puppet-lint-world_writable_files-check 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c422e5c547b8970aee127701ee500069b8c193f4
|
|
4
|
+
data.tar.gz: 6da18f952ad84ddee2abfac90a3b6b38ae6e6353
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3a0272ad88bf4076fda75064cbd21091aa5c307899607399e097f6254639dfdba7cea5f501ccc59ef82c594b95f3a80b57b4de5626276f3fe3d67ab75abb6f4e
|
|
7
|
+
data.tar.gz: 46b547b06f15095eef5351c7cce136abc404cb973e275daecce29a88cf9b803bf51479155d4fd3558b9dcd7d1c4f515901efa49abf84fc8b40966287c09d458f
|
data/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# puppet-lint world_writable_files check
|
|
1
|
+
# puppet-lint world_writable_files check
|
|
2
2
|
|
|
3
3
|
A puppet-lint extension that ensures file resources do not have a mode
|
|
4
4
|
that makes them world writable.
|
|
@@ -15,7 +15,7 @@ This plugin currently only checks octal file modes, the
|
|
|
15
15
|
`puppet-lint` check ensure this isn't a problem for my code bases but it
|
|
16
16
|
might be a consideration for other peoples usages.
|
|
17
17
|
|
|
18
|
-
## Installation
|
|
18
|
+
## Installation
|
|
19
19
|
|
|
20
20
|
To use this plugin add the following line to your `Gemfile`
|
|
21
21
|
|
|
@@ -23,7 +23,7 @@ To use this plugin add the following line to your `Gemfile`
|
|
|
23
23
|
|
|
24
24
|
and then run `bundle install`
|
|
25
25
|
|
|
26
|
-
## Usage
|
|
26
|
+
## Usage
|
|
27
27
|
|
|
28
28
|
This plugin provides a new check to `puppet-lint` that warns if it finds
|
|
29
29
|
a file resource that would be created with a mode that allowed every one
|
|
@@ -41,5 +41,10 @@ of the system and so will raise:
|
|
|
41
41
|
|
|
42
42
|
files should not be created with world writable permissions
|
|
43
43
|
|
|
44
|
-
|
|
44
|
+
## Other puppet-lint plugins
|
|
45
|
+
|
|
46
|
+
You can find a list of my `puppet-lint` plugins in the
|
|
47
|
+
[unixdaemon puppet-lint-plugins](https://github.com/deanwilson/unixdaemon-puppet-lint-plugins) repo.
|
|
48
|
+
|
|
49
|
+
### Author
|
|
45
50
|
[Dean Wilson](http://www.unixdaemon.net)
|
|
@@ -9,6 +9,8 @@ PuppetLint.new_check(:world_writable_files) do
|
|
|
9
9
|
# get the file modes value
|
|
10
10
|
value_token = param_token.next_code_token.next_code_token
|
|
11
11
|
|
|
12
|
+
# we only work with octal for now - also stops file { mode => undef }
|
|
13
|
+
break if value_token.value !~ /^\d+$/
|
|
12
14
|
break if value_token.value =~ /\d+[^2367]$/
|
|
13
15
|
|
|
14
16
|
notify :warning, {
|
|
@@ -18,6 +18,23 @@ describe 'world_writable_files' do
|
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
+
context 'file with a mode of undef' do
|
|
22
|
+
let(:code) do
|
|
23
|
+
<<-EOS
|
|
24
|
+
class undef_file_mode {
|
|
25
|
+
file { '/tmp/undef_file_mode':
|
|
26
|
+
ensure => 'file',
|
|
27
|
+
mode => undef,
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
EOS
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
it 'should not detect any problems' do
|
|
34
|
+
expect(problems).to have(0).problems
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
21
38
|
context 'file with a world writable octal mode of 666' do
|
|
22
39
|
let(:msg) { 'files should not be created with world writable permissions' }
|
|
23
40
|
let(:code) do
|
|
@@ -39,4 +56,6 @@ describe 'world_writable_files' do
|
|
|
39
56
|
expect(problems).to contain_warning(msg).on_line(4).in_column(23)
|
|
40
57
|
end
|
|
41
58
|
end
|
|
59
|
+
|
|
60
|
+
|
|
42
61
|
end
|
metadata
CHANGED
|
@@ -1,29 +1,35 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: puppet-lint-world_writable_files-check
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dean Wilson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-08-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: puppet-lint
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: '1.1'
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: '3.0'
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: '1.1'
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '3.0'
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: rspec
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -132,6 +138,6 @@ signing_key:
|
|
|
132
138
|
specification_version: 4
|
|
133
139
|
summary: puppet-lint check to ensure file resources are not world writable
|
|
134
140
|
test_files:
|
|
135
|
-
- spec/puppet-lint/plugins/puppet-lint-world_writable_files_spec.rb
|
|
136
141
|
- spec/spec_helper.rb
|
|
142
|
+
- spec/puppet-lint/plugins/puppet-lint-world_writable_files_spec.rb
|
|
137
143
|
has_rdoc:
|