inspec 0.21.6 → 0.22.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: da9f3db002552f64882b3f669bd4ea12fe180c7e
-  data.tar.gz: 9b9f3c267f0c3fc0c86d700d4ccd4bbfae9cee04
+  metadata.gz: b6b3a430a61c900227107401eb2d22aea396695a
+  data.tar.gz: cb34fe4dbbc66c5aecf5ac9496d201032de28c7c
 SHA512:
-  metadata.gz: 372c1b6d4d415859870ec095aab279428e63dab35a3b5b28525c69817d24f71c9d20aad5ca83d45d4df376cfa9281925de6a84346c968283b9006d7b65520069
-  data.tar.gz: d14b81b748f0a54bf74511ec5633fefdc09f2d83ae0dc9b82a6cc078c6cf932b5d1eacc3b25dec994eb0321f711d6229b942dfad6fd46f3ba787432e7267c590
+  metadata.gz: 6db2835d8e1d4cae685034570388f40c94ecb81ad6a8a03af2c8014d5950c3453de43603cb02f01b0379022c86ac247ce2fecdab5b89b5e69cf480330d24589b
+  data.tar.gz: 086ad5000a51bc657ed0e5bffe41736228c2bc3671a343c34995fc27953d7565cb66095b6b35b4bd6bde60ce7146888af6b67d4fb2911a86d278d42cd47edf56

data/CHANGELOG.md

@@ -1,7 +1,23 @@
 # Change Log
 
-## [0.21.6](https://github.com/chef/inspec/tree/0.21.6) (2016-05-13)
-[Full Changelog](https://github.com/chef/inspec/compare/v0.21.5...0.21.6)
+## [0.22.0](https://github.com/chef/inspec/tree/0.22.0) (2016-05-16)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.21.6...0.22.0)
+
+**Implemented enhancements:**
+
+- update train dependency to 0.12.0 [\#757](https://github.com/chef/inspec/pull/757) ([chris-rock](https://github.com/chris-rock))
+- run integration tests in docker [\#732](https://github.com/chef/inspec/pull/732) ([chris-rock](https://github.com/chris-rock))
+
+**Merged pull requests:**
+
+- fixed 'it' statements under file\_test [\#758](https://github.com/chef/inspec/pull/758) ([Anirudh-Gupta](https://github.com/Anirudh-Gupta))
+- modification in command resource example [\#756](https://github.com/chef/inspec/pull/756) ([Anirudh-Gupta](https://github.com/Anirudh-Gupta))
+- add sudo\_command option [\#754](https://github.com/chef/inspec/pull/754) ([jeremymv2](https://github.com/jeremymv2))
+- remove string quotes around regexp \(docfix\) [\#750](https://github.com/chef/inspec/pull/750) ([lamont-granquist](https://github.com/lamont-granquist))
+- rake release\_docker + smaller image builds [\#745](https://github.com/chef/inspec/pull/745) ([arlimus](https://github.com/arlimus))
+
+## [v0.21.6](https://github.com/chef/inspec/tree/v0.21.6) (2016-05-13)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.21.5...v0.21.6)
 
 **Fixed bugs:**
 

data/Gemfile

@@ -23,6 +23,7 @@ group :integration do
   gem 'kitchen-vagrant'
   gem 'kitchen-inspec', '0.12.5'
   gem 'kitchen-ec2'
+  gem 'kitchen-dokken'
 end
 
 group :tools do

data/README.md

@@ -190,7 +190,7 @@ inspec exec test.rb -t winrm://Administrator@windowshost --password 'your-passwo
 inspec exec test.rb -t docker://container_id
 
 # run with sudo
-inspec exec test.rb --sudo [--sudo-password ...] [--sudo-options ...]
+inspec exec test.rb --sudo [--sudo-password ...] [--sudo-options ...] [--sudo_command ...]
 ```
 
 ### detect

data/Rakefile

@@ -49,10 +49,10 @@ namespace :test do
     sh(Gem.ruby, 'test/docker_test.rb', *tests)
   end
 
-  task :vm do
-    concurrency = ENV['CONCURRENCY'] || 4
-    path = File.join(File.dirname(__FILE__), 'test', 'integration')
-    sh('sh', '-c', "cd #{path} && bundle exec kitchen test -c #{concurrency} -t .")
+  task :integration do
+    concurrency = ENV['CONCURRENCY'] || 1
+    os = ENV['OS'] || ''
+    sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{os}")
   end
 
   task :ssh, [:target] do |_t, args|
@@ -146,3 +146,14 @@ task :bump_version, [:version] do |_, args|
   inspec_version(v)
   Rake::Task['changelog'].invoke
 end
+
+desc 'Release a new docker image'
+task :release_docker do
+  version = Inspec::VERSION
+  cmd = "rm *.gem; gem build *gemspec && "\
+        "mv *.gem inspec.gem && "\
+        "docker build -t chef/inspec:#{version} . && "\
+        "docker push chef/inspec:#{version}"
+  puts "--> #{cmd}"
+  sh('sh', '-c', cmd)
+end

data/docs/ctl_inspec.rst

@@ -41,6 +41,9 @@ The following options may be used with any of the InSpec CLI subcommands:
 ``--sudo_password``
    The sudo password, if required.
 
+``--sudo_command``
+   Alternate sudo command, if required.
+
 ``-t``, ``--target``
    The URI for the target of a remote scan, preceded by the target's backend. For example: ``backend://user:pass@host:port``, where ``backend`` is one of ``docker``, ``local``, ``ssh``, or ``winrm``.
 

data/docs/resources.rst

@@ -1107,16 +1107,16 @@ The ``content`` matcher tests if contents in the file match the value specified
 
 .. code-block:: ruby
 
-   its('content') { should match 'value' }
+   its('content') { should match REGEX }
 
 The following complete example tests the ``pg_hba.conf`` file in |postgresql| for |md5| requirements.  The tests look at all ``host`` and ``local`` settings in that file, and then compare the |md5| checksums against the values in the test:
 
 .. code-block:: bash
 
    describe file(hba_config_file) do
-     its('content') { should match '/local\s.*?all\s.*?all\s.*?md5/' }
-     its('content') { should match '%r{/host\s.*?all\s.*?all\s.*?127.0.0.1\/32\s.*?md5/}' }
-     its('content') { should match '%r{/host\s.*?all\s.*?all\s.*?::1\/128\s.*?md5/}' }
+     its('content') { should match /local\s.*?all\s.*?all\s.*?md5/ }
+     its('content') { should match %r{/host\s.*?all\s.*?all\s.*?127.0.0.1\/32\s.*?md5/} }
+     its('content') { should match %r{/host\s.*?all\s.*?all\s.*?::1\/128\s.*?md5/} }
    end
 
 exist
@@ -1286,9 +1286,9 @@ The following examples show how to use this InSpec audit resource.
 .. code-block:: bash
 
    describe file(hba_config_file) do
-     its('content') { should match '/local\s.*?all\s.*?all\s.*?md5/' }
-     its('content') { should match '%r{/host\s.*?all\s.*?all\s.*?127.0.0.1\/32\s.*?md5/}' }
-     its('content') { should match '%r{/host\s.*?all\s.*?all\s.*?::1\/128\s.*?md5/}' }
+     its('content') { should match /local\s.*?all\s.*?all\s.*?md5/ }
+     its('content') { should match %r{/host\s.*?all\s.*?all\s.*?127.0.0.1\/32\s.*?md5/} }
+     its('content') { should match %r{/host\s.*?all\s.*?all\s.*?::1\/128\s.*?md5/} }
    end
 
 **Test if a file exists**

data/inspec.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'r-train', '~> 0.11'
+  spec.add_dependency 'r-train', '~> 0.12'
   spec.add_dependency 'thor', '~> 0.19'
   spec.add_dependency 'json', '~> 1.8'
   spec.add_dependency 'rainbow', '~> 2'

data/lib/inspec/version.rb

@@ -3,5 +3,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '0.21.6'.freeze
+  VERSION = '0.22.0'.freeze
 end

data/lib/resources/command.rb

@@ -10,11 +10,15 @@ module Inspec::Resources
     desc 'Use the command InSpec audit resource to test an arbitrary command that is run on the system.'
     example "
       describe command('ls -al /') do
-        it { should exist }
         its('stdout') { should match /bin/ }
         its('stderr') { should eq '' }
         its('exit_status') { should eq 0 }
       end
+
+      command('ls -al /').exist? will return false. Existence of command should be checked this way.
+      describe command('ls') do
+        it { should exist }
+      end
     "
 
     attr_reader :command

data/lib/utils/base_cli.rb

@@ -29,6 +29,8 @@ module Inspec
         desc: 'Specify a sudo password, if it is required.'
       option :sudo_options, type: :string,
         desc: 'Additional sudo options for a remote scan.'
+      option :sudo_command, type: :string,
+        desc: 'Alternate command for sudo.'
       option :ssl, type: :boolean,
         desc: 'Use SSL for transport layer encryption (WinRM).'
       option :self_signed, type: :boolean,

data/test/cookbooks/os_prepare/attributes/default.rb

@@ -0,0 +1,2 @@
+default['osprepare']['docker'] = false
+default['osprepare']['application'] = true

data/test/cookbooks/os_prepare/recipes/default.rb

@@ -7,19 +7,21 @@
 
 # basic tests
 include_recipe('os_prepare::file')
-include_recipe('os_prepare::mount')
+include_recipe('os_prepare::mount') unless node['osprepare']['docker']
 include_recipe('os_prepare::service')
 include_recipe('os_prepare::package')
 include_recipe('os_prepare::registry_key')
-include_recipe('os_prepare::iptables')
+include_recipe('os_prepare::iptables') unless node['osprepare']['docker']
+
+# config file parsing
+include_recipe('os_prepare::json_yaml_csv_ini')
 
 # configure repos, eg. nginx
 include_recipe('os_prepare::apt')
 
 # application configuration
-include_recipe('os_prepare::postgres')
-include_recipe('os_prepare::auditctl')
-include_recipe('os_prepare::apache')
-
-# config file parsing
-include_recipe('os_prepare::json_yaml_csv_ini')
+if node['osprepare']['application']
+  include_recipe('os_prepare::postgres')
+  include_recipe('os_prepare::auditctl') unless node['osprepare']['docker']
+  include_recipe('os_prepare::apache')
+end

data/test/integration/default/apache_conf_spec.rb

@@ -1,15 +1,16 @@
 # encoding: utf-8
 
-if os.linux?
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+return unless os.linux?
 
-  # direct access to params of apache conf
-  describe apache_conf do
-    its('LogLevel') { should eq 'warn' }
-    its('MaxKeepAliveRequests') { should eq '100' }
-  end
+# direct access to params of apache conf
+describe apache_conf do
+  its('LogLevel') { should cmp 'warn' }
+  its('MaxKeepAliveRequests') { should cmp 100 }
+end
 
-  # only read one param
-  describe apache_conf.params('LogLevel') do
-    it { should include 'warn' }
-  end
+# only read one param
+describe apache_conf.params('LogLevel') do
+  it { should include 'warn' }
 end

data/test/integration/default/compare_matcher_spec.rb

@@ -11,12 +11,12 @@ if os.linux?
     its('Port') { should cmp 22.0 }
     its('Port') { should_not cmp 22.1 }
 
-    its('LogLevel') { should eq 'INFO' }
-    its('LogLevel') { should_not eq 'info'}
+    its('LogLevel') { should eq 'VERBOSE' }
+    its('LogLevel') { should_not eq 'verbose'}
 
-    its('LogLevel') { should cmp 'INFO' }
-    its('LogLevel') { should cmp 'info' }
-    its('LogLevel') { should cmp 'InfO' }
+    its('LogLevel') { should cmp 'VERBOSE' }
+    its('LogLevel') { should cmp 'verbose' }
+    its('LogLevel') { should cmp 'VerBose' }
   end
 
   describe passwd.passwords.uniq do

data/test/integration/default/etc_group_spec.rb

@@ -1,5 +1,9 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
+# lets define our own group
 root_group = 'root'
 
 if os[:family] == 'aix'

data/test/integration/default/file_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 if os[:family] == 'freebsd'
   filedata = {
     user: 'root',
@@ -56,8 +59,8 @@ if os.unix?
     # it { should have_mode }
     its('mode') { should eq 00765 }
     it { should be_mode 00765 }
-    its('mode') { should cmp '0765' }
-    its('mode') { should_not cmp '0777' }
+    its('mode') { should cmp 0765 }
+    its('mode') { should_not cmp 0777 }
 
     it { should be_readable }
     it { should be_readable.by('owner') }

data/test/integration/default/iptables_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 case os[:family]
 when 'ubuntu', 'fedora'
   describe iptables do

data/test/integration/default/kernel_module_spec.rb

@@ -1,17 +1,18 @@
 # encoding: utf-8
 
-# Test kernel modules on all linux systems
-if os.linux?
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+return unless os.linux?
 
-  describe kernel_module('video') do
-    it { should be_loaded }
-  end
+# Test kernel modules on all linux systems
+describe kernel_module('video') do
+  it { should be_loaded }
+end
 
-  describe kernel_module('bridge') do
-    it { should_not be_loaded }
-  end
+describe kernel_module('bridge') do
+  it { should_not be_loaded }
+end
 
-  describe kernel_module('dhcp') do
-    it { should_not be_loaded }
-  end
+describe kernel_module('dhcp') do
+  it { should_not be_loaded }
 end

data/test/integration/default/kernel_parameter_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 # prepare values
 if ['ubuntu', 'centos', 'fedora', 'opensuse', 'debian'].include?(os[:family])
   test_values = {

data/test/integration/default/mount_spec.rb

@@ -1,12 +1,14 @@
 # encoding: utf-8
 
-if os.linux?
-  # instead of `.with` or `.only_with` we recommend to use the `mount` resource
-  describe mount '/mnt/iso-disk' do
-    it { should be_mounted }
-    its('count') { should eq  1 }
-    its('device') { should eq '/tmp/empty.iso' }
-    its('type') { should eq  'iso9660' }
-    its('options') { should eq  ['ro'] }
-  end
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+return unless os.linux?
+
+# instead of `.with` or `.only_with` we recommend to use the `mount` resource
+describe mount '/mnt/iso-disk' do
+  it { should be_mounted }
+  its('count') { should eq  1 }
+  its('device') { should eq '/tmp/empty.iso' }
+  its('type') { should eq  'iso9660' }
+  its('options') { should eq  ['ro'] }
 end

data/test/integration/default/port_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 # check that ssh runs
 if os.unix?
   describe port(22) do

data/test/integration/default/postgres_session_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 # postgres-server is installed on these platforms
 if ['ubuntu', 'centos'].include? os['family']
   postgres = postgres_session('postgres', 'inspec')

data/test/integration/default/powershell_spec.rb

@@ -1,4 +1,7 @@
 # encoding: utf-8
+
+return unless os.windows?
+
 script = <<-EOH
   Write-Output 'hello'
 EOH

data/test/integration/default/registry_key_spec.rb

@@ -1,67 +1,66 @@
 # encoding: utf-8
 
-if os.windows?
+return unless os.windows?
 
-  describe registry_key('HKLM\System\Test') do
-    it { should exist }
-    it { should have_value('test') }
-    it { should have_property('binary value', :binary) }
-    it { should have_property('Binary value', :binary) }
-    it { should have_property('string value') }
-    it { should have_property('String value') }
-    it { should have_property('dword value', :dword) }
-    it { should have_property_value('multistring value', :multi_string, ['test', 'multi','string','data']) }
-    it { should have_property_value('Multistring Value', :multi_string, ['test', 'multi','string','data']) }
-    it { should have_property_value('qword value', :qword, 0) }
-    it { should have_property_value('Qword value', :qword, 0) }
-    it { should have_property_value('binary value', :binary, 'dfa0f066') }
-    it { should have_property_value('Binary value', :binary, 'dfa0f066') }
-  end
+describe registry_key('HKLM\System\Test') do
+  it { should exist }
+  it { should have_value('test') }
+  it { should have_property('binary value', :binary) }
+  it { should have_property('Binary value', :binary) }
+  it { should have_property('string value') }
+  it { should have_property('String value') }
+  it { should have_property('dword value', :dword) }
+  it { should have_property_value('multistring value', :multi_string, ['test', 'multi','string','data']) }
+  it { should have_property_value('Multistring Value', :multi_string, ['test', 'multi','string','data']) }
+  it { should have_property_value('qword value', :qword, 0) }
+  it { should have_property_value('Qword value', :qword, 0) }
+  it { should have_property_value('binary value', :binary, 'dfa0f066') }
+  it { should have_property_value('Binary value', :binary, 'dfa0f066') }
+end
 
-  # serverspec compatability
-  describe windows_registry_key('HKLM\System\Test') do
-    it { should exist }
-    it { should have_value('test') }
-    it { should have_property('string value') }
-    it { should have_property('binary value', :type_binary) }
-    it { should have_property('dword value', :type_dword) }
-    it { should have_property_value('multistring value', :type_multistring, ['test', 'multi','string','data']) }
-    it { should have_property_value('qword value', :type_qword, 0) }
-    it { should have_property_value('binary value', :type_binary, 'dfa0f066') }
-  end
+# serverspec compatability
+describe windows_registry_key('HKLM\System\Test') do
+  it { should exist }
+  it { should have_value('test') }
+  it { should have_property('string value') }
+  it { should have_property('binary value', :type_binary) }
+  it { should have_property('dword value', :type_dword) }
+  it { should have_property_value('multistring value', :type_multistring, ['test', 'multi','string','data']) }
+  it { should have_property_value('qword value', :type_qword, 0) }
+  it { should have_property_value('binary value', :type_binary, 'dfa0f066') }
+end
 
-  describe registry_key('HKLM\Software\Policies\Microsoft\Windows\EventLog\System') do
-    it { should exist }
-    its('MaxSize') { should_not eq nil }
-  end
+describe registry_key('HKLM\Software\Policies\Microsoft\Windows\EventLog\System') do
+  it { should exist }
+  its('MaxSize') { should_not eq nil }
+end
 
-  describe registry_key('HKLM\System\CurrentControlSet\Control\Session Manager') do
-    it { should exist }
-    it { should_not have_property_value('SafeDllSearchMode', :type_dword, 0) }
-    # case-insensitive test
-    it { should_not have_property_value('safedllsearchmode', :type_dword, 0) }
-  end
+describe registry_key('HKLM\System\CurrentControlSet\Control\Session Manager') do
+  it { should exist }
+  it { should_not have_property_value('SafeDllSearchMode', :type_dword, 0) }
+  # case-insensitive test
+  it { should_not have_property_value('safedllsearchmode', :type_dword, 0) }
+end
 
-  describe registry_key('HKLM\System\CurrentControlSet\Services\LanManServer\Parameters') do
-    it { should exist }
-    its('NullSessionShares') { should eq [''] }
-  end
+describe registry_key('HKLM\System\CurrentControlSet\Services\LanManServer\Parameters') do
+  it { should exist }
+  its('NullSessionShares') { should eq [''] }
+end
 
-  describe registry_key('HKLM\Software\Policies\Microsoft\Internet Explorer\Main') do
-    it { should exist }
-    its('Isolation64Bit') { should eq 1 }
-    # check that its is case-insensitive
-    its('isolation64bit') { should eq 1 }
-  end
+describe registry_key('HKLM\Software\Policies\Microsoft\Internet Explorer\Main') do
+  it { should exist }
+  its('Isolation64Bit') { should eq 1 }
+  # check that its is case-insensitive
+  its('isolation64bit') { should eq 1 }
+end
 
-  describe registry_key('HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services') do
-    it { should exist }
-    its('MinEncryptionLevel') { should eq 3 }
-  end
+describe registry_key('HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services') do
+  it { should exist }
+  its('MinEncryptionLevel') { should eq 3 }
+end
 
-  describe registry_key('HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0') do
-    it { should exist }
-    its('NTLMMinServerSec') { should eq 537_395_200 }
-    its('NtlmMinServerSec') { should eq 537_395_200 }
-  end
+describe registry_key('HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0') do
+  it { should exist }
+  its('NTLMMinServerSec') { should eq 537_395_200 }
+  its('NtlmMinServerSec') { should eq 537_395_200 }
 end

data/test/integration/default/secpol_spec.rb

@@ -1,8 +1,8 @@
 # encoding: utf-8
 
-if os.windows?
-  describe security_policy do
-    its('EnableAdminAccount') { should eq 1 }
-    its('EnableGuestAccount') { should eq 0 }
-  end
+return unless os.windows?
+
+describe security_policy do
+  its('EnableAdminAccount') { should eq 1 }
+  its('EnableGuestAccount') { should eq 0 }
 end

data/test/integration/default/service_spec.rb

@@ -1,5 +1,8 @@
 # encoding: utf-8
 
+# TODO: do not run those tests on docker yet
+return if ENV['DOCKER']
+
 # based on operating system we select the available service
 if ['centos', 'fedora', 'freebsd', 'opensuse'].include?(os[:family])
   # CentOS, Fedora
@@ -38,8 +41,8 @@ describe service(available_service) do
 end
 
 # extra test for ubuntu upstart with systemv service
-if os[:family] == 'ubuntu'
-  describe service('ntp') do
+if os[:family] == 'ubuntu' && os[:release] == '12.04'
+  describe upstart_service('ssh') do
     it { should be_enabled }
     it { should be_installed }
     it { should be_running }

data/test/integration/default/user_spec.rb

@@ -85,7 +85,8 @@ else
 
       # check that the user is part of the groups
       if k.to_s == 'groups'
-        its(k) { should include v }
+        # TODO: do not run those tests on docker yet
+        its(k) { should include v } unless ENV['DOCKER']
       # default eq comparison
       else
         its(k) { should eq v }

data/test/integration/default/vbscript_spec.rb

@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+return unless os.windows?
+
 # script that may have multiple lines
 vbscript = <<-EOH
   WScript.Echo "hello"

data/test/integration/default/wmi_spec.rb

@@ -1,5 +1,7 @@
 # encoding: utf-8
 
+return unless os.windows?
+
 # Get-WmiObject win32_service
 # Get-WmiObject -class win32_service
 # returns an array of service objects

data/test/unit/resources/file_test.rb

@@ -123,7 +123,7 @@ describe Inspec::Resources::FileResource do
         resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
       end
 
-      it 'returns true when the cmd exits non-zero' do
+      it 'returns false when the cmd exits non-zero' do
         MockLoader.mock_command(resource, 'su -s /bin/sh -c "test -flag /fakepath/fakefile" user', exit_status: 1)
         resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
       end
@@ -144,7 +144,7 @@ describe Inspec::Resources::FileResource do
         resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
       end
 
-      it 'returns true when the cmd exits non-zero' do
+      it 'returns false when the cmd exits non-zero' do
         MockLoader.mock_command(resource, 'sudo -u user test -flag /fakepath/fakefile', exit_status: 1)
         resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 0.21.6
+  version: 0.22.0
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-13 00:00:00.000000000 Z
+date: 2016-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: r-train
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.12'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.12'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -359,7 +359,6 @@ files:
 - lib/utils/filter_array.rb
 - lib/utils/find_files.rb
 - lib/utils/hash.rb
-- lib/utils/hash_map.rb
 - lib/utils/json_log.rb
 - lib/utils/modulator.rb
 - lib/utils/object_traversal.rb
@@ -367,6 +366,7 @@ files:
 - lib/utils/plugin_registry.rb
 - lib/utils/simpleconfig.rb
 - tasks/maintainers.rb
+- test/cookbooks/os_prepare/attributes/default.rb
 - test/cookbooks/os_prepare/files/empty.iso
 - test/cookbooks/os_prepare/files/example.csv
 - test/cookbooks/os_prepare/files/example.ini
@@ -551,8 +551,6 @@ files:
 - test/unit/mock/profiles/legacy-empty-metadata/metadata.rb
 - test/unit/mock/profiles/legacy-simple-metadata/metadata.rb
 - test/unit/mock/profiles/legacy-simple-metadata/test/.gitkeep
-- test/unit/mock/profiles/resource-tiny/inspec.yml
-- test/unit/mock/profiles/resource-tiny/libraries/resource.rb
 - test/unit/mock/profiles/simple-metadata/inspec.yml
 - test/unit/mock/profiles/skippy-profile-os/controls/one.rb
 - test/unit/mock/profiles/skippy-profile-os/inspec.yml
@@ -640,11 +638,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
 summary: Infrastructure and compliance testing.
 test_files:
+- test/cookbooks/os_prepare/attributes/default.rb
 - test/cookbooks/os_prepare/files/empty.iso
 - test/cookbooks/os_prepare/files/example.csv
 - test/cookbooks/os_prepare/files/example.ini
@@ -829,8 +828,6 @@ test_files:
 - test/unit/mock/profiles/legacy-empty-metadata/metadata.rb
 - test/unit/mock/profiles/legacy-simple-metadata/metadata.rb
 - test/unit/mock/profiles/legacy-simple-metadata/test/.gitkeep
-- test/unit/mock/profiles/resource-tiny/inspec.yml
-- test/unit/mock/profiles/resource-tiny/libraries/resource.rb
 - test/unit/mock/profiles/simple-metadata/inspec.yml
 - test/unit/mock/profiles/skippy-profile-os/controls/one.rb
 - test/unit/mock/profiles/skippy-profile-os/inspec.yml

data/lib/utils/hash_map.rb

@@ -1,37 +0,0 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
-
-class HashMap
-  class << self
-    def [](hash, *keys)
-      return hash if keys.empty? || hash.nil?
-      key = keys.shift
-      if hash.is_a?(Array)
-        map = hash.map { |i| [i, key] }
-      else
-        map = hash[key]
-      end
-      [map, *keys]
-    rescue NoMethodError => _
-      nil
-    end
-  end
-end
-
-class StringMap
-  class << self
-    def [](hash, *keys)
-      return hash if keys.empty? || hash.nil?
-      key = keys.shift
-      if hash.is_a?(Array)
-        map = hash.map { |i| [i, key] }
-      else
-        map = hash[key]
-      end
-      [map, *keys]
-    rescue NoMethodError => _
-      nil
-    end
-  end
-end

data/test/unit/mock/profiles/resource-tiny/inspec.yml

@@ -1,10 +0,0 @@
-name: complete
-title: complete example profile
-maintainer: Chef Software, Inc.
-copyright: Chef Software, Inc.
-copyright_email: support@chef.io
-license: Proprietary, All rights reserved
-summary: Testing stub
-version: 1.0.0
-supports:
-- os-family: linux

data/test/unit/mock/profiles/resource-tiny/libraries/resource.rb

@@ -1,3 +0,0 @@
-class Tiny < Inspec.resource(1)
-  name 'tiny'
-end