inspec/lib/resources/kernel_parameter.rb

# encoding: utf-8
# author: Christoph Hartmann
# license: All rights reserved

class KernelParameter < Inspec.resource(1)
  name 'kernel_parameter'
  desc 'Use the kernel_parameter InSpec audit resource to test kernel parameters on Linux platforms.'
  example "
    describe kernel_parameter('net.ipv4.conf.all.forwarding') do
      its(:value) { should eq 0 }
    end
  "

  def initialize(parameter = nil)
    @parameter = parameter

    # this resource is only supported on Linux
    return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !inspec.os.linux?
  end

  def value
    cmd = inspec.command("/sbin/sysctl -q -n #{@parameter}")
    return nil if cmd.exit_status != 0
    # remove whitespace
    cmd = cmd.stdout.chomp.strip
    # convert to number if possible
    cmd = cmd.to_i if cmd =~ /^\d+$/
    cmd
  end

  def to_s
    "Kernel Parameter #{@parameter}"
  end
end

# for compatability with serverspec
# this is deprecated syntax and will be removed in future versions
class LinuxKernelParameter < KernelParameter
  name 'linux_kernel_parameter'

  def initialize(parameter)
    super(parameter)
  end

  def value
    deprecated
    super()
  end

  def deprecated
    warn '[DEPRECATION] `linux_kernel_parameter(parameter)` is deprecated.  Please use `kernel_parameter(parameter)` instead.'
  end

  def to_s
    "Kernel Parameter #{@parameter}"
  end
end
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`# encoding: utf-8`
add author header 2015-10-06 16:55:44 +00:00			`# author: Christoph Hartmann`
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`# license: All rights reserved`

rename vulcanosec -> inspec 2015-10-26 03:04:18 +00:00			`class KernelParameter < Inspec.resource(1)`
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`name 'kernel_parameter'`
add inline documentation 2015-11-27 13:02:38 +00:00			`desc 'Use the kernel_parameter InSpec audit resource to test kernel parameters on Linux platforms.'`
			`example "`
			`describe kernel_parameter('net.ipv4.conf.all.forwarding') do`
			`its(:value) { should eq 0 }`
			`end`
			`"`
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00
			`def initialize(parameter = nil)`
			`@parameter = parameter`

			`# this resource is only supported on Linux`
rename vulcanosec -> inspec 2015-10-26 03:04:18 +00:00			return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !inspec.os.linux?
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`end`

			`def value`
rename vulcanosec -> inspec 2015-10-26 03:04:18 +00:00			`cmd = inspec.command("/sbin/sysctl -q -n #{@parameter}")`
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`return nil if cmd.exit_status != 0`
			`# remove whitespace`
			`cmd = cmd.stdout.chomp.strip`
			`# convert to number if possible`
lint 2016-01-15 02:59:00 +00:00			`cmd = cmd.to_i if cmd =~ /^\d+$/`
implement kernel_parameter resource 2015-09-20 16:33:43 +00:00			`cmd`
			`end`

			`def to_s`
			`"Kernel Parameter #{@parameter}"`
			`end`
			`end`

			`# for compatability with serverspec`
			`# this is deprecated syntax and will be removed in future versions`
			`class LinuxKernelParameter < KernelParameter`
			`name 'linux_kernel_parameter'`

			`def initialize(parameter)`
			`super(parameter)`
			`end`

			`def value`
			`deprecated`
			`super()`
			`end`

			`def deprecated`
			warn '[DEPRECATION] `linux_kernel_parameter(parameter)` is deprecated. Please use `kernel_parameter(parameter)` instead.'
			`end`

			`def to_s`
			`"Kernel Parameter #{@parameter}"`
			`end`
			`end`