inspec 1.40.0 → 1.41.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +30 -9
- data/docs/matchers.md +18 -0
- data/docs/plugin_kitchen_inspec.md +18 -24
- data/docs/profiles.md +39 -2
- data/docs/resources/aide_conf.md.erb +18 -28
- data/docs/resources/apache_conf.md.erb +19 -33
- data/docs/resources/apt.md.erb +22 -36
- data/docs/resources/audit_policy.md.erb +9 -24
- data/docs/resources/auditd.md.erb +9 -24
- data/docs/resources/auditd_conf.md.erb +20 -34
- data/docs/resources/auditd_rules.md.erb +8 -24
- data/docs/resources/bash.md.erb +4 -26
- data/docs/resources/bond.md.erb +25 -40
- data/docs/resources/bridge.md.erb +5 -25
- data/docs/resources/bsd_service.md.erb +5 -25
- data/docs/resources/command.md.erb +35 -50
- data/docs/resources/crontab.md.erb +9 -23
- data/docs/resources/csv.md.erb +12 -27
- data/docs/resources/dh_params.md +1 -0
- data/docs/resources/directory.md.erb +5 -25
- data/docs/resources/docker.md.erb +60 -57
- data/docs/resources/docker_container.md.erb +23 -19
- data/docs/resources/docker_image.md.erb +20 -16
- data/docs/resources/etc_fstab.md.erb +5 -2
- data/docs/resources/etc_group.md.erb +29 -45
- data/docs/resources/etc_hosts.md.erb +6 -0
- data/docs/resources/etc_hosts_allow.md.erb +6 -2
- data/docs/resources/etc_hosts_deny.md.erb +6 -2
- data/docs/resources/file.md.erb +198 -212
- data/docs/resources/firewalld.md.erb +7 -1
- data/docs/resources/gem.md.erb +21 -35
- data/docs/resources/group.md.erb +16 -30
- data/docs/resources/grub_conf.md.erb +9 -24
- data/docs/resources/host.md.erb +32 -49
- data/docs/resources/http.md.erb +38 -44
- data/docs/resources/iis_app.md.erb +25 -35
- data/docs/resources/iis_site.md.erb +26 -40
- data/docs/resources/inetd_conf.md.erb +27 -42
- data/docs/resources/ini.md.erb +9 -23
- data/docs/resources/interface.md.erb +5 -25
- data/docs/resources/iptables.md.erb +15 -29
- data/docs/resources/json.md.erb +12 -27
- data/docs/resources/kernel_module.md.erb +47 -61
- data/docs/resources/kernel_parameter.md.erb +15 -29
- data/docs/resources/key_rsa.md.erb +3 -0
- data/docs/resources/launchd_service.md.erb +5 -25
- data/docs/resources/limits_conf.md.erb +15 -29
- data/docs/resources/login_def.md.erb +15 -30
- data/docs/resources/mount.md.erb +18 -33
- data/docs/resources/mssql_session.md.erb +9 -12
- data/docs/resources/mysql_conf.md.erb +17 -32
- data/docs/resources/mysql_session.md.erb +15 -29
- data/docs/resources/nginx.md.erb +6 -0
- data/docs/resources/nginx_conf.md.erb +25 -20
- data/docs/resources/npm.md.erb +19 -35
- data/docs/resources/ntp_conf.md.erb +20 -37
- data/docs/resources/oneget.md.erb +15 -30
- data/docs/resources/oracledb_session.md.erb +9 -11
- data/docs/resources/os.md.erb +29 -43
- data/docs/resources/os_env.md.erb +29 -44
- data/docs/resources/package.md.erb +33 -42
- data/docs/resources/parse_config.md.erb +5 -25
- data/docs/resources/parse_config_file.md.erb +31 -43
- data/docs/resources/passwd.md.erb +24 -39
- data/docs/resources/pip.md.erb +20 -35
- data/docs/resources/port.md.erb +43 -57
- data/docs/resources/postgres_conf.md.erb +17 -31
- data/docs/resources/postgres_hba_conf.md.erb +26 -38
- data/docs/resources/postgres_ident_conf.md.erb +25 -37
- data/docs/resources/postgres_session.md.erb +15 -29
- data/docs/resources/powershell.md.erb +27 -42
- data/docs/resources/processes.md.erb +17 -33
- data/docs/resources/rabbitmq_config.md.erb +9 -24
- data/docs/resources/registry_key.md.erb +27 -42
- data/docs/resources/runit_service.md.erb +5 -25
- data/docs/resources/security_policy.md.erb +12 -27
- data/docs/resources/service.md.erb +27 -42
- data/docs/resources/shadow.md.erb +20 -35
- data/docs/resources/ssh_config.md.erb +19 -34
- data/docs/resources/sshd_config.md.erb +19 -34
- data/docs/resources/ssl.md.erb +39 -54
- data/docs/resources/sys_info.md.erb +12 -26
- data/docs/resources/systemd_service.md.erb +5 -25
- data/docs/resources/sysv_service.md.erb +5 -25
- data/docs/resources/upstart_service.md.erb +5 -25
- data/docs/resources/user.md.erb +29 -44
- data/docs/resources/users.md.erb +12 -26
- data/docs/resources/vbscript.md.erb +9 -24
- data/docs/resources/virtualization.md.erb +8 -23
- data/docs/resources/windows_feature.md.erb +15 -30
- data/docs/resources/windows_hotfix.md.erb +15 -9
- data/docs/resources/windows_task.md.erb +12 -26
- data/docs/resources/wmi.md.erb +9 -24
- data/docs/resources/x509_certificate.md.erb +4 -0
- data/docs/resources/xinetd_conf.md.erb +65 -80
- data/docs/resources/xml.md.erb +12 -26
- data/docs/resources/yaml.md.erb +12 -27
- data/docs/resources/yum.md.erb +37 -51
- data/docs/resources/zfs_dataset.md.erb +15 -26
- data/docs/resources/zfs_pool.md.erb +9 -20
- data/lib/inspec/backend.rb +8 -0
- data/lib/inspec/profile.rb +9 -1
- data/lib/inspec/shell.rb +13 -13
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +2 -0
- data/lib/resources/etc_hosts.rb +1 -1
- data/lib/resources/host.rb +4 -1
- data/lib/resources/http.rb +173 -23
- data/lib/resources/processes.rb +106 -20
- data/lib/resources/ssh_conf.rb +1 -1
- data/lib/resources/ssl.rb +4 -3
- data/lib/utils/object_traversal.rb +35 -10
- metadata +2 -2
data/docs/resources/nginx.md.erb
CHANGED
@@ -8,6 +8,8 @@ Use the `nginx` InSpec audit resource to test the fields and validity of nginx.
|
|
8
8
|
|
9
9
|
Nginx resource extracts and exposes data reported by the command 'nginx -V'
|
10
10
|
|
11
|
+
<br>
|
12
|
+
|
11
13
|
## Syntax
|
12
14
|
|
13
15
|
An `nginx` InSpec audit resource block extracts configuration settings that should be tested:
|
@@ -25,10 +27,14 @@ where
|
|
25
27
|
* `'attribute'` is a configuration parsed from result of the command 'nginx -V'
|
26
28
|
* `'value'` is the value that is expected of the attribute
|
27
29
|
|
30
|
+
<br>
|
31
|
+
|
28
32
|
## Supported Properties
|
29
33
|
|
30
34
|
* 'compiler_info', 'error_log_path', 'http_client_body_temp_path', 'http_fastcgi_temp_path', 'http_log_path', 'http_proxy_temp_path', 'http_scgi_temp_path', 'http_uwsgi_temp_path', 'lock_path', 'modules', 'modules_path', 'openssl_version', 'prefix', 'sbin_path', 'service', 'support_info', 'version'
|
31
35
|
|
36
|
+
<br>
|
37
|
+
|
32
38
|
## Property Examples and Return Types
|
33
39
|
|
34
40
|
### version(String)
|
@@ -8,6 +8,8 @@ Use the `nginx_conf` InSpec resource to test configuration data for the NGINX se
|
|
8
8
|
|
9
9
|
**Stability: Experimental**
|
10
10
|
|
11
|
+
<br>
|
12
|
+
|
11
13
|
## Syntax
|
12
14
|
|
13
15
|
An `nginx_conf` resource block declares the client NGINX configuration data to be tested:
|
@@ -23,10 +25,32 @@ where
|
|
23
25
|
* `params['pid']` selects the `pid` entry from the global NGINX configuration
|
24
26
|
* `{ should cmp 'logs/nginx.pid' }` tests if the PID is set to `logs/nginx.pid` (via `cmp` matcher)
|
25
27
|
|
28
|
+
<br>
|
29
|
+
|
30
|
+
## Examples
|
31
|
+
|
32
|
+
The following examples show how to use this InSpec audit resource.
|
33
|
+
|
34
|
+
### Find a specific server
|
35
|
+
|
36
|
+
servers = nginx_conf.servers
|
37
|
+
domain2 = servers.find { |s| s.params['server_name'].flatten.include? 'domain2.com' }
|
38
|
+
describe 'No server serves domain2' do
|
39
|
+
subject { domain2 }
|
40
|
+
it { should be_nil }
|
41
|
+
end
|
42
|
+
|
43
|
+
### Test a raw parameter
|
44
|
+
|
45
|
+
describe nginx_conf.params['worker_processes'].flatten do
|
46
|
+
it { should cmp 5 }
|
47
|
+
end
|
48
|
+
|
49
|
+
<br>
|
26
50
|
|
27
51
|
## Matchers
|
28
52
|
|
29
|
-
This InSpec audit resource has the following matchers
|
53
|
+
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
30
54
|
|
31
55
|
### http
|
32
56
|
|
@@ -101,22 +125,3 @@ Locations provide access to their parent server entry and raw parameters:
|
|
101
125
|
|
102
126
|
location.params
|
103
127
|
=> {"_"=>["~", "\\.php$"], "fastcgi_pass"=>[["127.0.0.1:1025"]]}
|
104
|
-
|
105
|
-
## Examples
|
106
|
-
|
107
|
-
The following examples show how to use this InSpec audit resource.
|
108
|
-
|
109
|
-
### Find a specific server
|
110
|
-
|
111
|
-
servers = nginx_conf.servers
|
112
|
-
domain2 = servers.find { |s| s.params['server_name'].flatten.include? 'domain2.com' }
|
113
|
-
describe 'No server serves domain2' do
|
114
|
-
subject { domain2 }
|
115
|
-
it { should be_nil }
|
116
|
-
end
|
117
|
-
|
118
|
-
### Test a raw parameter
|
119
|
-
|
120
|
-
describe nginx_conf.params['worker_processes'].flatten do
|
121
|
-
it { should cmp 5 }
|
122
|
-
end
|
data/docs/resources/npm.md.erb
CHANGED
@@ -6,6 +6,7 @@ title: About the npm Resource
|
|
6
6
|
|
7
7
|
Use the `npm` InSpec audit resource to test if a global NPM package is installed. NPM is the the package manager for Node.js packages (https://docs.npmjs.com), such as Bower and StatsD.
|
8
8
|
|
9
|
+
<br>
|
9
10
|
|
10
11
|
## Syntax
|
11
12
|
|
@@ -20,56 +21,39 @@ where
|
|
20
21
|
* `('npm_package_name')` must specify an NPM package, such as `'bower'` or `'statsd'`
|
21
22
|
* `be_installed` is a valid matcher for this resource
|
22
23
|
|
24
|
+
<br>
|
23
25
|
|
24
|
-
##
|
25
|
-
|
26
|
-
This InSpec audit resource has the following matchers:
|
27
|
-
|
28
|
-
### be
|
29
|
-
|
30
|
-
<%= partial "/shared/matcher_be" %>
|
26
|
+
## Examples
|
31
27
|
|
32
|
-
|
28
|
+
The following examples show how to use this InSpec audit resource.
|
33
29
|
|
34
|
-
|
30
|
+
### Verify that bower is installed, with a specific version
|
35
31
|
|
36
|
-
|
32
|
+
describe npm('bower') do
|
33
|
+
it { should be_installed }
|
34
|
+
its('version') { should eq '1.4.1' }
|
35
|
+
end
|
37
36
|
|
38
|
-
###
|
37
|
+
### Verify that statsd is not installed
|
39
38
|
|
40
|
-
|
39
|
+
describe npm('statsd') do
|
40
|
+
it { should_not be_installed }
|
41
|
+
end
|
41
42
|
|
42
|
-
|
43
|
+
<br>
|
43
44
|
|
44
|
-
|
45
|
+
## Matchers
|
45
46
|
|
46
|
-
|
47
|
+
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
47
48
|
|
48
|
-
|
49
|
+
### be_installed
|
49
50
|
|
50
|
-
|
51
|
+
The `be_installed` matcher tests if the named Gem package and package version (if specified) is installed:
|
51
52
|
|
52
|
-
|
53
|
+
it { should be_installed }
|
53
54
|
|
54
55
|
### version
|
55
56
|
|
56
57
|
The `version` matcher tests if the named package version is on the system:
|
57
58
|
|
58
59
|
its('version') { should eq '1.2.3' }
|
59
|
-
|
60
|
-
## Examples
|
61
|
-
|
62
|
-
The following examples show how to use this InSpec audit resource.
|
63
|
-
|
64
|
-
### Verify that bower is installed, with a specific version
|
65
|
-
|
66
|
-
describe npm('bower') do
|
67
|
-
it { should be_installed }
|
68
|
-
its('version') { should eq '1.4.1' }
|
69
|
-
end
|
70
|
-
|
71
|
-
### Verify that statsd is not installed
|
72
|
-
|
73
|
-
describe npm('statsd') do
|
74
|
-
it { should_not be_installed }
|
75
|
-
end
|
@@ -6,6 +6,7 @@ title: About the ntp_conf Resource
|
|
6
6
|
|
7
7
|
Use the `ntp_conf` InSpec audit resource to test the synchronization settings defined in the `ntp.conf` file. This file is typically located at `/etc/ntp.conf`.
|
8
8
|
|
9
|
+
<br>
|
9
10
|
|
10
11
|
## Syntax
|
11
12
|
|
@@ -21,56 +22,38 @@ where
|
|
21
22
|
* `('path')` is the non-default path to the `ntp.conf` file
|
22
23
|
* `{ should eq 'value' }` is the value that is expected
|
23
24
|
|
25
|
+
<br>
|
24
26
|
|
25
|
-
##
|
26
|
-
|
27
|
-
This resource matches any service that is listed in the `ntp.conf` file:
|
28
|
-
|
29
|
-
its('server') { should_not eq nil }
|
30
|
-
|
31
|
-
or:
|
27
|
+
## Examples
|
32
28
|
|
33
|
-
|
29
|
+
The following examples show how to use this InSpec audit resource.
|
34
30
|
|
35
|
-
|
31
|
+
### Test for clock drift against named servers
|
36
32
|
|
37
33
|
describe ntp_conf do
|
38
|
-
its('
|
39
|
-
its('
|
34
|
+
its('driftfile') { should eq '/var/lib/ntp/ntp.drift' }
|
35
|
+
its('server') { should eq [
|
36
|
+
0.ubuntu.pool.ntp.org,
|
37
|
+
1.ubuntu.pool.ntp.org,
|
38
|
+
2.ubuntu.pool.ntp.org
|
39
|
+
] }
|
40
40
|
end
|
41
41
|
|
42
|
+
<br>
|
42
43
|
|
43
|
-
|
44
|
-
|
45
|
-
<%= partial "/shared/matcher_be" %>
|
46
|
-
|
47
|
-
### cmp
|
48
|
-
|
49
|
-
<%= partial "/shared/matcher_cmp" %>
|
50
|
-
|
51
|
-
### eq
|
52
|
-
|
53
|
-
<%= partial "/shared/matcher_eq" %>
|
54
|
-
|
55
|
-
### include
|
56
|
-
|
57
|
-
<%= partial "/shared/matcher_include" %>
|
44
|
+
## Matchers
|
58
45
|
|
59
|
-
|
46
|
+
This resource matches any service that is listed in the `ntp.conf` file. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
60
47
|
|
61
|
-
|
48
|
+
its('server') { should_not eq nil }
|
62
49
|
|
63
|
-
|
50
|
+
or:
|
64
51
|
|
65
|
-
|
52
|
+
its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
|
66
53
|
|
67
|
-
|
54
|
+
For example:
|
68
55
|
|
69
56
|
describe ntp_conf do
|
70
|
-
its('
|
71
|
-
its('
|
72
|
-
0.ubuntu.pool.ntp.org,
|
73
|
-
1.ubuntu.pool.ntp.org,
|
74
|
-
2.ubuntu.pool.ntp.org
|
75
|
-
] }
|
57
|
+
its('server') { should_not eq nil }
|
58
|
+
its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
|
76
59
|
end
|
@@ -6,6 +6,8 @@ title: About the oneget Resource
|
|
6
6
|
|
7
7
|
Use the `oneget` InSpec audit resource to test if the named package and/or package version is installed on the system. This resource uses Oneget, which is `part of the Windows Management Framework 5.0 and Windows 10 <https://github.com/OneGet/oneget>`__. This resource uses the `Get-Package` cmdlet to return all of the package names in the Oneget repository.
|
8
8
|
|
9
|
+
<br>
|
10
|
+
|
9
11
|
## Syntax
|
10
12
|
|
11
13
|
A `oneget` resource block declares a package and (optionally) a package version:
|
@@ -19,49 +21,32 @@ where
|
|
19
21
|
* `('name')` must specify the name of a package, such as `'VLC'`
|
20
22
|
* `be_installed` is a valid matcher for this resource
|
21
23
|
|
24
|
+
<br>
|
22
25
|
|
23
|
-
##
|
24
|
-
|
25
|
-
This InSpec audit resource has the following matchers:
|
26
|
-
|
27
|
-
### be
|
28
|
-
|
29
|
-
<%= partial "/shared/matcher_be" %>
|
30
|
-
|
31
|
-
### be_installed
|
32
|
-
|
33
|
-
The `be_installed` matcher tests if the named package is installed on the system:
|
26
|
+
## Examples
|
34
27
|
|
35
|
-
|
28
|
+
The following examples show how to use this InSpec audit resource.
|
36
29
|
|
37
|
-
###
|
30
|
+
### Test if VLC is installed
|
38
31
|
|
39
|
-
|
32
|
+
describe oneget('VLC') do
|
33
|
+
it { should be_installed }
|
34
|
+
end
|
40
35
|
|
41
|
-
|
36
|
+
<br>
|
42
37
|
|
43
|
-
|
38
|
+
## Matchers
|
44
39
|
|
45
|
-
|
40
|
+
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
46
41
|
|
47
|
-
|
42
|
+
### be_installed
|
48
43
|
|
49
|
-
|
44
|
+
The `be_installed` matcher tests if the named package is installed on the system:
|
50
45
|
|
51
|
-
|
46
|
+
it { should be_installed }
|
52
47
|
|
53
48
|
### version
|
54
49
|
|
55
50
|
The `version` matcher tests if the named package version is on the system:
|
56
51
|
|
57
52
|
its('version') { should eq '1.2.3' }
|
58
|
-
|
59
|
-
## Examples
|
60
|
-
|
61
|
-
The following examples show how to use this InSpec audit resource.
|
62
|
-
|
63
|
-
### Test if VLC is installed
|
64
|
-
|
65
|
-
describe oneget('VLC') do
|
66
|
-
it { should be_installed }
|
67
|
-
end
|
@@ -6,6 +6,8 @@ title: About the oracledb_session Resource
|
|
6
6
|
|
7
7
|
Use the `oracledb_session` InSpec audit resource to test SQL commands run against a Oracle database.
|
8
8
|
|
9
|
+
<br>
|
10
|
+
|
9
11
|
## Syntax
|
10
12
|
|
11
13
|
A `oracledb_session` resource block declares the username and password to use for the session with an optional service to connect to, and then the command to be run:
|
@@ -20,17 +22,7 @@ where
|
|
20
22
|
* `query('QUERY')` contains the query to be run
|
21
23
|
* `its('value') { should eq('') }` compares the results of the query against the expected result in the test
|
22
24
|
|
23
|
-
|
24
|
-
|
25
|
-
This InSpec audit resource has the following matchers:
|
26
|
-
|
27
|
-
### cmp
|
28
|
-
|
29
|
-
<%= partial "/shared/matcher_cmp" %>
|
30
|
-
|
31
|
-
### eq
|
32
|
-
|
33
|
-
<%= partial "/shared/matcher_eq" %>
|
25
|
+
<br>
|
34
26
|
|
35
27
|
## Examples
|
36
28
|
|
@@ -51,3 +43,9 @@ The following examples show how to use this InSpec audit resource.
|
|
51
43
|
describe sql.query('SELECT NAME FROM v$database;').row(0).column('name') do
|
52
44
|
its('value') { should cmp 'ORCL' }
|
53
45
|
end
|
46
|
+
|
47
|
+
<br>
|
48
|
+
|
49
|
+
## Matchers
|
50
|
+
|
51
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
data/docs/resources/os.md.erb
CHANGED
@@ -6,45 +6,53 @@ title: About the os Resource
|
|
6
6
|
|
7
7
|
Use the `os` InSpec audit resource to test the platform on which the system is running.
|
8
8
|
|
9
|
+
<br>
|
10
|
+
|
9
11
|
## Syntax
|
10
12
|
|
11
13
|
An `os` resource block declares the platform to be tested. The platform may specified via matcher or control block name. For example, using a matcher:
|
12
14
|
|
13
15
|
describe os[:family] do
|
14
|
-
it { should eq '
|
16
|
+
it { should eq 'platform_family_name' }
|
15
17
|
end
|
16
18
|
|
17
|
-
|
18
|
-
|
19
|
-
describe os[:family_name] do
|
20
|
-
...
|
21
|
-
end
|
19
|
+
* `'platform_family_name'` (a string) is one of `aix`, `bsd`, `darwin`, `debian`, `hpux`, `linux`, `redhat`, `solaris`, `suse`, `unix`, or `windows`
|
22
20
|
|
23
|
-
|
21
|
+
The parameters available to `os` are:
|
24
22
|
|
25
|
-
|
23
|
+
* `:name` - the operating system name, such as `centos`
|
24
|
+
* `:family` - the operating system family, such as `redhat`
|
25
|
+
* `:release` - the version of the operating system, such as `7.3.1611`
|
26
|
+
* `:arch` - the architecture of the operating system, such as `x86_64`
|
27
|
+
<br>
|
26
28
|
|
27
|
-
|
29
|
+
## Examples
|
28
30
|
|
29
|
-
|
31
|
+
The following examples show how to use this InSpec audit resource.
|
30
32
|
|
31
|
-
|
33
|
+
### Test for RedHat
|
32
34
|
|
33
|
-
|
35
|
+
describe os[:family] do
|
36
|
+
it { should eq 'redhat' }
|
37
|
+
end
|
34
38
|
|
35
|
-
|
39
|
+
### Test for Ubuntu
|
36
40
|
|
37
|
-
|
41
|
+
describe os[:family] do
|
42
|
+
it { should eq 'debian' }
|
43
|
+
end
|
38
44
|
|
39
|
-
|
45
|
+
### Test for Microsoft Windows
|
40
46
|
|
41
|
-
|
47
|
+
describe os[:family] do
|
48
|
+
it { should eq 'windows' }
|
49
|
+
end
|
42
50
|
|
43
|
-
|
51
|
+
<br>
|
44
52
|
|
45
|
-
|
53
|
+
## Matchers
|
46
54
|
|
47
|
-
|
55
|
+
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
48
56
|
|
49
57
|
## os.family? Helpers
|
50
58
|
|
@@ -121,34 +129,12 @@ For example, both of the following tests should have the same result:
|
|
121
129
|
end
|
122
130
|
end
|
123
131
|
|
124
|
-
if os
|
132
|
+
if os.debian?
|
125
133
|
describe port(69) do
|
126
134
|
its('processes') { should include 'in.tftpd' }
|
127
135
|
end
|
128
|
-
elsif os
|
136
|
+
elsif os.redhat?
|
129
137
|
describe port(69) do
|
130
138
|
its('processes') { should include 'xinetd' }
|
131
139
|
end
|
132
140
|
end
|
133
|
-
|
134
|
-
## Examples
|
135
|
-
|
136
|
-
The following examples show how to use this InSpec audit resource.
|
137
|
-
|
138
|
-
### Test for RedHat
|
139
|
-
|
140
|
-
describe os[:family] do
|
141
|
-
it { should eq 'redhat' }
|
142
|
-
end
|
143
|
-
|
144
|
-
### Test for Ubuntu
|
145
|
-
|
146
|
-
describe os[:family] do
|
147
|
-
it { should eq 'debian' }
|
148
|
-
end
|
149
|
-
|
150
|
-
### Test for Microsoft Windows
|
151
|
-
|
152
|
-
describe os[:family] do
|
153
|
-
it { should eq 'windows' }
|
154
|
-
end
|