serverspec 0.6.23 → 0.6.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/serverspec/commands/debian.rb +1 -1
- data/lib/serverspec/matchers/be_enabled.rb +1 -1
- data/lib/serverspec/version.rb +1 -1
- data/spec/darwin/commands_spec.rb +0 -12
- data/spec/darwin/user_spec.rb +52 -7
- data/spec/debian/commands_spec.rb +0 -12
- data/spec/debian/user_spec.rb +52 -7
- data/spec/gentoo/commands_spec.rb +0 -12
- data/spec/gentoo/user_spec.rb +52 -7
- data/spec/redhat/commands_spec.rb +0 -12
- data/spec/redhat/user_spec.rb +53 -7
- data/spec/smartos/commands_spec.rb +0 -9
- data/spec/solaris/commands_spec.rb +0 -11
- data/spec/solaris/user_spec.rb +52 -7
- data/spec/solaris10/commands_spec.rb +0 -10
- data/spec/solaris11/commands_spec.rb +0 -11
- data/spec/solaris11/user_spec.rb +52 -7
- data/spec/spec_helper.rb +2 -0
- data/spec/support/shared_commands_examples.rb +0 -44
- metadata +1 -3
- data/spec/support/shared_uer_examples.rb +0 -73
@@ -3,7 +3,7 @@ module Serverspec
|
|
3
3
|
class Debian < Linux
|
4
4
|
def check_enabled(service, level=3)
|
5
5
|
# Until everything uses Upstart, this needs an OR.
|
6
|
-
"ls /etc/rc#{level}.d/ | grep -- #{escape(service)} || grep 'start on' /etc/init/#{escape(service)}.conf"
|
6
|
+
"ls /etc/rc#{level}.d/ | grep -- #{escape(service)} || grep 'start on' /etc/init/#{escape(service)}.conf"
|
7
7
|
end
|
8
8
|
|
9
9
|
def check_installed(package, version=nil)
|
data/lib/serverspec/version.rb
CHANGED
@@ -3,19 +3,7 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Darwin
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Darwin family' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
|
-
|
9
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
7
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
11
8
|
it_behaves_like 'support command check_process', 'httpd'
|
12
|
-
|
13
|
-
it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
|
14
|
-
|
15
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
16
|
-
|
17
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
18
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
19
|
-
|
20
|
-
it_behaves_like 'support command check_authorized_key'
|
21
9
|
end
|
data/spec/darwin/user_spec.rb
CHANGED
@@ -2,11 +2,56 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::Darwin
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
describe user('root') do
|
6
|
+
it { should exist }
|
7
|
+
its(:command) { should eq "id root" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe user('invalid-user') do
|
11
|
+
it { should_not exist }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe user('root') do
|
15
|
+
it { should belong_to_group 'root' }
|
16
|
+
its(:command) { should eq "id root | awk '{print $3}' | grep -- root" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe user('root') do
|
20
|
+
it { should_not belong_to_group 'invalid-group' }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe user('root') do
|
24
|
+
it { should have_uid 0 }
|
25
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe user('root') do
|
29
|
+
it { should_not have_uid 'invalid-uid' }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe user('root') do
|
33
|
+
it { should have_login_shell '/bin/bash' }
|
34
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe user('root') do
|
38
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe user('root') do
|
42
|
+
it { should have_home_directory '/root' }
|
43
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe user('root') do
|
47
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe user('root') do
|
51
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
52
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe user('root') do
|
56
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
57
|
end
|
@@ -3,9 +3,6 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Debian
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Debian family' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
|
-
|
9
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
7
|
|
11
8
|
it_behaves_like 'support command check_running_under_upstart', 'monit'
|
@@ -13,15 +10,6 @@ describe 'Serverspec commands of Debian family' do
|
|
13
10
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
14
11
|
|
15
12
|
it_behaves_like 'support command check_process', 'httpd'
|
16
|
-
|
17
|
-
it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
|
18
|
-
|
19
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
20
|
-
|
21
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
22
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
23
|
-
|
24
|
-
it_behaves_like 'support command check_authorized_key'
|
25
13
|
end
|
26
14
|
|
27
15
|
describe 'check_enabled' do
|
data/spec/debian/user_spec.rb
CHANGED
@@ -2,11 +2,56 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::Debian
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
describe user('root') do
|
6
|
+
it { should exist }
|
7
|
+
its(:command) { should eq "id root" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe user('invalid-user') do
|
11
|
+
it { should_not exist }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe user('root') do
|
15
|
+
it { should belong_to_group 'root' }
|
16
|
+
its(:command) { should eq "id root | awk '{print $3}' | grep -- root" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe user('root') do
|
20
|
+
it { should_not belong_to_group 'invalid-group' }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe user('root') do
|
24
|
+
it { should have_uid 0 }
|
25
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe user('root') do
|
29
|
+
it { should_not have_uid 'invalid-uid' }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe user('root') do
|
33
|
+
it { should have_login_shell '/bin/bash' }
|
34
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe user('root') do
|
38
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe user('root') do
|
42
|
+
it { should have_home_directory '/root' }
|
43
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe user('root') do
|
47
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe user('root') do
|
51
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
52
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe user('root') do
|
56
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
57
|
end
|
@@ -3,21 +3,9 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Gentoo
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Gentoo family' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
|
-
|
9
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
7
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
11
8
|
it_behaves_like 'support command check_process', 'httpd'
|
12
|
-
|
13
|
-
it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
|
14
|
-
|
15
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
16
|
-
|
17
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
18
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
19
|
-
|
20
|
-
it_behaves_like 'support command check_authorized_key'
|
21
9
|
end
|
22
10
|
|
23
11
|
describe 'check_enabled' do
|
data/spec/gentoo/user_spec.rb
CHANGED
@@ -2,11 +2,56 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::Gentoo
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
describe user('root') do
|
6
|
+
it { should exist }
|
7
|
+
its(:command) { should eq "id root" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe user('invalid-user') do
|
11
|
+
it { should_not exist }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe user('root') do
|
15
|
+
it { should belong_to_group 'root' }
|
16
|
+
its(:command) { should eq "id root | awk '{print $3}' | grep -- root" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe user('root') do
|
20
|
+
it { should_not belong_to_group 'invalid-group' }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe user('root') do
|
24
|
+
it { should have_uid 0 }
|
25
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe user('root') do
|
29
|
+
it { should_not have_uid 'invalid-uid' }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe user('root') do
|
33
|
+
it { should have_login_shell '/bin/bash' }
|
34
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe user('root') do
|
38
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe user('root') do
|
42
|
+
it { should have_home_directory '/root' }
|
43
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe user('root') do
|
47
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe user('root') do
|
51
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
52
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe user('root') do
|
56
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
57
|
end
|
@@ -3,9 +3,6 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::RedHat
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Red Hat' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
|
-
|
9
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
7
|
|
11
8
|
it_behaves_like 'support command check_running_under_upstart', 'monit'
|
@@ -13,15 +10,6 @@ describe 'Serverspec commands of Red Hat' do
|
|
13
10
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
14
11
|
|
15
12
|
it_behaves_like 'support command check_process', 'httpd'
|
16
|
-
|
17
|
-
it_behaves_like 'support command check_belonging_group', 'root', 'wheel'
|
18
|
-
|
19
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
20
|
-
|
21
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
22
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
23
|
-
|
24
|
-
it_behaves_like 'support command check_authorized_key'
|
25
13
|
end
|
26
14
|
|
27
15
|
describe 'check_enabled' do
|
data/spec/redhat/user_spec.rb
CHANGED
@@ -2,11 +2,57 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::RedHat
|
4
4
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
|
6
|
+
describe user('root') do
|
7
|
+
it { should exist }
|
8
|
+
its(:command) { should eq "id root" }
|
9
|
+
end
|
10
|
+
|
11
|
+
describe user('invalid-user') do
|
12
|
+
it { should_not exist }
|
13
|
+
end
|
14
|
+
|
15
|
+
describe user('root') do
|
16
|
+
it { should belong_to_group 'root' }
|
17
|
+
its(:command) { should eq "id root | awk '{print $3}' | grep -- root" }
|
18
|
+
end
|
19
|
+
|
20
|
+
describe user('root') do
|
21
|
+
it { should_not belong_to_group 'invalid-group' }
|
22
|
+
end
|
23
|
+
|
24
|
+
describe user('root') do
|
25
|
+
it { should have_uid 0 }
|
26
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
27
|
+
end
|
28
|
+
|
29
|
+
describe user('root') do
|
30
|
+
it { should_not have_uid 'invalid-uid' }
|
31
|
+
end
|
32
|
+
|
33
|
+
describe user('root') do
|
34
|
+
it { should have_login_shell '/bin/bash' }
|
35
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
36
|
+
end
|
37
|
+
|
38
|
+
describe user('root') do
|
39
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
40
|
+
end
|
41
|
+
|
42
|
+
describe user('root') do
|
43
|
+
it { should have_home_directory '/root' }
|
44
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
45
|
+
end
|
46
|
+
|
47
|
+
describe user('root') do
|
48
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
49
|
+
end
|
50
|
+
|
51
|
+
describe user('root') do
|
52
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
53
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
54
|
+
end
|
55
|
+
|
56
|
+
describe user('root') do
|
57
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
58
|
end
|
@@ -3,19 +3,10 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::SmartOS
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris family specified SmartOS' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
6
|
|
9
7
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
8
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
11
9
|
it_behaves_like 'support command check_process', 'httpd'
|
12
|
-
|
13
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
14
|
-
|
15
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
16
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
17
|
-
|
18
|
-
it_behaves_like 'support command check_authorized_key'
|
19
10
|
end
|
20
11
|
|
21
12
|
describe 'check_enabled' do
|
@@ -3,20 +3,9 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Solaris
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris family' do
|
6
|
-
|
7
|
-
it_behaves_like 'support command check_user', 'root'
|
8
|
-
it_behaves_like 'support command check_user', 'wheel'
|
9
|
-
|
10
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
11
7
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
12
8
|
it_behaves_like 'support command check_process', 'httpd'
|
13
|
-
|
14
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
15
|
-
|
16
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
17
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
18
|
-
|
19
|
-
it_behaves_like 'support command check_authorized_key'
|
20
9
|
end
|
21
10
|
|
22
11
|
describe 'check_enabled' do
|
data/spec/solaris/user_spec.rb
CHANGED
@@ -2,11 +2,56 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::Solaris
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
describe user('root') do
|
6
|
+
it { should exist }
|
7
|
+
its(:command) { should eq "id root" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe user('invalid-user') do
|
11
|
+
it { should_not exist }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe user('root') do
|
15
|
+
it { should belong_to_group 'root' }
|
16
|
+
its(:command) { should eq "id -Gn root | grep -- root" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe user('root') do
|
20
|
+
it { should_not belong_to_group 'invalid-group' }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe user('root') do
|
24
|
+
it { should have_uid 0 }
|
25
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe user('root') do
|
29
|
+
it { should_not have_uid 'invalid-uid' }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe user('root') do
|
33
|
+
it { should have_login_shell '/bin/bash' }
|
34
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe user('root') do
|
38
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe user('root') do
|
42
|
+
it { should have_home_directory '/root' }
|
43
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe user('root') do
|
47
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe user('root') do
|
51
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
52
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe user('root') do
|
56
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
57
|
end
|
@@ -3,19 +3,9 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Solaris10
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris family' do
|
6
|
-
it_behaves_like 'support command check_user', 'root'
|
7
|
-
it_behaves_like 'support command check_user', 'wheel'
|
8
|
-
|
9
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
10
7
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
11
8
|
it_behaves_like 'support command check_process', 'httpd'
|
12
|
-
|
13
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
14
|
-
|
15
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
16
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
17
|
-
|
18
|
-
it_behaves_like 'support command check_authorized_key'
|
19
9
|
end
|
20
10
|
|
21
11
|
describe 'check_enabled' do
|
@@ -3,20 +3,9 @@ require 'spec_helper'
|
|
3
3
|
include Serverspec::Helper::Solaris11
|
4
4
|
|
5
5
|
describe 'Serverspec commands of Solaris11 family' do
|
6
|
-
|
7
|
-
it_behaves_like 'support command check_user', 'root'
|
8
|
-
it_behaves_like 'support command check_user', 'wheel'
|
9
|
-
|
10
6
|
it_behaves_like 'support command check_running_under_supervisor', 'httpd'
|
11
7
|
it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
|
12
8
|
it_behaves_like 'support command check_process', 'httpd'
|
13
|
-
|
14
|
-
it_behaves_like 'support command check_uid', 'root', 0
|
15
|
-
|
16
|
-
it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
|
17
|
-
it_behaves_like 'support command check_home_directory', 'root', '/root'
|
18
|
-
|
19
|
-
it_behaves_like 'support command check_authorized_key'
|
20
9
|
end
|
21
10
|
|
22
11
|
describe 'check_enabled' do
|
data/spec/solaris11/user_spec.rb
CHANGED
@@ -2,11 +2,56 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
include Serverspec::Helper::Solaris11
|
4
4
|
|
5
|
-
describe
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
5
|
+
describe user('root') do
|
6
|
+
it { should exist }
|
7
|
+
its(:command) { should eq "id root" }
|
8
|
+
end
|
9
|
+
|
10
|
+
describe user('invalid-user') do
|
11
|
+
it { should_not exist }
|
12
|
+
end
|
13
|
+
|
14
|
+
describe user('root') do
|
15
|
+
it { should belong_to_group 'root' }
|
16
|
+
its(:command) { should eq "id -Gn root | grep -- root" }
|
17
|
+
end
|
18
|
+
|
19
|
+
describe user('root') do
|
20
|
+
it { should_not belong_to_group 'invalid-group' }
|
21
|
+
end
|
22
|
+
|
23
|
+
describe user('root') do
|
24
|
+
it { should have_uid 0 }
|
25
|
+
its(:command) { should eq "id root | grep -- \\^uid\\=0\\(" }
|
26
|
+
end
|
27
|
+
|
28
|
+
describe user('root') do
|
29
|
+
it { should_not have_uid 'invalid-uid' }
|
30
|
+
end
|
31
|
+
|
32
|
+
describe user('root') do
|
33
|
+
it { should have_login_shell '/bin/bash' }
|
34
|
+
its(:command) { should eq "getent passwd root | cut -f 7 -d ':' | grep -w -- /bin/bash" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe user('root') do
|
38
|
+
it { should_not have_login_shell 'invalid-login-shell' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe user('root') do
|
42
|
+
it { should have_home_directory '/root' }
|
43
|
+
its(:command) { should eq "getent passwd root | cut -f 6 -d ':' | grep -w -- /root" }
|
44
|
+
end
|
45
|
+
|
46
|
+
describe user('root') do
|
47
|
+
it { should_not have_home_directory 'invalid-home-directory' }
|
48
|
+
end
|
49
|
+
|
50
|
+
describe user('root') do
|
51
|
+
it { should have_authorized_key 'ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH foo@bar.local' }
|
52
|
+
its(:command) { should eq "grep -w -- ssh-rsa\\ ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH ~root/.ssh/authorized_keys" }
|
53
|
+
end
|
54
|
+
|
55
|
+
describe user('root') do
|
56
|
+
it { should_not have_authorized_key 'invalid-key' }
|
12
57
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -2,6 +2,8 @@ require 'serverspec'
|
|
2
2
|
require 'pathname'
|
3
3
|
require 'rspec/mocks/standalone'
|
4
4
|
|
5
|
+
include Serverspec::Helper::Exec
|
6
|
+
|
5
7
|
PROJECT_ROOT = (Pathname.new(File.dirname(__FILE__)) + '..').expand_path
|
6
8
|
|
7
9
|
Dir[PROJECT_ROOT.join("spec/support/**/*.rb")].each { |file| require(file) }
|
@@ -1,14 +1,8 @@
|
|
1
|
-
shared_examples_for 'support command check_user' do |user|
|
2
|
-
subject { commands.check_user(user) }
|
3
|
-
it { should eq "id #{user}" }
|
4
|
-
end
|
5
|
-
|
6
1
|
shared_examples_for 'support command check_running_under_supervisor' do |service|
|
7
2
|
subject { commands.check_running_under_supervisor(service) }
|
8
3
|
it { should eq "supervisorctl status #{service}" }
|
9
4
|
end
|
10
5
|
|
11
|
-
|
12
6
|
shared_examples_for 'support command check_running_under_upstart' do |service|
|
13
7
|
subject { commands.check_running_under_upstart(service) }
|
14
8
|
it { should eq "initctl status #{service}" }
|
@@ -23,41 +17,3 @@ shared_examples_for 'support command check_process' do |process|
|
|
23
17
|
subject { commands.check_process(process) }
|
24
18
|
it { should eq "ps aux | grep -w -- #{process} | grep -qv grep" }
|
25
19
|
end
|
26
|
-
|
27
|
-
shared_examples_for 'support command check_belonging_group' do |user, group|
|
28
|
-
subject { commands.check_belonging_group(user, group) }
|
29
|
-
it { should eq "id #{user} | awk '{print $3}' | grep -- #{group}" }
|
30
|
-
end
|
31
|
-
|
32
|
-
shared_examples_for 'support command check_uid' do |user, uid|
|
33
|
-
subject { commands.check_uid('root', 0) }
|
34
|
-
it { should eq "id #{user} | grep -- \\^uid\\=#{uid}\\(" }
|
35
|
-
end
|
36
|
-
|
37
|
-
shared_examples_for 'support command check_login_shell' do |user, shell|
|
38
|
-
subject { commands.check_login_shell(user, shell) }
|
39
|
-
it { should eq "getent passwd #{user} | cut -f 7 -d ':' | grep -w -- #{shell}" }
|
40
|
-
end
|
41
|
-
|
42
|
-
shared_examples_for 'support command check_home_directory' do |user, home|
|
43
|
-
subject { commands.check_home_directory(user, home) }
|
44
|
-
it { should eq "getent passwd #{user} | cut -f 6 -d ':' | grep -w -- #{home}" }
|
45
|
-
end
|
46
|
-
|
47
|
-
shared_examples_for 'support command check_authorized_key' do
|
48
|
-
key = "ssh-rsa ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGH"
|
49
|
-
escaped_key = key.gsub(/ /, '\ ')
|
50
|
-
|
51
|
-
context 'with commented publickey' do
|
52
|
-
commented_key = key + " foo@bar.local"
|
53
|
-
subject { commands.check_authorized_key('root', commented_key) }
|
54
|
-
describe 'when command insert publickey is removed comment' do
|
55
|
-
it { should eq "grep -w -- #{escaped_key} ~root/.ssh/authorized_keys" }
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
context 'with uncomented publickey' do
|
60
|
-
subject { commands.check_authorized_key('root', key) }
|
61
|
-
it { should eq "grep -w -- #{escaped_key} ~root/.ssh/authorized_keys" }
|
62
|
-
end
|
63
|
-
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: serverspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.24
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -320,7 +320,6 @@ files:
|
|
320
320
|
- spec/spec_helper.rb
|
321
321
|
- spec/support/shared_commands_examples.rb
|
322
322
|
- spec/support/shared_service_examples.rb
|
323
|
-
- spec/support/shared_uer_examples.rb
|
324
323
|
homepage: http://serverspec.org/
|
325
324
|
licenses:
|
326
325
|
- MIT
|
@@ -451,4 +450,3 @@ test_files:
|
|
451
450
|
- spec/spec_helper.rb
|
452
451
|
- spec/support/shared_commands_examples.rb
|
453
452
|
- spec/support/shared_service_examples.rb
|
454
|
-
- spec/support/shared_uer_examples.rb
|
@@ -1,73 +0,0 @@
|
|
1
|
-
include Serverspec::Helper::Exec
|
2
|
-
|
3
|
-
shared_examples_for 'support user exist matcher' do |name|
|
4
|
-
describe 'user exist' do
|
5
|
-
describe user(name) do
|
6
|
-
it { should exist }
|
7
|
-
end
|
8
|
-
|
9
|
-
describe user('invalid-user') do
|
10
|
-
it { should_not exist }
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
|
-
shared_examples_for 'support user belong_to_group matcher' do |name, group|
|
16
|
-
describe 'belong_to_group' do
|
17
|
-
describe user(name) do
|
18
|
-
it { should belong_to_group group }
|
19
|
-
end
|
20
|
-
|
21
|
-
describe user(name) do
|
22
|
-
it { should_not belong_to_group 'invalid-group' }
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
shared_examples_for 'support user have_uid matcher' do |name, uid|
|
28
|
-
describe 'have_uid' do
|
29
|
-
describe user(name) do
|
30
|
-
it { should have_uid uid }
|
31
|
-
end
|
32
|
-
|
33
|
-
describe user(name) do
|
34
|
-
it { should_not have_uid 'invalid-uid' }
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
shared_examples_for 'support user have_login_shell matcher' do |name, path_to_shell|
|
40
|
-
describe 'have_login_shell' do
|
41
|
-
describe user(name) do
|
42
|
-
it { should have_login_shell path_to_shell }
|
43
|
-
end
|
44
|
-
|
45
|
-
describe user(name) do
|
46
|
-
it { should_not have_login_shell 'invalid-login-shell' }
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
shared_examples_for 'support user have_home_directory matcher' do |name, path_to_home|
|
52
|
-
describe 'have_home_directory' do
|
53
|
-
describe user(name) do
|
54
|
-
it { should have_home_directory path_to_home }
|
55
|
-
end
|
56
|
-
|
57
|
-
describe user(name) do
|
58
|
-
it { should_not have_home_directory 'invalid-home-directory' }
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
shared_examples_for 'support user have_authorized_key matcher' do |name, key|
|
64
|
-
describe 'have_authorized_key' do
|
65
|
-
describe user(name) do
|
66
|
-
it { should have_authorized_key key }
|
67
|
-
end
|
68
|
-
|
69
|
-
describe user(name) do
|
70
|
-
it { should_not have_authorized_key 'invalid-publickey' }
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|