RubyGems - inspec - Versions diffs - 0.9.0 - Mend

inspec 0.9.0

Files changed (247) hide show

checksums.yaml +7 -0
data/.gitignore +8 -0
data/.rubocop.yml +65 -0
data/.travis.yml +23 -0
data/CHANGELOG.md +38 -0
data/Gemfile +33 -0
data/LICENSE +201 -0
data/MAINTAINERS.md +28 -0
data/MAINTAINERS.toml +42 -0
data/README.md +257 -0
data/Rakefile +47 -0
data/bin/inspec +109 -0
data/docs/ctl_inspec.rst +195 -0
data/docs/dsl_inspec.rst +182 -0
data/docs/readme.rst +100 -0
data/docs/resources.rst +4319 -0
data/docs/template.rst +51 -0
data/examples/test-kitchen/.kitchen.yml +20 -0
data/examples/test-kitchen/Berksfile +3 -0
data/examples/test-kitchen/Gemfile +21 -0
data/examples/test-kitchen/README.md +27 -0
data/examples/test-kitchen/metadata.rb +7 -0
data/examples/test-kitchen/recipes/default.rb +6 -0
data/examples/test-kitchen/recipes/nginx.rb +30 -0
data/examples/test-kitchen/test/integration/default/web_spec.rb +28 -0
data/inspec.gemspec +30 -0
data/lib/inspec.rb +20 -0
data/lib/inspec/backend.rb +42 -0
data/lib/inspec/dsl.rb +151 -0
data/lib/inspec/log.rb +34 -0
data/lib/inspec/metadata.rb +79 -0
data/lib/inspec/plugins.rb +9 -0
data/lib/inspec/plugins/resource.rb +62 -0
data/lib/inspec/profile.rb +138 -0
data/lib/inspec/profile_context.rb +170 -0
data/lib/inspec/resource.rb +76 -0
data/lib/inspec/rspec_json_formatter.rb +27 -0
data/lib/inspec/rule.rb +170 -0
data/lib/inspec/runner.rb +154 -0
data/lib/inspec/shell.rb +66 -0
data/lib/inspec/targets.rb +9 -0
data/lib/inspec/targets/core.rb +27 -0
data/lib/inspec/targets/dir.rb +67 -0
data/lib/inspec/targets/file.rb +29 -0
data/lib/inspec/targets/folder.rb +43 -0
data/lib/inspec/targets/tar.rb +34 -0
data/lib/inspec/targets/url.rb +39 -0
data/lib/inspec/targets/zip.rb +47 -0
data/lib/inspec/version.rb +7 -0
data/lib/matchers/matchers.rb +221 -0
data/lib/resources/apache.rb +29 -0
data/lib/resources/apache_conf.rb +113 -0
data/lib/resources/apt.rb +140 -0
data/lib/resources/audit_policy.rb +63 -0
data/lib/resources/auditd_conf.rb +56 -0
data/lib/resources/auditd_rules.rb +53 -0
data/lib/resources/bond.rb +65 -0
data/lib/resources/bridge.rb +114 -0
data/lib/resources/command.rb +57 -0
data/lib/resources/csv.rb +32 -0
data/lib/resources/directory.rb +15 -0
data/lib/resources/etc_group.rb +150 -0
data/lib/resources/file.rb +110 -0
data/lib/resources/gem.rb +46 -0
data/lib/resources/group.rb +132 -0
data/lib/resources/host.rb +143 -0
data/lib/resources/inetd_conf.rb +56 -0
data/lib/resources/interface.rb +127 -0
data/lib/resources/iptables.rb +65 -0
data/lib/resources/json.rb +64 -0
data/lib/resources/kernel_module.rb +40 -0
data/lib/resources/kernel_parameter.rb +55 -0
data/lib/resources/limits_conf.rb +55 -0
data/lib/resources/login_def.rb +60 -0
data/lib/resources/mysql.rb +81 -0
data/lib/resources/mysql_conf.rb +116 -0
data/lib/resources/mysql_session.rb +52 -0
data/lib/resources/npm.rb +44 -0
data/lib/resources/ntp_conf.rb +58 -0
data/lib/resources/oneget.rb +63 -0
data/lib/resources/os.rb +22 -0
data/lib/resources/os_env.rb +34 -0
data/lib/resources/package.rb +169 -0
data/lib/resources/parse_config.rb +75 -0
data/lib/resources/passwd.rb +93 -0
data/lib/resources/pip.rb +75 -0
data/lib/resources/port.rb +296 -0
data/lib/resources/postgres.rb +37 -0
data/lib/resources/postgres_conf.rb +87 -0
data/lib/resources/postgres_session.rb +59 -0
data/lib/resources/processes.rb +57 -0
data/lib/resources/registry_key.rb +54 -0
data/lib/resources/script.rb +34 -0
data/lib/resources/security_policy.rb +73 -0
data/lib/resources/service.rb +379 -0
data/lib/resources/ssh_conf.rb +75 -0
data/lib/resources/user.rb +374 -0
data/lib/resources/windows_feature.rb +77 -0
data/lib/resources/yaml.rb +23 -0
data/lib/resources/yum.rb +154 -0
data/lib/utils/convert.rb +12 -0
data/lib/utils/detect.rb +15 -0
data/lib/utils/find_files.rb +36 -0
data/lib/utils/hash.rb +13 -0
data/lib/utils/modulator.rb +12 -0
data/lib/utils/parser.rb +61 -0
data/lib/utils/simpleconfig.rb +115 -0
data/tasks/maintainers.rb +213 -0
data/test/docker_run.rb +156 -0
data/test/docker_test.rb +51 -0
data/test/helper.rb +200 -0
data/test/integration/.kitchen.yml +42 -0
data/test/integration/Berksfile +4 -0
data/test/integration/cookbooks/os_prepare/metadata.rb +8 -0
data/test/integration/cookbooks/os_prepare/recipes/apt.rb +20 -0
data/test/integration/cookbooks/os_prepare/recipes/default.rb +9 -0
data/test/integration/cookbooks/os_prepare/recipes/file.rb +21 -0
data/test/integration/cookbooks/os_prepare/recipes/package.rb +26 -0
data/test/integration/default/_debug_spec.rb +1 -0
data/test/integration/default/apt_spec.rb +42 -0
data/test/integration/default/file_spec.rb +109 -0
data/test/integration/default/group_spec.rb +32 -0
data/test/integration/default/kernel_module_spec.rb +17 -0
data/test/integration/default/kernel_parameter_spec.rb +56 -0
data/test/integration/default/package_spec.rb +11 -0
data/test/integration/default/service_spec.rb +28 -0
data/test/integration/default/user_spec.rb +44 -0
data/test/resource/command_test.rb +33 -0
data/test/resource/dsl_test.rb +45 -0
data/test/resource/file_test.rb +130 -0
data/test/resource/ssh_config.rb +9 -0
data/test/resource/sshd_config.rb +9 -0
data/test/test-extra.yaml +11 -0
data/test/test.yaml +11 -0
data/test/unit/mock/cmd/Get-NetAdapter +24 -0
data/test/unit/mock/cmd/GetUserAccount +33 -0
data/test/unit/mock/cmd/GetWin32Group +23 -0
data/test/unit/mock/cmd/PATH +1 -0
data/test/unit/mock/cmd/Resolve-DnsName +26 -0
data/test/unit/mock/cmd/Test-NetConnection +4 -0
data/test/unit/mock/cmd/auditctl +7 -0
data/test/unit/mock/cmd/auditpol +2 -0
data/test/unit/mock/cmd/brew-info-jq +1 -0
data/test/unit/mock/cmd/chage-l-root +7 -0
data/test/unit/mock/cmd/dpkg-s-curl +21 -0
data/test/unit/mock/cmd/dscl +5 -0
data/test/unit/mock/cmd/etc-apt +7 -0
data/test/unit/mock/cmd/find-etc-rc-d-name-S +12 -0
data/test/unit/mock/cmd/find-net-interface +9 -0
data/test/unit/mock/cmd/gem-list-local-a-q-rubocop +1 -0
data/test/unit/mock/cmd/get-net-tcpconnection +24 -0
data/test/unit/mock/cmd/get-netadapter-binding-bridge +4 -0
data/test/unit/mock/cmd/get-package-firefox +30 -0
data/test/unit/mock/cmd/get-package-ruby +18 -0
data/test/unit/mock/cmd/get-service-dhcp +10 -0
data/test/unit/mock/cmd/get-windows-feature +7 -0
data/test/unit/mock/cmd/getent-hosts-example.com +1 -0
data/test/unit/mock/cmd/getent-passwd-root +1 -0
data/test/unit/mock/cmd/id-chartmann +1 -0
data/test/unit/mock/cmd/id-root +1 -0
data/test/unit/mock/cmd/initctl-show-config-ssh +3 -0
data/test/unit/mock/cmd/initctl-status-ssh +1 -0
data/test/unit/mock/cmd/iptables-s +6 -0
data/test/unit/mock/cmd/launchctl-list +3 -0
data/test/unit/mock/cmd/ls-1-etc-init.d +2 -0
data/test/unit/mock/cmd/ls-sys-class-net-br +2 -0
data/test/unit/mock/cmd/lsmod +2 -0
data/test/unit/mock/cmd/lsof-np-itcp +4 -0
data/test/unit/mock/cmd/netstat-tulpen +5 -0
data/test/unit/mock/cmd/npm-ls-g--json-bower +9 -0
data/test/unit/mock/cmd/pacman-qi-curl +21 -0
data/test/unit/mock/cmd/ping-example.com +6 -0
data/test/unit/mock/cmd/pip-show-jinja2 +11 -0
data/test/unit/mock/cmd/ps-aux +3 -0
data/test/unit/mock/cmd/pw-usershow-root-7 +1 -0
data/test/unit/mock/cmd/reg_schedule +1 -0
data/test/unit/mock/cmd/rpm-qia-curl +24 -0
data/test/unit/mock/cmd/sbin_sysctl +1 -0
data/test/unit/mock/cmd/secedit-export +7 -0
data/test/unit/mock/cmd/service-e +2 -0
data/test/unit/mock/cmd/service-sendmail-onestatus +3 -0
data/test/unit/mock/cmd/service-sshd-status +1 -0
data/test/unit/mock/cmd/sockstat +5 -0
data/test/unit/mock/cmd/success +0 -0
data/test/unit/mock/cmd/systemctl-show-all-sshd +6 -0
data/test/unit/mock/cmd/win32_product +8 -0
data/test/unit/mock/cmd/yum-repolist-all +52 -0
data/test/unit/mock/files/auditd.conf +4 -0
data/test/unit/mock/files/bond0 +37 -0
data/test/unit/mock/files/etcgroup +3 -0
data/test/unit/mock/files/example.csv +6 -0
data/test/unit/mock/files/inetd.conf +2 -0
data/test/unit/mock/files/kitchen.yml +7 -0
data/test/unit/mock/files/limits.conf +5 -0
data/test/unit/mock/files/login.defs +5 -0
data/test/unit/mock/files/mysql.conf +8 -0
data/test/unit/mock/files/mysql2.conf +2 -0
data/test/unit/mock/files/ntp.conf +5 -0
data/test/unit/mock/files/passwd +2 -0
data/test/unit/mock/files/policyfile.lock.json +12 -0
data/test/unit/mock/files/ssh_config +5 -0
data/test/unit/mock/files/sshd_config +7 -0
data/test/unit/mock/profiles/empty/metadata.rb +0 -0
data/test/unit/mock/profiles/metadata/metadata.rb +1 -0
data/test/unit/profile_context_test.rb +140 -0
data/test/unit/profile_test.rb +49 -0
data/test/unit/resources/apt_test.rb +46 -0
data/test/unit/resources/audit_policy_test.rb +13 -0
data/test/unit/resources/auditd_conf_test.rb +15 -0
data/test/unit/resources/auditd_rules_test.rb +21 -0
data/test/unit/resources/bond_test.rb +24 -0
data/test/unit/resources/bridge_test.rb +56 -0
data/test/unit/resources/csv_test.rb +35 -0
data/test/unit/resources/etc_group_test.rb +37 -0
data/test/unit/resources/gem_test.rb +20 -0
data/test/unit/resources/group_test.rb +96 -0
data/test/unit/resources/host_test.rb +38 -0
data/test/unit/resources/inetd_conf_test.rb +15 -0
data/test/unit/resources/interface_test.rb +54 -0
data/test/unit/resources/iptables_test.rb +30 -0
data/test/unit/resources/json_test.rb +36 -0
data/test/unit/resources/kernel_module_test.rb +23 -0
data/test/unit/resources/kernel_parameter_test.rb +13 -0
data/test/unit/resources/limits_conf_test.rb +14 -0
data/test/unit/resources/login_def_test.rb +16 -0
data/test/unit/resources/mysql_conf_test.rb +14 -0
data/test/unit/resources/npm_test.rb +20 -0
data/test/unit/resources/ntp_conf_test.rb +16 -0
data/test/unit/resources/oneget_test.rb +45 -0
data/test/unit/resources/os_env_test.rb +13 -0
data/test/unit/resources/package_test.rb +51 -0
data/test/unit/resources/passwd_test.rb +24 -0
data/test/unit/resources/pip_test.rb +15 -0
data/test/unit/resources/port_test.rb +46 -0
data/test/unit/resources/processes_test.rb +32 -0
data/test/unit/resources/registry_key_test.rb +19 -0
data/test/unit/resources/script_test.rb +19 -0
data/test/unit/resources/security_policy_test.rb +16 -0
data/test/unit/resources/service_test.rb +116 -0
data/test/unit/resources/ssh_conf_test.rb +33 -0
data/test/unit/resources/user_test.rb +93 -0
data/test/unit/resources/windows_feature.rb +17 -0
data/test/unit/resources/yaml_test.rb +34 -0
data/test/unit/resources/yum_test.rb +68 -0
data/test/unit/simpleconfig_test.rb +80 -0
data/test/unit/utils/content_parser_test.rb +30 -0
metadata +555 -0

data/lib/resources/mysql_session.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# encoding: utf-8
+# copyright: 2015, Vulcano Security GmbH
+# author: Dominik Richter
+# author: Christoph Hartmann
+# license: All rights reserved
+class MysqlSession < Inspec.resource(1)
+  name 'mysql_session'
+  def initialize(user = nil, pass = nil)
+    @user = user
+    @pass = pass
+    init_fallback if user.nil? or pass.nil?
+    skip_resource("Can't run MySQL SQL checks without authentication") if @user.nil? or @pass.nil?
+  end
+  def query(q, db = '')
+    # TODO: simple escape, must be handled by a library
+    # that does this securely
+    escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
+    # run the query
+    cmd = inspec.command("mysql -u#{@user} -p#{@pass} #{db} -s -e \"#{escaped_query}\"")
+    out = cmd.stdout + "\n" + cmd.stderr
+    if out =~ /Can't connect to .* MySQL server/ or
+       out.downcase =~ /^error/
+      # skip this test if the server can't run the query
+      skip_resource("Can't connect to MySQL instance for SQL checks.")
+    end
+    # return the raw command output
+    cmd
+  end
+  def to_s
+    'MySQL Session'
+  end
+  private
+  def init_fallback
+    # support debian mysql administration login
+    debian = inspec.command('test -f /etc/mysql/debian.cnf && cat /etc/mysql/debian.cnf').stdout
+    return if debian.empty?
+    user = debian.match(/^\s*user\s*=\s*([^ ]*)\s*$/)
+    pass = debian.match(/^\s*password\s*=\s*([^ ]*)\s*$/)
+    return if user.nil? or pass.nil?
+    @user = user[1]
+    @pass = pass[1]
+  end
+end

data/lib/resources/npm.rb ADDED Viewed

@@ -0,0 +1,44 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+# Usage:
+# describe npm('bower') do
+#   it { should be_installed }
+# end
+class NpmPackage < Inspec.resource(1)
+  name 'npm'
+  def initialize(package_name)
+    @package_name = package_name
+    @cache = nil
+  end
+  def info
+    return @info if defined?(@info)
+    cmd = inspec.command("npm ls -g --json #{@package_name}")
+    @info = {
+      name: @package_name,
+      type: 'npm',
+      installed: cmd.exit_status == 0,
+    }
+    return @info unless @info[:installed]
+    pkgs = JSON.parse(cmd.stdout)
+    @info[:version] = pkgs['dependencies'][@package_name]['version']
+    @info
+  end
+  def installed?
+    info[:installed] == true
+  end
+  def version
+    info[:version]
+  end
+  def to_s
+    "Npm Package #{@package_name}"
+  end
+end

data/lib/resources/ntp_conf.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# encoding: utf-8
+# copyright: 2015, Vulcano Security GmbH
+# author: Christoph Hartmann
+# author: Dominik Richter
+# license: All rights reserved
+require 'utils/simpleconfig'
+# Usage:
+#
+# describe ntp_conf do
+#   its('server') { should_not eq nil }
+#   its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
+# end
+class NtpConf < Inspec.resource(1)
+  name 'ntp_conf'
+  def initialize(path = nil)
+    @conf_path = path || '/etc/ntp.conf'
+  end
+  def method_missing(name)
+    param = read_params[name.to_s]
+    # extract first value if we have only one value in array
+    return param[0] if param.is_a?(Array) and param.length == 1
+    param
+  end
+  def to_s
+    'ntp.conf'
+  end
+  private
+  def read_params
+    return @params if defined?(@params)
+    if !inspec.file(@conf_path).file?
+      skip_resource "Can't find file \"#{@conf_path}\""
+      return @params = {}
+    end
+    content = inspec.file(@conf_path).content
+    if content.empty? && inspec.file(@conf_path).size > 0
+      skip_resource "Can't read file \"#{@conf_path}\""
+      return @params = {}
+    end
+    # parse the file
+    conf = SimpleConfig.new(
+      content,
+      assignment_re: /^\s*(\S+)\s+(.*)\s*$/,
+      multiple_values: true,
+    )
+    @params = conf.params
+  end
+end

data/lib/resources/oneget.rb ADDED Viewed

@@ -0,0 +1,63 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+# This resource talks with OneGet (https://github.com/OneGet/oneget)
+# Its part of Windows Management Framework 5.0 and part of Windows 10
+#
+# Usage:
+# describe oneget('zoomit') do
+#   it { should be_installed }
+# end
+class OneGetPackage < Inspec.resource(1)
+  name 'oneget'
+  def initialize(package_name)
+    @package_name = package_name
+    # verify that this resource is only supported on Windows
+    return skip_resource 'The `oneget` resource is not supported on your OS.' if inspec.os[:family] != 'windows'
+  end
+  def info
+    return @info if defined?(@info)
+    @info = {}
+    @info[:type] = 'oneget'
+    @info[:installed] = false
+    cmd = inspec.command("Get-Package -Name '#{@package_name}' | ConvertTo-Json")
+    # cannot rely on exit code for now, successful command returns exit code 1
+    # return nil if cmd.exit_status != 0
+    # try to parse json
+    begin
+      pkgs = JSON.parse(cmd.stdout)
+      @info[:installed] = true
+      # sometimes we get multiple values
+      if pkgs.is_a?(Array)
+        # select the first entry
+        pkgs = pkgs.first
+      end
+    rescue JSON::ParserError => _e
+      return @info
+    end
+    @info[:name] = pkgs['Name'] if pkgs.key?('Name')
+    @info[:version] = pkgs['Version'] if pkgs.key?('Version')
+    @info
+  end
+  def installed?
+    info[:installed] == true
+  end
+  def version
+    info[:version]
+  end
+  def to_s
+    "OneGet Package #{@package_name}"
+  end
+end

data/lib/resources/os.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+class OS < Inspec.resource(1)
+  name 'os'
+  # reuse helper methods from backend
+  %w{redhat? debian? suse? bsd? solaris? linux? unix? windows?}.each do |os_family|
+    define_method((os_family).to_sym) do
+      inspec.backend.os.send(os_family)
+    end
+  end
+  def [](name)
+    inspec.backend.os[name]
+  end
+  def to_s
+    'Operating System Detection'
+  end
+end

data/lib/resources/os_env.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# encoding: utf-8
+# copyright: 2015, Vulcano Security GmbH
+# author: Christoph Hartmann
+# author: Dominik Richter
+# license: All rights reserved
+# Usage:
+#
+# describe os_env('PATH') do
+#   its(:split) { should_not include('') }
+#   its(:split) { should_not include('.') }
+# end
+class OsEnv < Inspec.resource(1)
+  name 'os_env'
+  attr_reader :content
+  def initialize(env)
+    @osenv = env
+    cmd = inspec.command("su - root -c 'echo $#{env}'")
+    @content = cmd.stdout.chomp
+    @content = nil if cmd.exit_status != 0
+  end
+  def split
+    # -1 is required to catch cases like dir1::dir2:
+    # where we have a trailing :
+    @content.nil? ? [] : @content.split(':', -1)
+  end
+  def to_s
+    "Environment Variable #{@osenv}"
+  end
+end

data/lib/resources/package.rb ADDED Viewed

@@ -0,0 +1,169 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+# Resource to determine package information
+#
+# Usage:
+# describe package('nginx') do
+#   it { should be_installed }
+# end
+class Package < Inspec.resource(1)
+  name 'package'
+  def initialize(package_name = nil)
+    @package_name = package_name
+    @name = @package_name
+    @cache = nil
+    # select package manager
+    @pkgman = nil
+    case inspec.os[:family]
+    when 'ubuntu', 'debian'
+      @pkgman = Deb.new(inspec)
+    when 'redhat', 'fedora', 'centos', 'opensuse'
+      @pkgman = Rpm.new(inspec)
+    when 'arch'
+      @pkgman = Pacman.new(inspec)
+    when 'darwin'
+      @pkgman = Brew.new(inspec)
+    when 'windows'
+      @pkgman = WindowsPkg.new(inspec)
+    else
+      return skip_resource 'The `package` resource is not supported on your OS yet.'
+    end
+  end
+  # returns true if the package is installed
+  def installed?(_provider = nil, _version = nil)
+    return false if info.nil?
+    info[:installed] == true
+  end
+  # returns the package description
+  def info
+    return @cache if !@cache.nil?
+    return nil if @pkgman.nil?
+    @pkgman.info(@package_name)
+  end
+  # return the package version
+  def version
+    info = @pkgman.info(@package_name)
+    return nil if info.nil?
+    info[:version]
+  end
+  def to_s
+    "System Package #{@package_name}"
+  end
+end
+class PkgManagement
+  attr_reader :inspec
+  def initialize(inspec)
+    @inspec = inspec
+  end
+end
+# Debian / Ubuntu
+class Deb < PkgManagement
+  def info(package_name)
+    cmd = inspec.command("dpkg -s #{package_name}")
+    return nil if cmd.exit_status.to_i != 0
+    params = SimpleConfig.new(
+      cmd.stdout.chomp,
+      assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+      multiple_values: false,
+    ).params
+    {
+      name: params['Package'],
+      installed: true,
+      version: params['Version'],
+      type: 'deb',
+    }
+  end
+end
+# RHEL family
+class Rpm < PkgManagement
+  def info(package_name)
+    cmd = inspec.command("rpm -qia #{package_name}")
+    # CentOS does not return an error code if the package is not installed,
+    # therefore we need to check for emptyness
+    return nil if cmd.exit_status.to_i != 0 || cmd.stdout.chomp.empty?
+    params = SimpleConfig.new(
+      cmd.stdout.chomp,
+      assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+      multiple_values: false,
+    ).params
+    {
+      name: params['Name'],
+      installed: true,
+      version: params['Version'],
+      type: 'rpm',
+    }
+  end
+end
+# MacOS / Darwin implementation
+class Brew < PkgManagement
+  def info(package_name)
+    cmd = inspec.command("brew info --json=v1 #{package_name}")
+    return nil if cmd.exit_status.to_i != 0
+    # parse data
+    pkg = JSON.parse(cmd.stdout)[0]
+    {
+      name: "#{pkg.name}",
+      installed: true,
+      version: "#{pkg.installed.version}",
+      type: 'brew',
+    }
+  end
+end
+# Arch Linux
+class Pacman < PkgManagement
+  def info(package_name)
+    cmd = inspec.command("pacman -Qi #{package_name}")
+    return nil if cmd.exit_status.to_i != 0
+    params = SimpleConfig.new(
+      cmd.stdout.chomp,
+      assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+      multiple_values: false,
+    ).params
+    {
+      name: params['Name'],
+      installed: true,
+      version: params['Version'],
+      type: 'pacman',
+    }
+  end
+end
+# Determines the installed packages on Windows
+# Currently we use 'Get-WmiObject -Class Win32_Product' as a detection method
+# TODO: evaluate if alternative methods as proposed by Microsoft are still valid:
+# @see: http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/15/use-powershell-to-find-installed-software.aspx
+class WindowsPkg < PkgManagement
+  def info(package_name)
+    # Find the package
+    cmd = inspec.command("Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -eq '#{package_name}'} | Select-Object -Property Name,Version,Vendor,PackageCode,Caption,Description | ConvertTo-Json")
+    begin
+      package = JSON.parse(cmd.stdout)
+    rescue JSON::ParserError => _e
+      return nil
+    end
+    {
+      name: package['Name'],
+      installed: true,
+      version: package['Version'],
+      type: 'windows',
+    }
+  end
+end