linux_admin 0.10.1 → 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/linux_admin.rb +1 -0
- data/lib/linux_admin/common.rb +4 -0
- data/lib/linux_admin/disk.rb +4 -4
- data/lib/linux_admin/distro.rb +4 -0
- data/lib/linux_admin/scap.rb +104 -0
- data/lib/linux_admin/service.rb +25 -44
- data/lib/linux_admin/service/sys_v_init_service.rb +46 -0
- data/lib/linux_admin/service/systemd_service.rb +46 -0
- data/lib/linux_admin/version.rb +1 -1
- data/spec/data/scap/ssg-rhel6-xccdf.xml +0 -0
- data/spec/data/scap/ssg-rhel7-oval.xml +0 -0
- data/spec/data/scap/ssg-rhel7-xccdf.xml +0 -0
- data/spec/disk_spec.rb +1 -1
- data/spec/scap_spec.rb +61 -0
- data/spec/service/sys_v_init_service_spec.rb +110 -0
- data/spec/service/systemd_service_spec.rb +101 -0
- data/spec/service_spec.rb +33 -89
- data/spec/spec_helper.rb +1 -0
- metadata +56 -25
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1c8a9566372578734f209b1cb4d7795bc8d911ff
|
4
|
+
data.tar.gz: 0d10059fc09b699b8b0debda74afb30592021353
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 063fcd55e7a1b6f1aa8d595b0a060ac642fc00766aba7a26ab398f5d87f9cc4e5adec38321ee5f5bf6c8e0adda73798bbdb0b4015f9c33fff988d533afc1fac5
|
7
|
+
data.tar.gz: 33dfa49d8909ed8a7c2a28db9ac4d314ef09f263d7f10c64e628ba792b59a76d4964002c8f7a4b58badefb659fc0c2cb980cb404a1825ae50af64890c690cf25
|
data/lib/linux_admin.rb
CHANGED
data/lib/linux_admin/common.rb
CHANGED
data/lib/linux_admin/disk.rb
CHANGED
@@ -68,12 +68,12 @@ module LinuxAdmin
|
|
68
68
|
@size ||= begin
|
69
69
|
size = nil
|
70
70
|
out = run!(cmd(:fdisk), :params => {"-l" => nil}).output
|
71
|
-
out.each_line
|
72
|
-
|
73
|
-
size =
|
71
|
+
out.each_line do |l|
|
72
|
+
/Disk #{path}: .*B, (\d+) bytes/.match(l) do |m|
|
73
|
+
size = m[1].to_i
|
74
74
|
break
|
75
75
|
end
|
76
|
-
|
76
|
+
end
|
77
77
|
size
|
78
78
|
end
|
79
79
|
end
|
data/lib/linux_admin/distro.rb
CHANGED
@@ -0,0 +1,104 @@
|
|
1
|
+
require 'nokogiri'
|
2
|
+
|
3
|
+
module LinuxAdmin
|
4
|
+
class Scap
|
5
|
+
PROFILE_ID = "linux-admin-scap"
|
6
|
+
SSG_XML_PATH = Pathname.new("/usr/share/xml/scap/ssg/content/")
|
7
|
+
|
8
|
+
def self.openscap_available?
|
9
|
+
require 'openscap'
|
10
|
+
true
|
11
|
+
rescue LoadError
|
12
|
+
false
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.ssg_available?
|
16
|
+
xccdf_file && oval_file
|
17
|
+
end
|
18
|
+
|
19
|
+
def lockdown(*args)
|
20
|
+
raise "OpenSCAP not available" unless self.class.openscap_available?
|
21
|
+
raise "SCAP Security Guide not available" unless self.class.ssg_available?
|
22
|
+
|
23
|
+
values = args.last.kind_of?(Hash) ? args.pop : {}
|
24
|
+
rules = args
|
25
|
+
|
26
|
+
raise "No SCAP rules provided" if rules.empty?
|
27
|
+
|
28
|
+
with_xml_files(rules, values) do |xccdf_file_path|
|
29
|
+
lockdown_profile(xccdf_file_path, PROFILE_ID)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def lockdown_profile(xccdf_file_path, profile_id)
|
34
|
+
raise "OpenSCAP not available" unless self.class.openscap_available?
|
35
|
+
|
36
|
+
session = OpenSCAP::Xccdf::Session.new(xccdf_file_path)
|
37
|
+
session.load
|
38
|
+
session.profile = profile_id
|
39
|
+
session.evaluate
|
40
|
+
session.remediate
|
41
|
+
ensure
|
42
|
+
session.destroy if session
|
43
|
+
end
|
44
|
+
|
45
|
+
private
|
46
|
+
|
47
|
+
def self.xccdf_file
|
48
|
+
local_ssg_file("xccdf")
|
49
|
+
end
|
50
|
+
|
51
|
+
def self.oval_file
|
52
|
+
local_ssg_file("oval")
|
53
|
+
end
|
54
|
+
|
55
|
+
def self.local_ssg_file(type)
|
56
|
+
Dir.glob(SSG_XML_PATH.join("ssg-*-#{type}.xml")).detect { |f| f =~ /ssg-\w+-#{type}.xml/ }
|
57
|
+
end
|
58
|
+
|
59
|
+
def tempdir
|
60
|
+
@tempdir ||= Pathname.new(Dir.tmpdir)
|
61
|
+
end
|
62
|
+
|
63
|
+
def xccdf_file
|
64
|
+
@xccdf_file ||= self.class.xccdf_file
|
65
|
+
end
|
66
|
+
|
67
|
+
def oval_file
|
68
|
+
@oval_file ||= self.class.oval_file
|
69
|
+
end
|
70
|
+
|
71
|
+
def with_xml_files(rules, values)
|
72
|
+
FileUtils.cp(oval_file, tempdir)
|
73
|
+
|
74
|
+
Tempfile.create("scap_xccdf") do |f|
|
75
|
+
write_xccdf_xml(f, profile_xml(PROFILE_ID, rules, values))
|
76
|
+
f.close
|
77
|
+
yield f.path
|
78
|
+
end
|
79
|
+
ensure
|
80
|
+
FileUtils.rm_f(tempdir.join(File.basename(oval_file)))
|
81
|
+
end
|
82
|
+
|
83
|
+
def profile_xml(profile_id, rules, values)
|
84
|
+
builder = Nokogiri::XML::Builder.new do |xml|
|
85
|
+
xml.Profile(:id => profile_id) do
|
86
|
+
xml.title(profile_id)
|
87
|
+
xml.description(profile_id)
|
88
|
+
rules.each { |r| xml.select(:idref => r, :selected => "true") }
|
89
|
+
values.each { |k, v| xml.send("refine-value", :idref => k, :selector => v) }
|
90
|
+
end
|
91
|
+
end
|
92
|
+
builder.doc.root.to_xml
|
93
|
+
end
|
94
|
+
|
95
|
+
def write_xccdf_xml(io, profile_xml)
|
96
|
+
File.open(xccdf_file) do |f|
|
97
|
+
doc = Nokogiri::XML(f)
|
98
|
+
model = doc.at_css("model")
|
99
|
+
model.add_next_sibling("\n#{profile_xml}")
|
100
|
+
io.write(doc.root.to_xml)
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
data/lib/linux_admin/service.rb
CHANGED
@@ -1,62 +1,43 @@
|
|
1
|
-
# LinuxAdmin Service Representation
|
2
|
-
#
|
3
|
-
# Copyright (C) 2013 Red Hat Inc.
|
4
|
-
# Licensed under the MIT License
|
5
|
-
|
6
1
|
module LinuxAdmin
|
7
2
|
class Service
|
3
|
+
extend Common
|
8
4
|
include Common
|
5
|
+
include Logging
|
9
6
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
public
|
14
|
-
|
15
|
-
def initialize(id)
|
16
|
-
@id = id
|
17
|
-
end
|
18
|
-
|
19
|
-
def running?
|
20
|
-
run(cmd(:service),
|
21
|
-
:params => { nil => [id, "status"] }).exit_status == 0
|
7
|
+
def self.service_type(reload = false)
|
8
|
+
return @service_type if @service_type && !reload
|
9
|
+
@service_type = service_type_uncached
|
22
10
|
end
|
23
11
|
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
self
|
12
|
+
class << self
|
13
|
+
private
|
14
|
+
alias_method :orig_new, :new
|
28
15
|
end
|
29
16
|
|
30
|
-
def
|
31
|
-
|
32
|
-
|
33
|
-
|
17
|
+
def self.new(*args)
|
18
|
+
if self == LinuxAdmin::Service
|
19
|
+
service_type.new(*args)
|
20
|
+
else
|
21
|
+
orig_new(*args)
|
22
|
+
end
|
34
23
|
end
|
35
24
|
|
36
|
-
|
37
|
-
run!(cmd(:service),
|
38
|
-
:params => { nil => [id, "start"] })
|
39
|
-
self
|
40
|
-
end
|
25
|
+
attr_accessor :name
|
41
26
|
|
42
|
-
def
|
43
|
-
|
44
|
-
:params => { nil => [id, "stop"] })
|
45
|
-
self
|
27
|
+
def initialize(name)
|
28
|
+
@name = name
|
46
29
|
end
|
47
30
|
|
48
|
-
|
49
|
-
|
50
|
-
run(cmd(:service),
|
51
|
-
:params => { nil => [id, "restart"] }).exit_status
|
31
|
+
alias_method :id, :name
|
32
|
+
alias_method :id=, :name=
|
52
33
|
|
53
|
-
|
54
|
-
if status != 0
|
55
|
-
self.stop
|
56
|
-
self.start
|
57
|
-
end
|
34
|
+
private
|
58
35
|
|
59
|
-
|
36
|
+
def self.service_type_uncached
|
37
|
+
cmd?(:systemctl) ? SystemdService : SysVInitService
|
60
38
|
end
|
39
|
+
private_class_method :service_type_uncached
|
61
40
|
end
|
62
41
|
end
|
42
|
+
|
43
|
+
Dir.glob(File.join(File.dirname(__FILE__), "service", "*.rb")).each { |f| require f }
|
@@ -0,0 +1,46 @@
|
|
1
|
+
module LinuxAdmin
|
2
|
+
class SysVInitService < Service
|
3
|
+
def running?
|
4
|
+
run(cmd(:service),
|
5
|
+
:params => { nil => [name, "status"] }).exit_status == 0
|
6
|
+
end
|
7
|
+
|
8
|
+
def enable
|
9
|
+
run!(cmd(:chkconfig),
|
10
|
+
:params => { nil => [name, "on"] })
|
11
|
+
self
|
12
|
+
end
|
13
|
+
|
14
|
+
def disable
|
15
|
+
run!(cmd(:chkconfig),
|
16
|
+
:params => { nil => [name, "off"] })
|
17
|
+
self
|
18
|
+
end
|
19
|
+
|
20
|
+
def start
|
21
|
+
run!(cmd(:service),
|
22
|
+
:params => { nil => [name, "start"] })
|
23
|
+
self
|
24
|
+
end
|
25
|
+
|
26
|
+
def stop
|
27
|
+
run!(cmd(:service),
|
28
|
+
:params => { nil => [name, "stop"] })
|
29
|
+
self
|
30
|
+
end
|
31
|
+
|
32
|
+
def restart
|
33
|
+
status =
|
34
|
+
run(cmd(:service),
|
35
|
+
:params => { nil => [name, "restart"] }).exit_status
|
36
|
+
|
37
|
+
# attempt to manually stop/start if restart fails
|
38
|
+
if status != 0
|
39
|
+
self.stop
|
40
|
+
self.start
|
41
|
+
end
|
42
|
+
|
43
|
+
self
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
module LinuxAdmin
|
2
|
+
class SystemdService < Service
|
3
|
+
def running?
|
4
|
+
run(cmd(:systemctl),
|
5
|
+
:params => {nil => ["status", name]}).exit_status == 0
|
6
|
+
end
|
7
|
+
|
8
|
+
def enable
|
9
|
+
run!(cmd(:systemctl),
|
10
|
+
:params => {nil => ["enable", name]})
|
11
|
+
self
|
12
|
+
end
|
13
|
+
|
14
|
+
def disable
|
15
|
+
run!(cmd(:systemctl),
|
16
|
+
:params => {nil => ["disable", name]})
|
17
|
+
self
|
18
|
+
end
|
19
|
+
|
20
|
+
def start
|
21
|
+
run!(cmd(:systemctl),
|
22
|
+
:params => {nil => ["start", name]})
|
23
|
+
self
|
24
|
+
end
|
25
|
+
|
26
|
+
def stop
|
27
|
+
run!(cmd(:systemctl),
|
28
|
+
:params => {nil => ["stop", name]})
|
29
|
+
self
|
30
|
+
end
|
31
|
+
|
32
|
+
def restart
|
33
|
+
status =
|
34
|
+
run(cmd(:systemctl),
|
35
|
+
:params => {nil => ["restart", name]}).exit_status
|
36
|
+
|
37
|
+
# attempt to manually stop/start if restart fails
|
38
|
+
if status != 0
|
39
|
+
stop
|
40
|
+
start
|
41
|
+
end
|
42
|
+
|
43
|
+
self
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
data/lib/linux_admin/version.rb
CHANGED
File without changes
|
File without changes
|
File without changes
|
data/spec/disk_spec.rb
CHANGED
data/spec/scap_spec.rb
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
describe LinuxAdmin::Scap do
|
2
|
+
describe "#lockdown" do
|
3
|
+
it "raises if given no rules" do
|
4
|
+
stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
|
5
|
+
scap = described_class.new
|
6
|
+
allow(described_class).to receive(:openscap_available?).and_return(true)
|
7
|
+
allow(described_class).to receive(:ssg_available?).and_return(true)
|
8
|
+
allow(scap).to receive(:lockdown_profile)
|
9
|
+
expect { scap.lockdown("value1" => true) }.to raise_error
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
describe "#profile_xml (private)" do
|
14
|
+
it "creates a Profile tag" do
|
15
|
+
profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
|
16
|
+
expect(profile_xml).to match(%r{<Profile id="test-profile">.*</Profile>}m)
|
17
|
+
end
|
18
|
+
|
19
|
+
it "creates a title tag" do
|
20
|
+
profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
|
21
|
+
expect(profile_xml).to match(%r{<title>test-profile</title>}m)
|
22
|
+
end
|
23
|
+
|
24
|
+
it "creates a description tag" do
|
25
|
+
profile_xml = described_class.new.send(:profile_xml, "test-profile", [], {})
|
26
|
+
expect(profile_xml).to match(%r{<description>test-profile</description>}m)
|
27
|
+
end
|
28
|
+
|
29
|
+
it "creates a select tag for each rule" do
|
30
|
+
profile_xml = described_class.new.send(:profile_xml, "test-profile", %w(rule1 rule2), {})
|
31
|
+
expect(profile_xml).to match(%r{<select idref="rule1" selected="true"/>}m)
|
32
|
+
expect(profile_xml).to match(%r{<select idref="rule2" selected="true"/>}m)
|
33
|
+
end
|
34
|
+
|
35
|
+
it "creates a refine-value tag for each value" do
|
36
|
+
profile_xml = described_class.new.send(:profile_xml, "test-profile", [], "key1" => "val1", "key2" => "val2")
|
37
|
+
expect(profile_xml).to match(%r{<refine-value idref="key1" selector="val1"/>}m)
|
38
|
+
expect(profile_xml).to match(%r{<refine-value idref="key2" selector="val2"/>}m)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
describe ".local_ssg_file (private)" do
|
43
|
+
it "returns nil if the file doesn't exist" do
|
44
|
+
stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new("/doesnt/exist/"))
|
45
|
+
file = described_class.send(:local_ssg_file, "type")
|
46
|
+
expect(file).to be_nil
|
47
|
+
end
|
48
|
+
|
49
|
+
it "returns a file if there are multiple matches" do
|
50
|
+
stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
|
51
|
+
file = described_class.send(:local_ssg_file, "xccdf")
|
52
|
+
expect(file).to match(%r{.*/ssg-\w+-xccdf\.xml})
|
53
|
+
end
|
54
|
+
|
55
|
+
it "returns a matching file" do
|
56
|
+
stub_const("LinuxAdmin::Scap::SSG_XML_PATH", Pathname.new(data_file_path("scap")))
|
57
|
+
file = described_class.send(:local_ssg_file, "oval")
|
58
|
+
expect(file).to eq("#{data_file_path("scap")}/ssg-rhel7-oval.xml")
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,110 @@
|
|
1
|
+
describe LinuxAdmin::SysVInitService do
|
2
|
+
before do
|
3
|
+
@service = described_class.new 'foo'
|
4
|
+
end
|
5
|
+
|
6
|
+
describe "#running?" do
|
7
|
+
it "checks service" do
|
8
|
+
expect(@service).to receive(:run).
|
9
|
+
with(@service.cmd(:service),
|
10
|
+
:params => { nil => ['foo', 'status']}).and_return(double(:exit_status => 0))
|
11
|
+
@service.running?
|
12
|
+
end
|
13
|
+
|
14
|
+
context "service is running" do
|
15
|
+
it "returns true" do
|
16
|
+
@service = described_class.new :id => :foo
|
17
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
18
|
+
expect(@service).to be_running
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
context "service is not running" do
|
23
|
+
it "returns false" do
|
24
|
+
@service = described_class.new :id => :foo
|
25
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 1))
|
26
|
+
expect(@service).not_to be_running
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
describe "#enable" do
|
32
|
+
it "enables service" do
|
33
|
+
expect(@service).to receive(:run!).
|
34
|
+
with(@service.cmd(:chkconfig),
|
35
|
+
:params => { nil => [ 'foo', 'on']})
|
36
|
+
@service.enable
|
37
|
+
end
|
38
|
+
|
39
|
+
it "returns self" do
|
40
|
+
expect(@service).to receive(:run!) # stub out cmd invocation
|
41
|
+
expect(@service.enable).to eq(@service)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
describe "#disable" do
|
46
|
+
it "disable service" do
|
47
|
+
expect(@service).to receive(:run!).
|
48
|
+
with(@service.cmd(:chkconfig),
|
49
|
+
:params => { nil => [ 'foo', 'off']})
|
50
|
+
@service.disable
|
51
|
+
end
|
52
|
+
|
53
|
+
it "returns self" do
|
54
|
+
expect(@service).to receive(:run!)
|
55
|
+
expect(@service.disable).to eq(@service)
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
describe "#start" do
|
60
|
+
it "starts service" do
|
61
|
+
expect(@service).to receive(:run!).
|
62
|
+
with(@service.cmd(:service),
|
63
|
+
:params => { nil => [ 'foo', 'start']})
|
64
|
+
@service.start
|
65
|
+
end
|
66
|
+
|
67
|
+
it "returns self" do
|
68
|
+
expect(@service).to receive(:run!)
|
69
|
+
expect(@service.start).to eq(@service)
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
describe "#stop" do
|
74
|
+
it "stops service" do
|
75
|
+
expect(@service).to receive(:run!).
|
76
|
+
with(@service.cmd(:service),
|
77
|
+
:params => { nil => [ 'foo', 'stop']})
|
78
|
+
@service.stop
|
79
|
+
end
|
80
|
+
|
81
|
+
it "returns self" do
|
82
|
+
expect(@service).to receive(:run!)
|
83
|
+
expect(@service.stop).to eq(@service)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
describe "#restart" do
|
88
|
+
it "stops service" do
|
89
|
+
expect(@service).to receive(:run).
|
90
|
+
with(@service.cmd(:service),
|
91
|
+
:params => { nil => [ 'foo', 'restart']}).and_return(double(:exit_status => 0))
|
92
|
+
@service.restart
|
93
|
+
end
|
94
|
+
|
95
|
+
context "service restart fails" do
|
96
|
+
it "manually stops/starts service" do
|
97
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 1))
|
98
|
+
expect(@service).to receive(:stop)
|
99
|
+
expect(@service).to receive(:start)
|
100
|
+
@service.restart
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
it "returns self" do
|
105
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
106
|
+
expect(@service.restart).to eq(@service)
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
end
|
@@ -0,0 +1,101 @@
|
|
1
|
+
describe LinuxAdmin::SystemdService do
|
2
|
+
before do
|
3
|
+
@service = described_class.new 'foo'
|
4
|
+
end
|
5
|
+
|
6
|
+
describe "#running?" do
|
7
|
+
it "checks service" do
|
8
|
+
expect(@service).to receive(:run)
|
9
|
+
.with(@service.cmd(:systemctl),
|
10
|
+
:params => {nil => %w(status foo)}).and_return(double(:exit_status => 0))
|
11
|
+
@service.running?
|
12
|
+
end
|
13
|
+
|
14
|
+
it "returns true when service is running" do
|
15
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
16
|
+
expect(@service).to be_running
|
17
|
+
end
|
18
|
+
|
19
|
+
it "returns false when service is not running" do
|
20
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 1))
|
21
|
+
expect(@service).not_to be_running
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#enable" do
|
26
|
+
it "enables service" do
|
27
|
+
expect(@service).to receive(:run!)
|
28
|
+
.with(@service.cmd(:systemctl),
|
29
|
+
:params => {nil => %w(enable foo)})
|
30
|
+
@service.enable
|
31
|
+
end
|
32
|
+
|
33
|
+
it "returns self" do
|
34
|
+
expect(@service).to receive(:run!) # stub out cmd invocation
|
35
|
+
expect(@service.enable).to eq(@service)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
describe "#disable" do
|
40
|
+
it "disables service" do
|
41
|
+
expect(@service).to receive(:run!)
|
42
|
+
.with(@service.cmd(:systemctl),
|
43
|
+
:params => {nil => %w(disable foo)})
|
44
|
+
@service.disable
|
45
|
+
end
|
46
|
+
|
47
|
+
it "returns self" do
|
48
|
+
expect(@service).to receive(:run!)
|
49
|
+
expect(@service.disable).to eq(@service)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
describe "#start" do
|
54
|
+
it "starts service" do
|
55
|
+
expect(@service).to receive(:run!)
|
56
|
+
.with(@service.cmd(:systemctl),
|
57
|
+
:params => {nil => %w(start foo)})
|
58
|
+
@service.start
|
59
|
+
end
|
60
|
+
|
61
|
+
it "returns self" do
|
62
|
+
expect(@service).to receive(:run!)
|
63
|
+
expect(@service.start).to eq(@service)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
describe "#stop" do
|
68
|
+
it "stops service" do
|
69
|
+
expect(@service).to receive(:run!)
|
70
|
+
.with(@service.cmd(:systemctl),
|
71
|
+
:params => {nil => %w(stop foo)})
|
72
|
+
@service.stop
|
73
|
+
end
|
74
|
+
|
75
|
+
it "returns self" do
|
76
|
+
expect(@service).to receive(:run!)
|
77
|
+
expect(@service.stop).to eq(@service)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
describe "#restart" do
|
82
|
+
it "restarts service" do
|
83
|
+
expect(@service).to receive(:run)
|
84
|
+
.with(@service.cmd(:systemctl),
|
85
|
+
:params => {nil => %w(restart foo)}).and_return(double(:exit_status => 0))
|
86
|
+
@service.restart
|
87
|
+
end
|
88
|
+
|
89
|
+
it "manually stops then starts service when restart fails" do
|
90
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 1))
|
91
|
+
expect(@service).to receive(:stop)
|
92
|
+
expect(@service).to receive(:start)
|
93
|
+
@service.restart
|
94
|
+
end
|
95
|
+
|
96
|
+
it "returns self" do
|
97
|
+
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
98
|
+
expect(@service.restart).to eq(@service)
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
data/spec/service_spec.rb
CHANGED
@@ -1,110 +1,54 @@
|
|
1
1
|
describe LinuxAdmin::Service do
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
describe "#running?" do
|
7
|
-
it "checks service" do
|
8
|
-
expect(@service).to receive(:run).
|
9
|
-
with(@service.cmd(:service),
|
10
|
-
:params => { nil => ['foo', 'status']}).and_return(double(:exit_status => 0))
|
11
|
-
@service.running?
|
2
|
+
context ".service_type" do
|
3
|
+
it "on systemctl systems" do
|
4
|
+
stub_to_service_type(:systemd_service)
|
5
|
+
expect(described_class.service_type).to eq(LinuxAdmin::SystemdService)
|
12
6
|
end
|
13
7
|
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
18
|
-
expect(@service).to be_running
|
19
|
-
end
|
8
|
+
it "on sysv systems" do
|
9
|
+
stub_to_service_type(:sys_v_init_service)
|
10
|
+
expect(described_class.service_type).to eq(LinuxAdmin::SysVInitService)
|
20
11
|
end
|
21
12
|
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
expect(@service).not_to be_running
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
describe "#enable" do
|
32
|
-
it "enables service" do
|
33
|
-
expect(@service).to receive(:run!).
|
34
|
-
with(@service.cmd(:chkconfig),
|
35
|
-
:params => { nil => [ 'foo', 'on']})
|
36
|
-
@service.enable
|
13
|
+
it "should memoize results" do
|
14
|
+
expect(described_class).to receive(:service_type_uncached).once.and_return("anything_non_nil")
|
15
|
+
described_class.service_type
|
16
|
+
described_class.service_type
|
37
17
|
end
|
38
18
|
|
39
|
-
it "
|
40
|
-
expect(
|
41
|
-
|
19
|
+
it "with reload should refresh results" do
|
20
|
+
expect(described_class).to receive(:service_type_uncached).twice.and_return("anything_non_nil")
|
21
|
+
described_class.service_type
|
22
|
+
described_class.service_type(true)
|
42
23
|
end
|
43
24
|
end
|
44
25
|
|
45
|
-
|
46
|
-
it "
|
47
|
-
|
48
|
-
|
49
|
-
:params => { nil => [ 'foo', 'off']})
|
50
|
-
@service.disable
|
26
|
+
context ".new" do
|
27
|
+
it "on systemctl systems" do
|
28
|
+
stub_to_service_type(:systemd_service)
|
29
|
+
expect(described_class.new("xxx")).to be_kind_of(LinuxAdmin::SystemdService)
|
51
30
|
end
|
52
31
|
|
53
|
-
it "
|
54
|
-
|
55
|
-
expect(
|
32
|
+
it "on sysv systems" do
|
33
|
+
stub_to_service_type(:sys_v_init_service)
|
34
|
+
expect(described_class.new("xxx")).to be_kind_of(LinuxAdmin::SysVInitService)
|
56
35
|
end
|
57
36
|
end
|
58
37
|
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
with(@service.cmd(:service),
|
63
|
-
:params => { nil => [ 'foo', 'start']})
|
64
|
-
@service.start
|
65
|
-
end
|
38
|
+
it "#id / #id=" do
|
39
|
+
s = described_class.new("xxx")
|
40
|
+
expect(s.id).to eq("xxx")
|
66
41
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
end
|
71
|
-
end
|
42
|
+
s.id = "yyy"
|
43
|
+
expect(s.id).to eq("yyy")
|
44
|
+
expect(s.name).to eq("yyy")
|
72
45
|
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
with(@service.cmd(:service),
|
77
|
-
:params => { nil => [ 'foo', 'stop']})
|
78
|
-
@service.stop
|
79
|
-
end
|
80
|
-
|
81
|
-
it "returns self" do
|
82
|
-
expect(@service).to receive(:run!)
|
83
|
-
expect(@service.stop).to eq(@service)
|
84
|
-
end
|
46
|
+
s.name = "zzz"
|
47
|
+
expect(s.id).to eq("zzz")
|
48
|
+
expect(s.name).to eq("zzz")
|
85
49
|
end
|
86
50
|
|
87
|
-
|
88
|
-
|
89
|
-
expect(@service).to receive(:run).
|
90
|
-
with(@service.cmd(:service),
|
91
|
-
:params => { nil => [ 'foo', 'restart']}).and_return(double(:exit_status => 0))
|
92
|
-
@service.restart
|
93
|
-
end
|
94
|
-
|
95
|
-
context "service restart fails" do
|
96
|
-
it "manually stops/starts service" do
|
97
|
-
expect(@service).to receive(:run).and_return(double(:exit_status => 1))
|
98
|
-
expect(@service).to receive(:stop)
|
99
|
-
expect(@service).to receive(:start)
|
100
|
-
@service.restart
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
it "returns self" do
|
105
|
-
expect(@service).to receive(:run).and_return(double(:exit_status => 0))
|
106
|
-
expect(@service.restart).to eq(@service)
|
107
|
-
end
|
51
|
+
def stub_to_service_type(system)
|
52
|
+
allow(LinuxAdmin::Service).to receive(:cmd?).with(:systemctl).and_return(system == :systemd_service)
|
108
53
|
end
|
109
|
-
|
110
54
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -109,6 +109,7 @@ end
|
|
109
109
|
|
110
110
|
def clear_caches
|
111
111
|
LinuxAdmin::RegistrationSystem.instance_variable_set(:@registration_type, nil)
|
112
|
+
LinuxAdmin::Service.instance_variable_set(:@service_type, nil)
|
112
113
|
|
113
114
|
# reset the distro, tested in various placed & used extensively
|
114
115
|
LinuxAdmin::Distros.instance_variable_set(:@local, nil)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: linux_admin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brandon Dunne
|
@@ -10,135 +10,150 @@ authors:
|
|
10
10
|
- Joe Rafaniello
|
11
11
|
- Keenan Brock
|
12
12
|
- Thomas Wiest
|
13
|
+
- Nick Carboni
|
13
14
|
autorequire:
|
14
15
|
bindir: bin
|
15
16
|
cert_chain: []
|
16
|
-
date: 2015-
|
17
|
+
date: 2015-08-12 00:00:00.000000000 Z
|
17
18
|
dependencies:
|
18
19
|
- !ruby/object:Gem::Dependency
|
19
20
|
name: bundler
|
20
21
|
requirement: !ruby/object:Gem::Requirement
|
21
22
|
requirements:
|
22
|
-
- - ~>
|
23
|
+
- - "~>"
|
23
24
|
- !ruby/object:Gem::Version
|
24
25
|
version: '1.3'
|
25
26
|
type: :development
|
26
27
|
prerelease: false
|
27
28
|
version_requirements: !ruby/object:Gem::Requirement
|
28
29
|
requirements:
|
29
|
-
- - ~>
|
30
|
+
- - "~>"
|
30
31
|
- !ruby/object:Gem::Version
|
31
32
|
version: '1.3'
|
32
33
|
- !ruby/object:Gem::Dependency
|
33
34
|
name: rake
|
34
35
|
requirement: !ruby/object:Gem::Requirement
|
35
36
|
requirements:
|
36
|
-
- -
|
37
|
+
- - ">="
|
37
38
|
- !ruby/object:Gem::Version
|
38
39
|
version: '0'
|
39
40
|
type: :development
|
40
41
|
prerelease: false
|
41
42
|
version_requirements: !ruby/object:Gem::Requirement
|
42
43
|
requirements:
|
43
|
-
- -
|
44
|
+
- - ">="
|
44
45
|
- !ruby/object:Gem::Version
|
45
46
|
version: '0'
|
46
47
|
- !ruby/object:Gem::Dependency
|
47
48
|
name: rspec
|
48
49
|
requirement: !ruby/object:Gem::Requirement
|
49
50
|
requirements:
|
50
|
-
- - ~>
|
51
|
+
- - "~>"
|
51
52
|
- !ruby/object:Gem::Version
|
52
53
|
version: '3.0'
|
53
54
|
type: :development
|
54
55
|
prerelease: false
|
55
56
|
version_requirements: !ruby/object:Gem::Requirement
|
56
57
|
requirements:
|
57
|
-
- - ~>
|
58
|
+
- - "~>"
|
58
59
|
- !ruby/object:Gem::Version
|
59
60
|
version: '3.0'
|
60
61
|
- !ruby/object:Gem::Dependency
|
61
62
|
name: coveralls
|
62
63
|
requirement: !ruby/object:Gem::Requirement
|
63
64
|
requirements:
|
64
|
-
- -
|
65
|
+
- - ">="
|
65
66
|
- !ruby/object:Gem::Version
|
66
67
|
version: '0'
|
67
68
|
type: :development
|
68
69
|
prerelease: false
|
69
70
|
version_requirements: !ruby/object:Gem::Requirement
|
70
71
|
requirements:
|
71
|
-
- -
|
72
|
+
- - ">="
|
72
73
|
- !ruby/object:Gem::Version
|
73
74
|
version: '0'
|
74
75
|
- !ruby/object:Gem::Dependency
|
75
76
|
name: activesupport
|
76
77
|
requirement: !ruby/object:Gem::Requirement
|
77
78
|
requirements:
|
78
|
-
- -
|
79
|
+
- - ">"
|
79
80
|
- !ruby/object:Gem::Version
|
80
81
|
version: '3.2'
|
81
82
|
type: :runtime
|
82
83
|
prerelease: false
|
83
84
|
version_requirements: !ruby/object:Gem::Requirement
|
84
85
|
requirements:
|
85
|
-
- -
|
86
|
+
- - ">"
|
86
87
|
- !ruby/object:Gem::Version
|
87
88
|
version: '3.2'
|
88
89
|
- !ruby/object:Gem::Dependency
|
89
90
|
name: inifile
|
90
91
|
requirement: !ruby/object:Gem::Requirement
|
91
92
|
requirements:
|
92
|
-
- -
|
93
|
+
- - ">="
|
93
94
|
- !ruby/object:Gem::Version
|
94
95
|
version: '0'
|
95
96
|
type: :runtime
|
96
97
|
prerelease: false
|
97
98
|
version_requirements: !ruby/object:Gem::Requirement
|
98
99
|
requirements:
|
99
|
-
- -
|
100
|
+
- - ">="
|
100
101
|
- !ruby/object:Gem::Version
|
101
102
|
version: '0'
|
102
103
|
- !ruby/object:Gem::Dependency
|
103
104
|
name: more_core_extensions
|
104
105
|
requirement: !ruby/object:Gem::Requirement
|
105
106
|
requirements:
|
106
|
-
- - ~>
|
107
|
+
- - "~>"
|
107
108
|
- !ruby/object:Gem::Version
|
108
109
|
version: '1.1'
|
109
110
|
type: :runtime
|
110
111
|
prerelease: false
|
111
112
|
version_requirements: !ruby/object:Gem::Requirement
|
112
113
|
requirements:
|
113
|
-
- - ~>
|
114
|
+
- - "~>"
|
114
115
|
- !ruby/object:Gem::Version
|
115
116
|
version: '1.1'
|
116
117
|
- !ruby/object:Gem::Dependency
|
117
118
|
name: awesome_spawn
|
118
119
|
requirement: !ruby/object:Gem::Requirement
|
119
120
|
requirements:
|
120
|
-
- - ~>
|
121
|
+
- - "~>"
|
121
122
|
- !ruby/object:Gem::Version
|
122
123
|
version: '1.3'
|
123
124
|
type: :runtime
|
124
125
|
prerelease: false
|
125
126
|
version_requirements: !ruby/object:Gem::Requirement
|
126
127
|
requirements:
|
127
|
-
- - ~>
|
128
|
+
- - "~>"
|
128
129
|
- !ruby/object:Gem::Version
|
129
130
|
version: '1.3'
|
130
131
|
- !ruby/object:Gem::Dependency
|
131
132
|
name: nokogiri
|
132
133
|
requirement: !ruby/object:Gem::Requirement
|
133
134
|
requirements:
|
134
|
-
- -
|
135
|
+
- - ">="
|
135
136
|
- !ruby/object:Gem::Version
|
136
137
|
version: '0'
|
137
138
|
type: :runtime
|
138
139
|
prerelease: false
|
139
140
|
version_requirements: !ruby/object:Gem::Requirement
|
140
141
|
requirements:
|
141
|
-
- -
|
142
|
+
- - ">="
|
143
|
+
- !ruby/object:Gem::Version
|
144
|
+
version: '0'
|
145
|
+
- !ruby/object:Gem::Dependency
|
146
|
+
name: openscap
|
147
|
+
requirement: !ruby/object:Gem::Requirement
|
148
|
+
requirements:
|
149
|
+
- - ">="
|
150
|
+
- !ruby/object:Gem::Version
|
151
|
+
version: '0'
|
152
|
+
type: :runtime
|
153
|
+
prerelease: false
|
154
|
+
version_requirements: !ruby/object:Gem::Requirement
|
155
|
+
requirements:
|
156
|
+
- - ">="
|
142
157
|
- !ruby/object:Gem::Version
|
143
158
|
version: '0'
|
144
159
|
description: |2
|
@@ -153,10 +168,13 @@ email:
|
|
153
168
|
- jrafanie@redhat.com
|
154
169
|
- kbrock@redhat.com
|
155
170
|
- twiest@redhat.com
|
171
|
+
- ncarboni@redhat.com
|
156
172
|
executables: []
|
157
173
|
extensions: []
|
158
174
|
extra_rdoc_files: []
|
159
175
|
files:
|
176
|
+
- LICENSE.txt
|
177
|
+
- README.md
|
160
178
|
- lib/linux_admin.rb
|
161
179
|
- lib/linux_admin/common.rb
|
162
180
|
- lib/linux_admin/deb.rb
|
@@ -177,21 +195,25 @@ files:
|
|
177
195
|
- lib/linux_admin/registration_system/rhn.rb
|
178
196
|
- lib/linux_admin/registration_system/subscription_manager.rb
|
179
197
|
- lib/linux_admin/rpm.rb
|
198
|
+
- lib/linux_admin/scap.rb
|
180
199
|
- lib/linux_admin/service.rb
|
200
|
+
- lib/linux_admin/service/sys_v_init_service.rb
|
201
|
+
- lib/linux_admin/service/systemd_service.rb
|
181
202
|
- lib/linux_admin/system.rb
|
182
203
|
- lib/linux_admin/version.rb
|
183
204
|
- lib/linux_admin/volume.rb
|
184
205
|
- lib/linux_admin/volume_group.rb
|
185
206
|
- lib/linux_admin/yum.rb
|
186
207
|
- lib/linux_admin/yum/repo_file.rb
|
187
|
-
- README.md
|
188
|
-
- LICENSE.txt
|
189
208
|
- spec/common_spec.rb
|
190
209
|
- spec/data/rhn/output_rhn-channel_list
|
191
210
|
- spec/data/rhn/output_rhn-channel_list_available
|
192
211
|
- spec/data/rhn/systemid
|
193
212
|
- spec/data/rhn/systemid.missing_system_id
|
194
213
|
- spec/data/rpm/cmd_output_for_list_installed
|
214
|
+
- spec/data/scap/ssg-rhel6-xccdf.xml
|
215
|
+
- spec/data/scap/ssg-rhel7-oval.xml
|
216
|
+
- spec/data/scap/ssg-rhel7-xccdf.xml
|
195
217
|
- spec/data/subscription_manager/output_list_all_available
|
196
218
|
- spec/data/subscription_manager/output_list_installed_not_subscribed
|
197
219
|
- spec/data/subscription_manager/output_list_installed_subscribed
|
@@ -215,6 +237,9 @@ files:
|
|
215
237
|
- spec/registration_system_spec.rb
|
216
238
|
- spec/rhn_spec.rb
|
217
239
|
- spec/rpm_spec.rb
|
240
|
+
- spec/scap_spec.rb
|
241
|
+
- spec/service/sys_v_init_service_spec.rb
|
242
|
+
- spec/service/systemd_service_spec.rb
|
218
243
|
- spec/service_spec.rb
|
219
244
|
- spec/spec_helper.rb
|
220
245
|
- spec/subscription_manager_spec.rb
|
@@ -231,17 +256,17 @@ require_paths:
|
|
231
256
|
- lib
|
232
257
|
required_ruby_version: !ruby/object:Gem::Requirement
|
233
258
|
requirements:
|
234
|
-
- -
|
259
|
+
- - ">="
|
235
260
|
- !ruby/object:Gem::Version
|
236
261
|
version: 1.9.3
|
237
262
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
238
263
|
requirements:
|
239
|
-
- -
|
264
|
+
- - ">="
|
240
265
|
- !ruby/object:Gem::Version
|
241
266
|
version: '0'
|
242
267
|
requirements: []
|
243
268
|
rubyforge_project:
|
244
|
-
rubygems_version: 2.
|
269
|
+
rubygems_version: 2.4.8
|
245
270
|
signing_key:
|
246
271
|
specification_version: 4
|
247
272
|
summary: LinuxAdmin is a module to simplify management of linux systems.
|
@@ -252,6 +277,9 @@ test_files:
|
|
252
277
|
- spec/data/rhn/systemid
|
253
278
|
- spec/data/rhn/systemid.missing_system_id
|
254
279
|
- spec/data/rpm/cmd_output_for_list_installed
|
280
|
+
- spec/data/scap/ssg-rhel6-xccdf.xml
|
281
|
+
- spec/data/scap/ssg-rhel7-oval.xml
|
282
|
+
- spec/data/scap/ssg-rhel7-xccdf.xml
|
255
283
|
- spec/data/subscription_manager/output_list_all_available
|
256
284
|
- spec/data/subscription_manager/output_list_installed_not_subscribed
|
257
285
|
- spec/data/subscription_manager/output_list_installed_subscribed
|
@@ -275,6 +303,9 @@ test_files:
|
|
275
303
|
- spec/registration_system_spec.rb
|
276
304
|
- spec/rhn_spec.rb
|
277
305
|
- spec/rpm_spec.rb
|
306
|
+
- spec/scap_spec.rb
|
307
|
+
- spec/service/sys_v_init_service_spec.rb
|
308
|
+
- spec/service/systemd_service_spec.rb
|
278
309
|
- spec/service_spec.rb
|
279
310
|
- spec/spec_helper.rb
|
280
311
|
- spec/subscription_manager_spec.rb
|