serverspec 0.10.1 → 0.10.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +1 -1
- data/lib/serverspec.rb +2 -0
- data/lib/serverspec/backend/exec.rb +2 -0
- data/lib/serverspec/commands/plamo.rb +21 -0
- data/lib/serverspec/helper.rb +1 -0
- data/lib/serverspec/helper/plamo.rb +9 -0
- data/lib/serverspec/version.rb +1 -1
- data/spec/plamo/command_spec.rb +50 -0
- data/spec/plamo/cron_spec.rb +23 -0
- data/spec/plamo/default_gateway_spec.rb +18 -0
- data/spec/plamo/file_spec.rb +397 -0
- data/spec/plamo/group_spec.rb +24 -0
- data/spec/plamo/host_spec.rb +60 -0
- data/spec/plamo/interface_spec.rb +26 -0
- data/spec/plamo/iptables_spec.rb +23 -0
- data/spec/plamo/kernel_module_spec.rb +14 -0
- data/spec/plamo/linux_kernel_parameter_spec.rb +38 -0
- data/spec/plamo/mail_alias_spec.rb +14 -0
- data/spec/plamo/package_spec.rb +102 -0
- data/spec/plamo/php_config_spec.rb +38 -0
- data/spec/plamo/port_spec.rb +32 -0
- data/spec/plamo/routing_table_spec.rb +122 -0
- data/spec/plamo/selinux_spec.rb +20 -0
- data/spec/plamo/service_spec.rb +86 -0
- data/spec/plamo/service_spec.rb.plamo +63 -0
- data/spec/plamo/user_spec.rb +59 -0
- data/spec/plamo/zfs_spec.rb +20 -0
- metadata +44 -2
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.configure do |c|
|
4
|
+
c.os = 'Plamo'
|
5
|
+
end
|
6
|
+
|
7
|
+
describe selinux do
|
8
|
+
it { should be_enforcing }
|
9
|
+
its(:command) { should eq "getenforce | grep -i -- enforcing && grep -i -- ^SELINUX=enforcing$ /etc/selinux/config" }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe selinux do
|
13
|
+
it { should be_permissive }
|
14
|
+
its(:command) { should eq "getenforce | grep -i -- permissive && grep -i -- ^SELINUX=permissive$ /etc/selinux/config" }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe selinux do
|
18
|
+
it { should be_disabled }
|
19
|
+
its(:command) { should eq "test ! -f /etc/selinux/config || (getenforce | grep -i -- disabled && grep -i -- ^SELINUX=disabled$ /etc/selinux/config)" }
|
20
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.configure do |c|
|
4
|
+
c.os = 'Debian'
|
5
|
+
end
|
6
|
+
|
7
|
+
describe service('sshd') do
|
8
|
+
it { should be_enabled }
|
9
|
+
its(:command) { should eq "test -x /etc/rc.d/init.d/sshd" }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe service('invalid-service') do
|
13
|
+
it { should_not be_enabled }
|
14
|
+
end
|
15
|
+
|
16
|
+
describe service('sshd') do
|
17
|
+
it { should be_enabled.with_level(4) }
|
18
|
+
its(:command) { should eq "test -x /etc/rc.d/init.d/sshd" }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe service('invalid-service') do
|
22
|
+
it { should_not be_enabled.with_level(4) }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe service('sshd') do
|
26
|
+
let(:stdout) { "sshd is stopped\r\n" }
|
27
|
+
it { should be_running }
|
28
|
+
end
|
29
|
+
|
30
|
+
describe service('sshd') do
|
31
|
+
it { should be_running.under('supervisor') }
|
32
|
+
its(:command) { should eq "supervisorctl status sshd | grep RUNNING" }
|
33
|
+
end
|
34
|
+
|
35
|
+
describe service('invalid-daemon') do
|
36
|
+
it { should_not be_running.under('supervisor') }
|
37
|
+
end
|
38
|
+
|
39
|
+
describe service('sshd') do
|
40
|
+
it { should be_running.under('upstart') }
|
41
|
+
its(:command) { should eq "initctl status sshd | grep running" }
|
42
|
+
end
|
43
|
+
|
44
|
+
describe service('invalid-daemon') do
|
45
|
+
it { should_not be_running.under('upstart') }
|
46
|
+
end
|
47
|
+
|
48
|
+
describe service('sshd') do
|
49
|
+
it {
|
50
|
+
expect {
|
51
|
+
should be_running.under('not implemented')
|
52
|
+
}.to raise_error(ArgumentError, %r/\A`be_running` matcher doesn\'t support/)
|
53
|
+
}
|
54
|
+
end
|
55
|
+
|
56
|
+
describe service('sshd') do
|
57
|
+
let(:stdout) { "Process 'sshd'\r\n status running\r\n monitoring status monitored" }
|
58
|
+
it { should be_monitored_by('monit') }
|
59
|
+
its(:command) { should eq "monit status" }
|
60
|
+
end
|
61
|
+
|
62
|
+
describe service('sshd') do
|
63
|
+
let(:stdout) { "Process 'sshd'\r\n status not monitored\r\n monitoring status not monitored" }
|
64
|
+
it { should_not be_monitored_by('monit') }
|
65
|
+
end
|
66
|
+
|
67
|
+
describe service('invalid-daemon') do
|
68
|
+
it { should_not be_monitored_by('monit') }
|
69
|
+
end
|
70
|
+
|
71
|
+
describe service('unicorn') do
|
72
|
+
it { should be_monitored_by('god') }
|
73
|
+
its(:command) { should eq "god status unicorn" }
|
74
|
+
end
|
75
|
+
|
76
|
+
describe service('invalid-daemon') do
|
77
|
+
it { should_not be_monitored_by('god') }
|
78
|
+
end
|
79
|
+
|
80
|
+
describe service('sshd') do
|
81
|
+
it {
|
82
|
+
expect {
|
83
|
+
should be_monitored_by('not implemented')
|
84
|
+
}.to raise_error(ArgumentError, %r/\A`be_monitored_by` matcher doesn\'t support/)
|
85
|
+
}
|
86
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.configure do |c|
|
4
|
+
c.os = 'Debian'
|
5
|
+
end
|
6
|
+
|
7
|
+
describe service('sshd') do
|
8
|
+
it { should be_enabled }
|
9
|
+
its(:command) { should eq "test -x /etc/rc.d/init.d/sshd" }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe service('invalid-service') do
|
13
|
+
it { should_not be_enabled }
|
14
|
+
end
|
15
|
+
|
16
|
+
describe service('sshd') do
|
17
|
+
it { should be_enabled.with_level(4) }
|
18
|
+
its(:command) { should eq "test -x /etc/rc.d/init.d/sshd" }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe service('invalid-service') do
|
22
|
+
it { should_not be_enabled.with_level(4) }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe service('sshd') do
|
26
|
+
it {
|
27
|
+
expect {
|
28
|
+
should be_running.under('not implemented')
|
29
|
+
}.to raise_error(ArgumentError, %r/\A`be_running` matcher doesn\'t support/)
|
30
|
+
}
|
31
|
+
end
|
32
|
+
|
33
|
+
describe service('sshd') do
|
34
|
+
let(:stdout) { "Process 'sshd'\r\n status running\r\n monitoring status monitored" }
|
35
|
+
it { should be_monitored_by('monit') }
|
36
|
+
its(:command) { should eq "monit status" }
|
37
|
+
end
|
38
|
+
|
39
|
+
describe service('sshd') do
|
40
|
+
let(:stdout) { "Process 'sshd'\r\n status not monitored\r\n monitoring status not monitored" }
|
41
|
+
it { should_not be_monitored_by('monit') }
|
42
|
+
end
|
43
|
+
|
44
|
+
describe service('invalid-daemon') do
|
45
|
+
it { should_not be_monitored_by('monit') }
|
46
|
+
end
|
47
|
+
|
48
|
+
describe service('unicorn') do
|
49
|
+
it { should be_monitored_by('god') }
|
50
|
+
its(:command) { should eq "god status unicorn" }
|
51
|
+
end
|
52
|
+
|
53
|
+
describe service('invalid-daemon') do
|
54
|
+
it { should_not be_monitored_by('god') }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe service('sshd') do
|
58
|
+
it {
|
59
|
+
expect {
|
60
|
+
should be_monitored_by('not implemented')
|
61
|
+
}.to raise_error(ArgumentError, %r/\A`be_monitored_by` matcher doesn\'t support/)
|
62
|
+
}
|
63
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.configure do |c|
|
4
|
+
c.os = 'Plamo'
|
5
|
+
end
|
6
|
+
|
7
|
+
describe user('root') do
|
8
|
+
it { should exist }
|
9
|
+
its(:command) { should eq "id root" }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe user('invalid-user') do
|
13
|
+
it { should_not exist }
|
14
|
+
end
|
15
|
+
|
16
|
+
describe user('root') do
|
17
|
+
it { should belong_to_group 'root' }
|
18
|
+
its(:command) { should eq "id root | awk '{print $3}' | grep -- root" }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe user('root') do
|
22
|
+
it { should_not belong_to_group 'invalid-group' }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe user('root') do
|
26
|
+
it { should have_uid 0 }
|
27
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
28
|
+
end
|
29
|
+
|
30
|
+
describe user('root') do
|
31
|
+
it { should_not have_uid 'invalid-uid' }
|
32
|
+
end
|
33
|
+
|
34
|
+
describe user('root') do
|
35
|
+
it { should have_login_shell '/bin/bash' }
|
36
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
37
|
+
end
|
38
|
+
|
39
|
+
describe user('root') do
|
40
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
41
|
+
end
|
42
|
+
|
43
|
+
describe user('root') do
|
44
|
+
it { should have_home_directory '/root' }
|
45
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
46
|
+
end
|
47
|
+
|
48
|
+
describe user('root') do
|
49
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
50
|
+
end
|
51
|
+
|
52
|
+
describe user('root') do
|
53
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
54
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe user('root') do
|
58
|
+
it { should_not have_authorized_key 'invalid-key' }
|
59
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.configure do |c|
|
4
|
+
c.os = 'Plamo'
|
5
|
+
end
|
6
|
+
|
7
|
+
describe zfs('rpool') do
|
8
|
+
it { should exist }
|
9
|
+
its(:command) { should eq "zfs list -H rpool" }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe zfs('rpool') do
|
13
|
+
it { should have_property 'mountpoint' => '/rpool' }
|
14
|
+
its(:command) { should eq "zfs list -H -o mountpoint rpool | grep -- \\^/rpool\\$" }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe zfs('rpool') do
|
18
|
+
it { should have_property 'mountpoint' => '/rpool', 'compression' => 'off' }
|
19
|
+
its(:command) { should eq "zfs list -H -o compression rpool | grep -- \\^off\\$ && zfs list -H -o mountpoint rpool | grep -- \\^/rpool\\$" }
|
20
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: serverspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.10.
|
4
|
+
version: 0.10.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Gosuke Miyashita
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-10-
|
11
|
+
date: 2013-10-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: net-ssh
|
@@ -122,6 +122,7 @@ files:
|
|
122
122
|
- lib/serverspec/commands/freebsd.rb
|
123
123
|
- lib/serverspec/commands/gentoo.rb
|
124
124
|
- lib/serverspec/commands/linux.rb
|
125
|
+
- lib/serverspec/commands/plamo.rb
|
125
126
|
- lib/serverspec/commands/redhat.rb
|
126
127
|
- lib/serverspec/commands/smartos.rb
|
127
128
|
- lib/serverspec/commands/solaris.rb
|
@@ -141,6 +142,7 @@ files:
|
|
141
142
|
- lib/serverspec/helper/exec.rb
|
142
143
|
- lib/serverspec/helper/freebsd.rb
|
143
144
|
- lib/serverspec/helper/gentoo.rb
|
145
|
+
- lib/serverspec/helper/plamo.rb
|
144
146
|
- lib/serverspec/helper/puppet.rb
|
145
147
|
- lib/serverspec/helper/redhat.rb
|
146
148
|
- lib/serverspec/helper/smartos.rb
|
@@ -282,6 +284,26 @@ files:
|
|
282
284
|
- spec/gentoo/user_spec.rb
|
283
285
|
- spec/gentoo/zfs_spec.rb
|
284
286
|
- spec/helpers/attributes_spec.rb
|
287
|
+
- spec/plamo/command_spec.rb
|
288
|
+
- spec/plamo/cron_spec.rb
|
289
|
+
- spec/plamo/default_gateway_spec.rb
|
290
|
+
- spec/plamo/file_spec.rb
|
291
|
+
- spec/plamo/group_spec.rb
|
292
|
+
- spec/plamo/host_spec.rb
|
293
|
+
- spec/plamo/interface_spec.rb
|
294
|
+
- spec/plamo/iptables_spec.rb
|
295
|
+
- spec/plamo/kernel_module_spec.rb
|
296
|
+
- spec/plamo/linux_kernel_parameter_spec.rb
|
297
|
+
- spec/plamo/mail_alias_spec.rb
|
298
|
+
- spec/plamo/package_spec.rb
|
299
|
+
- spec/plamo/php_config_spec.rb
|
300
|
+
- spec/plamo/port_spec.rb
|
301
|
+
- spec/plamo/routing_table_spec.rb
|
302
|
+
- spec/plamo/selinux_spec.rb
|
303
|
+
- spec/plamo/service_spec.rb
|
304
|
+
- spec/plamo/service_spec.rb.plamo
|
305
|
+
- spec/plamo/user_spec.rb
|
306
|
+
- spec/plamo/zfs_spec.rb
|
285
307
|
- spec/redhat/command_spec.rb
|
286
308
|
- spec/redhat/commands_spec.rb
|
287
309
|
- spec/redhat/cron_spec.rb
|
@@ -456,6 +478,26 @@ test_files:
|
|
456
478
|
- spec/gentoo/user_spec.rb
|
457
479
|
- spec/gentoo/zfs_spec.rb
|
458
480
|
- spec/helpers/attributes_spec.rb
|
481
|
+
- spec/plamo/command_spec.rb
|
482
|
+
- spec/plamo/cron_spec.rb
|
483
|
+
- spec/plamo/default_gateway_spec.rb
|
484
|
+
- spec/plamo/file_spec.rb
|
485
|
+
- spec/plamo/group_spec.rb
|
486
|
+
- spec/plamo/host_spec.rb
|
487
|
+
- spec/plamo/interface_spec.rb
|
488
|
+
- spec/plamo/iptables_spec.rb
|
489
|
+
- spec/plamo/kernel_module_spec.rb
|
490
|
+
- spec/plamo/linux_kernel_parameter_spec.rb
|
491
|
+
- spec/plamo/mail_alias_spec.rb
|
492
|
+
- spec/plamo/package_spec.rb
|
493
|
+
- spec/plamo/php_config_spec.rb
|
494
|
+
- spec/plamo/port_spec.rb
|
495
|
+
- spec/plamo/routing_table_spec.rb
|
496
|
+
- spec/plamo/selinux_spec.rb
|
497
|
+
- spec/plamo/service_spec.rb
|
498
|
+
- spec/plamo/service_spec.rb.plamo
|
499
|
+
- spec/plamo/user_spec.rb
|
500
|
+
- spec/plamo/zfs_spec.rb
|
459
501
|
- spec/redhat/command_spec.rb
|
460
502
|
- spec/redhat/commands_spec.rb
|
461
503
|
- spec/redhat/cron_spec.rb
|