inspec 4.3.2 → 4.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +36 -38
- data/README.md +37 -21
- data/etc/deprecations.json +10 -0
- data/etc/plugin_filters.json +8 -0
- data/inspec.gemspec +38 -39
- data/lib/bundles/inspec-compliance/api.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -1
- data/lib/bundles/inspec-compliance/http.rb +1 -1
- data/lib/bundles/inspec-compliance/support.rb +1 -1
- data/lib/bundles/inspec-compliance/target.rb +1 -1
- data/lib/bundles/inspec-supermarket.rb +3 -7
- data/lib/bundles/inspec-supermarket/api.rb +10 -13
- data/lib/bundles/inspec-supermarket/cli.rb +12 -15
- data/lib/bundles/inspec-supermarket/target.rb +7 -11
- data/lib/fetchers/git.rb +14 -15
- data/lib/fetchers/local.rb +6 -10
- data/lib/fetchers/mock.rb +3 -5
- data/lib/fetchers/url.rb +42 -44
- data/lib/inspec.rb +23 -24
- data/lib/inspec/archive/tar.rb +2 -6
- data/lib/inspec/archive/zip.rb +3 -7
- data/lib/inspec/backend.rb +8 -9
- data/lib/inspec/base_cli.rb +64 -65
- data/lib/inspec/cached_fetcher.rb +2 -3
- data/lib/inspec/cli.rb +136 -97
- data/lib/inspec/config.rb +71 -61
- data/lib/inspec/control_eval_context.rb +22 -18
- data/lib/inspec/dependencies/cache.rb +2 -3
- data/lib/inspec/dependencies/dependency_set.rb +2 -3
- data/lib/inspec/dependencies/lockfile.rb +8 -9
- data/lib/inspec/dependencies/requirement.rb +7 -8
- data/lib/inspec/dependencies/resolver.rb +5 -7
- data/lib/inspec/describe.rb +2 -6
- data/lib/inspec/dist.rb +20 -0
- data/lib/inspec/dsl.rb +4 -7
- data/lib/inspec/dsl_shared.rb +1 -2
- data/lib/inspec/env_printer.rb +11 -12
- data/lib/inspec/errors.rb +0 -4
- data/lib/inspec/exceptions.rb +0 -1
- data/lib/inspec/expect.rb +5 -8
- data/lib/inspec/fetcher.rb +7 -10
- data/lib/inspec/file_provider.rb +24 -24
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +8 -8
- data/lib/inspec/globals.rb +2 -2
- data/lib/inspec/impact.rb +5 -7
- data/lib/inspec/input_registry.rb +84 -33
- data/lib/inspec/library_eval_context.rb +3 -6
- data/lib/inspec/log.rb +1 -5
- data/lib/inspec/metadata.rb +17 -16
- data/lib/inspec/method_source.rb +5 -9
- data/lib/inspec/objects.rb +10 -12
- data/lib/inspec/objects/control.rb +7 -9
- data/lib/inspec/objects/describe.rb +9 -11
- data/lib/inspec/objects/each_loop.rb +1 -3
- data/lib/inspec/objects/input.rb +24 -26
- data/lib/inspec/objects/list.rb +4 -6
- data/lib/inspec/objects/or_test.rb +2 -4
- data/lib/inspec/objects/ruby_helper.rb +3 -5
- data/lib/inspec/objects/tag.rb +0 -2
- data/lib/inspec/objects/test.rb +9 -11
- data/lib/inspec/objects/value.rb +3 -5
- data/lib/inspec/plugin/v1.rb +2 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
- data/lib/inspec/plugin/v1/plugins.rb +15 -19
- data/lib/inspec/plugin/v1/registry.rb +0 -4
- data/lib/inspec/plugin/v2.rb +8 -8
- data/lib/inspec/plugin/v2/activator.rb +1 -1
- data/lib/inspec/plugin/v2/config_file.rb +6 -6
- data/lib/inspec/plugin/v2/filter.rb +13 -13
- data/lib/inspec/plugin/v2/installer.rb +36 -24
- data/lib/inspec/plugin/v2/loader.rb +28 -28
- data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
- data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
- data/lib/inspec/plugin/v2/registry.rb +7 -7
- data/lib/inspec/polyfill.rb +0 -3
- data/lib/inspec/profile.rb +55 -63
- data/lib/inspec/profile_context.rb +27 -30
- data/lib/inspec/profile_vendor.rb +6 -9
- data/lib/inspec/reporters.rb +24 -24
- data/lib/inspec/reporters/automate.rb +17 -19
- data/lib/inspec/reporters/base.rb +1 -1
- data/lib/inspec/reporters/cli.rb +88 -91
- data/lib/inspec/reporters/json.rb +2 -4
- data/lib/inspec/reporters/json_automate.rb +1 -3
- data/lib/inspec/reporters/json_min.rb +1 -3
- data/lib/inspec/reporters/junit.rb +26 -28
- data/lib/inspec/reporters/yaml.rb +1 -3
- data/lib/inspec/require_loader.rb +0 -4
- data/lib/inspec/resource.rb +4 -125
- data/lib/inspec/resources.rb +121 -0
- data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
- data/lib/{resources → inspec/resources}/apache.rb +13 -14
- data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
- data/lib/{resources → inspec/resources}/apt.rb +17 -17
- data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
- data/lib/{resources → inspec/resources}/auditd.rb +62 -64
- data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
- data/lib/{resources → inspec/resources}/bash.rb +6 -8
- data/lib/{resources → inspec/resources}/bond.rb +15 -14
- data/lib/{resources → inspec/resources}/bridge.rb +8 -8
- data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
- data/lib/{resources → inspec/resources}/command.rb +11 -10
- data/lib/{resources → inspec/resources}/cpan.rb +12 -12
- data/lib/{resources → inspec/resources}/cran.rb +9 -9
- data/lib/{resources → inspec/resources}/crontab.rb +47 -48
- data/lib/{resources → inspec/resources}/csv.rb +5 -5
- data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
- data/lib/{resources → inspec/resources}/directory.rb +5 -7
- data/lib/{resources → inspec/resources}/docker.rb +63 -63
- data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
- data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
- data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
- data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
- data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
- data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
- data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
- data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
- data/lib/{resources → inspec/resources}/file.rb +80 -79
- data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
- data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
- data/lib/{resources → inspec/resources}/gem.rb +12 -12
- data/lib/{resources → inspec/resources}/groups.rb +28 -27
- data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
- data/lib/{resources → inspec/resources}/host.rb +31 -29
- data/lib/{resources → inspec/resources}/http.rb +24 -24
- data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
- data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
- data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
- data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/ini.rb +7 -8
- data/lib/{resources → inspec/resources}/interface.rb +30 -30
- data/lib/{resources → inspec/resources}/iptables.rb +8 -8
- data/lib/{resources → inspec/resources}/json.rb +8 -10
- data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
- data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
- data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
- data/lib/{resources → inspec/resources}/ksh.rb +6 -8
- data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
- data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
- data/lib/{resources → inspec/resources}/mount.rb +6 -8
- data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
- data/lib/inspec/resources/mysql.rb +81 -0
- data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
- data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
- data/lib/{resources → inspec/resources}/nginx.rb +16 -17
- data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
- data/lib/{resources → inspec/resources}/npm.rb +9 -10
- data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/oneget.rb +8 -8
- data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
- data/lib/{resources → inspec/resources}/os.rb +6 -8
- data/lib/{resources → inspec/resources}/os_env.rb +11 -12
- data/lib/{resources → inspec/resources}/package.rb +66 -65
- data/lib/{resources → inspec/resources}/packages.rb +13 -13
- data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
- data/lib/{resources → inspec/resources}/passwd.rb +18 -19
- data/lib/{resources → inspec/resources}/pip.rb +19 -19
- data/lib/{resources → inspec/resources}/platform.rb +9 -11
- data/lib/{resources → inspec/resources}/port.rb +134 -136
- data/lib/{resources → inspec/resources}/postgres.rb +40 -32
- data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
- data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
- data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
- data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
- data/lib/{resources → inspec/resources}/powershell.rb +17 -13
- data/lib/{resources → inspec/resources}/processes.rb +29 -29
- data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
- data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
- data/lib/inspec/resources/script.rb +1 -0
- data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
- data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
- data/lib/{resources → inspec/resources}/service.rb +74 -75
- data/lib/{resources → inspec/resources}/shadow.rb +44 -45
- data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
- data/lib/{resources → inspec/resources}/ssl.rb +28 -29
- data/lib/inspec/resources/sys_info.rb +30 -0
- data/lib/{resources → inspec/resources}/toml.rb +5 -7
- data/lib/{resources → inspec/resources}/users.rb +65 -65
- data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
- data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
- data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
- data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
- data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
- data/lib/{resources → inspec/resources}/wmi.rb +7 -8
- data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
- data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
- data/lib/{resources → inspec/resources}/xml.rb +7 -7
- data/lib/{resources → inspec/resources}/yaml.rb +5 -6
- data/lib/{resources → inspec/resources}/yum.rb +10 -10
- data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
- data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
- data/lib/inspec/rspec_extensions.rb +24 -8
- data/lib/inspec/rule.rb +14 -15
- data/lib/inspec/runner.rb +28 -28
- data/lib/inspec/runner_mock.rb +1 -5
- data/lib/inspec/runner_rspec.rb +18 -20
- data/lib/inspec/runtime_profile.rb +2 -5
- data/lib/inspec/schema.rb +142 -143
- data/lib/inspec/secrets.rb +3 -7
- data/lib/inspec/secrets/yaml.rb +3 -5
- data/lib/inspec/shell.rb +11 -15
- data/lib/inspec/shell_detector.rb +6 -7
- data/lib/inspec/source_reader.rb +4 -8
- data/lib/inspec/ui.rb +33 -39
- data/lib/inspec/ui_table_helper.rb +12 -0
- data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
- data/lib/{utils → inspec/utils}/convert.rb +0 -4
- data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
- data/lib/inspec/utils/deprecation.rb +6 -0
- data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
- data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
- data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
- data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
- data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
- data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
- data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
- data/lib/{utils → inspec/utils}/filter.rb +30 -33
- data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
- data/lib/{utils → inspec/utils}/find_files.rb +9 -12
- data/lib/{utils → inspec/utils}/hash.rb +1 -5
- data/lib/inspec/utils/json_log.rb +15 -0
- data/lib/inspec/utils/latest_version.rb +13 -0
- data/lib/{utils → inspec/utils}/modulator.rb +0 -3
- data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
- data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
- data/lib/{utils → inspec/utils}/parser.rb +45 -45
- data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
- data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
- data/lib/{utils → inspec/utils}/spdx.rb +1 -4
- data/lib/{utils → inspec/utils}/spdx.txt +0 -0
- data/lib/inspec/utils/telemetry.rb +3 -3
- data/lib/inspec/utils/telemetry/collector.rb +30 -9
- data/lib/inspec/utils/telemetry/data_series.rb +3 -1
- data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +22 -25
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
- data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +12 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
- data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +12 -14
- data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +39 -41
- data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +64 -64
- data/lib/plugins/inspec-compliance/test/unit/api_test.rb +157 -156
- data/lib/plugins/inspec-compliance/test/unit/target_test.rb +85 -85
- data/lib/plugins/inspec-habitat/Berksfile +2 -2
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
- data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +1 -1
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +8 -8
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +17 -17
- data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +9 -8
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +14 -14
- data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +4 -4
- data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +42 -41
- data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +5 -5
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +1 -3
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/azure/controls/example.rb +4 -5
- data/lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
- data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +51 -50
- data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +35 -33
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +281 -271
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +41 -41
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +25 -6
- data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
- data/lib/resource_support/aws.rb +67 -67
- data/lib/resource_support/aws/aws_plural_resource_mixin.rb +4 -1
- data/lib/resource_support/aws/aws_resource_mixin.rb +4 -3
- data/lib/resource_support/aws/aws_singular_resource_mixin.rb +4 -1
- data/lib/resources/aws/aws_billing_report.rb +15 -8
- data/lib/resources/aws/aws_billing_reports.rb +10 -7
- data/lib/resources/aws/aws_cloudtrail_trail.rb +9 -5
- data/lib/resources/aws/aws_cloudtrail_trails.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_alarm.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +12 -8
- data/lib/resources/aws/aws_config_delivery_channel.rb +13 -9
- data/lib/resources/aws/aws_config_recorder.rb +10 -6
- data/lib/resources/aws/aws_ebs_volume.rb +12 -8
- data/lib/resources/aws/aws_ebs_volumes.rb +9 -5
- data/lib/resources/aws/aws_ec2_instance.rb +14 -11
- data/lib/resources/aws/aws_ec2_instances.rb +9 -5
- data/lib/resources/aws/aws_ecs_cluster.rb +11 -7
- data/lib/resources/aws/aws_eks_cluster.rb +13 -9
- data/lib/resources/aws/aws_elb.rb +9 -5
- data/lib/resources/aws/aws_elbs.rb +9 -5
- data/lib/resources/aws/aws_flow_log.rb +17 -13
- data/lib/resources/aws/aws_iam_access_key.rb +15 -11
- data/lib/resources/aws/aws_iam_access_keys.rb +19 -15
- data/lib/resources/aws/aws_iam_group.rb +9 -5
- data/lib/resources/aws/aws_iam_groups.rb +9 -5
- data/lib/resources/aws/aws_iam_password_policy.rb +13 -10
- data/lib/resources/aws/aws_iam_policies.rb +9 -5
- data/lib/resources/aws/aws_iam_policy.rb +16 -12
- data/lib/resources/aws/aws_iam_role.rb +9 -5
- data/lib/resources/aws/aws_iam_root_user.rb +12 -8
- data/lib/resources/aws/aws_iam_user.rb +12 -12
- data/lib/resources/aws/aws_iam_users.rb +10 -10
- data/lib/resources/aws/aws_kms_key.rb +12 -8
- data/lib/resources/aws/aws_kms_keys.rb +9 -5
- data/lib/resources/aws/aws_rds_instance.rb +11 -8
- data/lib/resources/aws/aws_route_table.rb +11 -7
- data/lib/resources/aws/aws_route_tables.rb +10 -6
- data/lib/resources/aws/aws_s3_bucket.rb +14 -11
- data/lib/resources/aws/aws_s3_bucket_object.rb +12 -9
- data/lib/resources/aws/aws_s3_buckets.rb +9 -7
- data/lib/resources/aws/aws_security_group.rb +16 -12
- data/lib/resources/aws/aws_security_groups.rb +12 -8
- data/lib/resources/aws/aws_sns_subscription.rb +15 -11
- data/lib/resources/aws/aws_sns_topic.rb +10 -6
- data/lib/resources/aws/aws_sns_topics.rb +9 -5
- data/lib/resources/aws/aws_sqs_queue.rb +18 -14
- data/lib/resources/aws/aws_subnet.rb +11 -7
- data/lib/resources/aws/aws_subnets.rb +9 -5
- data/lib/resources/aws/aws_vpc.rb +10 -6
- data/lib/resources/aws/aws_vpcs.rb +9 -5
- data/lib/resources/azure/azure_backend.rb +20 -18
- data/lib/resources/azure/azure_generic_resource.rb +13 -15
- data/lib/resources/azure/azure_resource_group.rb +17 -19
- data/lib/resources/azure/azure_virtual_machine.rb +6 -8
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +6 -8
- data/lib/source_readers/flat.rb +6 -10
- data/lib/source_readers/inspec.rb +8 -12
- metadata +141 -142
- data/lib/resources/mysql.rb +0 -82
- data/lib/resources/sys_info.rb +0 -28
- data/lib/utils/deprecation.rb +0 -6
- data/lib/utils/json_log.rb +0 -18
- data/lib/utils/latest_version.rb +0 -22
@@ -1,13 +1,12 @@
|
|
1
|
-
# encoding: utf-8
|
2
1
|
# copyright: 2015, Vulcano Security GmbH
|
3
2
|
|
4
|
-
require
|
5
|
-
require
|
3
|
+
require "inspec/utils/simpleconfig"
|
4
|
+
require "inspec/utils/file_reader"
|
6
5
|
|
7
6
|
module Inspec::Resources
|
8
7
|
class AuditDaemonConf < Inspec.resource(1)
|
9
|
-
name
|
10
|
-
supports platform:
|
8
|
+
name "auditd_conf"
|
9
|
+
supports platform: "unix"
|
11
10
|
desc "Use the auditd_conf InSpec audit resource to test the configuration settings for the audit daemon. This file is typically located under /etc/audit/auditd.conf' on UNIX and Linux platforms."
|
12
11
|
example <<~EXAMPLE
|
13
12
|
describe auditd_conf do
|
@@ -18,7 +17,7 @@ module Inspec::Resources
|
|
18
17
|
include FileReader
|
19
18
|
|
20
19
|
def initialize(path = nil)
|
21
|
-
@conf_path = path ||
|
20
|
+
@conf_path = path || "/etc/audit/auditd.conf"
|
22
21
|
@content = read_file_content(@conf_path)
|
23
22
|
end
|
24
23
|
|
@@ -27,7 +26,7 @@ module Inspec::Resources
|
|
27
26
|
end
|
28
27
|
|
29
28
|
def to_s
|
30
|
-
|
29
|
+
"Audit Daemon Config"
|
31
30
|
end
|
32
31
|
|
33
32
|
private
|
@@ -38,7 +37,7 @@ module Inspec::Resources
|
|
38
37
|
# parse the file
|
39
38
|
conf = SimpleConfig.new(
|
40
39
|
@content,
|
41
|
-
multiple_values: false
|
40
|
+
multiple_values: false
|
42
41
|
)
|
43
42
|
@params = conf.params
|
44
43
|
end
|
@@ -1,13 +1,11 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require 'utils/command_wrapper'
|
4
|
-
require 'resources/command'
|
1
|
+
require "inspec/utils/command_wrapper"
|
2
|
+
require "inspec/resources/command"
|
5
3
|
|
6
4
|
module Inspec::Resources
|
7
5
|
class Bash < Cmd
|
8
|
-
name
|
9
|
-
supports platform:
|
10
|
-
desc
|
6
|
+
name "bash"
|
7
|
+
supports platform: "unix"
|
8
|
+
desc "Run a command or script in BASH."
|
11
9
|
example <<~EXAMPLE
|
12
10
|
describe bash('ls -al /') do
|
13
11
|
its('stdout') { should match /bin/ }
|
@@ -24,7 +22,7 @@ module Inspec::Resources
|
|
24
22
|
|
25
23
|
def initialize(command, options = {})
|
26
24
|
@raw_command = command
|
27
|
-
options[:shell] =
|
25
|
+
options[:shell] = "bash" if options.is_a?(Hash)
|
28
26
|
super(CommandWrapper.wrap(command, options))
|
29
27
|
end
|
30
28
|
|
@@ -1,12 +1,11 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require 'utils/file_reader'
|
1
|
+
require "inspec/resources/file"
|
2
|
+
require "inspec/utils/file_reader"
|
3
|
+
require "inspec/utils/simpleconfig"
|
5
4
|
|
6
5
|
module Inspec::Resources
|
7
6
|
class Bond < FileResource
|
8
|
-
name
|
9
|
-
supports platform:
|
7
|
+
name "bond"
|
8
|
+
supports platform: "unix"
|
10
9
|
desc 'Use the bond InSpec audit resource to test a logical, bonded network interface (i.e. "two or more network interfaces aggregated into a single, logical network interface"). On Linux platforms, any value in the /proc/net/bonding directory may be tested.'
|
11
10
|
example <<~EXAMPLE
|
12
11
|
describe bond('bond0') do
|
@@ -26,11 +25,13 @@ module Inspec::Resources
|
|
26
25
|
end
|
27
26
|
|
28
27
|
def read_content
|
29
|
-
@
|
30
|
-
@
|
31
|
-
|
32
|
-
|
33
|
-
|
28
|
+
if @file.exist?
|
29
|
+
@params = SimpleConfig.new(
|
30
|
+
@content,
|
31
|
+
assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
|
32
|
+
multiple_values: true
|
33
|
+
).params
|
34
|
+
end
|
34
35
|
@loaded = true
|
35
36
|
@content
|
36
37
|
end
|
@@ -51,15 +52,15 @@ module Inspec::Resources
|
|
51
52
|
end
|
52
53
|
|
53
54
|
def has_interface?(interface)
|
54
|
-
params[
|
55
|
+
params["Slave Interface"].include?(interface)
|
55
56
|
end
|
56
57
|
|
57
58
|
def interfaces
|
58
|
-
params[
|
59
|
+
params["Slave Interface"]
|
59
60
|
end
|
60
61
|
|
61
62
|
def mode
|
62
|
-
params[
|
63
|
+
params["Bonding Mode"].first
|
63
64
|
end
|
64
65
|
|
65
66
|
def to_s
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
require "inspec/resources/file"
|
2
2
|
|
3
3
|
# Usage:
|
4
4
|
# describe bridge('br0') do
|
@@ -8,9 +8,9 @@
|
|
8
8
|
|
9
9
|
module Inspec::Resources
|
10
10
|
class Bridge < Inspec.resource(1)
|
11
|
-
name
|
12
|
-
supports platform:
|
13
|
-
desc
|
11
|
+
name "bridge"
|
12
|
+
supports platform: "unix"
|
13
|
+
desc "Use the bridge InSpec audit resource to test basic network bridge properties, such as name, if an interface is defined, and the associations for any defined interface."
|
14
14
|
example <<~EXAMPLE
|
15
15
|
describe bridge 'br0' do
|
16
16
|
it { should exist }
|
@@ -27,7 +27,7 @@ module Inspec::Resources
|
|
27
27
|
elsif inspec.os.windows?
|
28
28
|
@bridge_provider = WindowsBridge.new(inspec)
|
29
29
|
else
|
30
|
-
return skip_resource
|
30
|
+
return skip_resource "The `bridge` resource is not supported on your OS yet."
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
@@ -36,7 +36,7 @@ module Inspec::Resources
|
|
36
36
|
end
|
37
37
|
|
38
38
|
def has_interface?(interface)
|
39
|
-
return skip_resource
|
39
|
+
return skip_resource "The `bridge` resource does not provide interface detection for Windows yet" if inspec.os.windows?
|
40
40
|
bridge_info.nil? ? false : bridge_info[:interfaces].include?(interface)
|
41
41
|
end
|
42
42
|
|
@@ -92,7 +92,7 @@ module Inspec::Resources
|
|
92
92
|
class WindowsBridge < BridgeDetection
|
93
93
|
def bridge_info(bridge_name)
|
94
94
|
# find all bridge adapters
|
95
|
-
cmd = inspec.command(
|
95
|
+
cmd = inspec.command("Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter | Select-Object -Property Name, InterfaceDescription | ConvertTo-Json")
|
96
96
|
|
97
97
|
# filter network interface
|
98
98
|
begin
|
@@ -108,7 +108,7 @@ module Inspec::Resources
|
|
108
108
|
bridges = bridges.each_with_object([]) do |adapter, adapter_collection|
|
109
109
|
# map object
|
110
110
|
info = {
|
111
|
-
name: adapter[
|
111
|
+
name: adapter["Name"],
|
112
112
|
interfaces: nil,
|
113
113
|
}
|
114
114
|
adapter_collection.push(info) if info[:name].casecmp(bridge_name) == 0
|
@@ -1,12 +1,14 @@
|
|
1
|
-
# encoding: utf-8
|
2
1
|
# frozen_string_literal: true
|
3
2
|
|
3
|
+
require "inspec/resources/command"
|
4
|
+
require "inspec/resources/powershell"
|
5
|
+
|
4
6
|
# Check for Chocolatey packages to be installed
|
5
7
|
module Inspec::Resources
|
6
8
|
class ChocoPkg < Inspec.resource(1)
|
7
|
-
name
|
8
|
-
supports platform:
|
9
|
-
desc
|
9
|
+
name "chocolatey_package"
|
10
|
+
supports platform: "windows"
|
11
|
+
desc "Use the chocolatey_package InSpec audit resource to test if the named package and/or package version is installed on the system."
|
10
12
|
example <<~EXAMPLE
|
11
13
|
describe chocolatey_package('git') do
|
12
14
|
it { should be_installed }
|
@@ -17,7 +19,7 @@ module Inspec::Resources
|
|
17
19
|
attr_reader :package_name
|
18
20
|
|
19
21
|
def initialize(package_name, _opts = {})
|
20
|
-
raise
|
22
|
+
raise "Chocolatey is not installed" unless inspec.command("choco").exist?
|
21
23
|
@package_name = package_name
|
22
24
|
@cache = base_data.update(generate_cache)
|
23
25
|
end
|
@@ -53,7 +55,7 @@ module Inspec::Resources
|
|
53
55
|
name: package_name,
|
54
56
|
version: nil,
|
55
57
|
installed: false,
|
56
|
-
type:
|
58
|
+
type: "chocolatey",
|
57
59
|
}
|
58
60
|
end
|
59
61
|
|
@@ -67,12 +69,12 @@ module Inspec::Resources
|
|
67
69
|
return {} if cmd.exit_status != 0 || cmd.stdout.strip.empty?
|
68
70
|
out = JSON.parse(cmd.stdout)
|
69
71
|
|
70
|
-
|
72
|
+
{
|
71
73
|
version: out.fetch(package_name),
|
72
74
|
installed: true,
|
73
75
|
}
|
74
76
|
rescue JSON::ParserError, KeyError
|
75
|
-
|
77
|
+
{}
|
76
78
|
end
|
77
79
|
end
|
78
80
|
end
|
@@ -1,12 +1,13 @@
|
|
1
|
-
# encoding: utf-8
|
2
1
|
# copyright: 2015, Vulcano Security GmbH
|
3
2
|
|
3
|
+
require "inspec/resource"
|
4
|
+
|
4
5
|
module Inspec::Resources
|
5
6
|
class Cmd < Inspec.resource(1)
|
6
|
-
name
|
7
|
-
supports platform:
|
8
|
-
supports platform:
|
9
|
-
desc
|
7
|
+
name "command"
|
8
|
+
supports platform: "unix"
|
9
|
+
supports platform: "windows"
|
10
|
+
desc "Use the command InSpec audit resource to test an arbitrary command that is run on the system."
|
10
11
|
example <<~EXAMPLE
|
11
12
|
describe command('ls -al /') do
|
12
13
|
its('stdout') { should match /bin/ }
|
@@ -24,7 +25,7 @@ module Inspec::Resources
|
|
24
25
|
|
25
26
|
def initialize(cmd, options = {})
|
26
27
|
if cmd.nil?
|
27
|
-
raise
|
28
|
+
raise "InSpec `command` was called with `nil` as the argument. This is not supported. Please provide a valid command instead."
|
28
29
|
end
|
29
30
|
|
30
31
|
@command = cmd
|
@@ -32,9 +33,9 @@ module Inspec::Resources
|
|
32
33
|
if options[:redact_regex]
|
33
34
|
unless options[:redact_regex].is_a?(Regexp)
|
34
35
|
# Make sure command is replaced so sensitive output isn't shown
|
35
|
-
@command =
|
36
|
+
@command = "ERROR"
|
36
37
|
raise Inspec::Exceptions::ResourceFailed,
|
37
|
-
|
38
|
+
"The `redact_regex` option must be a regular expression"
|
38
39
|
end
|
39
40
|
@redact_regex = options[:redact_regex]
|
40
41
|
end
|
@@ -58,10 +59,10 @@ module Inspec::Resources
|
|
58
59
|
|
59
60
|
def exist? # rubocop:disable Metrics/AbcSize
|
60
61
|
# silent for mock resources
|
61
|
-
return false if inspec.os.name.nil? || inspec.os.name ==
|
62
|
+
return false if inspec.os.name.nil? || inspec.os.name == "mock"
|
62
63
|
|
63
64
|
if inspec.os.linux?
|
64
|
-
res = if inspec.platform.name ==
|
65
|
+
res = if inspec.platform.name == "alpine"
|
65
66
|
inspec.backend.run_command("which \"#{@command}\"")
|
66
67
|
else
|
67
68
|
inspec.backend.run_command("bash -c 'type \"#{@command}\"'")
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
require "inspec/resources/command"
|
2
2
|
|
3
3
|
# Usage:
|
4
4
|
# describe cpan('DBD::Pg') do
|
@@ -8,9 +8,9 @@
|
|
8
8
|
|
9
9
|
module Inspec::Resources
|
10
10
|
class CpanPackage < Inspec.resource(1)
|
11
|
-
name
|
12
|
-
supports platform:
|
13
|
-
desc
|
11
|
+
name "cpan"
|
12
|
+
supports platform: "unix"
|
13
|
+
desc "Use the `cpan` InSpec audit resource to test Perl modules that are installed by system packages or the CPAN installer."
|
14
14
|
example <<~EXAMPLE
|
15
15
|
describe cpan('DBD::Pg') do
|
16
16
|
it { should be_installed }
|
@@ -20,24 +20,24 @@ module Inspec::Resources
|
|
20
20
|
def initialize(package_name, perl_lib_path = nil)
|
21
21
|
@package_name = package_name
|
22
22
|
@perl_lib_path = perl_lib_path
|
23
|
-
@perl_cmd =
|
23
|
+
@perl_cmd = "perl"
|
24
24
|
|
25
25
|
# this resource is not supported on Windows
|
26
|
-
return skip_resource
|
27
|
-
return skip_resource
|
26
|
+
return skip_resource "The `cpan` resource is not supported on your OS yet." if inspec.os.windows?
|
27
|
+
return skip_resource "perl not found" unless inspec.command(@perl_cmd).exist?
|
28
28
|
end
|
29
29
|
|
30
30
|
def info
|
31
31
|
return @info if defined?(@info)
|
32
32
|
|
33
33
|
@info = {}
|
34
|
-
@info[:type] =
|
34
|
+
@info[:type] = "cpan"
|
35
35
|
@info[:name] = @package_name
|
36
36
|
# set PERL5LIB environment variable if a custom lib path is given
|
37
|
-
lib_path = @perl_lib_path.nil? ?
|
38
|
-
cmd = inspec.command("#{lib_path
|
39
|
-
@info[:installed] = cmd.exit_status
|
40
|
-
return @info unless cmd.exit_status
|
37
|
+
lib_path = @perl_lib_path.nil? ? "" : "PERL5LIB=#{@perl_lib_path} "
|
38
|
+
cmd = inspec.command("#{lib_path + @perl_cmd} -le 'eval \"require $ARGV[0]\" and print $ARGV[0]->VERSION or exit 1' #{@package_name}")
|
39
|
+
@info[:installed] = cmd.exit_status == 0
|
40
|
+
return @info unless cmd.exit_status == 0
|
41
41
|
|
42
42
|
@info[:version] = cmd.stdout.strip
|
43
43
|
@info
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
require "inspec/resources/command"
|
2
2
|
|
3
3
|
# Usage:
|
4
4
|
# describe cran('DBI') do
|
@@ -8,9 +8,9 @@
|
|
8
8
|
|
9
9
|
module Inspec::Resources
|
10
10
|
class CranPackage < Inspec.resource(1)
|
11
|
-
name
|
12
|
-
supports platform:
|
13
|
-
desc
|
11
|
+
name "cran"
|
12
|
+
supports platform: "unix"
|
13
|
+
desc "Use the `cran` InSpec audit resource to test R modules that are installed from CRAN package repository."
|
14
14
|
example <<~EXAMPLE
|
15
15
|
describe cran('DBI') do
|
16
16
|
it { should be_installed }
|
@@ -19,21 +19,21 @@ module Inspec::Resources
|
|
19
19
|
|
20
20
|
def initialize(package_name)
|
21
21
|
@package_name = package_name
|
22
|
-
@r_cmd =
|
22
|
+
@r_cmd = "Rscript"
|
23
23
|
|
24
24
|
# this resource is not supported on Windows
|
25
|
-
return skip_resource
|
26
|
-
return skip_resource
|
25
|
+
return skip_resource "The `cran` resource is not supported on your OS yet." if inspec.os.windows?
|
26
|
+
return skip_resource "Rscript not found" unless inspec.command(@r_cmd).exist?
|
27
27
|
end
|
28
28
|
|
29
29
|
def info
|
30
30
|
return @info if defined?(@info)
|
31
31
|
|
32
32
|
@info = {}
|
33
|
-
@info[:type] =
|
33
|
+
@info[:type] = "cran"
|
34
34
|
@info[:name] = @package_name
|
35
35
|
cmd = inspec.command("#{@r_cmd} -e 'packageVersion(\"#{@package_name}\")'")
|
36
|
-
return @info unless cmd.exit_status
|
36
|
+
return @info unless cmd.exit_status == 0
|
37
37
|
|
38
38
|
# Extract package version from Rscript output
|
39
39
|
# Output includes unicode punctuation (backticks) characters like so:
|
@@ -1,13 +1,12 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require 'utils/filter'
|
1
|
+
require "inspec/resources/file"
|
2
|
+
require "inspec/utils/parser"
|
3
|
+
require "inspec/utils/filter"
|
5
4
|
|
6
5
|
module Inspec::Resources
|
7
6
|
class Crontab < Inspec.resource(1)
|
8
|
-
name
|
9
|
-
supports platform:
|
10
|
-
desc
|
7
|
+
name "crontab"
|
8
|
+
supports platform: "unix"
|
9
|
+
desc "Use the crontab InSpec audit resource to test the contents of the crontab for a given user which contains information about scheduled tasks owned by that user."
|
11
10
|
example <<~EXAMPLE
|
12
11
|
describe crontab(user: 'root') do
|
13
12
|
its('commands') { should include '/path/to/some/script' }
|
@@ -40,8 +39,8 @@ module Inspec::Resources
|
|
40
39
|
Hash[opts.map { |k, v| [k.to_sym, v] }]
|
41
40
|
@user = opts.fetch(:user, nil)
|
42
41
|
@path = opts.fetch(:path, nil)
|
43
|
-
raise Inspec::Exceptions::ResourceFailed,
|
44
|
-
raise Inspec::Exceptions::ResourceFailed,
|
42
|
+
raise Inspec::Exceptions::ResourceFailed, "A user or path must be supplied." if @user.nil? && @path.nil?
|
43
|
+
raise Inspec::Exceptions::ResourceFailed, "Either user or path must be supplied, not both!" if !@user.nil? && !@path.nil?
|
45
44
|
else
|
46
45
|
@user = opts
|
47
46
|
@path = nil
|
@@ -60,31 +59,31 @@ module Inspec::Resources
|
|
60
59
|
end
|
61
60
|
|
62
61
|
def parse_crontab_line(l)
|
63
|
-
data, = parse_comment_line(l, comment_char:
|
62
|
+
data, = parse_comment_line(l, comment_char: "#", standalone_comments: false)
|
64
63
|
return nil if data.nil? || data.empty?
|
65
64
|
|
66
65
|
is_system_crontab? ? parse_system_crontab(data) : parse_user_crontab(data)
|
67
66
|
end
|
68
67
|
|
69
68
|
def crontab_cmd
|
70
|
-
@user.nil? ?
|
69
|
+
@user.nil? ? "crontab -l" : "crontab -l -u #{@user}"
|
71
70
|
end
|
72
71
|
|
73
72
|
filter = FilterTable.create
|
74
|
-
filter.register_column(:minutes, field:
|
75
|
-
.register_column(:hours, field:
|
76
|
-
.register_column(:days, field:
|
77
|
-
.register_column(:months, field:
|
78
|
-
.register_column(:weekdays, field:
|
79
|
-
.register_column(:user, field:
|
80
|
-
.register_column(:commands, field:
|
73
|
+
filter.register_column(:minutes, field: "minute")
|
74
|
+
.register_column(:hours, field: "hour")
|
75
|
+
.register_column(:days, field: "day")
|
76
|
+
.register_column(:months, field: "month")
|
77
|
+
.register_column(:weekdays, field: "weekday")
|
78
|
+
.register_column(:user, field: "user")
|
79
|
+
.register_column(:commands, field: "command")
|
81
80
|
|
82
81
|
# rebuild the crontab line from raw content
|
83
|
-
filter.register_custom_property(:content)
|
82
|
+
filter.register_custom_property(:content) do |t, _|
|
84
83
|
t.entries.map do |e|
|
85
|
-
[e.minute, e.hour, e.day, e.month, e.weekday, e.user, e.command].compact.join(
|
84
|
+
[e.minute, e.hour, e.day, e.month, e.weekday, e.user, e.command].compact.join(" ")
|
86
85
|
end.join("\n")
|
87
|
-
|
86
|
+
end
|
88
87
|
|
89
88
|
filter.install_filter_methods_on_resource(self, :params)
|
90
89
|
|
@@ -94,7 +93,7 @@ module Inspec::Resources
|
|
94
93
|
elsif is_user_crontab?
|
95
94
|
"crontab for user #{@user}"
|
96
95
|
else
|
97
|
-
|
96
|
+
"crontab for current user"
|
98
97
|
end
|
99
98
|
end
|
100
99
|
|
@@ -112,32 +111,32 @@ module Inspec::Resources
|
|
112
111
|
case data
|
113
112
|
when /@hourly .*/
|
114
113
|
elements = data.split(/\s+/, 3)
|
115
|
-
{
|
114
|
+
{ "minute" => "0", "hour" => "*", "day" => "*", "month" => "*", "weekday" => "*", "user" => elements.at(1), "command" => elements.at(2) }
|
116
115
|
when /@(midnight|daily) .*/
|
117
116
|
elements = data.split(/\s+/, 3)
|
118
|
-
{
|
117
|
+
{ "minute" => "0", "hour" => "0", "day" => "*", "month" => "*", "weekday" => "*", "user" => elements.at(1), "command" => elements.at(2) }
|
119
118
|
when /@weekly .*/
|
120
119
|
elements = data.split(/\s+/, 3)
|
121
|
-
{
|
120
|
+
{ "minute" => "0", "hour" => "0", "day" => "*", "month" => "*", "weekday" => "0", "user" => elements.at(1), "command" => elements.at(2) }
|
122
121
|
when /@monthly ./
|
123
122
|
elements = data.split(/\s+/, 3)
|
124
|
-
{
|
123
|
+
{ "minute" => "0", "hour" => "0", "day" => "1", "month" => "*", "weekday" => "*", "user" => elements.at(1), "command" => elements.at(2) }
|
125
124
|
when /@(annually|yearly) .*/
|
126
125
|
elements = data.split(/\s+/, 3)
|
127
|
-
{
|
126
|
+
{ "minute" => "0", "hour" => "0", "day" => "1", "month" => "1", "weekday" => "*", "user" => elements.at(1), "command" => elements.at(2) }
|
128
127
|
when /@reboot .*/
|
129
128
|
elements = data.split(/\s+/, 3)
|
130
|
-
{
|
129
|
+
{ "minute" => "-1", "hour" => "-1", "day" => "-1", "month" => "-1", "weekday" => "-1", "user" => elements.at(1), "command" => elements.at(2) }
|
131
130
|
else
|
132
131
|
elements = data.split(/\s+/, 7)
|
133
132
|
{
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
133
|
+
"minute" => elements.at(0),
|
134
|
+
"hour" => elements.at(1),
|
135
|
+
"day" => elements.at(2),
|
136
|
+
"month" => elements.at(3),
|
137
|
+
"weekday" => elements.at(4),
|
138
|
+
"user" => elements.at(5),
|
139
|
+
"command" => elements.at(6),
|
141
140
|
}
|
142
141
|
end
|
143
142
|
end
|
@@ -145,27 +144,27 @@ module Inspec::Resources
|
|
145
144
|
def parse_user_crontab(data)
|
146
145
|
case data
|
147
146
|
when /@hourly .*/
|
148
|
-
{
|
147
|
+
{ "minute" => "0", "hour" => "*", "day" => "*", "month" => "*", "weekday" => "*", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
149
148
|
when /@(midnight|daily) .*/
|
150
|
-
{
|
149
|
+
{ "minute" => "0", "hour" => "0", "day" => "*", "month" => "*", "weekday" => "*", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
151
150
|
when /@weekly .*/
|
152
|
-
{
|
151
|
+
{ "minute" => "0", "hour" => "0", "day" => "*", "month" => "*", "weekday" => "0", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
153
152
|
when /@monthly ./
|
154
|
-
{
|
153
|
+
{ "minute" => "0", "hour" => "0", "day" => "1", "month" => "*", "weekday" => "*", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
155
154
|
when /@(annually|yearly) .*/
|
156
|
-
{
|
155
|
+
{ "minute" => "0", "hour" => "0", "day" => "1", "month" => "1", "weekday" => "*", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
157
156
|
when /@reboot .*/
|
158
|
-
{
|
157
|
+
{ "minute" => "-1", "hour" => "-1", "day" => "-1", "month" => "-1", "weekday" => "-1", "user" => @user, "command" => data.split(/\s+/, 2).at(1) }
|
159
158
|
else
|
160
159
|
elements = data.split(/\s+/, 6)
|
161
160
|
{
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
161
|
+
"minute" => elements.at(0),
|
162
|
+
"hour" => elements.at(1),
|
163
|
+
"day" => elements.at(2),
|
164
|
+
"month" => elements.at(3),
|
165
|
+
"weekday" => elements.at(4),
|
166
|
+
"user" => @user,
|
167
|
+
"command" => elements.at(5),
|
169
168
|
}
|
170
169
|
end
|
171
170
|
end
|