inspec 1.0.0.beta2 → 1.0.0.beta3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +41 -2
- data/Gemfile +4 -0
- data/Rakefile +2 -1
- data/docs/.gitignore +2 -0
- data/docs/README.md +21 -1
- data/docs/resources/apache_conf.md.erb +75 -0
- data/docs/resources/apt.md.erb +84 -0
- data/docs/resources/audit_policy.md.erb +61 -0
- data/docs/resources/auditd_conf.md.erb +79 -0
- data/docs/resources/auditd_rules.md.erb +132 -0
- data/docs/resources/bash.md.erb +84 -0
- data/docs/resources/bond.md.erb +97 -0
- data/docs/resources/bridge.md.erb +67 -0
- data/docs/resources/bsd_service.md.erb +76 -0
- data/docs/resources/command.md.erb +151 -0
- data/docs/resources/csv.md.erb +62 -0
- data/docs/resources/directory.md.erb +43 -0
- data/docs/resources/etc_group.md.erb +116 -0
- data/docs/resources/etc_passwd.md.erb +155 -0
- data/docs/resources/etc_shadow.md.erb +149 -0
- data/docs/resources/file.md.erb +460 -0
- data/docs/resources/gem.md.erb +73 -0
- data/docs/resources/group.md.erb +74 -0
- data/docs/resources/grub_conf.md.erb +115 -0
- data/docs/resources/host.md.erb +85 -0
- data/docs/resources/iis_site.md.erb +142 -0
- data/docs/resources/inetd_conf.md.erb +99 -0
- data/docs/resources/ini.md.erb +69 -0
- data/docs/resources/interface.md.erb +66 -0
- data/docs/resources/iptables.md.erb +70 -0
- data/docs/resources/json.md.erb +76 -0
- data/docs/resources/kernel_module.md.erb +60 -0
- data/docs/resources/kernel_parameter.md.erb +72 -0
- data/docs/resources/launchd_service.md.erb +76 -0
- data/docs/resources/limits_conf.md.erb +80 -0
- data/docs/resources/login_def.md.erb +77 -0
- data/docs/resources/mount.md.erb +83 -0
- data/docs/resources/mysql_conf.md.erb +102 -0
- data/docs/resources/mysql_session.md.erb +63 -0
- data/docs/resources/npm.md.erb +75 -0
- data/docs/resources/ntp_conf.md.erb +76 -0
- data/docs/resources/oneget.md.erb +67 -0
- data/docs/resources/os.md.erb +154 -0
- data/docs/resources/os_env.md.erb +98 -0
- data/docs/resources/package.md.erb +115 -0
- data/docs/resources/parse_config.md.erb +122 -0
- data/docs/resources/parse_config_file.md.erb +143 -0
- data/docs/resources/pip.md.erb +74 -0
- data/docs/resources/port.md.erb +150 -0
- data/docs/resources/postgres_conf.md.erb +90 -0
- data/docs/resources/postgres_session.md.erb +75 -0
- data/docs/resources/powershell.md.erb +116 -0
- data/docs/resources/process.md.erb +73 -0
- data/docs/resources/registry_key.md.erb +149 -0
- data/docs/resources/runit_service.md.erb +76 -0
- data/docs/resources/security_policy.md.erb +61 -0
- data/docs/resources/service.md.erb +135 -0
- data/docs/resources/ssh_config.md.erb +94 -0
- data/docs/resources/sshd_config.md.erb +97 -0
- data/docs/resources/ssl.md.erb +133 -0
- data/docs/resources/sys_info.md.erb +55 -0
- data/docs/resources/systemd_service.md.erb +76 -0
- data/docs/resources/sysv_service.md.erb +76 -0
- data/docs/resources/upstart_service.md.erb +76 -0
- data/docs/resources/user.md.erb +154 -0
- data/docs/resources/users.md.erb +140 -0
- data/docs/resources/vbscript.md.erb +69 -0
- data/docs/resources/windows_feature.md.erb +61 -0
- data/docs/resources/wmi.md.erb +95 -0
- data/docs/resources/xinetd_conf.md.erb +170 -0
- data/docs/resources/yaml.md.erb +69 -0
- data/docs/resources/yum.md.erb +103 -0
- data/docs/ruby_usage.md +154 -0
- data/docs/shared/matcher_be.md.erb +1 -0
- data/docs/shared/matcher_cmp.md.erb +45 -0
- data/docs/shared/matcher_eq.md.erb +3 -0
- data/docs/shared/matcher_include.md.erb +1 -0
- data/docs/shared/matcher_match.md.erb +1 -0
- data/lib/fetchers/url.rb +27 -29
- data/lib/inspec/cached_fetcher.rb +67 -0
- data/lib/inspec/dependencies/requirement.rb +6 -7
- data/lib/inspec/objects/each_loop.rb +5 -2
- data/lib/inspec/plugins/fetcher.rb +2 -0
- data/lib/inspec/profile.rb +9 -41
- data/lib/inspec/resource.rb +1 -1
- data/lib/inspec/rspec_json_formatter.rb +11 -5
- data/lib/inspec/version.rb +1 -1
- data/lib/resources/groups.rb +190 -0
- data/lib/resources/users.rb +3 -2
- metadata +79 -6
- data/docs/cli.rst +0 -448
- data/docs/resources.rst +0 -4836
- data/docs/ruby_usage.rst +0 -145
- data/lib/resources/group.rb +0 -137
@@ -0,0 +1,150 @@
|
|
1
|
+
---
|
2
|
+
title: About the port Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# port
|
6
|
+
|
7
|
+
Use the `port` InSpec audit resource to test basic port properties, such as port, process, if it's listening.
|
8
|
+
|
9
|
+
# Syntax
|
10
|
+
|
11
|
+
A `port` resource block declares a port, and then depending on what needs to be tested, a process, protocol, process identifier, and its state (is it listening?):
|
12
|
+
|
13
|
+
describe port(514) do
|
14
|
+
it { should be_listening }
|
15
|
+
its('processes') {should include 'syslog'}
|
16
|
+
end
|
17
|
+
|
18
|
+
where the `processes` returns the processes listening on port 514.
|
19
|
+
|
20
|
+
A filter may specify an attribute:
|
21
|
+
|
22
|
+
describe port.where { protocol =~ /tcp/ && port > 22 && port < 80 } do
|
23
|
+
it { should_not be_listening }
|
24
|
+
end
|
25
|
+
|
26
|
+
where
|
27
|
+
|
28
|
+
* `.where{}` specifies a block in which one (or more) attributes---`port`, `address`, `protocol`, `process`, `pid`, or `listening?`----scope the test to ports that match those attributes
|
29
|
+
|
30
|
+
For example, to test if the SSH daemon is available on a Linux machine via the default port (22):
|
31
|
+
|
32
|
+
describe port(22) do
|
33
|
+
its('processes') { should include 'sshd' }
|
34
|
+
its('protocols') { should include 'tcp' }
|
35
|
+
its('addresses') { should include '0.0.0.0' }
|
36
|
+
end
|
37
|
+
|
38
|
+
# Matchers
|
39
|
+
|
40
|
+
This InSpec audit resource has the following matchers:
|
41
|
+
|
42
|
+
## address
|
43
|
+
|
44
|
+
The `addresses` matcher tests if the specified address is associated with a port:
|
45
|
+
|
46
|
+
its('addresses') { should include '0.0.0.0' }
|
47
|
+
|
48
|
+
## be
|
49
|
+
|
50
|
+
<%= partial "/shared/matcher_be" %>
|
51
|
+
|
52
|
+
## be_listening
|
53
|
+
|
54
|
+
The `be_listening` matcher tests if the port is listening for traffic:
|
55
|
+
|
56
|
+
it { should be_listening }
|
57
|
+
|
58
|
+
## cmp
|
59
|
+
|
60
|
+
<%= partial "/shared/matcher_cmp" %>
|
61
|
+
|
62
|
+
## eq
|
63
|
+
|
64
|
+
<%= partial "/shared/matcher_eq" %>
|
65
|
+
|
66
|
+
## include
|
67
|
+
|
68
|
+
<%= partial "/shared/matcher_include" %>
|
69
|
+
|
70
|
+
## match
|
71
|
+
|
72
|
+
<%= partial "/shared/matcher_match" %>
|
73
|
+
|
74
|
+
## pids
|
75
|
+
|
76
|
+
The `pids` matcher tests the process identifiers (PIDs):
|
77
|
+
|
78
|
+
its('pids') { should eq ['27808'] }
|
79
|
+
|
80
|
+
## processes
|
81
|
+
|
82
|
+
The `processes` matcher tests if the named process is running on the system:
|
83
|
+
|
84
|
+
its('processes') { should eq ['syslog'] }
|
85
|
+
|
86
|
+
## protocols
|
87
|
+
|
88
|
+
The `protocols` matcher tests the Internet protocol: ICMP (`'icmp'`), TCP (`'tcp'` or `'tcp6'`), or UDP (`'udp'` or `'udp6'`):
|
89
|
+
|
90
|
+
its('protocols') { should include 'tcp' }
|
91
|
+
|
92
|
+
or for the IPv6 protocol:
|
93
|
+
|
94
|
+
its('protocols') { should include 'tcp6' }
|
95
|
+
|
96
|
+
# Examples
|
97
|
+
|
98
|
+
The following examples show how to use this InSpec audit resource.
|
99
|
+
|
100
|
+
## Test port 80, listening with the TCP protocol
|
101
|
+
|
102
|
+
describe port(80) do
|
103
|
+
it { should be_listening }
|
104
|
+
its('protocols') {should eq ['tcp']}
|
105
|
+
end
|
106
|
+
|
107
|
+
## Test port 80, on a specific address
|
108
|
+
|
109
|
+
A specific port address may be checked using either of the following examples:
|
110
|
+
|
111
|
+
describe port(80) do
|
112
|
+
it { should be_listening }
|
113
|
+
its('addresses') {should include '0.0.0.0'}
|
114
|
+
end
|
115
|
+
|
116
|
+
or:
|
117
|
+
|
118
|
+
describe port('0.0.0.0', 80) do
|
119
|
+
it { should be_listening }
|
120
|
+
end
|
121
|
+
|
122
|
+
## Test port 80, listening with TCP version IPv6 protocol
|
123
|
+
|
124
|
+
describe port(80) do
|
125
|
+
it { should be_listening }
|
126
|
+
its('protocols') {should eq ['tcp6']}
|
127
|
+
end
|
128
|
+
|
129
|
+
## Test that only secure ports accept requests
|
130
|
+
|
131
|
+
describe port(80) do
|
132
|
+
it { should_not be_listening }
|
133
|
+
end
|
134
|
+
|
135
|
+
describe port(443) do
|
136
|
+
it { should be_listening }
|
137
|
+
its('protocols') {should eq ['tcp']}
|
138
|
+
end
|
139
|
+
|
140
|
+
## Verify port 65432 is not listening
|
141
|
+
|
142
|
+
describe port(22) do
|
143
|
+
it { should be_listening }
|
144
|
+
its('protocols') { should include('tcp') }
|
145
|
+
its('protocols') { should_not include('udp') }
|
146
|
+
end
|
147
|
+
|
148
|
+
describe port(65432) do
|
149
|
+
it { should_not be_listening }
|
150
|
+
end
|
@@ -0,0 +1,90 @@
|
|
1
|
+
---
|
2
|
+
title: About the postgres_conf Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# postgres_conf
|
6
|
+
|
7
|
+
Use the `postgres_conf` InSpec audit resource to test the contents of the configuration file for PostgreSQL, typically located at `/etc/postgresql/<version>/main/postgresql.conf` or `/var/lib/postgres/data/postgresql.conf`, depending on the platform.
|
8
|
+
|
9
|
+
# Syntax
|
10
|
+
|
11
|
+
A `postgres_conf` resource block declares one (or more) settings in the `postgresql.conf` file, and then compares the setting in the configuration file to the value stated in the test:
|
12
|
+
|
13
|
+
describe postgres_conf('path') do
|
14
|
+
its('setting') { should eq 'value' }
|
15
|
+
end
|
16
|
+
|
17
|
+
where
|
18
|
+
|
19
|
+
* `'setting'` specifies a setting in the `postgresql.conf` file
|
20
|
+
* `('path')` is the non-default path to the `postgresql.conf` file (optional)
|
21
|
+
* `should eq 'value'` is the value that is expected
|
22
|
+
|
23
|
+
# Matchers
|
24
|
+
|
25
|
+
This InSpec audit resource has the following matchers:
|
26
|
+
|
27
|
+
## be
|
28
|
+
|
29
|
+
<%= partial "/shared/matcher_be" %>
|
30
|
+
|
31
|
+
## cmp
|
32
|
+
|
33
|
+
<%= partial "/shared/matcher_cmp" %>
|
34
|
+
|
35
|
+
## eq
|
36
|
+
|
37
|
+
<%= partial "/shared/matcher_eq" %>
|
38
|
+
|
39
|
+
## include
|
40
|
+
|
41
|
+
<%= partial "/shared/matcher_include" %>
|
42
|
+
|
43
|
+
## match
|
44
|
+
|
45
|
+
<%= partial "/shared/matcher_match" %>
|
46
|
+
|
47
|
+
## setting
|
48
|
+
|
49
|
+
The `setting` matcher tests specific, named settings in the `postgresql.conf` file:
|
50
|
+
|
51
|
+
its('setting') { should eq 'value' }
|
52
|
+
|
53
|
+
Use a `setting` matcher for each setting to be tested.
|
54
|
+
|
55
|
+
# Examples
|
56
|
+
|
57
|
+
The following examples show how to use this InSpec audit resource.
|
58
|
+
|
59
|
+
## Test the maximum number of allowed client connections
|
60
|
+
|
61
|
+
describe postgres_conf do
|
62
|
+
its('max_connections') { should eq '5' }
|
63
|
+
end
|
64
|
+
|
65
|
+
## Test system logging
|
66
|
+
|
67
|
+
describe postgres_conf do
|
68
|
+
its('logging_collector') { should eq 'on' }
|
69
|
+
its('log_connections') { should eq 'on' }
|
70
|
+
its('log_disconnections') { should eq 'on' }
|
71
|
+
its('log_duration') { should eq 'on' }
|
72
|
+
its('log_hostname') { should eq 'on' }
|
73
|
+
its('log_line_prefix') { should eq '%t %u %d %h' }
|
74
|
+
end
|
75
|
+
|
76
|
+
## Test the port on which PostgreSQL listens
|
77
|
+
|
78
|
+
describe postgres_conf do
|
79
|
+
its('port') { should eq '5432' }
|
80
|
+
end
|
81
|
+
|
82
|
+
## Test the Unix socket settings
|
83
|
+
|
84
|
+
describe postgres_conf do
|
85
|
+
its('unix_socket_directories') { should eq '.s.PGSQL.5432' }
|
86
|
+
its('unix_socket_group') { should eq nil }
|
87
|
+
its('unix_socket_permissions') { should eq '0770' }
|
88
|
+
end
|
89
|
+
|
90
|
+
where `unix_socket_group` is set to the PostgreSQL default setting (the group to which the server user belongs).
|
@@ -0,0 +1,75 @@
|
|
1
|
+
---
|
2
|
+
title: About the postgres_session Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# postgres_session
|
6
|
+
|
7
|
+
Use the `postgres_session` InSpec audit resource to test SQL commands run against a PostgreSQL database.
|
8
|
+
|
9
|
+
# Syntax
|
10
|
+
|
11
|
+
A `postgres_session` resource block declares the username and password to use for the session, and then the command to be run:
|
12
|
+
|
13
|
+
sql = postgres_session('username', 'password')
|
14
|
+
|
15
|
+
describe sql.query('SELECT * FROM pg_shadow WHERE passwd IS NULL;') do
|
16
|
+
its('output') { should eq('') }
|
17
|
+
end
|
18
|
+
|
19
|
+
where
|
20
|
+
|
21
|
+
* `sql = postgres_session` declares a username and password with permission to run the query
|
22
|
+
* `sql.query('')` contains the query to be run
|
23
|
+
* `its('output') { should eq('') }` compares the results of the query against the expected result in the test
|
24
|
+
|
25
|
+
# Matchers
|
26
|
+
|
27
|
+
This InSpec audit resource has the following matchers:
|
28
|
+
|
29
|
+
## be
|
30
|
+
|
31
|
+
<%= partial "/shared/matcher_be" %>
|
32
|
+
|
33
|
+
## cmp
|
34
|
+
|
35
|
+
<%= partial "/shared/matcher_cmp" %>
|
36
|
+
|
37
|
+
## eq
|
38
|
+
|
39
|
+
<%= partial "/shared/matcher_eq" %>
|
40
|
+
|
41
|
+
## include
|
42
|
+
|
43
|
+
<%= partial "/shared/matcher_include" %>
|
44
|
+
|
45
|
+
## match
|
46
|
+
|
47
|
+
<%= partial "/shared/matcher_match" %>
|
48
|
+
|
49
|
+
## output
|
50
|
+
|
51
|
+
The `output` matcher tests the results of the query:
|
52
|
+
|
53
|
+
its('output') { should eq(/^0/) }
|
54
|
+
|
55
|
+
# Examples
|
56
|
+
|
57
|
+
The following examples show how to use this InSpec audit resource.
|
58
|
+
|
59
|
+
## Test the PostgreSQL shadow password
|
60
|
+
|
61
|
+
sql = postgres_session('my_user', 'password')
|
62
|
+
|
63
|
+
describe sql.query('SELECT * FROM pg_shadow WHERE passwd IS NULL;') do
|
64
|
+
its('output') { should eq('') }
|
65
|
+
end
|
66
|
+
|
67
|
+
## Test for risky database entries
|
68
|
+
|
69
|
+
describe postgres_session('my_user', 'password').query('SELECT count (*)
|
70
|
+
FROM pg_language
|
71
|
+
WHERE lanpltrusted = \'f\'
|
72
|
+
AND lanname!=\'internal\'
|
73
|
+
AND lanname!=\'c\';') do
|
74
|
+
its('output') { should eq '0' }
|
75
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
---
|
2
|
+
title: About the powershell Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# powershell
|
6
|
+
|
7
|
+
Use the `powershell` InSpec audit resource to test a Powershell script on the Windows platform.
|
8
|
+
|
9
|
+
# Syntax
|
10
|
+
|
11
|
+
A `powershell` resource block declares a Powershell script to be tested, and then compares the output of that command to the matcher in the test:
|
12
|
+
|
13
|
+
script = <<-EOH
|
14
|
+
# a PowerShell script
|
15
|
+
EOH
|
16
|
+
|
17
|
+
describe script(script) do
|
18
|
+
its('matcher') { should eq 'output' }
|
19
|
+
end
|
20
|
+
|
21
|
+
where
|
22
|
+
|
23
|
+
* `'script'` must specify a Powershell script to be run
|
24
|
+
* `'matcher'` is one of `exit_status`, `stderr`, or `stdout`
|
25
|
+
* `'output'` tests the output of the command run on the system versus the output value stated in the test
|
26
|
+
|
27
|
+
|
28
|
+
# Matchers
|
29
|
+
|
30
|
+
This InSpec audit resource has the following matchers:
|
31
|
+
|
32
|
+
## be
|
33
|
+
|
34
|
+
<%= partial "/shared/matcher_be" %>
|
35
|
+
|
36
|
+
## cmp
|
37
|
+
|
38
|
+
<%= partial "/shared/matcher_cmp" %>
|
39
|
+
|
40
|
+
## eq
|
41
|
+
|
42
|
+
<%= partial "/shared/matcher_eq" %>
|
43
|
+
|
44
|
+
## exit_status
|
45
|
+
|
46
|
+
The `exit_status` matcher tests the exit status for the command:
|
47
|
+
|
48
|
+
its('exit_status') { should eq 123 }
|
49
|
+
|
50
|
+
## include
|
51
|
+
|
52
|
+
<%= partial "/shared/matcher_include" %>
|
53
|
+
|
54
|
+
## match
|
55
|
+
|
56
|
+
<%= partial "/shared/matcher_match" %>
|
57
|
+
|
58
|
+
## stderr
|
59
|
+
|
60
|
+
The `stderr` matcher tests results of the command as returned in standard error (stderr):
|
61
|
+
|
62
|
+
its('stderr') { should eq 'error' }
|
63
|
+
|
64
|
+
## stdout
|
65
|
+
|
66
|
+
The `stdout` matcher tests results of the command as returned in standard output (stdout):
|
67
|
+
|
68
|
+
its('stdout') { should eq '/^1$/' }
|
69
|
+
|
70
|
+
# Examples
|
71
|
+
|
72
|
+
The following examples show how to use this InSpec audit resource.
|
73
|
+
|
74
|
+
## Get all groups of Administrator user
|
75
|
+
|
76
|
+
script = <<-EOH
|
77
|
+
# find user
|
78
|
+
$user = Get-WmiObject Win32_UserAccount -filter "Name = 'Administrator'"
|
79
|
+
# get related groups
|
80
|
+
$groups = $user.GetRelated('Win32_Group') | Select-Object -Property Caption, Domain, Name, LocalAccount, SID, SIDType, Status
|
81
|
+
$groups | ConvertTo-Json
|
82
|
+
EOH
|
83
|
+
|
84
|
+
describe powershell(script) do
|
85
|
+
its('stdout') { should_not eq '' }
|
86
|
+
end
|
87
|
+
|
88
|
+
## Write-Output 'hello'
|
89
|
+
|
90
|
+
The following Powershell script:
|
91
|
+
|
92
|
+
script = <<-EOH
|
93
|
+
Write-Output 'hello'
|
94
|
+
EOH
|
95
|
+
|
96
|
+
can be tested in the following ways.
|
97
|
+
|
98
|
+
For a newline:
|
99
|
+
|
100
|
+
describe powershell(script) do
|
101
|
+
its('stdout') { should eq "hello\r\n" }
|
102
|
+
its('stderr') { should eq '' }
|
103
|
+
end
|
104
|
+
|
105
|
+
Removing whitespace `\r\n` from `stdout`:
|
106
|
+
|
107
|
+
describe powershell(script) do
|
108
|
+
its('strip') { should eq "hello" }
|
109
|
+
end
|
110
|
+
|
111
|
+
No newline:
|
112
|
+
|
113
|
+
describe powershell("'hello' | Write-Host -NoNewLine") do
|
114
|
+
its('stdout') { should eq 'hello' }
|
115
|
+
its('stderr') { should eq '' }
|
116
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
---
|
2
|
+
title: About the processes Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# processes
|
6
|
+
|
7
|
+
Use the `processes` InSpec audit resource to test properties for programs that are running on the system.
|
8
|
+
|
9
|
+
# Syntax
|
10
|
+
|
11
|
+
A `processes` resource block declares the name of the process to be tested, and then declares one (or more) property/value pairs:
|
12
|
+
|
13
|
+
describe processes('process_name') do
|
14
|
+
its('property_name') { should eq ['property_value'] }
|
15
|
+
end
|
16
|
+
|
17
|
+
where
|
18
|
+
|
19
|
+
* `processes('process_name')` must specify the name of a process that is running on the system
|
20
|
+
* `property_name` may be used to test user (`its('users')`) and state properties (`its('states')`)
|
21
|
+
|
22
|
+
|
23
|
+
# Matchers
|
24
|
+
|
25
|
+
This InSpec audit resource has the following matchers:
|
26
|
+
|
27
|
+
## be
|
28
|
+
|
29
|
+
<%= partial "/shared/matcher_be" %>
|
30
|
+
|
31
|
+
## cmp
|
32
|
+
|
33
|
+
<%= partial "/shared/matcher_cmp" %>
|
34
|
+
|
35
|
+
## eq
|
36
|
+
|
37
|
+
<%= partial "/shared/matcher_eq" %>
|
38
|
+
|
39
|
+
## include
|
40
|
+
|
41
|
+
<%= partial "/shared/matcher_include" %>
|
42
|
+
|
43
|
+
## match
|
44
|
+
|
45
|
+
<%= partial "/shared/matcher_match" %>
|
46
|
+
|
47
|
+
## property_name
|
48
|
+
|
49
|
+
The `property_name` matcher tests the named property for the specified value:
|
50
|
+
|
51
|
+
its('property_name') { should eq ['property_value'] }
|
52
|
+
|
53
|
+
# Examples
|
54
|
+
|
55
|
+
The following examples show how to use this InSpec audit resource.
|
56
|
+
|
57
|
+
## Test if the list length for the mysqld process is 1
|
58
|
+
|
59
|
+
describe processes('mysqld') do
|
60
|
+
its('list.length') { should eq 1 }
|
61
|
+
end
|
62
|
+
|
63
|
+
## Test if the init process is owned by the root user
|
64
|
+
|
65
|
+
describe processes('init') do
|
66
|
+
its('users') { should eq ['root'] }
|
67
|
+
end
|
68
|
+
|
69
|
+
## Test if a high-priority process is running
|
70
|
+
|
71
|
+
describe processes('some_process') do
|
72
|
+
its('states') { should eq ['R<'] }
|
73
|
+
end
|