serverspec 0.6.20 → 0.6.21

data/lib/serverspec/type/file.rb

@@ -14,7 +14,7 @@ module Serverspec
       end
 
       def contain(pattern, from, to)
-        if (@from || @to).nil?
+        if (from || to).nil?
           cmd = backend.check_file_contain(@name, pattern)
         else
           cmd = backend.check_file_contain_within(@name, pattern, from, to)

data/lib/serverspec/version.rb

@@ -1,3 +1,3 @@
 module Serverspec
-  VERSION = "0.6.20"
+  VERSION = "0.6.21"
 end

data/spec/darwin/commands_spec.rb

@@ -3,12 +3,6 @@ require 'spec_helper'
 include Serverspec::Helper::Darwin
 
 describe 'Serverspec commands of Darwin family' do
-  it_behaves_like 'support command check_file', '/etc/passwd'
-  it_behaves_like 'support command check_directory', '/var/log'
-  it_behaves_like 'support command check_socket', '/var/run/unicorn.sock'
-
-  it_behaves_like 'support command check_mounted', '/'
-
   it_behaves_like 'support command check_user', 'root'
   it_behaves_like 'support command check_user', 'wheel'
 
@@ -16,11 +10,6 @@ describe 'Serverspec commands of Darwin family' do
   it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
   it_behaves_like 'support command check_process', 'httpd'
 
-  it_behaves_like 'support command check_file_contain', '/etc/passwd', 'root'
-  it_behaves_like 'support command check_file_contain_within'
-
-  it_behaves_like 'support command check_link', '/etc/system-release', '/etc/darwin-release'
-
   it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
 
   it_behaves_like 'support command check_uid', 'root', 0
@@ -31,45 +20,3 @@ describe 'Serverspec commands of Darwin family' do
 
   it_behaves_like 'support command check_authorized_key'
 end
-
-describe 'check_mode' do
-  subject { commands.check_mode('/etc/sudoers', 440) }
-  it { should eq 'stat -f%Lp /etc/sudoers | grep -- \\^440\\$' }
-end
-
-describe 'check_owner' do
-  subject { commands.check_owner('/etc/passwd', 'root') }
-  it { should eq 'stat -f %Su /etc/passwd | grep -- \\^root\\$' }
-end
-
-describe 'check_grouped' do
-  subject { commands.check_grouped('/etc/passwd', 'wheel') }
-  it { should eq 'stat -f %Sg /etc/passwd | grep -- \\^wheel\\$' }
-end
-
-describe 'get_mode' do
-  subject { commands.get_mode('/dev') }
-  it { should eq 'stat -f%Lp /dev' }
-end
-
-describe 'check_access_by_user' do
-  context 'read access' do
-    subject {commands.check_access_by_user '/tmp/something', 'dummyuser1', 'r'}
-    it { should eq 'sudo -u dummyuser1 -s /bin/test -r /tmp/something' }
-  end
-
-  context 'write access' do
-    subject {commands.check_access_by_user '/tmp/somethingw', 'dummyuser2', 'w'}
-    it { should eq 'sudo -u dummyuser2 -s /bin/test -w /tmp/somethingw' }
-  end
-
-  context 'execute access' do
-    subject {commands.check_access_by_user '/tmp/somethingx', 'dummyuser3', 'x'}
-    it { should eq 'sudo -u dummyuser3 -s /bin/test -x /tmp/somethingx' }
-  end
-end
-
-describe 'check_file_md5checksum' do
-  subject { commands.check_file_md5checksum('/usr/bin/rsync', '03ba2dcdd50ec3a7a45d3900902a83ce') }
-  it { should eq "openssl md5 /usr/bin/rsync | cut -d'=' -f2 | cut -c 2- | grep -E ^03ba2dcdd50ec3a7a45d3900902a83ce$" }
-end

data/spec/darwin/file_spec.rb

@@ -2,40 +2,380 @@ require 'spec_helper'
 
 include Serverspec::Helper::Darwin
 
-describe 'Serverspec file matchers of Darwin family' do
-  it_behaves_like 'support file be_file matcher', '/etc/ssh/sshd_config'
-  it_behaves_like 'support file be_directory matcher', '/etc/ssh'
-  it_behaves_like 'support file be_socket matcher', '/var/run/unicorn.sock'
-  it_behaves_like 'support file contain matcher', '/etc/ssh/sshd_config', 'This is the sshd server system-wide configuration file'
-  it_behaves_like 'support file contain from to matcher', 'Gemfile', 'rspec', /^group :test do/, /^end/
-  it_behaves_like 'support file contain after matcher', 'Gemfile', 'rspec', /^group :test do/
-  it_behaves_like 'support file contain before matcher', 'Gemfile', 'rspec', /^end/
-  it_behaves_like 'support file be_mode matcher', '/etc/passwd', 644
-  it_behaves_like 'support file be_owned_by matcher', '/etc/passwd', 'root'
-  it_behaves_like 'support file be_grouped_into matcher', '/etc/passwd', 'root'
-  it_behaves_like 'support file be_linked_to matcher', '/etc/pam.d/system-auth', '/etc/pam.d/system-auth-ac'
-
-  it_behaves_like 'support file be_readable matcher', '/dev'
-  it_behaves_like 'support file be_readable by owner matcher', '/dev'
-  it_behaves_like 'support file be_readable by group matcher', '/dev'
-  it_behaves_like 'support file be_readable by others matcher', '/dev'
-  it_behaves_like 'support file be_readable by specific user matcher', '/tmp', 'mail'
-
-  it_behaves_like 'support file be_writable matcher', '/dev'
-  it_behaves_like 'support file be_writable by owner matcher', '/dev'
-  it_behaves_like 'support file be_writable by group matcher', '/dev'
-  it_behaves_like 'support file be_writable by others matcher', '/dev'
-  it_behaves_like 'support file be_writable by specific user matcher', '/tmp',  'mail'
-
-  it_behaves_like 'support file be_executable matcher', '/dev'
-  it_behaves_like 'support file be_executable by owner matcher', '/dev'
-  it_behaves_like 'support file be_executable by group matcher', '/dev'
-  it_behaves_like 'support file be_executable by others matcher', '/dev'
-  it_behaves_like 'support file be_executable by specific user matcher', '/tmp', 'mail'
-
-  it_behaves_like 'support file be_mounted matcher', '/'
-  it_behaves_like 'support file be_mounted with matcher', '/'
-  it_behaves_like 'support file be_mounted only with matcher', '/'
-
-  it_behaves_like 'support file match_md5checksum matcher', '/etc/services', '35435ea447c19f0ea5ef971837ab9ced'
+describe file('/etc/ssh/sshd_config') do
+  it { should be_file }
+  its(:command) { should eq "test -f /etc/ssh/sshd_config" }
+end
+
+describe file('/etc/invalid_file') do
+  it { should_not be_file }
+end
+
+describe file('/etc/ssh') do
+  it { should be_directory }
+  its(:command) { should eq "test -d /etc/ssh" }
+end
+
+describe file('/etc/invalid_directory') do
+  it { should_not be_directory }
+end
+
+describe file('/var/run/unicorn.sock') do
+  it { should be_socket }
+  its(:command) { should eq "test -S /var/run/unicorn.sock" }
+end
+
+describe file('/etc/invalid_socket') do
+  it { should_not be_socket }
+end
+
+describe file('/etc/ssh/sshd_config') do
+  it { should contain 'This is the sshd server system-wide configuration file' }
+  its(:command) { should eq "grep -q -- This\\ is\\ the\\ sshd\\ server\\ system-wide\\ configuration\\ file /etc/ssh/sshd_config" }
+end
+
+describe file('/etc/ssh/sshd_config') do
+  it { should_not contain 'This is invalid text!!' }
+end
+
+describe file('Gemfile') do
+  it { should contain('rspec').from(/^group :test do/).to(/^end/) }
+  its(:command) { should eq "sed -n /\\^group\\ :test\\ do/,/\\^end/p Gemfile | grep -q -- rspec -" }
+end
+
+describe file('/etc/ssh/sshd_config') do
+  it { should_not contain('This is invalid text!!').from(/^group :test do/).to(/^end/) }
+end
+
+describe file('Gemfile') do
+  it { should contain('rspec').after(/^group :test do/) }
+  its(:command) { should eq "sed -n /\\^group\\ :test\\ do/,\\$p Gemfile | grep -q -- rspec -" }
+end
+
+describe file('/etc/ssh/sshd_config') do
+  it { should_not contain('This is invalid text!!').after(/^group :test do/) }
+end
+
+describe file('Gemfile') do
+  it { should contain('rspec').before(/^end/) }
+  its(:command) { should eq "sed -n 1,/\\^end/p Gemfile | grep -q -- rspec -" }
+end
+
+describe file('/etc/ssh/sshd_config') do
+  it { should_not contain('This is invalid text!!').before(/^end/) }
+end
+
+describe file('/etc/passwd') do
+  it { should be_mode 644 }
+  its(:command) { should eq "stat -f%Lp /etc/passwd | grep -- \\^644\\$" }
+end
+
+describe file('/etc/passwd') do
+  it { should_not be_mode 'invalid' }
+end
+
+describe file('/etc/passwd') do
+  it { should be_owned_by 'root' }
+  its(:command) { should eq "stat -f %Su /etc/passwd | grep -- \\^root\\$" }
+end
+
+describe file('/etc/passwd') do
+  it { should_not be_owned_by 'invalid-owner' }
+end
+
+describe file('/etc/passwd') do
+  it { should be_grouped_into 'root' }
+  its(:command) { should eq "stat -f %Sg /etc/passwd | grep -- \\^root\\$" }
+end
+
+describe file('/etc/passwd') do
+  it { should_not be_grouped_into 'invalid-group' }
+end
+
+describe file('/etc/pam.d/system-auth') do
+  it { should be_linked_to '/etc/pam.d/system-auth-ac' }
+  its(:command) { should eq "stat -c %N /etc/pam.d/system-auth | grep -- /etc/pam.d/system-auth-ac" }
+end
+
+describe file('dummy-link') do
+  it { should_not be_linked_to '/invalid/target' }
+end
+
+describe file('/dev') do
+  let(:stdout) { "755\r\n" }
+  it { should be_readable }
+  its(:command) { should eq "stat -f%Lp /dev" }
+end
+
+describe file('/dev') do
+  let(:stdout) { "333\r\n" }
+  it { should_not be_readable }
+end
+
+describe file('/dev') do
+  let(:stdout) { "400\r\n" }
+  it { should be_readable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "044\r\n" }
+  it { should_not be_readable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "040\r\n" }
+  it { should be_readable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "404\r\n" }
+  it { should_not be_readable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "044\r\n" }
+  it { should be_readable.by('others') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "443\r\n" }
+  it { should_not be_readable.by('others') }
+end
+
+describe file('/tmp') do
+  it { should be_readable.by_user('mail') }
+  its(:command) { should eq "sudo -u mail -s /bin/test -r /tmp" }
+end
+
+describe file('/tmp') do
+  it { should_not be_readable.by_user('invalid-user') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "755\r\n" }
+  it { should be_writable }
+  its(:command) { should eq "stat -f%Lp /dev" }
+end
+
+describe file('/dev') do
+  let(:stdout) { "555\r\n" }
+  it { should_not be_writable }
+end
+
+describe file('/dev') do
+  let(:stdout) { "200\r\n" }
+  it { should be_writable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "555\r\n" }
+  it { should_not be_writable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "030\r\n" }
+  it { should be_writable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "555\r\n" }
+  it { should_not be_writable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "666\r\n" }
+  it { should be_writable.by('others') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "555\r\n" }
+  it { should_not be_writable.by('others') }
+end
+
+describe file('/tmp') do
+  it { should be_writable.by_user('mail') }
+  its(:command) { should eq "sudo -u mail -s /bin/test -w /tmp" }
+end
+
+describe file('/tmp') do
+  it { should_not be_writable.by_user('invalid-user') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "755\r\n" }
+  it { should be_executable }
+  its(:command) { should eq "stat -f%Lp /dev" }
+end
+
+describe file('/dev') do
+  let(:stdout) { "666\r\n" }
+  it { should_not be_executable }
+end
+
+describe file('/dev') do
+  let(:stdout) { "100\r\n" }
+  it { should be_executable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "666\r\n" }
+  it { should_not be_executable.by('owner') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "070\r\n" }
+  it { should be_executable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "666\r\n" }
+  it { should_not be_executable.by('group') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "001\r\n" }
+  it { should be_executable.by('others') }
+end
+
+describe file('/dev') do
+  let(:stdout) { "666\r\n" }
+  it { should_not be_executable.by('others') }
+end
+
+describe file('/tmp') do
+  it { should be_executable.by_user('mail') }
+  its(:command) { should eq "sudo -u mail -s /bin/test -x /tmp" }
+end
+
+describe file('/tmp') do
+  it { should_not be_executable.by_user('invalid-user') }
+end
+
+describe file('/') do
+  it { should be_mounted }
+  its(:command) { should eq "mount | grep -w -- on\\ /" }
+end
+
+describe file('/etc/invalid-mount') do
+  it { should_not be_mounted }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should be_mounted.with( :type => 'ext4' ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should be_mounted.with( :type => 'ext4', :options => { :rw => true } ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should be_mounted.with( :type => 'ext4', :options => { :mode => 620 } ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should be_mounted.with( :type => 'ext4', :device => '/dev/mapper/VolGroup-lv_root' ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'xfs' ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'ext4', :options => { :rw => false } ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'ext4', :options => { :mode => 600 } ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'xfs', :device => '/dev/mapper/VolGroup-lv_root' ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'ext4', :device => '/dev/mapper/VolGroup-lv_r00t' ) }
+end
+
+describe file('/etc/invalid-mount') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.with( :type => 'ext4' ) }
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it do
+    should be_mounted.only_with(
+      :device  => '/dev/mapper/VolGroup-lv_root',
+      :type    => 'ext4',
+      :options => {
+        :rw   => true,
+        :mode => 620,
+      }
+    )
+  end
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it do
+    should_not be_mounted.only_with(
+      :device  => '/dev/mapper/VolGroup-lv_root',
+      :type    => 'ext4',
+      :options => {
+        :rw   => true,
+        :mode => 620,
+        :bind => true,
+      }
+    )
+  end
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it do
+    should_not be_mounted.only_with(
+      :device  => '/dev/mapper/VolGroup-lv_root',
+      :type    => 'ext4',
+      :options => {
+        :rw   => true,
+      }
+    )
+  end
+end
+
+describe file('/') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it do
+    should_not be_mounted.only_with(
+      :device  => '/dev/mapper/VolGroup-lv_roooooooooot',
+      :type    => 'ext4',
+      :options => {
+        :rw   => true,
+        :mode => 620,
+      }
+    )
+  end
+end
+
+describe file('/etc/invalid-mount') do
+  let(:stdout) { "/dev/mapper/VolGroup-lv_root on / type ext4 (rw,mode=620)\r\n" }
+  it { should_not be_mounted.only_with( :type => 'ext4' ) }
+end
+
+describe file('/etc/services') do
+  it { should match_md5checksum '35435ea447c19f0ea5ef971837ab9ced' }
+  its(:command) { should eq "openssl md5 /etc/services | cut -d'=' -f2 | cut -c 2- | grep -E ^35435ea447c19f0ea5ef971837ab9ced$" }
+end
+
+describe file('invalid-file') do
+  it { should_not match_md5checksum 'INVALIDMD5CHECKSUM' }
 end

data/spec/debian/commands_spec.rb

@@ -3,17 +3,9 @@ require 'spec_helper'
 include Serverspec::Helper::Debian
 
 describe 'Serverspec commands of Debian family' do
-  it_behaves_like 'support command check_file', '/etc/passwd'
-  it_behaves_like 'support command check_directory', '/var/log'
-  it_behaves_like 'support command check_socket', '/var/run/unicorn.sock'
-
-  it_behaves_like 'support command check_mounted', '/'
-
   it_behaves_like 'support command check_user', 'root'
   it_behaves_like 'support command check_user', 'wheel'
 
-  it_behaves_like 'support command check_file_md5checksum', '/etc/passewd', '96c8c50f81a29965f7af6de371ab4250'
-
   it_behaves_like 'support command check_running_under_supervisor', 'httpd'
 
   it_behaves_like 'support command check_running_under_upstart', 'monit'
@@ -22,15 +14,6 @@ describe 'Serverspec commands of Debian family' do
 
   it_behaves_like 'support command check_process', 'httpd'
 
-  it_behaves_like 'support command check_file_contain', '/etc/passwd', 'root'
-  it_behaves_like 'support command check_file_contain_within'
-
-  it_behaves_like 'support command check_mode', '/etc/sudoers', 440
-  it_behaves_like 'support command check_owner', '/etc/sudoers', 'root'
-  it_behaves_like 'support command check_grouped', '/etc/sudoers', 'wheel'
-
-  it_behaves_like 'support command check_link', '/etc/system-release', '/etc/redhat-release'
-
   it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
 
   it_behaves_like 'support command check_uid', 'root', 0
@@ -40,14 +23,6 @@ describe 'Serverspec commands of Debian family' do
   it_behaves_like 'support command check_home_directory', 'root', '/root'
 
   it_behaves_like 'support command check_authorized_key'
-
-  it_behaves_like 'support command check_selinux'
-
-  it_behaves_like 'support command get_mode'
-
-  it_behaves_like 'support command check_access_by_user'
-
-  it_behaves_like 'support command check_kernel_module_loaded', 'lp'
 end
 
 describe 'check_enabled' do