linux_admin 0.10.1 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 416f57382aba9378eb64a0b558478898d1d40e2f
-  data.tar.gz: d4c70351176347b76844638bae4cc6c49dbad3b2
+  metadata.gz: 1c8a9566372578734f209b1cb4d7795bc8d911ff
+  data.tar.gz: 0d10059fc09b699b8b0debda74afb30592021353
 SHA512:
-  metadata.gz: e3f345b3999366943ae185ce3a93a57664142b0213a37490fbeff23d650712fc28c29f64b761deba2eb3652548e461459773e6bfedb1ea393d049a595a15a5c9
-  data.tar.gz: 97b4f388757fce7f406a4a5e3671aa034b347384c37958e3c22e9e307aa4cb649143079640fff88b5b0989819c085696b9a6c79ba6653d4a309909baf6c9fc28
+  metadata.gz: 063fcd55e7a1b6f1aa8d595b0a060ac642fc00766aba7a26ab398f5d87f9cc4e5adec38321ee5f5bf6c8e0adda73798bbdb0b4015f9c33fff988d533afc1fac5
+  data.tar.gz: 33dfa49d8909ed8a7c2a28db9ac4d314ef09f263d7f10c64e628ba792b59a76d4964002c8f7a4b58badefb659fc0c2cb980cb404a1825ae50af64890c690cf25

data/lib/linux_admin.rb

@@ -27,6 +27,7 @@ require 'linux_admin/volume'
 require 'linux_admin/logical_volume'
 require 'linux_admin/physical_volume'
 require 'linux_admin/volume_group'
+require 'linux_admin/scap'
 
 module LinuxAdmin
   extend Common

data/lib/linux_admin/common.rb

@@ -6,6 +6,10 @@ module LinuxAdmin
       Distros.local.command(cmd)
     end
 
+    def cmd?(cmd)
+      Distros.local.command?(cmd)
+    end
+
     def run(cmd, options = {})
       AwesomeSpawn.logger ||= logger
       AwesomeSpawn.run(cmd, options)

data/lib/linux_admin/disk.rb

@@ -68,12 +68,12 @@ module LinuxAdmin
       @size ||= begin
         size = nil
         out = run!(cmd(:fdisk), :params => {"-l" => nil}).output
-        out.each_line { |l|
-          if l =~ /Disk #{path}: ([0-9\.]*) ([KMG])B.*/
-            size = str_to_bytes($1, $2)
+        out.each_line do |l|
+          /Disk #{path}: .*B, (\d+) bytes/.match(l) do |m|
+            size = m[1].to_i
             break
           end
-        }
+        end
         size
       end
     end

data/lib/linux_admin/distro.rb

@@ -60,6 +60,10 @@ module LinuxAdmin
         @path.collect { |dir| "#{dir}/#{name}" }.detect { |cmd| File.exist?(cmd) }
       end
 
+      def command?(name)
+        !!command(name)
+      end
+
       def info(pkg)
         info_class ? info_class.info(pkg) : nil
       end

data/lib/linux_admin/scap.rb

@@ -0,0 +1,104 @@
+require 'nokogiri'
+
+module LinuxAdmin
+  class Scap
+    PROFILE_ID = "linux-admin-scap"
+    SSG_XML_PATH = Pathname.new("/usr/share/xml/scap/ssg/content/")
+
+    def self.openscap_available?
+      require 'openscap'
+      true
+    rescue LoadError
+      false
+    end
+
+    def self.ssg_available?
+      xccdf_file && oval_file
+    end
+
+    def lockdown(*args)
+      raise "OpenSCAP not available" unless self.class.openscap_available?
+      raise "SCAP Security Guide not available" unless self.class.ssg_available?
+
+      values = args.last.kind_of?(Hash) ? args.pop : {}
+      rules = args
+
+      raise "No SCAP rules provided" if rules.empty?
+
+      with_xml_files(rules, values) do |xccdf_file_path|
+        lockdown_profile(xccdf_file_path, PROFILE_ID)
+      end
+    end
+
+    def lockdown_profile(xccdf_file_path, profile_id)
+      raise "OpenSCAP not available" unless self.class.openscap_available?
+
+      session = OpenSCAP::Xccdf::Session.new(xccdf_file_path)
+      session.load
+      session.profile = profile_id
+      session.evaluate
+      session.remediate
+    ensure
+      session.destroy if session
+    end
+
+    private
+
+    def self.xccdf_file
+      local_ssg_file("xccdf")
+    end
+
+    def self.oval_file
+      local_ssg_file("oval")
+    end
+
+    def self.local_ssg_file(type)
+      Dir.glob(SSG_XML_PATH.join("ssg-*-#{type}.xml")).detect { |f| f =~ /ssg-\w+-#{type}.xml/ }
+    end
+
+    def tempdir
+      @tempdir ||= Pathname.new(Dir.tmpdir)
+    end
+
+    def xccdf_file
+      @xccdf_file ||= self.class.xccdf_file
+    end
+
+    def oval_file
+      @oval_file ||= self.class.oval_file
+    end
+
+    def with_xml_files(rules, values)
+      FileUtils.cp(oval_file, tempdir)
+
+      Tempfile.create("scap_xccdf") do |f|
+        write_xccdf_xml(f, profile_xml(PROFILE_ID, rules, values))
+        f.close
+        yield f.path
+      end
+    ensure
+      FileUtils.rm_f(tempdir.join(File.basename(oval_file)))
+    end
+
+    def profile_xml(profile_id, rules, values)
+      builder = Nokogiri::XML::Builder.new do |xml|
+        xml.Profile(:id => profile_id) do
+          xml.title(profile_id)
+          xml.description(profile_id)
+          rules.each { |r| xml.select(:idref => r, :selected => "true") }
+          values.each { |k, v| xml.send("refine-value", :idref => k, :selector => v) }
+        end
+      end
+      builder.doc.root.to_xml
+    end
+
+    def write_xccdf_xml(io, profile_xml)
+      File.open(xccdf_file) do |f|
+        doc = Nokogiri::XML(f)
+        model = doc.at_css("model")
+        model.add_next_sibling("\n#{profile_xml}")
+        io.write(doc.root.to_xml)
+      end
+    end
+  end
+end

data/lib/linux_admin/service.rb

@@ -1,62 +1,43 @@
-# LinuxAdmin Service Representation
-#
-# Copyright (C) 2013 Red Hat Inc.
-# Licensed under the MIT License
-
 module LinuxAdmin
   class Service
+    extend Common
     include Common
+    include Logging
 
-    attr_accessor :id
-    private
-
-    public
-
-    def initialize(id)
-      @id = id
-    end
-
-    def running?
-      run(cmd(:service),
-          :params => { nil => [id, "status"] }).exit_status == 0
+    def self.service_type(reload = false)
+      return @service_type if @service_type && !reload
+      @service_type = service_type_uncached
     end
 
-    def enable
-      run!(cmd(:chkconfig),
-          :params => { nil => [id, "on"] })
-      self
+    class << self
+      private
+      alias_method :orig_new, :new
     end
 
-    def disable
-      run!(cmd(:chkconfig),
-          :params => { nil => [id, "off"] })
-      self
+    def self.new(*args)
+      if self == LinuxAdmin::Service
+        service_type.new(*args)
+      else
+        orig_new(*args)
+      end
     end
 
-    def start
-      run!(cmd(:service),
-          :params => { nil => [id, "start"] })
-      self
-    end
+    attr_accessor :name
 
-    def stop
-      run!(cmd(:service),
-          :params => { nil => [id, "stop"] })
-      self
+    def initialize(name)
+      @name = name
     end
 
-    def restart
-      status =
-        run(cmd(:service),
-          :params => { nil => [id, "restart"] }).exit_status
+    alias_method :id, :name
+    alias_method :id=, :name=
 
-      # attempt to manually stop/start if restart fails
-      if status != 0
-        self.stop
-        self.start
-      end
+    private
 
-      self
+    def self.service_type_uncached
+      cmd?(:systemctl) ? SystemdService : SysVInitService
     end
+    private_class_method :service_type_uncached
   end
 end
+
+Dir.glob(File.join(File.dirname(__FILE__), "service", "*.rb")).each { |f| require f }

data/lib/linux_admin/service/sys_v_init_service.rb

@@ -0,0 +1,46 @@
+module LinuxAdmin
+  class SysVInitService < Service
+    def running?
+      run(cmd(:service),
+          :params => { nil => [name, "status"] }).exit_status == 0
+    end
+
+    def enable
+      run!(cmd(:chkconfig),
+          :params => { nil => [name, "on"] })
+      self
+    end
+
+    def disable
+      run!(cmd(:chkconfig),
+          :params => { nil => [name, "off"] })
+      self
+    end
+
+    def start
+      run!(cmd(:service),
+          :params => { nil => [name, "start"] })
+      self
+    end
+
+    def stop
+      run!(cmd(:service),
+          :params => { nil => [name, "stop"] })
+      self
+    end
+
+    def restart
+      status =
+        run(cmd(:service),
+          :params => { nil => [name, "restart"] }).exit_status
+
+      # attempt to manually stop/start if restart fails
+      if status != 0
+        self.stop
+        self.start
+      end
+
+      self
+    end
+  end
+end

data/lib/linux_admin/service/systemd_service.rb

@@ -0,0 +1,46 @@
+module LinuxAdmin
+  class SystemdService < Service
+    def running?
+      run(cmd(:systemctl),
+          :params => {nil => ["status", name]}).exit_status == 0
+    end
+
+    def enable
+      run!(cmd(:systemctl),
+           :params => {nil => ["enable", name]})
+      self
+    end
+
+    def disable
+      run!(cmd(:systemctl),
+           :params => {nil => ["disable", name]})
+      self
+    end
+
+    def start
+      run!(cmd(:systemctl),
+           :params => {nil => ["start", name]})
+      self
+    end
+
+    def stop
+      run!(cmd(:systemctl),
+           :params => {nil => ["stop", name]})
+      self
+    end
+
+    def restart
+      status =
+        run(cmd(:systemctl),
+            :params => {nil => ["restart", name]}).exit_status
+
+      # attempt to manually stop/start if restart fails
+      if status != 0
+        stop
+        start
+      end
+
+      self
+    end
+  end
+end

data/lib/linux_admin/version.rb

@@ -1,3 +1,3 @@
 module LinuxAdmin
-  VERSION = "0.10.1"
+  VERSION = "0.11.0"
 end

data/spec/disk_spec.rb

@@ -37,7 +37,7 @@ eos
 
       disk = LinuxAdmin::Disk.new :path => '/dev/hda'
       allow(disk).to receive(:run!).and_return(double(:output => fdisk))
-      expect(disk.size).to eq(500.1.gigabytes)
+      expect(disk.size).to eq(500_107_862_016)
     end
   end
 

data/spec/scap_spec.rb

@@ -0,0 +1,61 @@
+describe LinuxAdmin::Scap do
+  describe "#lockdown" do
+    it "raises if given no rules" do
+      stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
+      scap = described_class.new
+      allow(described_class).to receive(:openscap_available?).and_return(true)
+      allow(described_class).to receive(:ssg_available?).and_return(true)
+      allow(scap).to receive(:lockdown_profile)
+      expect { scap.lockdown("value1" => true) }.to raise_error
+    end
+  end
+
+  describe "#profile_xml (private)" do
+    it "creates a Profile tag" do
+      profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
+      expect(profile_xml).to match(%r{<Profile id="test-profile">.*</Profile>}m)
+    end
+
+    it "creates a title tag" do
+      profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
+      expect(profile_xml).to match(%r{<title>test-profile</title>}m)
+    end
+
+    it "creates a description tag" do
+      profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
+      expect(profile_xml).to match(%r{<description>test-profile</description>}m)
+    end
+
+    it "creates a select tag for each rule" do
+      profile_xml = described_class.new.send(:profile_xml, "test-profile", %w(rule1 rule2), {})
+      expect(profile_xml).to match(%r{<select idref="rule1" selected="true"/>}m)
+      expect(profile_xml).to match(%r{<select idref="rule2" selected="true"/>}m)
+    end
+
+    it "creates a refine-value tag for each value" do
+      profile_xml = described_class.new.send(:profile_xml, "test-profile", [], "key1" => "val1", "key2" => "val2")
+      expect(profile_xml).to match(%r{<refine-value idref="key1" selector="val1"/>}m)
+      expect(profile_xml).to match(%r{<refine-value idref="key2" selector="val2"/>}m)
+    end
+  end
+
+  describe ".local_ssg_file (private)" do
+    it "returns nil if the file doesn't exist" do
+      stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new("/doesnt/exist/"))
+      file = described_class.send(:local_ssg_file, "type")
+      expect(file).to be_nil
+    end
+
+    it "returns a file if there are multiple matches" do
+      stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
+      file = described_class.send(:local_ssg_file, "xccdf")
+      expect(file).to match(%r{.*/ssg-\w+-xccdf\.xml})
+    end
+
+    it "returns a matching file" do
+      stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
+      file = described_class.send(:local_ssg_file, "oval")
+      expect(file).to eq("#{data_file_path("scap")}/ssg-rhel7-oval.xml")
+    end
+  end
+end

data/spec/service/sys_v_init_service_spec.rb

@@ -0,0 +1,110 @@
+describe LinuxAdmin::SysVInitService do
+  before do
+    @service = described_class.new 'foo'
+  end
+
+  describe "#running?" do
+    it "checks service" do
+      expect(@service).to receive(:run).
+         with(@service.cmd(:service),
+              :params => { nil => ['foo', 'status']}).and_return(double(:exit_status => 0))
+      @service.running?
+    end
+
+    context "service is running" do
+      it "returns true" do
+        @service = described_class.new :id => :foo
+        expect(@service).to receive(:run).and_return(double(:exit_status => 0))
+        expect(@service).to be_running
+     end
+    end
+
+    context "service is not running" do
+      it "returns false" do
+        @service = described_class.new :id => :foo
+        expect(@service).to receive(:run).and_return(double(:exit_status => 1))
+        expect(@service).not_to be_running
+      end
+    end
+  end
+
+  describe "#enable" do
+    it "enables service" do
+      expect(@service).to receive(:run!).
+         with(@service.cmd(:chkconfig),
+              :params => { nil => [ 'foo', 'on']})
+      @service.enable
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!) # stub out cmd invocation
+      expect(@service.enable).to eq(@service)
+    end
+  end
+
+  describe "#disable" do
+    it "disable service" do
+      expect(@service).to receive(:run!).
+         with(@service.cmd(:chkconfig),
+              :params => { nil => [ 'foo', 'off']})
+      @service.disable
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.disable).to eq(@service)
+    end
+  end
+
+  describe "#start" do
+    it "starts service" do
+      expect(@service).to receive(:run!).
+         with(@service.cmd(:service),
+              :params => { nil => [ 'foo', 'start']})
+      @service.start
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.start).to eq(@service)
+    end
+  end
+
+  describe "#stop" do
+    it "stops service" do
+      expect(@service).to receive(:run!).
+         with(@service.cmd(:service),
+              :params => { nil => [ 'foo', 'stop']})
+      @service.stop
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.stop).to eq(@service)
+    end
+  end
+
+  describe "#restart" do
+    it "stops service" do
+      expect(@service).to receive(:run).
+         with(@service.cmd(:service),
+              :params => { nil => [ 'foo', 'restart']}).and_return(double(:exit_status => 0))
+      @service.restart
+    end
+
+    context "service restart fails" do
+      it "manually stops/starts service" do
+        expect(@service).to receive(:run).and_return(double(:exit_status => 1))
+        expect(@service).to receive(:stop)
+        expect(@service).to receive(:start)
+        @service.restart
+      end
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run).and_return(double(:exit_status => 0))
+      expect(@service.restart).to eq(@service)
+    end
+  end
+
+end

data/spec/service/systemd_service_spec.rb

@@ -0,0 +1,101 @@
+describe LinuxAdmin::SystemdService do
+  before do
+    @service = described_class.new 'foo'
+  end
+
+  describe "#running?" do
+    it "checks service" do
+      expect(@service).to receive(:run)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(status foo)}).and_return(double(:exit_status => 0))
+      @service.running?
+    end
+
+    it "returns true when service is running" do
+      expect(@service).to receive(:run).and_return(double(:exit_status => 0))
+      expect(@service).to be_running
+    end
+
+    it "returns false when service is not running" do
+      expect(@service).to receive(:run).and_return(double(:exit_status => 1))
+      expect(@service).not_to be_running
+    end
+  end
+
+  describe "#enable" do
+    it "enables service" do
+      expect(@service).to receive(:run!)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(enable foo)})
+      @service.enable
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!) # stub out cmd invocation
+      expect(@service.enable).to eq(@service)
+    end
+  end
+
+  describe "#disable" do
+    it "disables service" do
+      expect(@service).to receive(:run!)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(disable foo)})
+      @service.disable
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.disable).to eq(@service)
+    end
+  end
+
+  describe "#start" do
+    it "starts service" do
+      expect(@service).to receive(:run!)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(start foo)})
+      @service.start
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.start).to eq(@service)
+    end
+  end
+
+  describe "#stop" do
+    it "stops service" do
+      expect(@service).to receive(:run!)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(stop foo)})
+      @service.stop
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run!)
+      expect(@service.stop).to eq(@service)
+    end
+  end
+
+  describe "#restart" do
+    it "restarts service" do
+      expect(@service).to receive(:run)
+        .with(@service.cmd(:systemctl),
+              :params => {nil => %w(restart foo)}).and_return(double(:exit_status => 0))
+      @service.restart
+    end
+
+    it "manually stops then starts service when restart fails" do
+      expect(@service).to receive(:run).and_return(double(:exit_status => 1))
+      expect(@service).to receive(:stop)
+      expect(@service).to receive(:start)
+      @service.restart
+    end
+
+    it "returns self" do
+      expect(@service).to receive(:run).and_return(double(:exit_status => 0))
+      expect(@service.restart).to eq(@service)
+    end
+  end
+end

data/spec/service_spec.rb

@@ -1,110 +1,54 @@
 describe LinuxAdmin::Service do
-  before(:each) do
-    @service = LinuxAdmin::Service.new 'foo'
-  end
-
-  describe "#running?" do
-    it "checks service" do
-      expect(@service).to receive(:run).
-         with(@service.cmd(:service),
-              :params => { nil => ['foo', 'status']}).and_return(double(:exit_status => 0))
-      @service.running?
+  context ".service_type" do
+    it "on systemctl systems" do
+      stub_to_service_type(:systemd_service)
+      expect(described_class.service_type).to eq(LinuxAdmin::SystemdService)
     end
 
-    context "service is running" do
-      it "returns true" do
-        @service = LinuxAdmin::Service.new :id => :foo
-        expect(@service).to receive(:run).and_return(double(:exit_status => 0))
-        expect(@service).to be_running
-     end
+    it "on sysv systems" do
+      stub_to_service_type(:sys_v_init_service)
+      expect(described_class.service_type).to eq(LinuxAdmin::SysVInitService)
     end
 
-    context "service is not running" do
-      it "returns false" do
-        @service = LinuxAdmin::Service.new :id => :foo
-        expect(@service).to receive(:run).and_return(double(:exit_status => 1))
-        expect(@service).not_to be_running
-      end
-    end
-  end
-
-  describe "#enable" do
-    it "enables service" do
-      expect(@service).to receive(:run!).
-         with(@service.cmd(:chkconfig),
-              :params => { nil => [ 'foo', 'on']})
-      @service.enable
+    it "should memoize results" do
+      expect(described_class).to receive(:service_type_uncached).once.and_return("anything_non_nil")
+      described_class.service_type
+      described_class.service_type
     end
 
-    it "returns self" do
-      expect(@service).to receive(:run!) # stub out cmd invocation
-      expect(@service.enable).to eq(@service)
+    it "with reload should refresh results" do
+      expect(described_class).to receive(:service_type_uncached).twice.and_return("anything_non_nil")
+      described_class.service_type
+      described_class.service_type(true)
     end
   end
 
-  describe "#disable" do
-    it "disable service" do
-      expect(@service).to receive(:run!).
-         with(@service.cmd(:chkconfig),
-              :params => { nil => [ 'foo', 'off']})
-      @service.disable
+  context ".new" do
+    it "on systemctl systems" do
+      stub_to_service_type(:systemd_service)
+      expect(described_class.new("xxx")).to be_kind_of(LinuxAdmin::SystemdService)
     end
 
-    it "returns self" do
-      expect(@service).to receive(:run!)
-      expect(@service.disable).to eq(@service)
+    it "on sysv systems" do
+      stub_to_service_type(:sys_v_init_service)
+      expect(described_class.new("xxx")).to be_kind_of(LinuxAdmin::SysVInitService)
     end
   end
 
-  describe "#start" do
-    it "starts service" do
-      expect(@service).to receive(:run!).
-         with(@service.cmd(:service),
-              :params => { nil => [ 'foo', 'start']})
-      @service.start
-    end
+  it "#id / #id=" do
+    s = described_class.new("xxx")
+    expect(s.id).to eq("xxx")
 
-    it "returns self" do
-      expect(@service).to receive(:run!)
-      expect(@service.start).to eq(@service)
-    end
-  end
+    s.id = "yyy"
+    expect(s.id).to eq("yyy")
+    expect(s.name).to eq("yyy")
 
-  describe "#stop" do
-    it "stops service" do
-      expect(@service).to receive(:run!).
-         with(@service.cmd(:service),
-              :params => { nil => [ 'foo', 'stop']})
-      @service.stop
-    end
-
-    it "returns self" do
-      expect(@service).to receive(:run!)
-      expect(@service.stop).to eq(@service)
-    end
+    s.name = "zzz"
+    expect(s.id).to eq("zzz")
+    expect(s.name).to eq("zzz")
   end
 
-  describe "#restart" do
-    it "stops service" do
-      expect(@service).to receive(:run).
-         with(@service.cmd(:service),
-              :params => { nil => [ 'foo', 'restart']}).and_return(double(:exit_status => 0))
-      @service.restart
-    end
-
-    context "service restart fails" do
-      it "manually stops/starts service" do
-        expect(@service).to receive(:run).and_return(double(:exit_status => 1))
-        expect(@service).to receive(:stop)
-        expect(@service).to receive(:start)
-        @service.restart
-      end
-    end
-
-    it "returns self" do
-      expect(@service).to receive(:run).and_return(double(:exit_status => 0))
-      expect(@service.restart).to eq(@service)
-    end
+  def stub_to_service_type(system)
+    allow(LinuxAdmin::Service).to receive(:cmd?).with(:systemctl).and_return(system == :systemd_service)
   end
-
 end

data/spec/spec_helper.rb

@@ -109,6 +109,7 @@ end
 
 def clear_caches
   LinuxAdmin::RegistrationSystem.instance_variable_set(:@registration_type, nil)
+  LinuxAdmin::Service.instance_variable_set(:@service_type, nil)
 
   # reset the distro, tested in various placed & used extensively
   LinuxAdmin::Distros.instance_variable_set(:@local, nil)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: linux_admin
 version: !ruby/object:Gem::Version
-  version: 0.10.1
+  version: 0.11.0
 platform: ruby
 authors:
 - Brandon Dunne
@@ -10,135 +10,150 @@ authors:
 - Joe Rafaniello
 - Keenan Brock
 - Thomas Wiest
+- Nick Carboni
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-04 00:00:00.000000000 Z
+date: 2015-08-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
 - !ruby/object:Gem::Dependency
   name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>'
+    - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>'
+    - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
 - !ruby/object:Gem::Dependency
   name: inifile
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: more_core_extensions
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
 - !ruby/object:Gem::Dependency
   name: awesome_spawn
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: openscap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: |2
@@ -153,10 +168,13 @@ email:
 - jrafanie@redhat.com
 - kbrock@redhat.com
 - twiest@redhat.com
+- ncarboni@redhat.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE.txt
+- README.md
 - lib/linux_admin.rb
 - lib/linux_admin/common.rb
 - lib/linux_admin/deb.rb
@@ -177,21 +195,25 @@ files:
 - lib/linux_admin/registration_system/rhn.rb
 - lib/linux_admin/registration_system/subscription_manager.rb
 - lib/linux_admin/rpm.rb
+- lib/linux_admin/scap.rb
 - lib/linux_admin/service.rb
+- lib/linux_admin/service/sys_v_init_service.rb
+- lib/linux_admin/service/systemd_service.rb
 - lib/linux_admin/system.rb
 - lib/linux_admin/version.rb
 - lib/linux_admin/volume.rb
 - lib/linux_admin/volume_group.rb
 - lib/linux_admin/yum.rb
 - lib/linux_admin/yum/repo_file.rb
-- README.md
-- LICENSE.txt
 - spec/common_spec.rb
 - spec/data/rhn/output_rhn-channel_list
 - spec/data/rhn/output_rhn-channel_list_available
 - spec/data/rhn/systemid
 - spec/data/rhn/systemid.missing_system_id
 - spec/data/rpm/cmd_output_for_list_installed
+- spec/data/scap/ssg-rhel6-xccdf.xml
+- spec/data/scap/ssg-rhel7-oval.xml
+- spec/data/scap/ssg-rhel7-xccdf.xml
 - spec/data/subscription_manager/output_list_all_available
 - spec/data/subscription_manager/output_list_installed_not_subscribed
 - spec/data/subscription_manager/output_list_installed_subscribed
@@ -215,6 +237,9 @@ files:
 - spec/registration_system_spec.rb
 - spec/rhn_spec.rb
 - spec/rpm_spec.rb
+- spec/scap_spec.rb
+- spec/service/sys_v_init_service_spec.rb
+- spec/service/systemd_service_spec.rb
 - spec/service_spec.rb
 - spec/spec_helper.rb
 - spec/subscription_manager_spec.rb
@@ -231,17 +256,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: LinuxAdmin is a module to simplify management of linux systems.
@@ -252,6 +277,9 @@ test_files:
 - spec/data/rhn/systemid
 - spec/data/rhn/systemid.missing_system_id
 - spec/data/rpm/cmd_output_for_list_installed
+- spec/data/scap/ssg-rhel6-xccdf.xml
+- spec/data/scap/ssg-rhel7-oval.xml
+- spec/data/scap/ssg-rhel7-xccdf.xml
 - spec/data/subscription_manager/output_list_all_available
 - spec/data/subscription_manager/output_list_installed_not_subscribed
 - spec/data/subscription_manager/output_list_installed_subscribed
@@ -275,6 +303,9 @@ test_files:
 - spec/registration_system_spec.rb
 - spec/rhn_spec.rb
 - spec/rpm_spec.rb
+- spec/scap_spec.rb
+- spec/service/sys_v_init_service_spec.rb
+- spec/service/systemd_service_spec.rb
 - spec/service_spec.rb
 - spec/spec_helper.rb
 - spec/subscription_manager_spec.rb