Remove some platforms from travis config [\#883](https://github.com/chef/inspec/pull/883) ([stevendanna](https://github.com/stevendanna))
|
34
|
+
- Explicitly require docker transport to avoid autoload bug [\#882](https://github.com/chef/inspec/pull/882) ([stevendanna](https://github.com/stevendanna))
|
35
|
+
- Require train 0.16 [\#881](https://github.com/chef/inspec/pull/881) ([chris-rock](https://github.com/chris-rock))
|
36
|
+
- Generate test labels for multi-test controls [\#879](https://github.com/chef/inspec/pull/879) ([ksubrama](https://github.com/ksubrama))
|
37
|
+
- Allow port to be specified as a string [\#878](https://github.com/chef/inspec/pull/878) ([stevendanna](https://github.com/stevendanna))
|
38
|
+
- improve code style for parse\_config thanks @stevendanna [\#877](https://github.com/chef/inspec/pull/877) ([chris-rock](https://github.com/chris-rock))
|
39
|
+
- remote target supported OS also includes hp-ux [\#873](https://github.com/chef/inspec/pull/873) ([Anirudh-Gupta](https://github.com/Anirudh-Gupta))
|
40
|
+
- Be a bit louder when skipping an entire integration suite [\#864](https://github.com/chef/inspec/pull/864) ([stevendanna](https://github.com/stevendanna))
|
41
|
+
- Count controls in the summary output. Fix \#852 [\#860](https://github.com/chef/inspec/pull/860) ([vjeffrey](https://github.com/vjeffrey))
|
42
|
+
|
43
|
+
## [v0.28.1](https://github.com/chef/inspec/tree/v0.28.1) (2016-08-03)
|
44
|
+
[Full Changelog](https://github.com/chef/inspec/compare/v0.28.0...v0.28.1)
|
45
|
+
|
46
|
+
**Implemented enhancements:**
|
47
|
+
|
48
|
+
- InSpec output for summary needs to count controls [\#852](https://github.com/chef/inspec/issues/852)
|
5
49
|
|
6
50
|
**Fixed bugs:**
|
7
51
|
|
data/README.md
CHANGED
@@ -231,6 +231,7 @@ OpenSUSE | 13.1/13.2/42.1 | x86_64
|
|
231
231
|
OmniOS | | x86_64
|
232
232
|
Gentoo Linux | | x86_64
|
233
233
|
Arch Linux | | x86_64
|
234
|
+
HP-UX | 11.31 | ia64
|
234
235
|
|
235
236
|
* For Windows 2008 and 2008 R2 an updated Powershell (Windows Management Framework 5.0) is required.
|
236
237
|
|
@@ -338,7 +339,7 @@ You will require:
|
|
338
339
|
**Run `integration` tests with vagrant:**
|
339
340
|
|
340
341
|
```bash
|
341
|
-
bundle exec kitchen test
|
342
|
+
KITCHEN_YAML=.kitchen.vagrant.yml bundle exec kitchen test
|
342
343
|
```
|
343
344
|
|
344
345
|
**Run `integration` tests with AWS EC2:**
|
@@ -348,8 +349,7 @@ export AWS_ACCESS_KEY_ID=enteryouryourkey
|
|
348
349
|
export AWS_SECRET_ACCESS_KEY=enteryoursecreykey
|
349
350
|
export AWS_KEYPAIR_NAME=enteryoursshkeyid
|
350
351
|
export EC2_SSH_KEY_PATH=~/.ssh/id_aws.pem
|
351
|
-
|
352
|
-
KITCHEN_LOCAL_YAML=.kitchen.ec2.yml bundle exec kitchen test
|
352
|
+
KITCHEN_YAML=.kitchen.ec2.yml bundle exec kitchen test
|
353
353
|
```
|
354
354
|
|
355
355
|
In addition you may need to add your ssh key to `.kitchen.ec2.yml`
|
data/inspec.gemspec
CHANGED
@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
|
|
24
24
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
25
25
|
spec.require_paths = ['lib']
|
26
26
|
|
27
|
-
spec.add_dependency 'train', '>=0.
|
27
|
+
spec.add_dependency 'train', '>=0.16.0', '<1.0'
|
28
28
|
spec.add_dependency 'thor', '~> 0.19'
|
29
29
|
spec.add_dependency 'json', '~> 1.8'
|
30
30
|
spec.add_dependency 'rainbow', '~> 2'
|
@@ -8,10 +8,17 @@ require 'rspec/core/formatters/json_formatter'
|
|
8
8
|
# Vanilla RSpec JSON formatter with a slight extension to show example IDs.
|
9
9
|
# TODO: Remove these lines when RSpec includes the ID natively
|
10
10
|
class InspecRspecVanilla < RSpec::Core::Formatters::JsonFormatter
|
11
|
-
RSpec::Core::Formatters.register self
|
11
|
+
RSpec::Core::Formatters.register self
|
12
12
|
|
13
13
|
private
|
14
14
|
|
15
|
+
# We are cheating and overriding a private method in RSpec's core JsonFormatter.
|
16
|
+
# This is to avoid having to repeat this id functionality in both dump_summary
|
17
|
+
# and dump_profile (both of which call format_example).
|
18
|
+
# See https://github.com/rspec/rspec-core/blob/master/lib/rspec/core/formatters/json_formatter.rb
|
19
|
+
#
|
20
|
+
# rspec's example id here corresponds to an inspec test's control name -
|
21
|
+
# either explicitly specified or auto-generated by rspec itself.
|
15
22
|
def format_example(example)
|
16
23
|
res = super(example)
|
17
24
|
res[:id] = example.metadata[:id]
|
@@ -22,8 +29,11 @@ end
|
|
22
29
|
# Minimal JSON formatter for inspec. Only contains limited information about
|
23
30
|
# examples without any extras.
|
24
31
|
class InspecRspecMiniJson < RSpec::Core::Formatters::JsonFormatter
|
25
|
-
|
32
|
+
# Don't re-register all the call-backs over and over - we automatically
|
33
|
+
# inherit all callbacks registered by the parent class.
|
34
|
+
RSpec::Core::Formatters.register self, :dump_summary, :stop
|
26
35
|
|
36
|
+
# Called after stop has been called and the run is complete.
|
27
37
|
def dump_summary(summary)
|
28
38
|
@output_hash[:version] = Inspec::VERSION
|
29
39
|
@output_hash[:summary] = {
|
@@ -34,7 +44,12 @@ class InspecRspecMiniJson < RSpec::Core::Formatters::JsonFormatter
|
|
34
44
|
}
|
35
45
|
end
|
36
46
|
|
47
|
+
# Called at the end of a complete RSpec run.
|
37
48
|
def stop(notification)
|
49
|
+
# This might be a bit confusing. The results are not actually organized
|
50
|
+
# by control. It is organized by test. So if a control has 3 tests, the
|
51
|
+
# output will have 3 control entries, each one with the same control id
|
52
|
+
# and different test results. An rspec example maps to an inspec test.
|
38
53
|
@output_hash[:controls] = notification.examples.map do |example|
|
39
54
|
format_example(example).tap do |hash|
|
40
55
|
e = example.exception
|
@@ -72,19 +87,30 @@ class InspecRspecMiniJson < RSpec::Core::Formatters::JsonFormatter
|
|
72
87
|
end
|
73
88
|
|
74
89
|
class InspecRspecJson < InspecRspecMiniJson
|
75
|
-
RSpec::Core::Formatters.register self, :
|
90
|
+
RSpec::Core::Formatters.register self, :start, :stop, :dump_summary
|
76
91
|
attr_writer :backend
|
77
92
|
|
78
93
|
def initialize(*args)
|
79
94
|
super(*args)
|
80
95
|
@profiles = []
|
96
|
+
# Will be valid after "start" state is reached.
|
97
|
+
@profiles_info = nil
|
81
98
|
@backend = nil
|
82
99
|
end
|
83
100
|
|
101
|
+
# Called by the runner during example collection.
|
84
102
|
def add_profile(profile)
|
85
103
|
@profiles.push(profile)
|
86
104
|
end
|
87
105
|
|
106
|
+
# Called after all examples have been collected but before rspec
|
107
|
+
# test execution has begun.
|
108
|
+
def start(_notification)
|
109
|
+
# Note that the default profile may have no name - therefore
|
110
|
+
# the hash may have a valid nil => entry.
|
111
|
+
@profiles_info ||= Hash[@profiles.map { |x| profile_info(x) }]
|
112
|
+
end
|
113
|
+
|
88
114
|
def dump_one_example(example, control)
|
89
115
|
control[:results] ||= []
|
90
116
|
example.delete(:id)
|
@@ -92,29 +118,52 @@ class InspecRspecJson < InspecRspecMiniJson
|
|
92
118
|
control[:results].push(example)
|
93
119
|
end
|
94
120
|
|
95
|
-
def
|
96
|
-
|
97
|
-
[info[:name], info]
|
98
|
-
end
|
99
|
-
|
100
|
-
def dump_summary(summary)
|
101
|
-
super(summary)
|
121
|
+
def stop(notification)
|
122
|
+
super(notification)
|
102
123
|
examples = @output_hash.delete(:controls)
|
103
|
-
profiles = Hash[@profiles.map { |x| profile_info(x) }]
|
104
124
|
missing = []
|
105
125
|
|
106
126
|
examples.each do |example|
|
107
|
-
control = example2control(example,
|
127
|
+
control = example2control(example, @profiles_info)
|
108
128
|
next missing.push(example) if control.nil?
|
109
129
|
dump_one_example(example, control)
|
110
130
|
end
|
111
131
|
|
112
|
-
@output_hash[:profiles] =
|
132
|
+
@output_hash[:profiles] = @profiles_info
|
113
133
|
@output_hash[:other_checks] = missing
|
114
134
|
end
|
115
135
|
|
136
|
+
def dump_summary(summary)
|
137
|
+
super(summary)
|
138
|
+
total = 0
|
139
|
+
failed = 0
|
140
|
+
skipped = 0
|
141
|
+
passed = 0
|
142
|
+
|
143
|
+
@profiles_info.each do |_name, profile|
|
144
|
+
total += profile[:controls].length
|
145
|
+
profile[:controls].each do |_control_name, control|
|
146
|
+
next unless control[:results]
|
147
|
+
if control[:results].any? { |r| r[:status] == 'failed' }
|
148
|
+
failed += 1
|
149
|
+
elsif control[:results].any? { |r| r[:status] == 'skipped' }
|
150
|
+
skipped += 1
|
151
|
+
else
|
152
|
+
passed += 1
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
156
|
+
|
157
|
+
# TODO: provide this information in the output
|
158
|
+
end
|
159
|
+
|
116
160
|
private
|
117
161
|
|
162
|
+
def profile_info(profile)
|
163
|
+
info = profile.info.dup
|
164
|
+
[info[:name], info]
|
165
|
+
end
|
166
|
+
|
118
167
|
def example2control(example, profiles)
|
119
168
|
profile = profiles[example[:profile_id]]
|
120
169
|
return nil if profile.nil? || profile[:controls].nil?
|
@@ -130,7 +179,7 @@ class InspecRspecJson < InspecRspecMiniJson
|
|
130
179
|
end
|
131
180
|
|
132
181
|
class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
|
133
|
-
RSpec::Core::Formatters.register self, :
|
182
|
+
RSpec::Core::Formatters.register self, :close
|
134
183
|
|
135
184
|
STATUS_TYPES = {
|
136
185
|
'unknown' => -3,
|
@@ -169,6 +218,8 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
|
|
169
218
|
'empty' => ' ',
|
170
219
|
}.freeze
|
171
220
|
|
221
|
+
MULTI_TEST_CONTROL_SUMMARY_MAX_LEN = 60
|
222
|
+
|
172
223
|
def initialize(*args)
|
173
224
|
@colors = COLORS
|
174
225
|
@indicators = INDICATORS
|
@@ -181,10 +232,6 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
|
|
181
232
|
super(*args)
|
182
233
|
end
|
183
234
|
|
184
|
-
def start(_notification)
|
185
|
-
@profiles_info ||= Hash[@profiles.map { |x| profile_info(x) }]
|
186
|
-
end
|
187
|
-
|
188
235
|
def close(_notification)
|
189
236
|
flush_current_control
|
190
237
|
output.puts('') unless @current_control.nil?
|
@@ -236,24 +283,50 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
|
|
236
283
|
[fails, skips, STATUS_TYPES.key(summary_status)]
|
237
284
|
end
|
238
285
|
|
239
|
-
def
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
286
|
+
def current_control_title
|
287
|
+
title = @current_control[:title]
|
288
|
+
res = @current_control[:results]
|
289
|
+
if title
|
290
|
+
title
|
291
|
+
elsif res.length == 1
|
292
|
+
# If it's an anonymous control, just go with the only description
|
293
|
+
# available for the underlying test.
|
294
|
+
res[0][:code_desc].to_s
|
295
|
+
elsif res.length == 0
|
296
|
+
# Empty control block - if it's anonymous, there's nothing we can do.
|
297
|
+
# Is this case even possible?
|
298
|
+
'Empty anonymous control'
|
299
|
+
else
|
300
|
+
# Multiple tests - but no title. Do our best and generate some form of
|
301
|
+
# identifier or label or name.
|
302
|
+
title = (res.map { |r| r[:code_desc] }).join('; ')
|
303
|
+
max_len = MULTI_TEST_CONTROL_SUMMARY_MAX_LEN
|
304
|
+
title = title[0..(max_len-1)] + '...' if title.length > max_len
|
305
|
+
title
|
249
306
|
end
|
307
|
+
end
|
250
308
|
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
309
|
+
def current_control_summary(fails, skips)
|
310
|
+
title = current_control_title
|
311
|
+
res = @current_control[:results]
|
312
|
+
suffix =
|
313
|
+
if res.length == 1
|
314
|
+
# Single test - be nice and just print the exception message if the test
|
315
|
+
# failed. No need to say "1 failed".
|
316
|
+
fails.clear
|
317
|
+
skips.clear
|
318
|
+
res[0][:message].to_s
|
319
|
+
else
|
320
|
+
[
|
321
|
+
(fails.length > 0) ? "#{fails.length} failed" : nil,
|
322
|
+
(skips.length > 0) ? "#{skips.length} skipped" : nil,
|
323
|
+
].compact.join(' ')
|
324
|
+
end
|
325
|
+
if suffix == ''
|
326
|
+
title
|
327
|
+
else
|
328
|
+
title + ' (' + suffix + ')'
|
329
|
+
end
|
257
330
|
end
|
258
331
|
|
259
332
|
def format_line(fields)
|
data/lib/inspec/runner.rb
CHANGED
data/lib/inspec/version.rb
CHANGED
data/lib/resources/apache.rb
CHANGED
@@ -10,8 +10,7 @@ module Inspec::Resources
|
|
10
10
|
|
11
11
|
attr_reader :service, :conf_dir, :conf_path, :user
|
12
12
|
def initialize
|
13
|
-
|
14
|
-
when 'ubuntu', 'debian'
|
13
|
+
if inspec.os.debian?
|
15
14
|
@service = 'apache2'
|
16
15
|
@conf_dir = '/etc/apache2/'
|
17
16
|
@conf_path = File.join @conf_dir, 'apache2.conf'
|
@@ -80,7 +80,7 @@ module Inspec::Resources
|
|
80
80
|
|
81
81
|
if @content =~ /^LIST_RULES:/
|
82
82
|
# do not warn on centos 5
|
83
|
-
unless inspec.os[:
|
83
|
+
unless inspec.os[:name] == 'centos' && inspec.os[:release].to_i == 5
|
84
84
|
warn '[WARN] this version of auditd is outdated. Updating it allows for using more precise matchers.'
|
85
85
|
end
|
86
86
|
@legacy = AuditdRulesLegacy.new(@content)
|
data/lib/resources/command.rb
CHANGED
@@ -45,7 +45,7 @@ module Inspec::Resources
|
|
45
45
|
|
46
46
|
def exist?
|
47
47
|
# silent for mock resources
|
48
|
-
return false if inspec.os[:
|
48
|
+
return false if inspec.os[:name].to_s == 'unknown'
|
49
49
|
|
50
50
|
if inspec.os.linux?
|
51
51
|
res = inspec.backend.run_command("bash -c 'type \"#{@command}\"'")
|
@@ -54,7 +54,7 @@ module Inspec::Resources
|
|
54
54
|
elsif inspec.os.unix?
|
55
55
|
res = inspec.backend.run_command("type \"#{@command}\"")
|
56
56
|
else
|
57
|
-
warn "`command(#{@command}).exist?` is not suported on your OS: #{inspec.os[:
|
57
|
+
warn "`command(#{@command}).exist?` is not suported on your OS: #{inspec.os[:name]}"
|
58
58
|
return false
|
59
59
|
end
|
60
60
|
res.exit_status.to_i == 0
|
data/lib/resources/grub_conf.rb
CHANGED
@@ -21,28 +21,40 @@ class GrubConfig < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
|
|
21
21
|
end
|
22
22
|
"
|
23
23
|
|
24
|
+
class UnknownGrubConfig < StandardError; end
|
25
|
+
|
24
26
|
def initialize(path = nil, kernel = nil)
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
27
|
+
config_for_platform(path)
|
28
|
+
@kernel = kernel || 'default'
|
29
|
+
rescue UnknownGrubConfig
|
30
|
+
return skip_resource 'The `grub_config` resource is not supported on your OS yet.'
|
31
|
+
end
|
32
|
+
|
33
|
+
def config_for_platform(path)
|
34
|
+
os = inspec.os
|
35
|
+
if os.redhat? || os[:name] == 'fedora'
|
36
|
+
config_for_redhatish(path)
|
37
|
+
elsif os.debian?
|
38
|
+
@conf_path = path || '/boot/grub/grub.cfg'
|
39
|
+
@defaults_path = '/etc/default/grub'
|
40
|
+
@version = 'grub2'
|
41
|
+
elsif os[:name] == 'amazon' # rubocop:disable Style/GuardClause
|
42
|
+
@conf_path = path || '/etc/grub.conf'
|
43
|
+
@version = 'legacy'
|
44
|
+
else
|
45
|
+
fail UnknownGrubConfig
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def config_for_redhatish(path)
|
50
|
+
if inspec.os[:release].to_f < 7
|
51
|
+
@conf_path = path || '/etc/grub.conf'
|
52
|
+
@version = 'legacy'
|
53
|
+
else
|
39
54
|
@conf_path = path || '/boot/grub/grub.cfg'
|
40
55
|
@defaults_path = '/etc/default/grub'
|
41
56
|
@version = 'grub2'
|
42
|
-
supported = true
|
43
57
|
end
|
44
|
-
@kernel = kernel || 'default'
|
45
|
-
return skip_resource 'The `grub_config` resource is not supported on your OS yet.' if supported.nil?
|
46
58
|
end
|
47
59
|
|
48
60
|
def method_missing(name)
|