serverspec-cem-acpt 2.42.0

data/spec/type/freebsd/port_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+set :os, :family => 'freebsd'
+
+describe port(80) do
+  it { should be_listening }
+end
+
+describe port(80) do
+  it { should be_listening.with('tcp') }
+end
+
+describe port(80) do
+  it  do
+    expect {
+      should be_listening.with('not implemented')
+    }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
+  end
+end
+
+describe port(80) do
+  it { should be_listening.on('127.0.0.1') }
+end
+
+describe port(53) do
+  it { should be_listening.with('udp') }
+end

data/spec/type/freebsd/service_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+set :os, :family => 'freebsd'
+
+describe service('sshd') do
+  it { should be_enabled }
+end
+

data/spec/type/freebsd10/package_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+set :os, :family => 'freebsd', :release => 10
+
+describe package('httpd') do
+  it { should be_installed }
+end
+
+describe package('httpd') do
+  it { should be_installed.with_version('2.2.15-28.el6') }
+end
+
+describe package('httpd') do
+  let(:stdout) { "2.2.15\n" }
+  its(:version) { should eq '2.2.15' }
+  its(:version) { should > '2.2.14' }
+  its(:version) { should < '2.2.16' }
+  its(:version) { should > '2.2.9' }
+end

data/spec/type/gentoo/package_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+set :os, :family => 'gentoo'
+
+describe package('httpd') do
+  it { should be_installed }
+end

data/spec/type/gentoo/service_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+set :os, :family => 'gentoo'
+
+describe service('sshd') do
+  it { should be_enabled }
+end
+
+describe service('sshd') do
+  it { should be_running }
+end
+

data/spec/type/linux/bond_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe bond('bond0') do
+  it { should exist }
+end
+
+describe bond('bond0') do
+  let(:stdout) { 'eth0' }
+  it { should have_interface 'eth0' }
+end

data/spec/type/linux/bridge_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe bridge('br0') do
+  it { should exist }
+end
+
+describe bridge('br0') do
+  let(:stdout) { 'eth0' }
+  it { should have_interface 'eth0' }
+end

data/spec/type/linux/cgroup_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe cgroup('group1') do
+  let(:stdout) { "1\r\n" }
+  its('cpuset.cpus') { should eq 1 }
+end
+
+describe cgroup('group1') do
+  let(:stdout) { "1\r\n" }
+  its('cpuset.cpus') { should_not eq 0 }
+end

data/spec/type/linux/docker_container_pre_1_8_spec.rb

@@ -0,0 +1,124 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+require 'json'
+
+property[:os] = nil
+set :os, {:family => 'linux'}
+
+describe docker_container('c1') do
+  it { should exist }
+end
+
+describe docker_container('c1 pre 1.8') do
+  let(:stdout) { inspect_container }
+  it { should be_running }
+  it { should have_volume('/tmp', '/data') }
+  it { should_not have_volume('/tmp', '/data-bad') }
+  its(:inspection) { should include 'Driver' => 'aufs' }
+  its(['Config.Cmd']) { should include '/bin/sh' }
+  its(['HostConfig.PortBindings.80.[0].HostPort']) { should eq '8080' }
+end
+
+describe docker_container('restarting pre 1.8') do
+  let(:stdout) do
+    attrs = JSON.parse(inspect_container)
+    attrs.first['State']['Restarting'] = true
+    attrs.to_json
+  end
+
+  it { should_not be_running }
+end
+
+def inspect_container
+  <<'EOS'
+[{
+    "Args": [],
+    "Config": {
+        "AttachStderr": false,
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "Cmd": [
+            "/bin/sh"
+        ],
+        "CpuShares": 0,
+        "Cpuset": "",
+        "Domainname": "",
+        "Entrypoint": null,
+        "Env": [
+            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+        ],
+        "ExposedPorts": null,
+        "Hostname": "65cd2e2d7963",
+        "Image": "busybox",
+        "Memory": 0,
+        "MemorySwap": 0,
+        "NetworkDisabled": false,
+        "OnBuild": null,
+        "OpenStdin": true,
+        "PortSpecs": null,
+        "StdinOnce": false,
+        "Tty": true,
+        "User": "",
+        "Volumes": null,
+        "WorkingDir": ""
+    },
+    "Created": "2014-09-26T15:08:37.527931773Z",
+    "Driver": "aufs",
+    "ExecDriver": "native-0.2",
+    "HostConfig": {
+        "Binds": [
+            "/data:/tmp"
+        ],
+        "ContainerIDFile": "",
+        "Dns": null,
+        "DnsSearch": null,
+        "Links": null,
+        "LxcConf": [],
+        "NetworkMode": "bridge",
+        "PortBindings": {
+            "80": [
+                {
+                    "HostIp": "",
+                    "HostPort": "8080"
+                }
+            ]
+        },
+        "Privileged": false,
+        "PublishAllPorts": false,
+        "VolumesFrom": null
+    },
+    "HostnamePath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/hostname",
+    "HostsPath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/hosts",
+    "Id": "65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545",
+    "Image": "e72ac664f4f0c6a061ac4ef332557a70d69b0c624b6add35f1c181ff7fff2287",
+    "MountLabel": "",
+    "Name": "/c1",
+    "NetworkSettings": {
+        "Bridge": "docker0",
+        "Gateway": "172.17.42.1",
+        "IPAddress": "172.17.0.24",
+        "IPPrefixLen": 16,
+        "PortMapping": null,
+        "Ports": {}
+    },
+    "Path": "/bin/sh",
+    "ProcessLabel": "",
+    "ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/resolv.conf",
+    "State": {
+        "ExitCode": 0,
+        "FinishedAt": "0001-01-01T00:00:00Z",
+        "Paused": false,
+        "Pid": 4123,
+        "Running": true,
+        "StartedAt": "2014-09-26T15:08:37.737780273Z"
+    },
+    "Volumes": {
+        "/tmp": "/data"
+    },
+    "VolumesRW": {
+        "/tmp": true
+    }
+}
+]
+EOS
+end

data/spec/type/linux/docker_container_spec.rb

@@ -0,0 +1,131 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+require 'multi_json'
+
+property[:os] = nil
+set :os, {:family => 'linux'}
+
+describe docker_container('c1') do
+  it { should exist }
+end
+
+describe docker_container('c1') do
+  let(:stdout) { inspect_container }
+  it { should be_running }
+  it { should have_volume('/tmp', '/data') }
+  it { should_not have_volume('/tmp', '/data-bad') }
+  its(:inspection) { should include 'Driver' => 'aufs' }
+  its(['Config.Cmd']) { should include '/bin/sh' }
+  its(['HostConfig.PortBindings.80.[0].HostPort']) { should eq '8080' }
+  its(['HostConfig.PortBindings.80.[1].HostPort']) { should eq '8081' }  
+end
+
+describe docker_container('restarting') do
+  let(:stdout) do
+    attrs = MultiJson.load(inspect_container)
+    attrs.first['State']['Restarting'] = true
+    attrs.to_json
+  end
+
+  it { should_not be_running }
+end
+
+def inspect_container
+  <<'EOS'
+[{
+    "Args": [],
+    "Config": {
+        "AttachStderr": false,
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "Cmd": [
+            "/bin/sh"
+        ],
+        "CpuShares": 0,
+        "Cpuset": "",
+        "Domainname": "",
+        "Entrypoint": null,
+        "Env": [
+            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+        ],
+        "ExposedPorts": null,
+        "Hostname": "65cd2e2d7963",
+        "Image": "busybox",
+        "Memory": 0,
+        "MemorySwap": 0,
+        "NetworkDisabled": false,
+        "OnBuild": null,
+        "OpenStdin": true,
+        "PortSpecs": null,
+        "StdinOnce": false,
+        "Tty": true,
+        "User": "",
+        "Volumes": null,
+        "WorkingDir": ""
+    },
+    "Created": "2014-09-26T15:08:37.527931773Z",
+    "Driver": "aufs",
+    "ExecDriver": "native-0.2",
+    "HostConfig": {
+        "Binds": [
+            "/data:/tmp"
+        ],
+        "ContainerIDFile": "",
+        "Dns": null,
+        "DnsSearch": null,
+        "Links": null,
+        "LxcConf": [],
+        "NetworkMode": "bridge",
+        "PortBindings": {
+            "80": [
+                {
+                    "HostIp": "",
+                    "HostPort": "8080"
+                },
+                {
+                    "HostIp": "",
+                    "HostPort": "8081"
+                }
+            ]
+        },
+        "Privileged": false,
+        "PublishAllPorts": false,
+        "VolumesFrom": null
+    },
+    "HostnamePath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/hostname",
+    "HostsPath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/hosts",
+    "Id": "65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545",
+    "Image": "e72ac664f4f0c6a061ac4ef332557a70d69b0c624b6add35f1c181ff7fff2287",
+    "MountLabel": "",
+    "Name": "/c1",
+    "NetworkSettings": {
+        "Bridge": "docker0",
+        "Gateway": "172.17.42.1",
+        "IPAddress": "172.17.0.24",
+        "IPPrefixLen": 16,
+        "PortMapping": null,
+        "Ports": {}
+    },
+    "Path": "/bin/sh",
+    "ProcessLabel": "",
+    "ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/65cd2e2d7963bacaecda2d7fcd89499010bc0d38d70bce5ad0af7112a94a4545/resolv.conf",
+    "State": {
+        "ExitCode": 0,
+        "FinishedAt": "0001-01-01T00:00:00Z",
+        "Paused": false,
+        "Pid": 4123,
+        "Running": true,
+        "StartedAt": "2014-09-26T15:08:37.737780273Z"
+    },
+    "Mounts": [
+        {
+            "Source": "/data",
+            "Destination": "/tmp",
+            "Mode": "",
+            "RW": true
+        }
+    ]
+}
+]
+EOS
+end

data/spec/type/linux/docker_image_spec.rb

@@ -0,0 +1,94 @@
+# -*- coding: utf-8 -*-
+require 'spec_helper'
+
+property[:os] = nil
+set :os, {:family => 'linux'}
+
+describe docker_image('busybox:latest') do
+  it { should exist }
+end
+
+describe docker_image('busybox:latest') do
+  let(:stdout) { inspect_image }
+  its(:inspection) { should include 'Architecture' => 'amd64' }
+  its(['Architecture']) { should eq 'amd64' }
+  its(['Config.Cmd']) { should include '/bin/sh' }
+end
+
+def inspect_image
+  <<'EOS'
+[{
+    "Architecture": "amd64",
+    "Author": "Jérôme Petazzoni \u003cjerome@docker.com\u003e",
+    "Comment": "",
+    "Config": {
+        "AttachStderr": false,
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "Cmd": [
+            "/bin/sh"
+        ],
+        "CpuShares": 0,
+        "Cpuset": "",
+        "Domainname": "",
+        "Entrypoint": null,
+        "Env": [
+            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+        ],
+        "ExposedPorts": null,
+        "Hostname": "88f18f678e5d",
+        "Image": "e433a6c5b276a31aa38bf6eaba9cd1cfd69ea33f706ed72b3f20bafde5cd8644",
+        "Memory": 0,
+        "MemorySwap": 0,
+        "NetworkDisabled": false,
+        "OnBuild": [],
+        "OpenStdin": false,
+        "PortSpecs": null,
+        "StdinOnce": false,
+        "Tty": false,
+        "User": "",
+        "Volumes": null,
+        "WorkingDir": ""
+    },
+    "Container": "8e73b239682fe73338323d9af83d3c5aa5bb7d22a3fe84cbfcf5f47e756d6636",
+    "ContainerConfig": {
+        "AttachStderr": false,
+        "AttachStdin": false,
+        "AttachStdout": false,
+        "Cmd": [
+            "/bin/sh",
+            "-c",
+            "#(nop) CMD [/bin/sh]"
+        ],
+        "CpuShares": 0,
+        "Cpuset": "",
+        "Domainname": "",
+        "Entrypoint": null,
+        "Env": [
+            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+        ],
+        "ExposedPorts": null,
+        "Hostname": "88f18f678e5d",
+        "Image": "e433a6c5b276a31aa38bf6eaba9cd1cfd69ea33f706ed72b3f20bafde5cd8644",
+        "Memory": 0,
+        "MemorySwap": 0,
+        "NetworkDisabled": false,
+        "OnBuild": [],
+        "OpenStdin": false,
+        "PortSpecs": null,
+        "StdinOnce": false,
+        "Tty": false,
+        "User": "",
+        "Volumes": null,
+        "WorkingDir": ""
+    },
+    "Created": "2014-10-01T20:46:08.914288461Z",
+    "DockerVersion": "1.2.0",
+    "Id": "e72ac664f4f0c6a061ac4ef332557a70d69b0c624b6add35f1c181ff7fff2287",
+    "Os": "linux",
+    "Parent": "e433a6c5b276a31aa38bf6eaba9cd1cfd69ea33f706ed72b3f20bafde5cd8644",
+    "Size": 0
+}
+]
+EOS
+end

data/spec/type/linux/file_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+property[:os] = nil
+set :os, {:family => 'linux'}
+
+describe file('/tmp') do
+  it { should be_readable.by_user('mail') }
+end
+
+describe file('/tmp') do
+  it { should be_writable.by_user('mail') }
+end
+
+describe file('/tmp') do
+  it { should be_executable.by_user('mail') }
+end
+
+describe file('/tmp') do
+  it { should be_immutable }
+end
+
+describe file('/tmp') do
+  let(:exit_status) { 0 }
+  let(:stdout) { 'unconfined_u:unconfined_r:unconfined_t:s0' }
+  its(:selinux_label) { should eq 'unconfined_u:unconfined_r:unconfined_t:s0' }
+end
+

data/spec/type/linux/fstab_spec.rb

@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe fstab do
+  let(:stdout) { "/dev/sda1 /mnt ext4 ro,errors=remount-ro,barrier=0 0 2\r\n" }
+  it { should have_entry( :mount_point => '/mnt' ) }
+end
+
+describe fstab do
+  let(:exit_status) { 1 }
+  it { should_not have_entry( :mount_point => '/mnt' ) }
+end
+
+describe fstab do
+  let(:stdout) { "/dev/sda1 /mnt ext4 ro,errors=remount-ro,barrier=0 0 2\r\n" }
+  it do
+    should have_entry(
+      :device => '/dev/sda1',
+      :mount_point => '/mnt',
+      :type => 'ext4',
+      :options => {
+        :ro => true,
+        :errors => 'remount-ro',
+        :barrier => 0
+      },
+      :dump => 0,
+      :pass => 2
+    )
+  end
+end

data/spec/type/linux/interface_spec.rb

@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe interface('eth0') do
+  let(:stdout) { '1000' }
+  its(:speed) { should eq 1000 }
+end
+
+describe interface('eth0') do
+  let(:stdout) { '1500' }
+  its(:mtu) { should eq 1500 }
+end
+
+describe interface('eth0') do
+  it { should have_ipv4_address('192.168.10.10') }
+end
+
+describe interface('eth0') do
+  it { should have_ipv4_address('192.168.10.10/24') }
+end
+
+describe interface('eth0') do
+  it { should have_ipv6_address('2001:0db8:bd05:01d2:288a:1fc0:0001:10ee') }
+end
+
+describe interface('eth1') do
+  let(:stdout) { "1.2.3.4/1\r\n" }
+  its(:ipv4_address) { should match(/^[\d.]+\/\d+$/) }
+end
+
+describe interface('eth1') do
+  let(:stdout) { "2001:db8::1234/1\r\n" }
+  its(:ipv6_address) { should match(/^[a-f\d:]+\/\d+$/i) }
+end
+
+describe interface('eth0') do
+  let(:stdout) { 'up' }
+  it { should be_up }
+end
+
+describe interface('invalid-interface') do
+  let(:stdout) { '1000' }
+  its(:speed) { should_not eq 100 }
+end
+
+describe interface('invalid-interface') do
+  let(:stdout) { '9001' }
+  its(:mtu) { should_not eq 1500 }
+end

data/spec/type/linux/ip6tables_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe ip6tables do
+  it { should have_rule '-P INPUT ACCEPT' }
+end
+
+describe ip6tables do
+  it { should have_rule('-P INPUT ACCEPT').with_table('mangle').with_chain('INPUT') }
+end
+
+
+
+
+
+
+
+

data/spec/type/linux/iptables_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe iptables do
+  it { should have_rule '-P INPUT ACCEPT' }
+end
+
+describe iptables do
+  it { should have_rule('-P INPUT ACCEPT').with_table('mangle').with_chain('INPUT') }
+end

data/spec/type/linux/kernel_module_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe kernel_module('lp') do
+  it { should be_loaded }
+end

data/spec/type/linux/kvm_guest_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+set :os, :family => 'linux'
+
+describe kvm('ct01') do
+  it { should exist }
+end
+
+describe kvm('ct01') do
+  it { should be_running }
+end
+
+describe kvm('ct01') do
+  it { should be_enabled }
+end