serverspec 0.6.20 → 0.6.21
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/serverspec/type/file.rb +1 -1
- data/lib/serverspec/version.rb +1 -1
- data/spec/darwin/commands_spec.rb +0 -53
- data/spec/darwin/file_spec.rb +376 -36
- data/spec/debian/commands_spec.rb +0 -25
- data/spec/debian/file_spec.rb +377 -39
- data/spec/debian/kernel_module_spec.rb +7 -2
- data/spec/debian/selinux_spec.rb +13 -4
- data/spec/gentoo/commands_spec.rb +0 -25
- data/spec/gentoo/file_spec.rb +376 -36
- data/spec/gentoo/kernel_module_spec.rb +7 -2
- data/spec/gentoo/selinux_spec.rb +13 -4
- data/spec/redhat/commands_spec.rb +0 -40
- data/spec/redhat/file_spec.rb +376 -39
- data/spec/redhat/kernel_module_spec.rb +7 -2
- data/spec/redhat/selinux_spec.rb +13 -4
- data/spec/smartos/commands_spec.rb +0 -58
- data/spec/solaris/commands_spec.rb +0 -56
- data/spec/solaris/file_spec.rb +376 -36
- data/spec/solaris10/commands_spec.rb +0 -57
- data/spec/support/shared_commands_examples.rb +0 -117
- metadata +2 -8
- data/spec/support/shared_file_examples.rb +0 -503
- data/spec/support/shared_kernel_module_examples.rb +0 -11
- data/spec/support/shared_selinux_examples.rb +0 -17
data/spec/redhat/file_spec.rb
CHANGED
@@ -2,43 +2,380 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::RedHat
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
5
|
+
describe file('/etc/ssh/sshd_config') do
|
6
|
+
it { should be_file }
|
7
|
+
its(:command) { should eq "test -f /etc/ssh/sshd_config" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe file('/etc/invalid_file') do
|
11
|
+
it { should_not be_file }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe file('/etc/ssh') do
|
15
|
+
it { should be_directory }
|
16
|
+
its(:command) { should eq "test -d /etc/ssh" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe file('/etc/invalid_directory') do
|
20
|
+
it { should_not be_directory }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe file('/var/run/unicorn.sock') do
|
24
|
+
it { should be_socket }
|
25
|
+
its(:command) { should eq "test -S /var/run/unicorn.sock" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe file('/etc/invalid_socket') do
|
29
|
+
it { should_not be_socket }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe file('/etc/ssh/sshd_config') do
|
33
|
+
it { should contain 'This is the sshd server system-wide configuration file' }
|
34
|
+
its(:command) { should eq "grep -q -- This\\ is\\ the\\ sshd\\ server\\ system-wide\\ configuration\\ file /etc/ssh/sshd_config" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe file('/etc/ssh/sshd_config') do
|
38
|
+
it { should_not contain 'This is invalid text!!' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe file('Gemfile') do
|
42
|
+
it { should contain('rspec').from(/^group :test do/).to(/^end/) }
|
43
|
+
its(:command) { should eq "sed -n /\\^group\\ :test\\ do/,/\\^end/p Gemfile | grep -q -- rspec -" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe file('/etc/ssh/sshd_config') do
|
47
|
+
it { should_not contain('This is invalid text!!').from(/^group :test do/).to(/^end/) }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe file('Gemfile') do
|
51
|
+
it { should contain('rspec').after(/^group :test do/) }
|
52
|
+
its(:command) { should eq "sed -n /\\^group\\ :test\\ do/,\\$p Gemfile | grep -q -- rspec -" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe file('/etc/ssh/sshd_config') do
|
56
|
+
it { should_not contain('This is invalid text!!').after(/^group :test do/) }
|
57
|
+
end
|
58
|
+
|
59
|
+
describe file('Gemfile') do
|
60
|
+
it { should contain('rspec').before(/^end/) }
|
61
|
+
its(:command) { should eq "sed -n 1,/\\^end/p Gemfile | grep -q -- rspec -" }
|
62
|
+
end
|
63
|
+
|
64
|
+
describe file('/etc/ssh/sshd_config') do
|
65
|
+
it { should_not contain('This is invalid text!!').before(/^end/) }
|
66
|
+
end
|
67
|
+
|
68
|
+
describe file('/etc/passwd') do
|
69
|
+
it { should be_mode 644 }
|
70
|
+
its(:command) { should eq "stat -c %a /etc/passwd | grep -- \\^644\\$" }
|
71
|
+
end
|
72
|
+
|
73
|
+
describe file('/etc/passwd') do
|
74
|
+
it { should_not be_mode 'invalid' }
|
75
|
+
end
|
76
|
+
|
77
|
+
describe file('/etc/passwd') do
|
78
|
+
it { should be_owned_by 'root' }
|
79
|
+
its(:command) { should eq "stat -c %U /etc/passwd | grep -- \\^root\\$" }
|
80
|
+
end
|
81
|
+
|
82
|
+
describe file('/etc/passwd') do
|
83
|
+
it { should_not be_owned_by 'invalid-owner' }
|
84
|
+
end
|
85
|
+
|
86
|
+
describe file('/etc/passwd') do
|
87
|
+
it { should be_grouped_into 'root' }
|
88
|
+
its(:command) { should eq "stat -c %G /etc/passwd | grep -- \\^root\\$" }
|
89
|
+
end
|
90
|
+
|
91
|
+
describe file('/etc/passwd') do
|
92
|
+
it { should_not be_grouped_into 'invalid-group' }
|
93
|
+
end
|
94
|
+
|
95
|
+
describe file('/etc/pam.d/system-auth') do
|
96
|
+
it { should be_linked_to '/etc/pam.d/system-auth-ac' }
|
97
|
+
its(:command) { should eq "stat -c %N /etc/pam.d/system-auth | grep -- /etc/pam.d/system-auth-ac" }
|
98
|
+
end
|
99
|
+
|
100
|
+
describe file('dummy-link') do
|
101
|
+
it { should_not be_linked_to '/invalid/target' }
|
102
|
+
end
|
103
|
+
|
104
|
+
describe file('/dev') do
|
105
|
+
let(:stdout) { "755\r\n" }
|
106
|
+
it { should be_readable }
|
107
|
+
its(:command) { should eq "stat -c %a /dev" }
|
108
|
+
end
|
109
|
+
|
110
|
+
describe file('/dev') do
|
111
|
+
let(:stdout) { "333\r\n" }
|
112
|
+
it { should_not be_readable }
|
113
|
+
end
|
114
|
+
|
115
|
+
describe file('/dev') do
|
116
|
+
let(:stdout) { "400\r\n" }
|
117
|
+
it { should be_readable.by('owner') }
|
118
|
+
end
|
119
|
+
|
120
|
+
describe file('/dev') do
|
121
|
+
let(:stdout) { "044\r\n" }
|
122
|
+
it { should_not be_readable.by('owner') }
|
123
|
+
end
|
124
|
+
|
125
|
+
describe file('/dev') do
|
126
|
+
let(:stdout) { "040\r\n" }
|
127
|
+
it { should be_readable.by('group') }
|
128
|
+
end
|
129
|
+
|
130
|
+
describe file('/dev') do
|
131
|
+
let(:stdout) { "404\r\n" }
|
132
|
+
it { should_not be_readable.by('group') }
|
133
|
+
end
|
134
|
+
|
135
|
+
describe file('/dev') do
|
136
|
+
let(:stdout) { "044\r\n" }
|
137
|
+
it { should be_readable.by('others') }
|
138
|
+
end
|
139
|
+
|
140
|
+
describe file('/dev') do
|
141
|
+
let(:stdout) { "443\r\n" }
|
142
|
+
it { should_not be_readable.by('others') }
|
143
|
+
end
|
144
|
+
|
145
|
+
describe file('/tmp') do
|
146
|
+
it { should be_readable.by_user('mail') }
|
147
|
+
its(:command) { should eq "runuser -c \"test -r /tmp\" mail" }
|
148
|
+
end
|
149
|
+
|
150
|
+
describe file('/tmp') do
|
151
|
+
it { should_not be_readable.by_user('invalid-user') }
|
152
|
+
end
|
153
|
+
|
154
|
+
describe file('/dev') do
|
155
|
+
let(:stdout) { "755\r\n" }
|
156
|
+
it { should be_writable }
|
157
|
+
its(:command) { should eq "stat -c %a /dev" }
|
158
|
+
end
|
159
|
+
|
160
|
+
describe file('/dev') do
|
161
|
+
let(:stdout) { "555\r\n" }
|
162
|
+
it { should_not be_writable }
|
163
|
+
end
|
164
|
+
|
165
|
+
describe file('/dev') do
|
166
|
+
let(:stdout) { "200\r\n" }
|
167
|
+
it { should be_writable.by('owner') }
|
168
|
+
end
|
169
|
+
|
170
|
+
describe file('/dev') do
|
171
|
+
let(:stdout) { "555\r\n" }
|
172
|
+
it { should_not be_writable.by('owner') }
|
173
|
+
end
|
174
|
+
|
175
|
+
describe file('/dev') do
|
176
|
+
let(:stdout) { "030\r\n" }
|
177
|
+
it { should be_writable.by('group') }
|
178
|
+
end
|
179
|
+
|
180
|
+
describe file('/dev') do
|
181
|
+
let(:stdout) { "555\r\n" }
|
182
|
+
it { should_not be_writable.by('group') }
|
183
|
+
end
|
184
|
+
|
185
|
+
describe file('/dev') do
|
186
|
+
let(:stdout) { "666\r\n" }
|
187
|
+
it { should be_writable.by('others') }
|
188
|
+
end
|
189
|
+
|
190
|
+
describe file('/dev') do
|
191
|
+
let(:stdout) { "555\r\n" }
|
192
|
+
it { should_not be_writable.by('others') }
|
193
|
+
end
|
194
|
+
|
195
|
+
describe file('/tmp') do
|
196
|
+
it { should be_writable.by_user('mail') }
|
197
|
+
its(:command) { should eq "runuser -c \"test -w /tmp\" mail" }
|
198
|
+
end
|
199
|
+
|
200
|
+
describe file('/tmp') do
|
201
|
+
it { should_not be_writable.by_user('invalid-user') }
|
202
|
+
end
|
203
|
+
|
204
|
+
describe file('/dev') do
|
205
|
+
let(:stdout) { "755\r\n" }
|
206
|
+
it { should be_executable }
|
207
|
+
its(:command) { should eq "stat -c %a /dev" }
|
208
|
+
end
|
209
|
+
|
210
|
+
describe file('/dev') do
|
211
|
+
let(:stdout) { "666\r\n" }
|
212
|
+
it { should_not be_executable }
|
213
|
+
end
|
214
|
+
|
215
|
+
describe file('/dev') do
|
216
|
+
let(:stdout) { "100\r\n" }
|
217
|
+
it { should be_executable.by('owner') }
|
218
|
+
end
|
219
|
+
|
220
|
+
describe file('/dev') do
|
221
|
+
let(:stdout) { "666\r\n" }
|
222
|
+
it { should_not be_executable.by('owner') }
|
223
|
+
end
|
224
|
+
|
225
|
+
describe file('/dev') do
|
226
|
+
let(:stdout) { "070\r\n" }
|
227
|
+
it { should be_executable.by('group') }
|
228
|
+
end
|
229
|
+
|
230
|
+
describe file('/dev') do
|
231
|
+
let(:stdout) { "666\r\n" }
|
232
|
+
it { should_not be_executable.by('group') }
|
233
|
+
end
|
234
|
+
|
235
|
+
describe file('/dev') do
|
236
|
+
let(:stdout) { "001\r\n" }
|
237
|
+
it { should be_executable.by('others') }
|
238
|
+
end
|
239
|
+
|
240
|
+
describe file('/dev') do
|
241
|
+
let(:stdout) { "666\r\n" }
|
242
|
+
it { should_not be_executable.by('others') }
|
243
|
+
end
|
244
|
+
|
245
|
+
describe file('/tmp') do
|
246
|
+
it { should be_executable.by_user('mail') }
|
247
|
+
its(:command) { should eq "runuser -c \"test -x /tmp\" mail" }
|
248
|
+
end
|
249
|
+
|
250
|
+
describe file('/tmp') do
|
251
|
+
it { should_not be_executable.by_user('invalid-user') }
|
252
|
+
end
|
253
|
+
|
254
|
+
describe file('/') do
|
255
|
+
it { should be_mounted }
|
256
|
+
its(:command) { should eq "mount | grep -w -- on\\ /" }
|
257
|
+
end
|
258
|
+
|
259
|
+
describe file('/etc/invalid-mount') do
|
260
|
+
it { should_not be_mounted }
|
261
|
+
end
|
262
|
+
|
263
|
+
describe file('/') do
|
264
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
265
|
+
it { should be_mounted.with( :type => 'ext4' ) }
|
266
|
+
end
|
267
|
+
|
268
|
+
describe file('/') do
|
269
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
270
|
+
it { should be_mounted.with( :type => 'ext4', :options => { :rw => true } ) }
|
271
|
+
end
|
272
|
+
|
273
|
+
describe file('/') do
|
274
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
275
|
+
it { should be_mounted.with( :type => 'ext4', :options => { :mode => 620 } ) }
|
276
|
+
end
|
277
|
+
|
278
|
+
describe file('/') do
|
279
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
280
|
+
it { should be_mounted.with( :type => 'ext4', :device => '/dev/mapper/VolGroup-lv_root' ) }
|
281
|
+
end
|
282
|
+
|
283
|
+
describe file('/') do
|
284
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
285
|
+
it { should_not be_mounted.with( :type => 'xfs' ) }
|
286
|
+
end
|
287
|
+
|
288
|
+
describe file('/') do
|
289
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
290
|
+
it { should_not be_mounted.with( :type => 'ext4', :options => { :rw => false } ) }
|
291
|
+
end
|
292
|
+
|
293
|
+
describe file('/') do
|
294
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
295
|
+
it { should_not be_mounted.with( :type => 'ext4', :options => { :mode => 600 } ) }
|
296
|
+
end
|
297
|
+
|
298
|
+
describe file('/') do
|
299
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
300
|
+
it { should_not be_mounted.with( :type => 'xfs', :device => '/dev/mapper/VolGroup-lv_root' ) }
|
301
|
+
end
|
302
|
+
|
303
|
+
describe file('/') do
|
304
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
305
|
+
it { should_not be_mounted.with( :type => 'ext4', :device => '/dev/mapper/VolGroup-lv_r00t' ) }
|
306
|
+
end
|
307
|
+
|
308
|
+
describe file('/etc/invalid-mount') do
|
309
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
310
|
+
it { should_not be_mounted.with( :type => 'ext4' ) }
|
311
|
+
end
|
312
|
+
|
313
|
+
describe file('/') do
|
314
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
315
|
+
it do
|
316
|
+
should be_mounted.only_with(
|
317
|
+
:device => '/dev/mapper/VolGroup-lv_root',
|
318
|
+
:type => 'ext4',
|
319
|
+
:options => {
|
320
|
+
:rw => true,
|
321
|
+
:mode => 620,
|
322
|
+
}
|
323
|
+
)
|
324
|
+
end
|
325
|
+
end
|
326
|
+
|
327
|
+
describe file('/') do
|
328
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
329
|
+
it do
|
330
|
+
should_not be_mounted.only_with(
|
331
|
+
:device => '/dev/mapper/VolGroup-lv_root',
|
332
|
+
:type => 'ext4',
|
333
|
+
:options => {
|
334
|
+
:rw => true,
|
335
|
+
:mode => 620,
|
336
|
+
:bind => true,
|
337
|
+
}
|
338
|
+
)
|
339
|
+
end
|
340
|
+
end
|
341
|
+
|
342
|
+
describe file('/') do
|
343
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
344
|
+
it do
|
345
|
+
should_not be_mounted.only_with(
|
346
|
+
:device => '/dev/mapper/VolGroup-lv_root',
|
347
|
+
:type => 'ext4',
|
348
|
+
:options => {
|
349
|
+
:rw => true,
|
350
|
+
}
|
351
|
+
)
|
352
|
+
end
|
353
|
+
end
|
354
|
+
|
355
|
+
describe file('/') do
|
356
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
357
|
+
it do
|
358
|
+
should_not be_mounted.only_with(
|
359
|
+
:device => '/dev/mapper/VolGroup-lv_roooooooooot',
|
360
|
+
:type => 'ext4',
|
361
|
+
:options => {
|
362
|
+
:rw => true,
|
363
|
+
:mode => 620,
|
364
|
+
}
|
365
|
+
)
|
366
|
+
end
|
367
|
+
end
|
368
|
+
|
369
|
+
describe file('/etc/invalid-mount') do
|
370
|
+
let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
|
371
|
+
it { should_not be_mounted.only_with( :type => 'ext4' ) }
|
372
|
+
end
|
373
|
+
|
374
|
+
describe file('/etc/services') do
|
375
|
+
it { should match_md5checksum '35435ea447c19f0ea5ef971837ab9ced' }
|
376
|
+
its(:command) { should eq "md5sum /etc/services | grep -iw -- ^35435ea447c19f0ea5ef971837ab9ced" }
|
377
|
+
end
|
378
|
+
|
379
|
+
describe file('invalid-file') do
|
380
|
+
it { should_not match_md5checksum 'INVALIDMD5CHECKSUM' }
|
44
381
|
end
|
@@ -2,6 +2,11 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::RedHat
|
4
4
|
|
5
|
-
describe '
|
6
|
-
|
5
|
+
describe kernel_module('lp') do
|
6
|
+
it { should be_loaded }
|
7
|
+
its(:command) { should eq "lsmod | grep ^lp" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe kernel_module('invalid-module') do
|
11
|
+
it { should_not be_loaded }
|
7
12
|
end
|
data/spec/redhat/selinux_spec.rb
CHANGED
@@ -2,8 +2,17 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::RedHat
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
5
|
+
describe selinux do
|
6
|
+
it { should be_enforcing }
|
7
|
+
its(:command) { should eq "getenforce | grep -i -- enforcing && grep -i -- ^SELINUX=enforcing$ /etc/selinux/config" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe selinux do
|
11
|
+
it { should be_permissive }
|
12
|
+
its(:command) { should eq "getenforce | grep -i -- permissive && grep -i -- ^SELINUX=permissive$ /etc/selinux/config" }
|
13
|
+
end
|
14
|
+
|
15
|
+
describe selinux do
|
16
|
+
it { should be_disabled }
|
17
|
+
its(:command) { should eq "getenforce | grep -i -- disabled && grep -i -- ^SELINUX=disabled$ /etc/selinux/config" }
|
9
18
|
end
|
@@ -3,37 +3,19 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::SmartOS
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris family specified SmartOS' do
|
6
|
-
it_behaves_like 'support command check_file', '/etc/passwd'
|
7
|
-
it_behaves_like 'support command check_directory', '/var/log'
|
8
|
-
it_behaves_like 'support command check_socket', '/var/run/unicorn.sock'
|
9
|
-
|
10
|
-
it_behaves_like 'support command check_mounted', '/'
|
11
|
-
|
12
6
|
it_behaves_like 'support command check_user', 'root'
|
13
7
|
it_behaves_like 'support command check_user', 'wheel'
|
14
8
|
|
15
|
-
it_behaves_like 'support command check_file_md5checksum', '/etc/passewd', '96c8c50f81a29965f7af6de371ab4250'
|
16
|
-
|
17
9
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
18
10
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
19
11
|
it_behaves_like 'support command check_process', 'httpd'
|
20
12
|
|
21
|
-
it_behaves_like 'support command check_file_contain', '/etc/passwd', 'root'
|
22
|
-
|
23
|
-
it_behaves_like 'support command check_mode', '/etc/sudoers', 440
|
24
|
-
it_behaves_like 'support command check_owner', '/etc/sudoers', 'root'
|
25
|
-
it_behaves_like 'support command check_grouped', '/etc/sudoers', 'wheel'
|
26
|
-
|
27
|
-
it_behaves_like 'support command check_link', '/etc/system-release', '/etc/redhat-release'
|
28
|
-
|
29
13
|
it_behaves_like 'support command check_uid', 'root', 0
|
30
14
|
|
31
15
|
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
32
16
|
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
33
17
|
|
34
18
|
it_behaves_like 'support command check_authorized_key'
|
35
|
-
|
36
|
-
it_behaves_like 'support command get_mode'
|
37
19
|
end
|
38
20
|
|
39
21
|
describe 'check_enabled' do
|
@@ -52,29 +34,6 @@ describe 'check_installed' do
|
|
52
34
|
subject { commands.check_installed('httpd', '2.2') }
|
53
35
|
it { should eq '/opt/local/bin/pkgin list 2> /dev/null | grep -qw ^httpd-2.2' }
|
54
36
|
end
|
55
|
-
|
56
|
-
describe 'check_file_contain_within' do
|
57
|
-
context 'contain a pattern in the file' do
|
58
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec') }
|
59
|
-
it { should eq "sed -n 1,\\$p Gemfile | grep -q -- rspec /dev/stdin" }
|
60
|
-
end
|
61
|
-
|
62
|
-
context 'contain a pattern after a line in a file' do
|
63
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec', '/^group :test do/') }
|
64
|
-
it { should eq "sed -n /\\^group\\ :test\\ do/,\\$p Gemfile | grep -q -- rspec /dev/stdin" }
|
65
|
-
end
|
66
|
-
|
67
|
-
context 'contain a pattern before a line in a file' do
|
68
|
-
subject {commands.check_file_contain_within('Gemfile', 'rspec', nil, '/^end/') }
|
69
|
-
it { should eq "sed -n 1,/\\^end/p Gemfile | grep -q -- rspec /dev/stdin" }
|
70
|
-
end
|
71
|
-
|
72
|
-
context 'contain a pattern from within a line and another line in a file' do
|
73
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec', '/^group :test do/', '/^end/') }
|
74
|
-
it { should eq "sed -n /\\^group\\ :test\\ do/,/\\^end/p Gemfile | grep -q -- rspec /dev/stdin" }
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
37
|
describe 'check_listening' do
|
79
38
|
subject { commands.check_listening(80) }
|
80
39
|
it { should eq "netstat -an 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .80\\ " }
|
@@ -136,20 +95,3 @@ describe 'check_svcprops' do
|
|
136
95
|
}
|
137
96
|
it { should eq "svcprop -p httpd/enable_64bit svc:/network/http:apache22 | grep -- \\^false\\$ && svcprop -p httpd/server_type svc:/network/http:apache22 | grep -- \\^worker\\$" }
|
138
97
|
end
|
139
|
-
|
140
|
-
describe 'check_access_by_user' do
|
141
|
-
context 'read access' do
|
142
|
-
subject {commands.check_access_by_user '/tmp/something', 'dummyuser1', 'r'}
|
143
|
-
it { should eq 'su dummyuser1 -c "test -r /tmp/something"' }
|
144
|
-
end
|
145
|
-
|
146
|
-
context 'write access' do
|
147
|
-
subject {commands.check_access_by_user '/tmp/somethingw', 'dummyuser2', 'w'}
|
148
|
-
it { should eq 'su dummyuser2 -c "test -w /tmp/somethingw"' }
|
149
|
-
end
|
150
|
-
|
151
|
-
context 'execute access' do
|
152
|
-
subject {commands.check_access_by_user '/tmp/somethingx', 'dummyuser3', 'x'}
|
153
|
-
it { should eq 'su dummyuser3 -c "test -x /tmp/somethingx"' }
|
154
|
-
end
|
155
|
-
end
|
@@ -3,37 +3,20 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Solaris
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris family' do
|
6
|
-
it_behaves_like 'support command check_file', '/etc/passwd'
|
7
|
-
it_behaves_like 'support command check_directory', '/var/log'
|
8
|
-
it_behaves_like 'support command check_socket', '/var/run/unicorn.sock'
|
9
|
-
|
10
|
-
it_behaves_like 'support command check_mounted', '/'
|
11
6
|
|
12
7
|
it_behaves_like 'support command check_user', 'root'
|
13
8
|
it_behaves_like 'support command check_user', 'wheel'
|
14
9
|
|
15
|
-
it_behaves_like 'support command check_file_md5checksum', '/etc/passewd', '96c8c50f81a29965f7af6de371ab4250'
|
16
|
-
|
17
10
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
18
11
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
19
12
|
it_behaves_like 'support command check_process', 'httpd'
|
20
13
|
|
21
|
-
it_behaves_like 'support command check_file_contain', '/etc/passwd', 'root'
|
22
|
-
|
23
|
-
it_behaves_like 'support command check_mode', '/etc/sudoers', 440
|
24
|
-
it_behaves_like 'support command check_owner', '/etc/sudoers', 'root'
|
25
|
-
it_behaves_like 'support command check_grouped', '/etc/sudoers', 'wheel'
|
26
|
-
|
27
|
-
it_behaves_like 'support command check_link', '/etc/system-release', '/etc/redhat-release'
|
28
|
-
|
29
14
|
it_behaves_like 'support command check_uid', 'root', 0
|
30
15
|
|
31
16
|
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
32
17
|
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
33
18
|
|
34
19
|
it_behaves_like 'support command check_authorized_key'
|
35
|
-
|
36
|
-
it_behaves_like 'support command get_mode'
|
37
20
|
end
|
38
21
|
|
39
22
|
describe 'check_enabled' do
|
@@ -41,28 +24,6 @@ describe 'check_enabled' do
|
|
41
24
|
it { should eq "svcs -l httpd 2> /dev/null | grep -wx '^enabled.*true$'" }
|
42
25
|
end
|
43
26
|
|
44
|
-
describe 'check_file_contain_within' do
|
45
|
-
context 'contain a pattern in the file' do
|
46
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec') }
|
47
|
-
it { should eq "sed -n 1,\\$p Gemfile | grep -q -- rspec /dev/stdin" }
|
48
|
-
end
|
49
|
-
|
50
|
-
context 'contain a pattern after a line in a file' do
|
51
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec', '/^group :test do/') }
|
52
|
-
it { should eq "sed -n /\\^group\\ :test\\ do/,\\$p Gemfile | grep -q -- rspec /dev/stdin" }
|
53
|
-
end
|
54
|
-
|
55
|
-
context 'contain a pattern before a line in a file' do
|
56
|
-
subject {commands.check_file_contain_within('Gemfile', 'rspec', nil, '/^end/') }
|
57
|
-
it { should eq "sed -n 1,/\\^end/p Gemfile | grep -q -- rspec /dev/stdin" }
|
58
|
-
end
|
59
|
-
|
60
|
-
context 'contain a pattern from within a line and another line in a file' do
|
61
|
-
subject { commands.check_file_contain_within('Gemfile', 'rspec', '/^group :test do/', '/^end/') }
|
62
|
-
it { should eq "sed -n /\\^group\\ :test\\ do/,/\\^end/p Gemfile | grep -q -- rspec /dev/stdin" }
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
27
|
describe 'check_running' do
|
67
28
|
subject { commands.check_running('httpd') }
|
68
29
|
it { should eq "svcs -l httpd status 2> /dev/null |grep -wx '^state.*online$'" }
|
@@ -119,20 +80,3 @@ describe 'check_svcprops' do
|
|
119
80
|
}
|
120
81
|
it { should eq "svcprop -p httpd/enable_64bit svc:/network/http:apache22 | grep -- \\^false\\$ && svcprop -p httpd/server_type svc:/network/http:apache22 | grep -- \\^worker\\$" }
|
121
82
|
end
|
122
|
-
|
123
|
-
describe 'check_access_by_user' do
|
124
|
-
context 'read access' do
|
125
|
-
subject {commands.check_access_by_user '/tmp/something', 'dummyuser1', 'r'}
|
126
|
-
it { should eq 'su dummyuser1 -c "test -r /tmp/something"' }
|
127
|
-
end
|
128
|
-
|
129
|
-
context 'write access' do
|
130
|
-
subject {commands.check_access_by_user '/tmp/somethingw', 'dummyuser2', 'w'}
|
131
|
-
it { should eq 'su dummyuser2 -c "test -w /tmp/somethingw"' }
|
132
|
-
end
|
133
|
-
|
134
|
-
context 'execute access' do
|
135
|
-
subject {commands.check_access_by_user '/tmp/somethingx', 'dummyuser3', 'x'}
|
136
|
-
it { should eq 'su dummyuser3 -c "test -x /tmp/somethingx"' }
|
137
|
-
end
|
138
|
-
end
|