serverspec 0.6.30 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -37,6 +37,8 @@ module Serverspec
|
|
|
37
37
|
path = Serverspec.configuration.path || RSpec.configuration.path
|
|
38
38
|
if path
|
|
39
39
|
cmd = "env PATH=#{path}:$PATH #{cmd}"
|
|
40
|
+
cmd.gsub!(/(\&\&\s*\(?)/, "\\1env PATH=#{path}:$PATH ")
|
|
41
|
+
cmd.gsub!(/(\|\|\s*\(?)/, "\\1env PATH=#{path}:$PATH ")
|
|
40
42
|
end
|
|
41
43
|
cmd
|
|
42
44
|
end
|
|
@@ -18,7 +18,11 @@ module Serverspec
|
|
|
18
18
|
|
|
19
19
|
def build_command(cmd)
|
|
20
20
|
cmd = super(cmd)
|
|
21
|
-
|
|
21
|
+
if RSpec.configuration.ssh.options[:user] != 'root'
|
|
22
|
+
cmd = "sudo #{cmd}"
|
|
23
|
+
cmd.gsub!(/(\&\&\s*\(?)/, "\\1sudo ")
|
|
24
|
+
cmd.gsub!(/(\|\|\s*\(?)/, "\\1sudo ")
|
|
25
|
+
end
|
|
22
26
|
cmd
|
|
23
27
|
end
|
|
24
28
|
|
data/lib/serverspec/version.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
require 'serverspec/helper/base'
|
|
4
|
-
include Serverspec::Helper::
|
|
4
|
+
include Serverspec::Helper::RedHat
|
|
5
5
|
include Serverspec::Helper::Exec
|
|
6
6
|
|
|
7
7
|
describe 'configurations are not set' do
|
|
@@ -35,3 +35,21 @@ describe 'path and pre_command are set' do
|
|
|
35
35
|
its(:command) { should eq 'env PATH=/sbin:/usr/sbin:$PATH source ~/.zshrc && env PATH=/sbin:/usr/sbin:$PATH test -f /etc/passwd' }
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
|
+
|
|
39
|
+
describe 'path is set for check_selinux' do
|
|
40
|
+
let(:path) { '/sbin:/usr/sbin' }
|
|
41
|
+
context selinux do
|
|
42
|
+
it { should be_disabled }
|
|
43
|
+
its(:command) { should eq "env PATH=/sbin:/usr/sbin:$PATH test ! -f /etc/selinux/config || (env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- disabled && env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=disabled$ /etc/selinux/config)" }
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
context selinux do
|
|
47
|
+
it { should be_enforcing }
|
|
48
|
+
its(:command) { should eq "env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- enforcing && env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=enforcing$ /etc/selinux/config" }
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
context selinux do
|
|
52
|
+
it { should be_permissive }
|
|
53
|
+
its(:command) { should eq "env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- permissive && env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=permissive$ /etc/selinux/config" }
|
|
54
|
+
end
|
|
55
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
require 'serverspec/helper/base'
|
|
4
|
-
include Serverspec::Helper::
|
|
4
|
+
include Serverspec::Helper::RedHat
|
|
5
5
|
include Serverspec::Helper::Ssh
|
|
6
6
|
|
|
7
7
|
ssh = double
|
|
@@ -111,3 +111,75 @@ describe 'path pre_command and set and user is non-root' do
|
|
|
111
111
|
its(:command) { should eq 'env PATH=/sbin:/usr/sbin:$PATH source ~/.zshrc && env PATH=/sbin:/usr/sbin:$PATH test -f /etc/passwd' }
|
|
112
112
|
end
|
|
113
113
|
end
|
|
114
|
+
|
|
115
|
+
describe 'user is non-root for check_selinux' do
|
|
116
|
+
context selinux do
|
|
117
|
+
before :all do
|
|
118
|
+
RSpec.configure do |c|
|
|
119
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
120
|
+
c.ssh = ssh
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
it { should be_disabled }
|
|
124
|
+
its(:command) { should eq "sudo test ! -f /etc/selinux/config || (sudo getenforce | grep -i -- disabled && sudo grep -i -- ^SELINUX=disabled$ /etc/selinux/config)" }
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
context selinux do
|
|
128
|
+
before :all do
|
|
129
|
+
RSpec.configure do |c|
|
|
130
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
131
|
+
c.ssh = ssh
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
it { should be_enforcing }
|
|
135
|
+
its(:command) { should eq "sudo getenforce | grep -i -- enforcing && sudo grep -i -- ^SELINUX=enforcing$ /etc/selinux/config" }
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
context selinux do
|
|
139
|
+
before :all do
|
|
140
|
+
RSpec.configure do |c|
|
|
141
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
142
|
+
c.ssh = ssh
|
|
143
|
+
end
|
|
144
|
+
end
|
|
145
|
+
it { should be_permissive }
|
|
146
|
+
its(:command) { should eq "sudo getenforce | grep -i -- permissive && sudo grep -i -- ^SELINUX=permissive$ /etc/selinux/config" }
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
|
|
150
|
+
describe 'path is set and user is non-root for check_selinux' do
|
|
151
|
+
let(:path) { "/sbin:/usr/sbin" }
|
|
152
|
+
|
|
153
|
+
context selinux do
|
|
154
|
+
before :all do
|
|
155
|
+
RSpec.configure do |c|
|
|
156
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
157
|
+
c.ssh = ssh
|
|
158
|
+
end
|
|
159
|
+
end
|
|
160
|
+
it { should be_disabled }
|
|
161
|
+
its(:command) { should eq "sudo env PATH=/sbin:/usr/sbin:$PATH test ! -f /etc/selinux/config || (sudo env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- disabled && sudo env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=disabled$ /etc/selinux/config)" }
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
context selinux do
|
|
165
|
+
before :all do
|
|
166
|
+
RSpec.configure do |c|
|
|
167
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
168
|
+
c.ssh = ssh
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
it { should be_enforcing }
|
|
172
|
+
its(:command) { should eq "sudo env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- enforcing && sudo env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=enforcing$ /etc/selinux/config" }
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
context selinux do
|
|
176
|
+
before :all do
|
|
177
|
+
RSpec.configure do |c|
|
|
178
|
+
ssh.stub(:options) { { :user => 'foo' } }
|
|
179
|
+
c.ssh = ssh
|
|
180
|
+
end
|
|
181
|
+
end
|
|
182
|
+
it { should be_permissive }
|
|
183
|
+
its(:command) { should eq "sudo env PATH=/sbin:/usr/sbin:$PATH getenforce | grep -i -- permissive && sudo env PATH=/sbin:/usr/sbin:$PATH grep -i -- ^SELINUX=permissive$ /etc/selinux/config" }
|
|
184
|
+
end
|
|
185
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: serverspec
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-07-
|
|
12
|
+
date: 2013-07-15 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: net-ssh
|