inspec 1.0.0 → 1.1.0

data/docs/resources/csv.md.erb

@@ -6,7 +6,7 @@ title: About the csv Resource
 
 Use the `csv` InSpec audit resource to test configuration data in a CSV file.
 
-# Syntax
+## Syntax
 
 A `csv` resource block declares the configuration data to be tested:
 
@@ -21,41 +21,41 @@ where
 * `should eq 'foo'` tests a value of `name` as read from a CSV file versus the value declared in the test
 
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## name
+### name
 
 The `name` matcher tests the value of `name` as read from a CSV file versus the value declared in the test:
 
     its('name') { should eq 'foo' }
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test a CSV file
+### Test a CSV file
 
     describe csv('some_file.csv') do
       its('setting') { should eq 1 }

data/docs/resources/directory.md.erb

@@ -6,7 +6,7 @@ title: About the directory Resource
 
 Use the `directory` InSpec audit resource to test if the file type is a directory. This is equivalent to using the `file` resource and the `be_directory` matcher, but provides a simpler and more direct way to test directories. All of the matchers available to `file` may be used with `directory`.
 
-# Syntax
+## Syntax
 
 A `directory` resource block declares the location of the directory to be tested, and then one (or more) matchers:
 
@@ -14,30 +14,30 @@ A `directory` resource block declares the location of the directory to be tested
       it { should MATCHER 'value' }
     end
 
-# Matchers
+## Matchers
 
 This resource may use any of the matchers available to the `file` resource that may be useful when testing a directory.
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-# Examples
+## Examples
 
 None.

data/docs/resources/etc_group.md.erb

@@ -6,7 +6,7 @@ title: About the etc_group Resource
 
 Use the `etc_group` InSpec audit resource to test groups that are defined on Linux and Unix platforms. The `/etc/group` file stores details about each group---group name, password, group identifier, along with a comma-separate list of users that belong to the group.
 
-# Syntax
+## Syntax
 
 A `etc_group` resource block declares a collection of properties to be tested:
 
@@ -28,49 +28,49 @@ where
 * `.where()` may specify a specific item and value, to which the matchers are compared
 * `'gids'`, `'groups'`, and `'users'` are valid matchers for this resource
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## gids
+### gids
 
 The `gids` matcher tests if the named group identifier is present or if it contains duplicates:
 
     its('gids') { should_not contain_duplicates }
 
-## groups
+### groups
 
 The `groups` matcher tests all groups for the named user:
 
     its('groups') { should include 'my_group' }
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## users
+### users
 
 The `users` matcher tests all groups for the named user:
 
     its('users') { should include 'my_user' }
 
-## where
+### where
 
 The `where` matcher allows the test to be focused to one (or more) specific items:
 
@@ -87,29 +87,29 @@ where `item` may be one (or more) of:
 * `members: 'member_name'`
 
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test group identifiers (GIDs) for duplicates
+### Test group identifiers (GIDs) for duplicates
 
     describe etc_group do
       its('gids') { should_not contain_duplicates }
     end
 
-## Test all groups to see if a specific user belongs to one (or more) groups
+### Test all groups to see if a specific user belongs to one (or more) groups
 
     describe etc_group do
       its('groups') { should include 'my_group' }
     end
 
-## Test all groups for a specific user name
+### Test all groups for a specific user name
 
     describe etc_group do
       its('users') { should include 'my_user' }
     end
 
-## Filter a list of groups for a specific user
+### Filter a list of groups for a specific user
 
     describe etc_group.where(name: 'my_group') do
       its('users') { should include 'my_user' }

data/docs/resources/etc_passwd.md.erb

@@ -18,7 +18,7 @@ These entries are defined as a colon-delimited row in the file, one row per user
 
     root:x:1234:5678:additional_info:/home/dir/:/bin/bash
 
-# Syntax
+## Syntax
 
 A `passwd` resource block declares one (or more) users and associated user information to be tested:
 
@@ -38,40 +38,40 @@ where
 * `filter` may take any of the following arguments: `count` (retrieves the number of entries), `lines` (provides raw `passwd` lines), and `params` (returns an array of maps for all entries)
 
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## gids
+### gids
 
 The `gids` matcher tests if the group indentifiers in the test match group identifiers in `/etc/passwd`:
 
     its('gids') { should include 1234 }
     its('gids') { should cmp 0 }
 
-## homes
+### homes
 
 The `homes` matcher tests the absolute path to a user's home directory:
 
     its('home') { should eq '/' }
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## length
+### length
 
 The `length` matcher tests the length of a password that appears in `/etc/passwd`:
 
@@ -83,11 +83,11 @@ This matcher is best used in conjunction with filters. For example:
        its('length') { should_not be < 16 }
     end
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## passwords
+### passwords
 
 The `passwords` matcher tests if passwords are
 
@@ -100,7 +100,7 @@ For example:
     its('passwords') { should eq ['x'] }
     its('passwords') { should cmp '*' }
 
-## shells
+### shells
 
 The `shells` matcher tests the absolute path of a shell (or command) to which a user has access:
 
@@ -112,7 +112,7 @@ or to find all users with the nologin shell:
       its('users') { should_not include 'my_login_user' }
     end
 
-## uids
+### uids
 
 The `uids` matcher tests if the user indentifiers in the test match user identifiers in `/etc/passwd`:
 
@@ -125,24 +125,24 @@ or:
       its('count') { should eq 1 }
     end
 
-## users
+### users
 
 The `users` matcher tests if the user names in the test match user names in `/etc/passwd`:
 
     its('users') { should eq ['root', 'www-data'] }
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test usernames and UIDs
+### Test usernames and UIDs
 
     describe passwd do
       its('users') { should eq ['root', 'www-data'] }
       its('uids') { should eq [0, 33] }
     end
 
-## Select one user and test for multiple occurrences
+### Select one user and test for multiple occurrences
 
     describe passwd.uids(0) do
       its('users') { should cmp 'root' }

data/docs/resources/etc_shadow.md.erb

@@ -19,7 +19,7 @@ These entries are defined as a colon-delimited row in the file, one row per user
 
     dannos:Gb7crrO5CDF.:10063:0:99999:7:::
 
-# Syntax
+## Syntax
 
 A `shadow` resource block declares one (or more) users and associated user information to be tested:
 
@@ -40,19 +40,19 @@ where
 * `filter` one (or more) arguments, for example: `passwd.users(/name/)` used to define filtering; `filter` may take any of the following arguments: `count` (retrieves the number of entries), `lines` (provides raw `passwd` lines), and `params` (returns an array of maps for all entries)
 
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## count
+### count
 
 The `count` matcher tests the number of times the named user appears in `/etc/shadow`:
 
@@ -64,49 +64,49 @@ TThis matcher is best used in conjunction with filters. For example:
        its('count') { should eq 1 }
     end
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## expiry_dates
+### expiry_dates
 
 The `expiry_dates` matcher tests the number of days a user account has been disabled:
 
     its('expiry_dates') { should eq '' }
 
-## inactive_days
+### inactive_days
 
 The `inactive_days` matcher tests the number of days a user must be inactive before the user account is disabled:
 
     its('inactive_days') { should eq '' }
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## last_changes
+### last_changes
 
 The `last_changes` matcher tests the last time a password was changed:
 
     its('last_changes') { should eq '' }
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## max_days
+### max_days
 
 The `max_days` matcher tests the maximum number of days after which a password must be changed:
 
     its('max_days') { should eq 90 }
 
-## min_days
+### min_days
 
 The `min_days` matcher tests the minimum number of days a password must exist, before it may be changed:
 
     its('min_days') { should eq 0 }
 
-## passwords
+### passwords
 
 The `passwords` matcher tests if passwords are
 
@@ -119,29 +119,29 @@ For example:
     its('passwords') { should eq ['x'] }
     its('passwords') { should cmp '*' }
 
-## users
+### users
 
 The `users` matcher tests if the user name exists `/etc/shadow`:
 
     its('users') { should eq 'root' }
 
-## warn_days
+### warn_days
 
 The `warn_days` matcher tests the number of days a user is warned about an expiring password:
 
     its('warn_days') { should eq 7 }
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test for a forbidden user
+### Test for a forbidden user
 
     describe shadow do
       its('users') { should_not include 'forbidden_user' }
     end
 
-## Test that a user appears one time
+### Test that a user appears one time
 
     describe shadow.users('bin') do
       its('passwords') { should cmp 'x' }