inspec 1.51.6 → 1.51.15
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +101 -101
- data/CHANGELOG.md +2915 -2902
- data/Gemfile +53 -53
- data/LICENSE +14 -14
- data/MAINTAINERS.md +31 -31
- data/MAINTAINERS.toml +47 -47
- data/README.md +419 -419
- data/Rakefile +167 -167
- data/bin/inspec +12 -12
- data/docs/.gitignore +2 -2
- data/docs/README.md +40 -40
- data/docs/dsl_inspec.md +258 -258
- data/docs/dsl_resource.md +93 -93
- data/docs/glossary.md +99 -99
- data/docs/habitat.md +191 -191
- data/docs/inspec_and_friends.md +107 -107
- data/docs/matchers.md +165 -165
- data/docs/migration.md +293 -293
- data/docs/plugin_kitchen_inspec.md +49 -49
- data/docs/profiles.md +370 -370
- data/docs/resources/aide_conf.md.erb +78 -78
- data/docs/resources/apache.md.erb +66 -66
- data/docs/resources/apache_conf.md.erb +67 -67
- data/docs/resources/apt.md.erb +70 -70
- data/docs/resources/audit_policy.md.erb +46 -46
- data/docs/resources/auditd.md.erb +78 -78
- data/docs/resources/auditd_conf.md.erb +68 -68
- data/docs/resources/auditd_rules.md.erb +116 -116
- data/docs/resources/bash.md.erb +74 -74
- data/docs/resources/bond.md.erb +89 -89
- data/docs/resources/bridge.md.erb +54 -54
- data/docs/resources/bsd_service.md.erb +65 -65
- data/docs/resources/command.md.erb +137 -137
- data/docs/resources/cpan.md.erb +77 -77
- data/docs/resources/cran.md.erb +63 -63
- data/docs/resources/crontab.md.erb +87 -87
- data/docs/resources/csv.md.erb +53 -53
- data/docs/resources/dh_params.md.erb +216 -216
- data/docs/resources/directory.md.erb +28 -28
- data/docs/resources/docker.md.erb +163 -163
- data/docs/resources/docker_container.md.erb +99 -99
- data/docs/resources/docker_image.md.erb +93 -93
- data/docs/resources/docker_service.md.erb +113 -113
- data/docs/resources/elasticsearch.md.erb +230 -230
- data/docs/resources/etc_fstab.md.erb +124 -124
- data/docs/resources/etc_group.md.erb +74 -74
- data/docs/resources/etc_hosts.md.erb +75 -75
- data/docs/resources/etc_hosts_allow.md.erb +73 -73
- data/docs/resources/etc_hosts_deny.md.erb +73 -73
- data/docs/resources/file.md.erb +512 -512
- data/docs/resources/filesystem.md.erb +40 -40
- data/docs/resources/firewalld.md.erb +105 -105
- data/docs/resources/gem.md.erb +78 -78
- data/docs/resources/group.md.erb +60 -60
- data/docs/resources/grub_conf.md.erb +101 -100
- data/docs/resources/host.md.erb +77 -77
- data/docs/resources/http.md.erb +104 -98
- data/docs/resources/iis_app.md.erb +120 -116
- data/docs/resources/iis_site.md.erb +132 -128
- data/docs/resources/inetd_conf.md.erb +95 -84
- data/docs/resources/ini.md.erb +72 -69
- data/docs/resources/interface.md.erb +55 -46
- data/docs/resources/iptables.md.erb +63 -63
- data/docs/resources/json.md.erb +61 -61
- data/docs/resources/kernel_module.md.erb +106 -106
- data/docs/resources/kernel_parameter.md.erb +58 -58
- data/docs/resources/key_rsa.md.erb +73 -73
- data/docs/resources/launchd_service.md.erb +56 -56
- data/docs/resources/limits_conf.md.erb +66 -66
- data/docs/resources/login_def.md.erb +62 -62
- data/docs/resources/mount.md.erb +68 -68
- data/docs/resources/mssql_session.md.erb +59 -59
- data/docs/resources/mysql_conf.md.erb +98 -98
- data/docs/resources/mysql_session.md.erb +73 -73
- data/docs/resources/nginx.md.erb +78 -78
- data/docs/resources/nginx_conf.md.erb +127 -127
- data/docs/resources/npm.md.erb +59 -59
- data/docs/resources/ntp_conf.md.erb +59 -59
- data/docs/resources/oneget.md.erb +52 -52
- data/docs/resources/oracledb_session.md.erb +51 -51
- data/docs/resources/os.md.erb +140 -140
- data/docs/resources/os_env.md.erb +77 -77
- data/docs/resources/package.md.erb +119 -119
- data/docs/resources/packages.md.erb +66 -66
- data/docs/resources/parse_config.md.erb +102 -102
- data/docs/resources/parse_config_file.md.erb +137 -137
- data/docs/resources/passwd.md.erb +140 -140
- data/docs/resources/pip.md.erb +66 -66
- data/docs/resources/port.md.erb +136 -136
- data/docs/resources/postgres_conf.md.erb +78 -78
- data/docs/resources/postgres_hba_conf.md.erb +92 -92
- data/docs/resources/postgres_ident_conf.md.erb +75 -75
- data/docs/resources/postgres_session.md.erb +68 -68
- data/docs/resources/powershell.md.erb +101 -101
- data/docs/resources/processes.md.erb +107 -107
- data/docs/resources/rabbitmq_config.md.erb +40 -40
- data/docs/resources/registry_key.md.erb +157 -157
- data/docs/resources/runit_service.md.erb +56 -56
- data/docs/resources/security_policy.md.erb +46 -46
- data/docs/resources/service.md.erb +120 -120
- data/docs/resources/shadow.md.erb +143 -143
- data/docs/resources/ssh_config.md.erb +79 -79
- data/docs/resources/sshd_config.md.erb +82 -82
- data/docs/resources/ssl.md.erb +118 -118
- data/docs/resources/sys_info.md.erb +41 -41
- data/docs/resources/systemd_service.md.erb +56 -56
- data/docs/resources/sysv_service.md.erb +56 -56
- data/docs/resources/upstart_service.md.erb +56 -56
- data/docs/resources/user.md.erb +139 -139
- data/docs/resources/users.md.erb +126 -126
- data/docs/resources/vbscript.md.erb +54 -54
- data/docs/resources/virtualization.md.erb +56 -56
- data/docs/resources/windows_feature.md.erb +46 -46
- data/docs/resources/windows_hotfix.md.erb +52 -52
- data/docs/resources/windows_task.md.erb +89 -89
- data/docs/resources/wmi.md.erb +80 -80
- data/docs/resources/x509_certificate.md.erb +150 -150
- data/docs/resources/xinetd_conf.md.erb +155 -155
- data/docs/resources/xml.md.erb +84 -84
- data/docs/resources/yaml.md.erb +68 -68
- data/docs/resources/yum.md.erb +97 -97
- data/docs/resources/zfs_dataset.md.erb +52 -52
- data/docs/resources/zfs_pool.md.erb +46 -46
- data/docs/ruby_usage.md +203 -203
- data/docs/shared/matcher_be.md.erb +1 -1
- data/docs/shared/matcher_cmp.md.erb +43 -43
- data/docs/shared/matcher_eq.md.erb +3 -3
- data/docs/shared/matcher_include.md.erb +1 -1
- data/docs/shared/matcher_match.md.erb +1 -1
- data/docs/shell.md +172 -172
- data/examples/README.md +8 -8
- data/examples/inheritance/README.md +65 -65
- data/examples/inheritance/controls/example.rb +14 -14
- data/examples/inheritance/inspec.yml +15 -15
- data/examples/kitchen-ansible/.kitchen.yml +25 -25
- data/examples/kitchen-ansible/Gemfile +19 -19
- data/examples/kitchen-ansible/README.md +53 -53
- data/examples/kitchen-ansible/files/nginx.repo +6 -6
- data/examples/kitchen-ansible/tasks/main.yml +16 -16
- data/examples/kitchen-ansible/test/integration/default/default.yml +5 -5
- data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -28
- data/examples/kitchen-chef/.kitchen.yml +20 -20
- data/examples/kitchen-chef/Berksfile +3 -3
- data/examples/kitchen-chef/Gemfile +19 -19
- data/examples/kitchen-chef/README.md +27 -27
- data/examples/kitchen-chef/metadata.rb +7 -7
- data/examples/kitchen-chef/recipes/default.rb +6 -6
- data/examples/kitchen-chef/recipes/nginx.rb +30 -30
- data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -28
- data/examples/kitchen-puppet/.kitchen.yml +22 -22
- data/examples/kitchen-puppet/Gemfile +20 -20
- data/examples/kitchen-puppet/Puppetfile +25 -25
- data/examples/kitchen-puppet/README.md +53 -53
- data/examples/kitchen-puppet/manifests/site.pp +33 -33
- data/examples/kitchen-puppet/metadata.json +11 -11
- data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -28
- data/examples/meta-profile/README.md +37 -37
- data/examples/meta-profile/controls/example.rb +13 -13
- data/examples/meta-profile/inspec.yml +13 -13
- data/examples/profile-attribute.yml +2 -2
- data/examples/profile-attribute/README.md +14 -14
- data/examples/profile-attribute/controls/example.rb +11 -11
- data/examples/profile-attribute/inspec.yml +8 -8
- data/examples/profile-sensitive/README.md +29 -29
- data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -9
- data/examples/profile-sensitive/controls/sensitive.rb +9 -9
- data/examples/profile-sensitive/inspec.yml +8 -8
- data/examples/profile/README.md +48 -48
- data/examples/profile/controls/example.rb +23 -23
- data/examples/profile/controls/gordon.rb +36 -36
- data/examples/profile/controls/meta.rb +34 -34
- data/examples/profile/inspec.yml +10 -10
- data/examples/profile/libraries/gordon_config.rb +53 -53
- data/inspec.gemspec +47 -47
- data/lib/bundles/README.md +3 -3
- data/lib/bundles/inspec-artifact.rb +7 -7
- data/lib/bundles/inspec-artifact/README.md +1 -1
- data/lib/bundles/inspec-artifact/cli.rb +277 -277
- data/lib/bundles/inspec-compliance.rb +16 -16
- data/lib/bundles/inspec-compliance/.kitchen.yml +20 -20
- data/lib/bundles/inspec-compliance/README.md +185 -185
- data/lib/bundles/inspec-compliance/api.rb +316 -316
- data/lib/bundles/inspec-compliance/api/login.rb +152 -152
- data/lib/bundles/inspec-compliance/bootstrap.sh +41 -41
- data/lib/bundles/inspec-compliance/cli.rb +277 -277
- data/lib/bundles/inspec-compliance/configuration.rb +103 -103
- data/lib/bundles/inspec-compliance/http.rb +86 -86
- data/lib/bundles/inspec-compliance/support.rb +36 -36
- data/lib/bundles/inspec-compliance/target.rb +98 -98
- data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -93
- data/lib/bundles/inspec-habitat.rb +12 -12
- data/lib/bundles/inspec-habitat/cli.rb +36 -36
- data/lib/bundles/inspec-habitat/log.rb +10 -10
- data/lib/bundles/inspec-habitat/profile.rb +390 -390
- data/lib/bundles/inspec-init.rb +8 -8
- data/lib/bundles/inspec-init/README.md +31 -31
- data/lib/bundles/inspec-init/cli.rb +97 -97
- data/lib/bundles/inspec-init/templates/profile/README.md +3 -3
- data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -19
- data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -8
- data/lib/bundles/inspec-supermarket.rb +13 -13
- data/lib/bundles/inspec-supermarket/README.md +45 -45
- data/lib/bundles/inspec-supermarket/api.rb +84 -84
- data/lib/bundles/inspec-supermarket/cli.rb +65 -65
- data/lib/bundles/inspec-supermarket/target.rb +34 -34
- data/lib/fetchers/git.rb +163 -163
- data/lib/fetchers/local.rb +74 -74
- data/lib/fetchers/mock.rb +35 -35
- data/lib/fetchers/url.rb +204 -204
- data/lib/inspec.rb +24 -24
- data/lib/inspec/archive/tar.rb +29 -29
- data/lib/inspec/archive/zip.rb +19 -19
- data/lib/inspec/backend.rb +92 -92
- data/lib/inspec/base_cli.rb +324 -322
- data/lib/inspec/cached_fetcher.rb +66 -66
- data/lib/inspec/cli.rb +298 -298
- data/lib/inspec/completions/bash.sh.erb +45 -45
- data/lib/inspec/completions/fish.sh.erb +34 -34
- data/lib/inspec/completions/zsh.sh.erb +61 -61
- data/lib/inspec/control_eval_context.rb +179 -179
- data/lib/inspec/dependencies/cache.rb +72 -72
- data/lib/inspec/dependencies/dependency_set.rb +92 -92
- data/lib/inspec/dependencies/lockfile.rb +115 -115
- data/lib/inspec/dependencies/requirement.rb +123 -123
- data/lib/inspec/dependencies/resolver.rb +86 -86
- data/lib/inspec/describe.rb +27 -27
- data/lib/inspec/dsl.rb +66 -66
- data/lib/inspec/dsl_shared.rb +33 -33
- data/lib/inspec/env_printer.rb +157 -157
- data/lib/inspec/errors.rb +13 -13
- data/lib/inspec/exceptions.rb +12 -12
- data/lib/inspec/expect.rb +45 -45
- data/lib/inspec/fetcher.rb +45 -45
- data/lib/inspec/file_provider.rb +275 -275
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +208 -208
- data/lib/inspec/formatters/json_rspec.rb +20 -20
- data/lib/inspec/formatters/show_progress.rb +12 -12
- data/lib/inspec/library_eval_context.rb +58 -58
- data/lib/inspec/log.rb +11 -11
- data/lib/inspec/metadata.rb +253 -253
- data/lib/inspec/method_source.rb +24 -24
- data/lib/inspec/objects.rb +14 -14
- data/lib/inspec/objects/attribute.rb +65 -65
- data/lib/inspec/objects/control.rb +61 -61
- data/lib/inspec/objects/describe.rb +92 -92
- data/lib/inspec/objects/each_loop.rb +36 -36
- data/lib/inspec/objects/list.rb +15 -15
- data/lib/inspec/objects/or_test.rb +40 -40
- data/lib/inspec/objects/ruby_helper.rb +15 -15
- data/lib/inspec/objects/tag.rb +27 -27
- data/lib/inspec/objects/test.rb +87 -87
- data/lib/inspec/objects/value.rb +27 -27
- data/lib/inspec/plugins.rb +60 -60
- data/lib/inspec/plugins/cli.rb +24 -24
- data/lib/inspec/plugins/fetcher.rb +86 -86
- data/lib/inspec/plugins/resource.rb +132 -132
- data/lib/inspec/plugins/secret.rb +15 -15
- data/lib/inspec/plugins/source_reader.rb +40 -40
- data/lib/inspec/polyfill.rb +12 -12
- data/lib/inspec/profile.rb +510 -510
- data/lib/inspec/profile_context.rb +207 -207
- data/lib/inspec/profile_vendor.rb +66 -66
- data/lib/inspec/reporters.rb +50 -33
- data/lib/inspec/reporters/base.rb +24 -23
- data/lib/inspec/reporters/cli.rb +395 -395
- data/lib/inspec/reporters/json.rb +134 -132
- data/lib/inspec/reporters/json_min.rb +48 -44
- data/lib/inspec/reporters/junit.rb +77 -77
- data/lib/inspec/require_loader.rb +33 -33
- data/lib/inspec/resource.rb +176 -176
- data/lib/inspec/rule.rb +266 -266
- data/lib/inspec/runner.rb +340 -337
- data/lib/inspec/runner_mock.rb +41 -41
- data/lib/inspec/runner_rspec.rb +163 -185
- data/lib/inspec/runtime_profile.rb +26 -26
- data/lib/inspec/schema.rb +186 -186
- data/lib/inspec/secrets.rb +19 -19
- data/lib/inspec/secrets/yaml.rb +30 -30
- data/lib/inspec/shell.rb +223 -223
- data/lib/inspec/shell_detector.rb +90 -90
- data/lib/inspec/source_reader.rb +29 -29
- data/lib/inspec/version.rb +8 -8
- data/lib/matchers/matchers.rb +397 -397
- data/lib/resources/aide_conf.rb +160 -160
- data/lib/resources/apache.rb +49 -49
- data/lib/resources/apache_conf.rb +158 -158
- data/lib/resources/apt.rb +150 -150
- data/lib/resources/audit_policy.rb +64 -64
- data/lib/resources/auditd.rb +233 -233
- data/lib/resources/auditd_conf.rb +56 -56
- data/lib/resources/auditd_rules.rb +205 -205
- data/lib/resources/bash.rb +36 -36
- data/lib/resources/bond.rb +69 -69
- data/lib/resources/bridge.rb +123 -123
- data/lib/resources/command.rb +69 -69
- data/lib/resources/cpan.rb +60 -60
- data/lib/resources/cran.rb +66 -66
- data/lib/resources/crontab.rb +169 -169
- data/lib/resources/csv.rb +58 -58
- data/lib/resources/dh_params.rb +83 -83
- data/lib/resources/directory.rb +25 -25
- data/lib/resources/docker.rb +239 -239
- data/lib/resources/docker_container.rb +92 -92
- data/lib/resources/docker_image.rb +86 -86
- data/lib/resources/docker_object.rb +57 -57
- data/lib/resources/docker_service.rb +94 -94
- data/lib/resources/elasticsearch.rb +168 -168
- data/lib/resources/etc_fstab.rb +102 -102
- data/lib/resources/etc_group.rb +157 -157
- data/lib/resources/etc_hosts.rb +81 -81
- data/lib/resources/etc_hosts_allow_deny.rb +122 -122
- data/lib/resources/file.rb +298 -298
- data/lib/resources/filesystem.rb +31 -31
- data/lib/resources/firewalld.rb +144 -144
- data/lib/resources/gem.rb +71 -71
- data/lib/resources/groups.rb +213 -213
- data/lib/resources/grub_conf.rb +237 -237
- data/lib/resources/host.rb +300 -300
- data/lib/resources/http.rb +252 -252
- data/lib/resources/iis_app.rb +103 -103
- data/lib/resources/iis_site.rb +147 -147
- data/lib/resources/inetd_conf.rb +63 -63
- data/lib/resources/ini.rb +29 -29
- data/lib/resources/interface.rb +130 -130
- data/lib/resources/iptables.rb +70 -70
- data/lib/resources/json.rb +115 -115
- data/lib/resources/kernel_module.rb +110 -110
- data/lib/resources/kernel_parameter.rb +58 -58
- data/lib/resources/key_rsa.rb +67 -67
- data/lib/resources/limits_conf.rb +56 -56
- data/lib/resources/login_def.rb +67 -67
- data/lib/resources/mount.rb +90 -90
- data/lib/resources/mssql_session.rb +103 -103
- data/lib/resources/mysql.rb +82 -82
- data/lib/resources/mysql_conf.rb +133 -133
- data/lib/resources/mysql_session.rb +72 -72
- data/lib/resources/nginx.rb +97 -97
- data/lib/resources/nginx_conf.rb +228 -228
- data/lib/resources/npm.rb +48 -48
- data/lib/resources/ntp_conf.rb +59 -59
- data/lib/resources/oneget.rb +72 -72
- data/lib/resources/oracledb_session.rb +140 -140
- data/lib/resources/os.rb +46 -46
- data/lib/resources/os_env.rb +76 -76
- data/lib/resources/package.rb +357 -357
- data/lib/resources/packages.rb +112 -112
- data/lib/resources/parse_config.rb +116 -116
- data/lib/resources/passwd.rb +96 -96
- data/lib/resources/pip.rb +89 -89
- data/lib/resources/platform.rb +112 -112
- data/lib/resources/port.rb +771 -771
- data/lib/resources/postgres.rb +132 -132
- data/lib/resources/postgres_conf.rb +122 -122
- data/lib/resources/postgres_hba_conf.rb +101 -101
- data/lib/resources/postgres_ident_conf.rb +79 -79
- data/lib/resources/postgres_session.rb +72 -72
- data/lib/resources/powershell.rb +58 -58
- data/lib/resources/processes.rb +204 -204
- data/lib/resources/rabbitmq_conf.rb +53 -53
- data/lib/resources/registry_key.rb +296 -296
- data/lib/resources/security_policy.rb +181 -181
- data/lib/resources/service.rb +784 -784
- data/lib/resources/shadow.rb +141 -141
- data/lib/resources/ssh_conf.rb +102 -102
- data/lib/resources/ssl.rb +99 -99
- data/lib/resources/sys_info.rb +26 -26
- data/lib/resources/toml.rb +32 -32
- data/lib/resources/users.rb +652 -652
- data/lib/resources/vbscript.rb +70 -70
- data/lib/resources/virtualization.rb +251 -251
- data/lib/resources/windows_feature.rb +85 -85
- data/lib/resources/windows_hotfix.rb +35 -35
- data/lib/resources/windows_task.rb +106 -106
- data/lib/resources/wmi.rb +114 -114
- data/lib/resources/x509_certificate.rb +143 -143
- data/lib/resources/xinetd.rb +112 -112
- data/lib/resources/xml.rb +45 -45
- data/lib/resources/yaml.rb +45 -45
- data/lib/resources/yum.rb +181 -181
- data/lib/resources/zfs_dataset.rb +60 -60
- data/lib/resources/zfs_pool.rb +49 -49
- data/lib/source_readers/flat.rb +39 -39
- data/lib/source_readers/inspec.rb +75 -75
- data/lib/utils/command_wrapper.rb +27 -27
- data/lib/utils/convert.rb +12 -12
- data/lib/utils/database_helpers.rb +77 -77
- data/lib/utils/erlang_parser.rb +192 -192
- data/lib/utils/filter.rb +272 -272
- data/lib/utils/filter_array.rb +27 -27
- data/lib/utils/find_files.rb +44 -44
- data/lib/utils/hash.rb +41 -41
- data/lib/utils/json_log.rb +18 -18
- data/lib/utils/latest_version.rb +22 -22
- data/lib/utils/modulator.rb +12 -12
- data/lib/utils/nginx_parser.rb +85 -85
- data/lib/utils/object_traversal.rb +49 -49
- data/lib/utils/parser.rb +274 -274
- data/lib/utils/plugin_registry.rb +93 -93
- data/lib/utils/simpleconfig.rb +132 -132
- data/lib/utils/spdx.rb +13 -13
- data/lib/utils/spdx.txt +343 -343
- metadata +2 -2
data/docs/resources/mount.md.erb
CHANGED
@@ -1,68 +1,68 @@
|
|
1
|
-
---
|
2
|
-
title: About the mount Resource
|
3
|
-
---
|
4
|
-
|
5
|
-
# mount
|
6
|
-
|
7
|
-
Use the `mount` InSpec audit resource to test the mount points on FreeBSD and Linux systems.
|
8
|
-
|
9
|
-
<br>
|
10
|
-
|
11
|
-
## Syntax
|
12
|
-
|
13
|
-
An `mount` resource block declares the synchronization settings that should be tested:
|
14
|
-
|
15
|
-
describe mount('path') do
|
16
|
-
it { should MATCHER 'value' }
|
17
|
-
end
|
18
|
-
|
19
|
-
where
|
20
|
-
|
21
|
-
* `('path')` is the path to the mounted directory
|
22
|
-
* `MATCHER` is a valid matcher for this resource
|
23
|
-
* `'value'` is the value to be tested
|
24
|
-
|
25
|
-
<br>
|
26
|
-
|
27
|
-
## Examples
|
28
|
-
|
29
|
-
The following examples show how to use this InSpec audit resource.
|
30
|
-
|
31
|
-
### Test a the mount point on '/'
|
32
|
-
|
33
|
-
describe mount('/') do
|
34
|
-
it { should be_mounted }
|
35
|
-
its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
|
36
|
-
its('type') { should eq 'ext4' }
|
37
|
-
its('options') { should eq ['rw', 'mode=620'] }
|
38
|
-
end
|
39
|
-
|
40
|
-
<br>
|
41
|
-
|
42
|
-
## Matchers
|
43
|
-
|
44
|
-
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
45
|
-
|
46
|
-
### be_mounted
|
47
|
-
|
48
|
-
The `be_mounted` matcher tests if the file is accessible from the file system:
|
49
|
-
|
50
|
-
it { should be_mounted }
|
51
|
-
|
52
|
-
### device
|
53
|
-
|
54
|
-
The `device` matcher tests the device from the `fstab` table:
|
55
|
-
|
56
|
-
its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
|
57
|
-
|
58
|
-
### options
|
59
|
-
|
60
|
-
The `options` matcher tests the mount options for the file system from the `fstab` table:
|
61
|
-
|
62
|
-
its('options') { should eq ['rw', 'mode=620'] }
|
63
|
-
|
64
|
-
### type
|
65
|
-
|
66
|
-
The `type` matcher tests the file system type:
|
67
|
-
|
68
|
-
its('type') { should eq 'ext4' }
|
1
|
+
---
|
2
|
+
title: About the mount Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# mount
|
6
|
+
|
7
|
+
Use the `mount` InSpec audit resource to test the mount points on FreeBSD and Linux systems.
|
8
|
+
|
9
|
+
<br>
|
10
|
+
|
11
|
+
## Syntax
|
12
|
+
|
13
|
+
An `mount` resource block declares the synchronization settings that should be tested:
|
14
|
+
|
15
|
+
describe mount('path') do
|
16
|
+
it { should MATCHER 'value' }
|
17
|
+
end
|
18
|
+
|
19
|
+
where
|
20
|
+
|
21
|
+
* `('path')` is the path to the mounted directory
|
22
|
+
* `MATCHER` is a valid matcher for this resource
|
23
|
+
* `'value'` is the value to be tested
|
24
|
+
|
25
|
+
<br>
|
26
|
+
|
27
|
+
## Examples
|
28
|
+
|
29
|
+
The following examples show how to use this InSpec audit resource.
|
30
|
+
|
31
|
+
### Test a the mount point on '/'
|
32
|
+
|
33
|
+
describe mount('/') do
|
34
|
+
it { should be_mounted }
|
35
|
+
its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
|
36
|
+
its('type') { should eq 'ext4' }
|
37
|
+
its('options') { should eq ['rw', 'mode=620'] }
|
38
|
+
end
|
39
|
+
|
40
|
+
<br>
|
41
|
+
|
42
|
+
## Matchers
|
43
|
+
|
44
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
45
|
+
|
46
|
+
### be_mounted
|
47
|
+
|
48
|
+
The `be_mounted` matcher tests if the file is accessible from the file system:
|
49
|
+
|
50
|
+
it { should be_mounted }
|
51
|
+
|
52
|
+
### device
|
53
|
+
|
54
|
+
The `device` matcher tests the device from the `fstab` table:
|
55
|
+
|
56
|
+
its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
|
57
|
+
|
58
|
+
### options
|
59
|
+
|
60
|
+
The `options` matcher tests the mount options for the file system from the `fstab` table:
|
61
|
+
|
62
|
+
its('options') { should eq ['rw', 'mode=620'] }
|
63
|
+
|
64
|
+
### type
|
65
|
+
|
66
|
+
The `type` matcher tests the file system type:
|
67
|
+
|
68
|
+
its('type') { should eq 'ext4' }
|
@@ -1,59 +1,59 @@
|
|
1
|
-
---
|
2
|
-
title: About the mssql_session Resource
|
3
|
-
---
|
4
|
-
|
5
|
-
# mssql_session
|
6
|
-
|
7
|
-
Use the `mssql_session` InSpec audit resource to test SQL commands run against a Microsoft SQL database.
|
8
|
-
|
9
|
-
<br>
|
10
|
-
|
11
|
-
## Syntax
|
12
|
-
|
13
|
-
A `mssql_session` resource block declares the username and password to use for the session, and then the command to be run:
|
14
|
-
|
15
|
-
describe mssql_session(user: 'username', password: 'password').query('QUERY').row(0).column('result') do
|
16
|
-
its('value') { should eq('') }
|
17
|
-
end
|
18
|
-
|
19
|
-
where
|
20
|
-
|
21
|
-
* `mssql_session` declares a username and password with permission to run the query. Omitting the username or password parameters results in the use of Windows authentication as the user InSpec is executing as. You may also optionally pass a host and instance name. If omitted, they will default to host: localhost and the default instance.
|
22
|
-
* `query('QUERY')` contains the query to be run
|
23
|
-
* `its('value') { should eq('') }` compares the results of the query against the expected result in the test
|
24
|
-
|
25
|
-
<br>
|
26
|
-
|
27
|
-
## Examples
|
28
|
-
|
29
|
-
The following examples show how to use this InSpec audit resource.
|
30
|
-
|
31
|
-
### Test for matching databases
|
32
|
-
|
33
|
-
sql = mssql_session(user: 'my_user', password: 'password')
|
34
|
-
|
35
|
-
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
36
|
-
its("value") { should cmp > '12.00.4457' }
|
37
|
-
end
|
38
|
-
|
39
|
-
### Test using Windows authentication
|
40
|
-
|
41
|
-
sql = mssql_session
|
42
|
-
|
43
|
-
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
44
|
-
its("value") { should cmp > '12.00.4457' }
|
45
|
-
end
|
46
|
-
|
47
|
-
### Test a specific host and instance
|
48
|
-
|
49
|
-
sql = mssql_session(user: 'my_user', password: 'password', host: 'mssqlserver', instance: 'foo')
|
50
|
-
|
51
|
-
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
52
|
-
its("value") { should cmp > '12.00.4457' }
|
53
|
-
end
|
54
|
-
|
55
|
-
<br>
|
56
|
-
|
57
|
-
## Matchers
|
58
|
-
|
59
|
-
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
1
|
+
---
|
2
|
+
title: About the mssql_session Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# mssql_session
|
6
|
+
|
7
|
+
Use the `mssql_session` InSpec audit resource to test SQL commands run against a Microsoft SQL database.
|
8
|
+
|
9
|
+
<br>
|
10
|
+
|
11
|
+
## Syntax
|
12
|
+
|
13
|
+
A `mssql_session` resource block declares the username and password to use for the session, and then the command to be run:
|
14
|
+
|
15
|
+
describe mssql_session(user: 'username', password: 'password').query('QUERY').row(0).column('result') do
|
16
|
+
its('value') { should eq('') }
|
17
|
+
end
|
18
|
+
|
19
|
+
where
|
20
|
+
|
21
|
+
* `mssql_session` declares a username and password with permission to run the query. Omitting the username or password parameters results in the use of Windows authentication as the user InSpec is executing as. You may also optionally pass a host and instance name. If omitted, they will default to host: localhost and the default instance.
|
22
|
+
* `query('QUERY')` contains the query to be run
|
23
|
+
* `its('value') { should eq('') }` compares the results of the query against the expected result in the test
|
24
|
+
|
25
|
+
<br>
|
26
|
+
|
27
|
+
## Examples
|
28
|
+
|
29
|
+
The following examples show how to use this InSpec audit resource.
|
30
|
+
|
31
|
+
### Test for matching databases
|
32
|
+
|
33
|
+
sql = mssql_session(user: 'my_user', password: 'password')
|
34
|
+
|
35
|
+
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
36
|
+
its("value") { should cmp > '12.00.4457' }
|
37
|
+
end
|
38
|
+
|
39
|
+
### Test using Windows authentication
|
40
|
+
|
41
|
+
sql = mssql_session
|
42
|
+
|
43
|
+
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
44
|
+
its("value") { should cmp > '12.00.4457' }
|
45
|
+
end
|
46
|
+
|
47
|
+
### Test a specific host and instance
|
48
|
+
|
49
|
+
sql = mssql_session(user: 'my_user', password: 'password', host: 'mssqlserver', instance: 'foo')
|
50
|
+
|
51
|
+
describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
|
52
|
+
its("value") { should cmp > '12.00.4457' }
|
53
|
+
end
|
54
|
+
|
55
|
+
<br>
|
56
|
+
|
57
|
+
## Matchers
|
58
|
+
|
59
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
@@ -1,98 +1,98 @@
|
|
1
|
-
---
|
2
|
-
title: About the mysql_conf Resource
|
3
|
-
---
|
4
|
-
|
5
|
-
# mysql_conf
|
6
|
-
|
7
|
-
Use the `mysql_conf` InSpec audit resource to test the contents of the configuration file for MySQL, typically located at `/etc/mysql/my.cnf` or `/etc/my.cnf`.
|
8
|
-
|
9
|
-
<br>
|
10
|
-
|
11
|
-
## Syntax
|
12
|
-
|
13
|
-
A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
|
14
|
-
|
15
|
-
describe mysql_conf('path') do
|
16
|
-
its('setting') { should eq 'value' }
|
17
|
-
end
|
18
|
-
|
19
|
-
# Test a parameter set within the [mysqld] section
|
20
|
-
describe mysql_conf do
|
21
|
-
its('mysqld.port') { should cmp 3306 }
|
22
|
-
end
|
23
|
-
|
24
|
-
# Test a parameter set within the [mariadb] section using array notation
|
25
|
-
describe mysql_conf do
|
26
|
-
its(['mariadb', 'max-connections']) { should_not be_nil }
|
27
|
-
end
|
28
|
-
|
29
|
-
where
|
30
|
-
|
31
|
-
* `'setting'` specifies a setting in the `my.cnf` file, such as `max_connections`
|
32
|
-
* when checking a setting within sections, such as `[mysqld]`, the section name must be included
|
33
|
-
* `('path')` is the non-default path to the `my.cnf` file
|
34
|
-
* `should eq 'value'` is the value that is expected
|
35
|
-
|
36
|
-
<br>
|
37
|
-
|
38
|
-
## Examples
|
39
|
-
|
40
|
-
The following examples show how to use this InSpec audit resource.
|
41
|
-
|
42
|
-
### Test the maximum number of allowed connections
|
43
|
-
|
44
|
-
describe mysql_conf do
|
45
|
-
its('max_connections') { should eq '505' }
|
46
|
-
its('max_user_connections') { should eq '500' }
|
47
|
-
end
|
48
|
-
|
49
|
-
### Test slow query logging**
|
50
|
-
|
51
|
-
describe mysql_conf do
|
52
|
-
its('slow_query_log_file') { should eq 'hostname_slow.log' }
|
53
|
-
its('slow_query_log') { should eq '0' }
|
54
|
-
its('log_queries_not_using_indexes') { should eq '1' }
|
55
|
-
its('long_query_time') { should eq '0.5' }
|
56
|
-
its('min_examined_row_limit') { should eq '100' }
|
57
|
-
end
|
58
|
-
|
59
|
-
### Test the port and socket on which MySQL listens
|
60
|
-
|
61
|
-
describe mysql_conf do
|
62
|
-
its('port') { should eq '3306' }
|
63
|
-
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
|
64
|
-
end
|
65
|
-
|
66
|
-
### Test connection and thread variables
|
67
|
-
|
68
|
-
describe mysql_conf do
|
69
|
-
its('port') { should eq '3306' }
|
70
|
-
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
|
71
|
-
its('max_allowed_packet') { should eq '12M' }
|
72
|
-
its('default_storage_engine') { should eq 'InnoDB' }
|
73
|
-
its('character_set_server') { should eq 'utf8' }
|
74
|
-
its('collation_server') { should eq 'utf8_general_ci' }
|
75
|
-
its('max_connections') { should eq '505' }
|
76
|
-
its('max_user_connections') { should eq '500' }
|
77
|
-
its('thread_cache_size') { should eq '505' }
|
78
|
-
end
|
79
|
-
|
80
|
-
### Test the safe-user-create parameter
|
81
|
-
|
82
|
-
describe mysql_conf.params('mysqld') do
|
83
|
-
its('safe-user-create') { should eq('1') }
|
84
|
-
end
|
85
|
-
|
86
|
-
<br>
|
87
|
-
|
88
|
-
## Matchers
|
89
|
-
|
90
|
-
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
91
|
-
|
92
|
-
### setting
|
93
|
-
|
94
|
-
The `setting` matcher tests specific, named settings in the `my.cnf` file:
|
95
|
-
|
96
|
-
its('setting') { should eq 'value' }
|
97
|
-
|
98
|
-
Use a `setting` matcher for each setting to be tested.
|
1
|
+
---
|
2
|
+
title: About the mysql_conf Resource
|
3
|
+
---
|
4
|
+
|
5
|
+
# mysql_conf
|
6
|
+
|
7
|
+
Use the `mysql_conf` InSpec audit resource to test the contents of the configuration file for MySQL, typically located at `/etc/mysql/my.cnf` or `/etc/my.cnf`.
|
8
|
+
|
9
|
+
<br>
|
10
|
+
|
11
|
+
## Syntax
|
12
|
+
|
13
|
+
A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
|
14
|
+
|
15
|
+
describe mysql_conf('path') do
|
16
|
+
its('setting') { should eq 'value' }
|
17
|
+
end
|
18
|
+
|
19
|
+
# Test a parameter set within the [mysqld] section
|
20
|
+
describe mysql_conf do
|
21
|
+
its('mysqld.port') { should cmp 3306 }
|
22
|
+
end
|
23
|
+
|
24
|
+
# Test a parameter set within the [mariadb] section using array notation
|
25
|
+
describe mysql_conf do
|
26
|
+
its(['mariadb', 'max-connections']) { should_not be_nil }
|
27
|
+
end
|
28
|
+
|
29
|
+
where
|
30
|
+
|
31
|
+
* `'setting'` specifies a setting in the `my.cnf` file, such as `max_connections`
|
32
|
+
* when checking a setting within sections, such as `[mysqld]`, the section name must be included
|
33
|
+
* `('path')` is the non-default path to the `my.cnf` file
|
34
|
+
* `should eq 'value'` is the value that is expected
|
35
|
+
|
36
|
+
<br>
|
37
|
+
|
38
|
+
## Examples
|
39
|
+
|
40
|
+
The following examples show how to use this InSpec audit resource.
|
41
|
+
|
42
|
+
### Test the maximum number of allowed connections
|
43
|
+
|
44
|
+
describe mysql_conf do
|
45
|
+
its('max_connections') { should eq '505' }
|
46
|
+
its('max_user_connections') { should eq '500' }
|
47
|
+
end
|
48
|
+
|
49
|
+
### Test slow query logging**
|
50
|
+
|
51
|
+
describe mysql_conf do
|
52
|
+
its('slow_query_log_file') { should eq 'hostname_slow.log' }
|
53
|
+
its('slow_query_log') { should eq '0' }
|
54
|
+
its('log_queries_not_using_indexes') { should eq '1' }
|
55
|
+
its('long_query_time') { should eq '0.5' }
|
56
|
+
its('min_examined_row_limit') { should eq '100' }
|
57
|
+
end
|
58
|
+
|
59
|
+
### Test the port and socket on which MySQL listens
|
60
|
+
|
61
|
+
describe mysql_conf do
|
62
|
+
its('port') { should eq '3306' }
|
63
|
+
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
|
64
|
+
end
|
65
|
+
|
66
|
+
### Test connection and thread variables
|
67
|
+
|
68
|
+
describe mysql_conf do
|
69
|
+
its('port') { should eq '3306' }
|
70
|
+
its('socket') { should eq '/var/run/mysqld/mysql.sock' }
|
71
|
+
its('max_allowed_packet') { should eq '12M' }
|
72
|
+
its('default_storage_engine') { should eq 'InnoDB' }
|
73
|
+
its('character_set_server') { should eq 'utf8' }
|
74
|
+
its('collation_server') { should eq 'utf8_general_ci' }
|
75
|
+
its('max_connections') { should eq '505' }
|
76
|
+
its('max_user_connections') { should eq '500' }
|
77
|
+
its('thread_cache_size') { should eq '505' }
|
78
|
+
end
|
79
|
+
|
80
|
+
### Test the safe-user-create parameter
|
81
|
+
|
82
|
+
describe mysql_conf.params('mysqld') do
|
83
|
+
its('safe-user-create') { should eq('1') }
|
84
|
+
end
|
85
|
+
|
86
|
+
<br>
|
87
|
+
|
88
|
+
## Matchers
|
89
|
+
|
90
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
91
|
+
|
92
|
+
### setting
|
93
|
+
|
94
|
+
The `setting` matcher tests specific, named settings in the `my.cnf` file:
|
95
|
+
|
96
|
+
its('setting') { should eq 'value' }
|
97
|
+
|
98
|
+
Use a `setting` matcher for each setting to be tested.
|