2016-09-22 12:43:57 +00:00
---
title: About the group Resource
---
# group
Use the `group` InSpec audit resource to test groups on the system.
2016-09-27 19:03:23 +00:00
## Syntax
2016-09-22 12:43:57 +00:00
A `group` resource block declares a group, and then the details to be tested, such as if the group is a local group, the group identifier, or if the group exists:
describe group('group_name') do
it { should exist }
its('gid') { should eq 0 }
end
where
* `'group_name'` must specify the name of a group on the system
* `exist` and `'gid'` are valid matchers for this resource
2016-09-27 19:03:23 +00:00
## Matchers
2016-09-22 12:43:57 +00:00
This InSpec audit resource has the following matchers:
2016-09-27 19:03:23 +00:00
### be
2016-09-22 12:43:57 +00:00
<%= partial "/shared/matcher_be" %>
2016-09-27 19:03:23 +00:00
### be_local
2016-09-22 12:43:57 +00:00
The `be_local` matcher tests if the group is a local group:
it { should be_local }
2016-09-27 19:03:23 +00:00
### cmp
2016-09-22 12:43:57 +00:00
<%= partial "/shared/matcher_cmp" %>
2016-09-27 19:03:23 +00:00
### eq
2016-09-22 12:43:57 +00:00
<%= partial "/shared/matcher_eq" %>
2016-09-27 19:03:23 +00:00
### exist
2016-09-22 12:43:57 +00:00
The `exist` matcher tests if the named user exists:
it { should exist }
2016-09-27 19:03:23 +00:00
### gid
2016-09-22 12:43:57 +00:00
The `gid` matcher tests the named group identifier:
its('gid') { should eq 1234 }
2016-09-27 19:03:23 +00:00
### include
2016-09-22 12:43:57 +00:00
<%= partial "/shared/matcher_include" %>
2016-09-27 19:03:23 +00:00
### match
2016-09-22 12:43:57 +00:00
<%= partial "/shared/matcher_match" %>
2016-09-27 19:03:23 +00:00
## Examples
2016-09-22 12:43:57 +00:00
The following examples show how to use this InSpec audit resource.
2016-09-27 19:03:23 +00:00
### Test the group identifier for the root group
2016-09-22 12:43:57 +00:00
describe group('root') do
it { should exist }
its('gid') { should eq 0 }
end
