2019-05-25 09:59:31 +00:00
class MockLoader
# collects emulation operating systems
2019-10-05 00:20:36 +00:00
OPERATING_SYSTEMS = { # rubocop:disable Style/MutableConstant
2019-06-11 22:24:35 +00:00
alpine : { name : " alpine " , family : " alpine " , release : " 3.6.2 " , arch : " x86_64 " } ,
arch : { name : " arch " , family : " arch " , release : nil , arch : nil } ,
centos5 : { name : " centos " , family : " redhat " , release : " 5.11 " , arch : " x86_64 " } ,
centos6 : { name : " centos " , family : " redhat " , release : " 6.6 " , arch : " x86_64 " } ,
centos7 : { name : " centos " , family : " redhat " , release : " 7.1.1503 " , arch : " x86_64 " } ,
2019-10-08 00:00:21 +00:00
centos8 : { name : " centos " , family : " redhat " , release : " 8.0.1905 " , arch : " x86_64 " } ,
2019-06-11 22:24:35 +00:00
cloudlinux : { name : " cloudlinux " , family : " redhat " , release : " 7.4 " , arch : " x86_64 " } ,
coreos : { name : " coreos " , family : " coreos " , release : " 1437.0.0 " , arch : " x86_64 " } ,
debian6 : { name : " debian " , family : " debian " , release : " 6 " , arch : " x86_64 " } ,
debian7 : { name : " debian " , family : " debian " , release : " 7 " , arch : " x86_64 " } ,
debian8 : { name : " debian " , family : " debian " , release : " 8 " , arch : " x86_64 " } ,
2019-06-22 17:23:32 +00:00
debian10 : { name : " debian " , family : " debian " , release : " buster/sid " , arch : " x86_64 " } ,
2021-07-27 17:45:30 +00:00
freebsd9 : { name : " freebsd " , family : " bsd " , release : " 9 " , arch : " amd64 " } ,
2020-06-28 00:36:15 +00:00
freebsd10 : { name : " freebsd " , family : " bsd " , release : " 10 " , arch : " amd64 " } ,
freebsd11 : { name : " freebsd " , family : " bsd " , release : " 11 " , arch : " amd64 " } ,
freebsd12 : { name : " freebsd " , family : " bsd " , release : " 12 " , arch : " amd64 " } ,
2020-07-01 22:35:23 +00:00
macos10_10 : { name : " mac_os_x " , family : " darwin " , release : " 10.10.4 " , arch : nil } ,
macos10_16 : { name : " darwin " , family : " darwin " , release : " 10.16 " , arch : nil } ,
2019-06-11 22:24:35 +00:00
ubuntu1404 : { name : " ubuntu " , family : " debian " , release : " 14.04 " , arch : " x86_64 " } ,
2021-09-29 06:45:39 +00:00
ubuntu : { name : " ubuntu " , family : " debian " , release : " 20.04 " , arch : " x86_64 " } ,
2019-06-11 22:24:35 +00:00
mint17 : { name : " linuxmint " , family : " debian " , release : " 17.3 " , arch : " x86_64 " } ,
mint18 : { name : " linuxmint " , family : " debian " , release : " 18 " , arch : " x86_64 " } ,
windows : { name : " windows " , family : " windows " , release : " 6.2.9200 " , arch : " x86_64 " } ,
2020-11-08 20:24:43 +00:00
windows2016 : { name : " windows_server_2016_datacenter " , family : " windows " , release : " 10.0.14393 " , arch : " x86_64 " } ,
windows2019 : { name : " windows_server_2019_datacenter " , family : " windows " , release : " 10.0.17763 " , arch : " x86_64 " } ,
2019-06-11 22:24:35 +00:00
wrlinux : { name : " wrlinux " , family : " redhat " , release : " 7.0(3)I2(2) " , arch : " x86_64 " } ,
solaris11 : { name : " solaris " , family : " solaris " , release : " 11 " , arch : " i386 " } ,
solaris10 : { name : " solaris " , family : " solaris " , release : " 10 " , arch : " i386 " } ,
hpux : { name : " hpux " , family : " hpux " , release : " B.11.31 " , arch : " ia64 " } ,
aix : { name : " aix " , family : " aix " , release : " 7.2 " , arch : " powerpc " } ,
amazon : { name : " amazon " , family : " redhat " , release : " 2015.03 " , arch : " x86_64 " } ,
amazon2 : { name : " amazon " , family : " redhat " , release : " 2 " , arch : " x86_64 " } ,
2021-06-26 19:30:57 +00:00
aliyun3 : { name : " alibaba " , family : " redhat " , release : " 3 " , arch : " x86_64 " } ,
2020-01-18 00:24:20 +00:00
yocto : { name : " yocto " , family : " yocto " , release : " 0.0.1 " , arch : " aarch64 " } ,
2019-06-11 22:24:35 +00:00
undefined : { name : nil , family : nil , release : nil , arch : nil } ,
2019-10-05 00:20:36 +00:00
}
2021-09-30 09:33:11 +00:00
OPERATING_SYSTEMS [ :linux ] = OPERATING_SYSTEMS [ :ubuntu ]
2019-05-25 09:59:31 +00:00
# pass the os identifier to emulate a specific operating system
2021-09-30 08:56:43 +00:00
def initialize ( os = :ubuntu )
2019-05-25 09:59:31 +00:00
# selects operating system
2019-05-18 21:59:10 +00:00
@platform = OPERATING_SYSTEMS [ os ]
2019-05-25 09:59:31 +00:00
end
2019-12-18 00:42:21 +00:00
def self . connection
@connection || = Train . create ( " local " , command_runner : :generic ) . connection
end
2019-05-25 09:59:31 +00:00
def backend
return @backend if defined? ( @backend )
2020-12-18 16:49:35 +00:00
scriptpath = :: File . expand_path " .. " , __dir__
2019-05-25 09:59:31 +00:00
# create mock backend
@backend = Inspec :: Backend . create ( Inspec :: Config . mock )
mock = @backend . backend
# create all mock files
2019-12-18 00:42:21 +00:00
local = MockLoader . connection
2019-05-25 09:59:31 +00:00
# set os emulation
mock . mock_os ( @platform )
mockfile = lambda { | x |
2019-11-09 03:08:20 +00:00
path = :: File . join ( scriptpath , " /fixtures/files " , x )
2019-05-25 09:59:31 +00:00
local . file ( path )
}
2019-05-18 21:59:10 +00:00
2019-05-25 09:59:31 +00:00
mockdir = lambda { | x |
md = Object . new
class << md
attr_accessor :isdir
end
md . isdir = x
def md . directory?
isdir
end
md
}
2019-05-18 21:59:10 +00:00
2019-05-25 09:59:31 +00:00
emptyfile = lambda {
2019-06-11 22:24:35 +00:00
mockfile . call ( " emptyfile " )
2019-05-25 09:59:31 +00:00
}
2021-07-19 09:09:25 +00:00
mock_files = {
2019-06-11 22:24:35 +00:00
" /proc/net/bonding/bond0 " = > mockfile . call ( " bond0 " ) ,
" /etc/ssh/ssh_config " = > mockfile . call ( " ssh_config " ) ,
" /etc/ssh/sshd_config " = > mockfile . call ( " sshd_config " ) ,
" /etc/ssh/sshd_config_does_not_exist " = > mockfile . call ( " sshd_config_does_not_exist " ) ,
" /etc/ssh/sshd_config_empty " = > emptyfile . call ,
" /etc/passwd " = > mockfile . call ( " passwd " ) ,
" /etc/shadow " = > mockfile . call ( " shadow " ) ,
" /etc/ntp.conf " = > mockfile . call ( " ntp.conf " ) ,
2021-07-06 15:46:47 +00:00
" /etc/chrony.conf " = > mockfile . call ( " chrony.conf " ) ,
2019-06-11 22:24:35 +00:00
" /etc/login.defs " = > mockfile . call ( " login.defs " ) ,
" /etc/security/limits.conf " = > mockfile . call ( " limits.conf " ) ,
" /etc/inetd.conf " = > mockfile . call ( " inetd.conf " ) ,
" /etc/group " = > mockfile . call ( " etcgroup " ) ,
" /etc/grub.conf " = > mockfile . call ( " grub.conf " ) ,
2022-01-24 13:49:42 +00:00
" /etc/non_indented_grub.conf " = > mockfile . call ( " non_indented_grub.conf " ) ,
2019-06-11 22:24:35 +00:00
" /boot/grub2/grub.cfg " = > mockfile . call ( " grub2.cfg " ) ,
" /boot/grub2/grubenv " = > mockfile . call ( " grubenv " ) ,
" /boot/grub2/grubenv_invalid " = > mockfile . call ( " grubenv_invalid " ) ,
" /etc/default/grub " = > mockfile . call ( " grub_defaults " ) ,
" /etc/default/grub_with_saved " = > mockfile . call ( " grub_defaults_with_saved " ) ,
" /etc/audit/auditd.conf " = > mockfile . call ( " auditd.conf " ) ,
" /etc/mysql/my.cnf " = > mockfile . call ( " mysql.conf " ) ,
" /etc/mysql/mysql2.conf " = > mockfile . call ( " mysql2.conf " ) ,
2021-06-14 12:47:05 +00:00
" /etc/mongod.conf " = > mockfile . call ( " mongod.conf " ) ,
2021-07-09 11:01:39 +00:00
" /opt/oracle/product/18c/dbhomeXE/network/admin/listener.ora " = > mockfile . call ( " listener.ora " ) ,
" C: \\ app \\ Administrator \\ product \\ 18.0.0 \\ dbhomeXE \\ network \\ admin \\ listener.ora " = > mockfile . call ( " listener.ora " ) ,
2021-09-30 10:39:05 +00:00
" /etc/cassandra/cassandra.yaml " = > mockfile . call ( " cassandra.yaml " ) ,
" C: \\ Program Files \\ apache-cassandra-3.11.4-bin \\ apache-cassandra-3.11.4 \\ conf \\ cassandra.yaml " = > mockfile . call ( " cassandra.yaml " ) ,
2019-06-11 22:24:35 +00:00
" /etc/rabbitmq/rabbitmq.config " = > mockfile . call ( " rabbitmq.config " ) ,
" kitchen.yml " = > mockfile . call ( " kitchen.yml " ) ,
" example.csv " = > mockfile . call ( " example.csv " ) ,
" policyfile.lock.json " = > mockfile . call ( " policyfile.lock.json " ) ,
" nonexistent.json " = > mockfile . call ( " nonexistent.json " ) ,
" /sys/class/net/br0/bridge " = > mockdir . call ( true ) ,
" rootwrap.conf " = > mockfile . call ( " rootwrap.conf " ) ,
" /etc/apache2/ports.conf " = > mockfile . call ( " ports.conf " ) ,
" /etc/httpd/conf/httpd.conf " = > mockfile . call ( " httpd.conf " ) ,
" /etc/httpd/conf.d/ssl.conf " = > mockfile . call ( " ssl.conf " ) ,
" /etc/httpd/mods-enabled/status.conf " = > mockfile . call ( " status.conf " ) ,
" /etc/httpd/conf-enabled/security.conf " = > mockfile . call ( " security.conf " ) ,
" /etc/apache2/conf-enabled/serve-cgi-bin.conf " = > mockfile . call ( " serve-cgi-bin.conf " ) ,
" /etc/apache2/conf-enabled/security.conf " = > mockfile . call ( " security.conf " ) ,
" /etc/nginx/failed.conf " = > mockfile . call ( " nginx_failed.conf " ) ,
" /etc/nginx/nginx.conf " = > mockfile . call ( " nginx.conf " ) ,
" /etc/nginx/proxy.conf " = > mockfile . call ( " nginx_proxy.conf " ) ,
" /etc/nginx/conf/mime.types " = > mockfile . call ( " nginx_mime.types " ) ,
2019-06-18 05:39:37 +00:00
" /etc/nginx/conf.d/comments_only.conf " = > mockfile . call ( " nginx_confd_comments_only.conf " ) ,
" /etc/nginx/conf.d/empty.conf " = > mockfile . call ( " nginx_confd_empty.conf " ) ,
2019-06-11 22:24:35 +00:00
" /etc/nginx/conf.d/foobar.conf " = > mockfile . call ( " nginx_confd_foobar.conf " ) ,
" /etc/nginx/conf.d/multiple.conf " = > mockfile . call ( " nginx_confd_multiple.conf " ) ,
" /etc/nginx/quotes.d/example.conf " = > mockfile . call ( " nginx_quotesd_example.conf " ) ,
" /etc/xinetd.conf " = > mockfile . call ( " xinetd.conf " ) ,
" /etc/xinetd.d " = > mockfile . call ( " xinetd.d " ) ,
" /etc/xinetd.d/chargen-stream " = > mockfile . call ( " xinetd.d_chargen-stream " ) ,
" /etc/xinetd.d/chargen-dgram " = > mockfile . call ( " xinetd.d_chargen-dgram " ) ,
" /etc/xinetd.d/echo " = > mockfile . call ( " xinetd.d_echo " ) ,
" /etc/sysctl.conf " = > mockfile . call ( " sysctl.conf " ) ,
" /etc/postgresql/9.4/main/postgresql.conf " = > mockfile . call ( " postgresql.conf " ) ,
2019-05-25 09:59:31 +00:00
# Test certificate/key for x509_certificate using RSA keys in PEM format
2019-06-11 22:24:35 +00:00
" test_certificate.rsa.crt.pem " = > mockfile . call ( " test_certificate.rsa.crt.pem " ) ,
" test_certificate.rsa.key.pem " = > mockfile . call ( " test_certificate.rsa.key.pem " ) ,
" test_ca_public.key.pem " = > mockfile . call ( " test_ca_public.key.pem " ) ,
2019-05-25 09:59:31 +00:00
# Test DH parameters, 2048 bit long safe prime, generator 2 for dh_params in PEM format
2019-06-11 22:24:35 +00:00
" dh_params.dh_pem " = > mockfile . call ( " dh_params.dh_pem " ) ,
" default.toml " = > mockfile . call ( " default.toml " ) ,
" default.xml " = > mockfile . call ( " default.xml " ) ,
" database.xml " = > mockfile . call ( " database.xml " ) ,
" /test/path/to/postgres/pg_hba.conf " = > mockfile . call ( " pg_hba.conf " ) ,
" /etc/postgresql/9.5/main/pg_ident.conf " = > mockfile . call ( " pg_ident.conf " ) ,
2021-07-01 09:58:58 +00:00
" C:/Program Files/PostgreSQL/9.5/main/pg_ident.conf " = > mockfile . call ( " pg_ident.conf " ) ,
2019-06-11 22:24:35 +00:00
" /etc/postgresql/9.5/main " = > mockfile . call ( " 9.5.main " ) ,
" /var/lib/postgresql/9.5/main " = > mockfile . call ( " var.9.5.main " ) ,
" /etc/hosts " = > mockfile . call ( " hosts " ) ,
'C:\windows\system32\drivers\etc\hosts' = > mockfile . call ( " hosts " ) ,
" /etc/fstab " = > mockfile . call ( " fstab " ) ,
" fstab_no_home " = > mockfile . call ( " fstab_no_home " ) ,
" fstab_one_mount " = > mockfile . call ( " fstab_one_mount " ) ,
" /etc/aide.conf " = > mockfile . call ( " aide.conf " ) ,
" /var/lib/fake_rpmdb " = > mockdir . call ( true ) ,
" /var/lib/rpmdb_does_not_exist " = > mockdir . call ( false ) ,
" /etc/init/ssh.conf " = > mockfile . call ( " upstart_ssh_enabled.conf " ) ,
" /etc/hosts.allow " = > mockfile . call ( " hosts.allow " ) ,
" /etc/hosts.deny " = > mockfile . call ( " hosts.deny " ) ,
" /fakepath/fakefile " = > emptyfile . call ,
" C:/fakepath/fakefile " = > emptyfile . call ,
" /etc/cron.d/crondotd " = > mockfile . call ( " crondotd " ) ,
2019-08-08 20:44:07 +00:00
" /etc/postfix/main.cf " = > mockfile . call ( " main.cf " ) ,
2019-09-03 22:22:32 +00:00
" /etc/postfix/other.cf " = > mockfile . call ( " other.cf " ) ,
2021-04-12 09:08:13 +00:00
" /etc/selinux/selinux_conf " = > mockfile . call ( " selinux_conf " ) ,
2021-09-29 06:45:39 +00:00
" /etc/apache2/apache2.conf " = > mockfile . call ( " apache2.conf " ) ,
" /etc/test-serverroot/apache2/apache2.conf " = > mockfile . call ( " apache2_server_root_void.conf " ) ,
2022-04-13 07:54:58 +00:00
# myjson.json, myyaml.yml and myinvalid.file mocks are used for file unit test in file_test
" myjson.json " = > mockfile . call ( " node.json " ) ,
" myyaml.yml " = > mockfile . call ( " kitchen.yml " ) ,
" myinvalid.file " = > mockfile . call ( " default.xml " ) ,
2022-04-27 10:29:40 +00:00
# x509_secret_key
" /home/openssl_activity/bob_private.pem " = > mockfile . call ( " x509-secret-key " ) ,
" /home/openssl_activity/alice_private.pem " = > mockfile . call ( " x509-encrypted-secret-key " ) ,
2019-05-25 09:59:31 +00:00
}
2021-07-19 09:09:25 +00:00
mock . files = mock_files
2019-05-25 09:59:31 +00:00
# create all mock commands
2019-06-11 22:24:35 +00:00
cmd = lambda { | x |
2019-11-09 03:08:20 +00:00
stdout = :: File . read ( :: File . join ( scriptpath , " /fixtures/cmd/ " + x ) )
2019-06-11 22:24:35 +00:00
mock . mock_command ( " " , stdout , " " , 0 )
2019-05-25 09:59:31 +00:00
}
cmd_stderr = lambda { | x = nil |
2019-11-09 03:08:20 +00:00
stderr = x . nil? ? " " : File . read ( File . join ( scriptpath , " fixtures/cmd " , x ) )
2019-06-11 22:24:35 +00:00
mock . mock_command ( " " , " " , stderr , 1 )
2019-05-25 09:59:31 +00:00
}
empty = lambda {
2019-06-11 22:24:35 +00:00
mock . mock_command ( " " , " " , " " , 0 )
2019-05-25 09:59:31 +00:00
}
cmd_exit_1 = lambda { | x = nil |
2019-11-09 03:08:20 +00:00
stderr = x . nil? ? " " : File . read ( File . join ( scriptpath , " fixtures/cmd " , x ) )
2019-06-11 22:24:35 +00:00
mock . mock_command ( " " , " " , stderr , 1 )
2019-05-25 09:59:31 +00:00
}
2020-11-30 12:33:48 +00:00
# DEV NOTES: Most of the key=>value pairs below represent inspec commands=>responses to mock in testing.
# "cf04ce5615167da0133540398aa9989bf48b3d15a615f08f97eafaeec6e5b2ba" => cmd.call("get-wmiobject"),
# In this ^^^ case, the key is the sha256sum of the script that is sent to the 'inspec.powershell' method in resources/wmi.rb
# And the content of 'get-wmiobject' can be found in this file: 'test/fixtures/cmd/get-wmiobject'. If you change the script
# that the inspec resource sends, you have to calculate the new sha256sum of it and update it here
2019-05-25 09:59:31 +00:00
mock_cmds = {
2019-06-11 22:24:35 +00:00
" " = > empty . call ,
" sh -c 'find /no/such/mock -type f -maxdepth 1' " = > empty . call ,
2019-05-25 09:59:31 +00:00
'type "brew"' = > empty . call ,
2020-01-01 15:02:53 +00:00
'sh -c \'type "pip"\'' = > empty . call ,
'sh -c \'type "/test/path/pip"\'' = > empty . call ,
'sh -c \'type "Rscript"\'' = > empty . call ,
'sh -c \'type "perl"\'' = > empty . call ,
'sh -c \'type "/sbin/auditctl"\'' = > empty . call ,
'sh -c \'type "sql"\'' = > cmd_exit_1 . call ,
2019-05-25 09:59:31 +00:00
'type "pwsh"' = > empty . call ,
2022-06-27 15:37:30 +00:00
'type "/usr/sbin/netstat"' = > empty . call ,
2019-06-11 22:24:35 +00:00
" sh -c 'find /etc/apache2/ports.conf -type l -maxdepth 1' " = > empty . call ,
" sh -c 'find /etc/httpd/conf.d/*.conf -type l -maxdepth 1' " = > empty . call ,
" sh -c 'find /etc/httpd/mods-enabled/*.conf -type l -maxdepth 1' " = > empty . call ,
" sh -c 'find /etc/httpd/conf-enabled/*.conf -type f -maxdepth 1' " = > empty . call ,
2019-05-25 09:59:31 +00:00
'find /sys/class/net/eth1/ -maxdepth 1 -type f -exec sh -c \'echo "[$(basename {})]"; cat {} || echo -n\' \;' = > empty . call ,
2019-06-11 22:24:35 +00:00
" Get-Package -Name 'Not available' | ConvertTo-Json " = > empty . call ,
" ps axo pid,pcpu,pmem,vsz,rss,tty,stat,start,time,user,command " = > cmd . call ( " ps-axo " ) ,
2020-08-31 13:30:43 +00:00
" ps wwaxo label,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,user:32,command " = > cmd . call ( " ps-axoZ " ) ,
2019-06-11 22:24:35 +00:00
" ps -o pid,vsz,rss,tty,stat,time,ruser,args " = > cmd . call ( " ps-busybox " ) ,
" env " = > cmd . call ( " env " ) ,
" ${Env:PATH} " = > cmd . call ( " $env-PATH " ) ,
2021-12-06 09:07:53 +00:00
" timedatectl status | grep -i 'Time zone' " = > cmd . call ( " timedatectl-timezone " ) ,
2019-05-25 09:59:31 +00:00
# registry key test using winrm 2.0
2019-06-11 22:24:35 +00:00
" 9417f24311a9dcd90f1b1734080a2d4c6516ec8ff2d452a2328f68eb0ed676cf " = > cmd . call ( " reg_schedule " ) ,
" Auditpol /get /subcategory:'User Account Management' /r " = > cmd . call ( " auditpol " ) ,
" /sbin/auditctl -l " = > cmd . call ( " auditctl " ) ,
" /sbin/auditctl -s " = > cmd . call ( " auditctl-s " ) ,
" dpkg -s curl " = > cmd . call ( " dpkg-s-curl " ) ,
2021-12-21 11:10:54 +00:00
" apt list curl -a " = > cmd . call ( " apt-list-curl " ) ,
2019-06-11 22:24:35 +00:00
" dpkg -s held-package " = > cmd . call ( " dpkg-s-held-package " ) ,
" rpm -qi curl " = > cmd . call ( " rpm-qi-curl " ) ,
2021-12-21 11:10:54 +00:00
" yum list curl " = > cmd . call ( " yum-list-curl " ) ,
2021-12-22 08:18:05 +00:00
" Get-Package Chef Client v12.12.15 -AllVersions " = > cmd . call ( " get-pkg-versions " ) ,
2019-06-11 22:24:35 +00:00
" rpm -qi --dbpath /var/lib/fake_rpmdb curl " = > cmd . call ( " rpm-qi-curl " ) ,
" rpm -qi --dbpath /var/lib/rpmdb_does_not_exist curl " = > cmd_exit_1 . call ,
" pacman -Qi curl " = > cmd . call ( " pacman-qi-curl " ) ,
2021-12-21 11:10:54 +00:00
" pacman -Ss curl | grep curl | grep installed " = > cmd . call ( " pacman-ss-grep-curl " ) ,
2019-06-11 22:24:35 +00:00
" brew info --json=v1 curl " = > cmd . call ( " brew-info--json-v1-curl " ) ,
" brew info --json=v1 nginx " = > cmd . call ( " brew-info--json-v1-nginx " ) ,
" brew info --json=v1 nope " = > cmd_exit_1 . call ,
" /usr/local/bin/brew info --json=v1 curl " = > cmd . call ( " brew-info--json-v1-curl " ) ,
" gem list --local -a -q ^not-installed$ " = > cmd . call ( " gem-list-local-a-q-not-installed " ) ,
" gem list --local -a -q ^rubocop$ " = > cmd . call ( " gem-list-local-a-q-rubocop " ) ,
" /opt/ruby-2.3.1/embedded/bin/gem list --local -a -q ^pry$ " = > cmd . call ( " gem-list-local-a-q-pry " ) ,
" /opt/chef/embedded/bin/gem list --local -a -q ^chef-sugar$ " = > cmd . call ( " gem-list-local-a-q-chef-sugar " ) ,
'c:\opscode\chef\embedded\bin\gem.bat list --local -a -q ^json$' = > cmd . call ( " gem-list-local-a-q-json " ) ,
" /opt/opscode/embedded/bin/gem list --local -a -q ^knife-backup$ " = > cmd . call ( " gem-list-local-a-q-knife-backup " ) ,
2019-10-06 23:49:12 +00:00
" sh -c 'npm -g ls --json bower' " = > cmd . call ( " npm-g-ls--json-bower " ) ,
" sh -c 'cd /path/to/project && npm ls --json bower' " = > cmd . call ( " npm-ls--json-bower " ) ,
2019-06-11 22:24:35 +00:00
" Rscript -e 'packageVersion( \" DBI \" )' " = > cmd . call ( " r-print-version " ) ,
" Rscript -e 'packageVersion( \" DoesNotExist \" )' " = > cmd . call ( " r-print-version-not-installed " ) ,
" perl -le 'eval \" require $ARGV[0] \" and print $ARGV[0]->VERSION or exit 1' DBD::Pg " = > cmd . call ( " perl-print-version " ) ,
2019-05-25 09:59:31 +00:00
" perl -le 'eval \" require $ARGV[0] \" and print $ARGV[0]->VERSION or exit 1' DOES::Not::Exist " = > cmd_exit_1 . call ,
2019-06-11 22:24:35 +00:00
" pip show jinja2 " = > cmd . call ( " pip-show-jinja2 " ) ,
" pip show django " = > cmd . call ( " pip-show-django " ) ,
" /test/path/pip show django " = > cmd . call ( " pip-show-non-standard-django " ) ,
" Get-Package -Name 'Mozilla Firefox' | ConvertTo-Json " = > cmd . call ( " get-package-firefox " ) ,
" Get-Package -Name 'Ruby 2.1.6-p336-x64' | ConvertTo-Json " = > cmd . call ( " get-package-ruby " ) ,
2019-05-25 09:59:31 +00:00
'Get-Command "choco"' = > empty . call ,
2021-12-07 12:46:44 +00:00
" Get-TimeZone " = > cmd . call ( " get-timezone " ) ,
2020-01-01 15:02:53 +00:00
'sh -c \'type "choco"\'' = > cmd_exit_1 . call ,
2019-06-11 22:24:35 +00:00
'(choco list --local-only --exact --include-programs --limit-output \'nssm\') -Replace "\|", "=" | ConvertFrom-StringData | ConvertTo-JSON' = > cmd . call ( " choco-list-nssm " ) ,
2019-05-25 09:59:31 +00:00
'(choco list --local-only --exact --include-programs --limit-output \'git\') -Replace "\|", "=" | ConvertFrom-StringData | ConvertTo-JSON' = > empty . call ,
2019-08-07 02:44:02 +00:00
" New-Object -Type PSObject | Add-Member -MemberType NoteProperty -Name Service -Value (Get-Service -Name 'dhcp'| Select-Object -Property Name, DisplayName, Status) -PassThru | Add-Member -MemberType NoteProperty -Name WMI -Value (Get-WmiObject -Class Win32_Service | Where-Object {$_.Name -eq 'dhcp' -or $_.DisplayName -eq 'dhcp'} | Select-Object -Property StartMode, StartName) -PassThru | ConvertTo-Json " = > cmd . call ( " get-service-dhcp " ) ,
2019-06-11 22:24:35 +00:00
" New-Object -Type PSObject | Add-Member -MemberType NoteProperty -Name Pip -Value (Invoke-Command -ScriptBlock {where.exe pip}) -PassThru | Add-Member -MemberType NoteProperty -Name Python -Value (Invoke-Command -ScriptBlock {where.exe python}) -PassThru | ConvertTo-Json " = > cmd . call ( " get-windows-pip-package " ) ,
" Get-WindowsFeature | Where-Object {$_.Name -eq 'DHCP' -or $_.DisplayName -eq 'DHCP'} | Select-Object -Property Name,DisplayName,Description,Installed,InstallState | ConvertTo-Json " = > cmd . call ( " get-windows-feature " ) ,
" Get-WindowsFeature | Where-Object {$_.Name -eq 'IIS-WebServer' -or $_.DisplayName -eq 'IIS-WebServer'} | Select-Object -Property Name,DisplayName,Description,Installed,InstallState | ConvertTo-Json " = > cmd_exit_1 . call ( " get-windows-feature-iis-webserver " ) ,
" dism /online /get-featureinfo /featurename:IIS-WebServer " = > cmd . call ( " dism-iis-webserver " ) ,
" lsmod " = > cmd . call ( " lsmod " ) ,
" /sbin/sysctl -q -n net.ipv4.conf.all.forwarding " = > cmd . call ( " sbin_sysctl " ) ,
2021-12-31 09:27:53 +00:00
" /sbin/sysctl -a " = > cmd . call ( " sbin_sysctl_all " ) ,
2019-05-25 09:59:31 +00:00
# ports on windows
2019-06-11 22:24:35 +00:00
" Get-NetTCPConnection -state Listen | Select-Object -Property State, Caption, Description, LocalAddress, LocalPort, RemoteAddress, RemotePort, DisplayName, Status | ConvertTo-Json " = > cmd . call ( " get-net-tcpconnection " ) ,
'netstat -anbo | Select-String -CaseSensitive -pattern "^\s+UDP|\s+LISTENING\s+\d+$" -context 0,1' = > cmd . call ( " netstat-anbo-pipe-select-string-pattern.utf8 " ) ,
2019-05-25 09:59:31 +00:00
# lsof formatted list of ports (should be quite cross platform)
2019-06-11 22:24:35 +00:00
" lsof -nP -i -FpctPn " = > cmd . call ( " lsof-nP-i-FpctPn " ) ,
2019-05-25 09:59:31 +00:00
# ports on freebsd
2019-06-11 22:24:35 +00:00
" sockstat -46l " = > cmd . call ( " sockstat " ) ,
2019-05-25 09:59:31 +00:00
# ports on aix
2019-06-11 22:24:35 +00:00
" netstat -Aan | grep LISTEN " = > cmd . call ( " netstat-aan " ) ,
" rmsock f0000000000000001 tcpcb " = > cmd . call ( " rmsock-f0001 " ) ,
" rmsock f0000000000000002 tcpcb " = > cmd . call ( " rmsock-f0002 " ) ,
2019-05-25 09:59:31 +00:00
# packages on windows
2020-12-01 02:02:50 +00:00
" 6785190b3df7291a7622b0b75b0217a9a78bd04690bc978df51ae17ec852a282 " = > cmd . call ( " get-item-property-package " ) ,
2019-05-25 09:59:31 +00:00
# service status upstart on ubuntu
2019-06-11 22:24:35 +00:00
" initctl status ssh " = > cmd . call ( " initctl-status-ssh " ) ,
2019-05-25 09:59:31 +00:00
# upstart version on ubuntu
2019-06-11 22:24:35 +00:00
" initctl --version " = > cmd . call ( " initctl--version " ) ,
2019-05-25 09:59:31 +00:00
# show ssh service Centos 7
2019-06-11 22:24:35 +00:00
" systemctl show --no-pager --all sshd " = > cmd . call ( " systemctl-show-all-sshd " ) ,
" systemctl show --no-pager --all apache2 " = > cmd . call ( " systemctl-show-all-apache2 " ) ,
" /path/to/systemctl show --no-pager --all sshd " = > cmd . call ( " systemctl-show-all-sshd " ) ,
" systemctl show --no-pager --all dbus " = > cmd . call ( " systemctl-show-all-dbus " ) ,
" /path/to/systemctl show --no-pager --all dbus " = > cmd . call ( " systemctl-show-all-dbus " ) ,
2019-05-25 09:59:31 +00:00
# services on macos
2019-06-11 22:24:35 +00:00
" launchctl list " = > cmd . call ( " launchctl-list " ) ,
2021-07-27 17:45:30 +00:00
# services on freebsd 6+
2019-06-11 22:24:35 +00:00
" service -e " = > cmd . call ( " service-e " ) ,
" service sendmail onestatus " = > cmd . call ( " service-sendmail-onestatus " ) ,
2022-04-11 14:07:02 +00:00
# mock for FreeBSD10Init info
" service -l " = > cmd . call ( " service-l " ) ,
2022-04-12 05:21:58 +00:00
# service mock for monit
" monit summary " = > cmd . call ( " monit-summary " ) ,
%{ sh -c 'type "monit"' } = > empty . call ,
2019-05-25 09:59:31 +00:00
# services for system 5 e.g. centos6, debian 6
2019-06-11 22:24:35 +00:00
" service sshd status " = > cmd . call ( " service-sshd-status " ) ,
'find /etc/rc*.d /etc/init.d/rc*.d -name "S*"' = > cmd . call ( " find-etc-rc-d-name-S " ) ,
" ls -1 /etc/init.d/ " = > cmd . call ( " ls-1-etc-init.d " ) ,
2019-05-25 09:59:31 +00:00
# user information for linux
2019-06-11 22:24:35 +00:00
" id root " = > cmd . call ( " id-root " ) ,
" getent passwd root " = > cmd . call ( " getent-passwd-root " ) ,
" chage -l root " = > cmd . call ( " chage-l-root " ) ,
2022-03-28 22:39:21 +00:00
" cat ~/.ssh/authorized_keys " = > cmd . call ( " authorized-keys-mock " ) ,
%{ sh -c 'type "getent"' } = > empty . call ,
" getent shadow root " = > cmd . call ( " getent-shadow-mock " ) ,
2019-05-25 09:59:31 +00:00
# user information for ldap test
2019-06-11 22:24:35 +00:00
" id jfolmer " = > cmd . call ( " id-jfolmer " ) ,
" getent passwd jfolmer " = > cmd . call ( " getent-passwd-jfolmer " ) ,
" chage -l jfolmer " = > cmd . call ( " chage-l-root " ) ,
2019-05-25 09:59:31 +00:00
# user info for mac
2019-06-11 22:24:35 +00:00
" id chartmann " = > cmd . call ( " id-chartmann " ) ,
" dscl -q . -read /Users/chartmann NFSHomeDirectory PrimaryGroupID RecordName UniqueID UserShell " = > cmd . call ( " dscl " ) ,
2019-05-25 09:59:31 +00:00
# user info for freebsd
2020-06-28 00:36:15 +00:00
" id fzipi " = > cmd . call ( " id-fzipi " ) ,
" pw usershow fzipi -7 " = > cmd . call ( " pw-usershow-fzipi-7 " ) ,
2019-05-25 09:59:31 +00:00
# user info for windows (winrm 1.6.0, 1.6.1)
2019-11-15 05:22:07 +00:00
" c603a7d32732390b1ed57ebd56fd176fecdb2035f005d33482de9adb1ddb4447 " = > cmd . call ( " adsiusers " ) ,
2019-05-25 09:59:31 +00:00
# group info for windows
2019-06-11 22:24:35 +00:00
" 4020573097e910a573e22e8863c4faa434f52910a45714606cad1fb8b060d9e9 " = > cmd . call ( " adsigroups " ) ,
2019-05-25 09:59:31 +00:00
# group info for Darwin
2019-06-11 22:24:35 +00:00
" dscacheutil -q group " = > cmd . call ( " dscacheutil-query-group " ) ,
2019-05-25 09:59:31 +00:00
# network interface
2019-06-11 22:24:35 +00:00
" fddd70e8b8510f5fcc0413cfdc41598c55d6922bb2a0a4075e2118633a0bf422 " = > cmd . call ( " find-net-interface " ) ,
" c33821dece09c8b334e03a5bb9daefdf622007f73af4932605e758506584ec3f " = > empty . call ,
" /sbin/ip -br -4 address show dev eth0 " = > cmd . call ( " interface-addresses-4 " ) ,
" /sbin/ip -br -6 address show dev eth0 " = > cmd . call ( " interface-addresses-6 " ) ,
" Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json " = > cmd . call ( " Get-NetAdapter " ) ,
" Get-NetIPAddress | Select-Object -Property IPv6Address, IPv4Address, InterfaceAlias, PrefixLength | ConvertTo-Json " = > cmd . call ( " Get-NetIPAddress " ) ,
2020-05-14 21:28:58 +00:00
" ifconfig en0 " = > cmd . call ( " ifconfig-en0 " ) ,
2020-05-16 05:46:06 +00:00
# network interfaces
" ls /sys/class/net " = > cmd . call ( " ls-sys-class-net " ) ,
" ifconfig -a " = > cmd . call ( " ifconfig-a " ) ,
2020-05-19 03:25:25 +00:00
" ifconfig em0 " = > cmd . call ( " ifconfig-em0 " ) ,
" ifconfig lo0 " = > cmd . call ( " ifconfig-lo0 " ) ,
2020-05-16 05:46:06 +00:00
" Get-NetAdapter | Select-Object -Property Name | ConvertTo-Json " = > cmd . call ( " Get-NetAdapter-Name " ) ,
2019-05-25 09:59:31 +00:00
# bridge on linux
2019-06-11 22:24:35 +00:00
" ls -1 /sys/class/net/br0/brif/ " = > cmd . call ( " ls-sys-class-net-br " ) ,
2019-05-25 09:59:31 +00:00
# bridge on Windows
2019-06-11 22:24:35 +00:00
" Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter | Select-Object -Property Name, InterfaceDescription | ConvertTo-Json " = > cmd . call ( " get-netadapter-binding-bridge " ) ,
2019-05-25 09:59:31 +00:00
# host for Windows
2019-06-11 22:24:35 +00:00
" Resolve-DnsName – Type A microsoft.com | ConvertTo-Json " = > cmd . call ( " Resolve-DnsName " ) ,
2022-05-06 18:52:12 +00:00
" Resolve-DnsName – Type AAAA microsoft.com | ConvertTo-Json " = > cmd . call ( " Resolve-DnsName-ipv6 " ) ,
2019-06-11 22:24:35 +00:00
" Test-NetConnection -ComputerName microsoft.com -WarningAction SilentlyContinue| Select-Object -Property ComputerName, TcpTestSucceeded, PingSucceeded | ConvertTo-Json " = > cmd . call ( " Test-NetConnection " ) ,
2019-05-25 09:59:31 +00:00
# host for Linux
2019-06-11 22:24:35 +00:00
" getent ahosts example.com " = > cmd . call ( " getent-ahosts-example.com " ) ,
" ping -w 1 -c 1 example.com " = > cmd . call ( " ping-example.com " ) ,
2019-05-25 09:59:31 +00:00
# host for Darwin
2019-06-11 22:24:35 +00:00
" host -t AAAA example.com " = > cmd . call ( " host-AAAA-example.com " ) ,
" ping -W 1 -c 1 example.com " = > cmd . call ( " ping-example.com " ) ,
2019-05-25 09:59:31 +00:00
# apt
2021-03-19 08:23:53 +00:00
" find /etc/apt/ -name \" *.list \" -exec sh -c 'cat {} || echo -n' \\ ; " = > cmd . call ( " etc-apt " ) ,
2019-05-25 09:59:31 +00:00
# iptables
2019-06-11 22:24:35 +00:00
" /usr/sbin/iptables -S " = > cmd . call ( " iptables-s " ) ,
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "/usr/sbin/iptables"' } = > empty . call ,
2019-06-23 00:35:32 +00:00
# ip6tables
" /usr/sbin/ip6tables -S " = > cmd . call ( " ip6tables-s " ) ,
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "/usr/sbin/ip6tables"' } = > empty . call ,
2022-02-25 10:21:57 +00:00
# ipnat
" /usr/sbin/ipnat -l " = > cmd . call ( " ipnat-l " ) ,
%{ type "/usr/sbin/ipnat" } = > empty . call ,
2022-02-24 18:16:25 +00:00
# ipfilter
" /usr/sbin/ipfstat -io " = > cmd . call ( " ipfstat-io " ) ,
%{ type "/usr/sbin/ipfstat" } = > empty . call ,
2022-03-10 11:20:21 +00:00
# lxc
" /usr/sbin/lxc info my-ubuntu-container | grep -i Status " = > cmd . call ( " lxcinfo " ) ,
%{ sh -c 'type "/usr/sbin/lxc"' } = > empty . call ,
2022-03-23 03:10:34 +00:00
# cgroup
" cgget -n -a carrotking " = > cmd . call ( " cgget-n-a " ) ,
" cgget -n -r cpuset.cpus carrotking " = > cmd . call ( " cgget-n-r " ) ,
" cgget -n -r memory.stat carrotking " = > cmd . call ( " cgget-n-r-stat " ) ,
%{ sh -c 'type "cgget"' } = > empty . call ,
2022-03-30 11:56:15 +00:00
# mail_alias
2022-03-31 09:37:06 +00:00
" cat /etc/aliases | grep '^daemon:' " = > cmd . call ( " mail-alias " ) ,
2022-04-23 05:29:57 +00:00
# php_config
%{ sh -c 'type "php"' } = > empty . call ,
'Get-Command "php"' = > empty . call ,
'type "php"' = > empty . call ,
" php -r 'echo get_cfg_var( \" default_mimetype \" );' " = > cmd . call ( " get-cfg-var " ) ,
" php -c /etc/php/7.4/cli/php.ini -r 'echo get_cfg_var( \" default_mimetype \" );' " = > cmd . call ( " get-cfg-var " ) ,
2022-04-06 15:41:48 +00:00
# routing_table
" netstat -rn " = > cmd . call ( " netstat-rn-linux " ) ,
2022-06-27 19:30:17 +00:00
" /usr/sbin/netstat -rn " = > cmd . call ( " netstat-rn-linux " ) ,
2022-04-06 15:41:48 +00:00
%{ sh -c 'type "netstat"' } = > empty . call ,
2022-04-13 07:54:58 +00:00
# mocks for be_immutable matcher for file resource
" lsattr constantfile.txt " = > cmd . call ( " lsattr-output " ) ,
%{ sh -c 'type "lsattr"' } = > empty . call ,
2022-04-19 04:03:01 +00:00
# linux_audit_system
" /usr/sbin/auditctl -s | grep enabled " = > cmd . call ( " auditctl-s-enabled " ) ,
" /usr/sbin/auditctl -s | grep pid " = > cmd . call ( " auditctl-s-pid " ) ,
2022-04-14 06:19:08 +00:00
" /usr/sbin/auditctl -l " = > cmd . call ( " auditctl-l " ) ,
2022-04-19 04:03:01 +00:00
%{ sh -c 'type "/usr/sbin/auditctl"' } = > empty . call ,
2022-06-06 08:28:35 +00:00
# x509_certificate
2022-04-27 10:29:40 +00:00
%{ sh -c 'type "openssl"' } = > empty . call ,
2022-06-06 08:28:35 +00:00
" openssl x509 -noout -purpose -in test_certificate.rsa.crt.pem " = > cmd . call ( " x509-crt-purpose " ) ,
# x509_private_key
2022-04-27 10:29:40 +00:00
%{ type "openssl" } = > empty . call ,
" openssl rsa -in /home/openssl_activity/bob_private.pem -check -noout " = > empty . call ,
" openssl rsa -in /home/openssl_activity/alice_private.pem -check -noout -passin pass:password@123 " = > empty . call ,
" openssl x509 -noout -modulus -in /home/openssl_activity/bob_certificate.crt | openssl md5 " = > cmd . call ( " x509-certificate-modulus " ) ,
" openssl rsa -noout -modulus -in /home/openssl_activity/bob_private.pem | openssl md5 " = > cmd . call ( " x509-certificate-modulus " ) ,
" openssl x509 -noout -modulus -in /home/openssl_activity/alice_certificate.crt | openssl md5 " = > cmd . call ( " x509-certificate-modulus " ) ,
" openssl rsa -noout -modulus -in /home/openssl_activity/alice_private.pem -passin pass:password@123 | openssl md5 " = > cmd . call ( " x509-certificate-modulus " ) ,
2019-05-25 09:59:31 +00:00
# apache_conf
2019-06-11 22:24:35 +00:00
" sh -c 'find /etc/apache2/ports.conf -type f -maxdepth 1' " = > cmd . call ( " find-apache2-ports-conf " ) ,
" sh -c 'find /etc/httpd/conf.d/*.conf -type f -maxdepth 1' " = > cmd . call ( " find-httpd-ssl-conf " ) ,
" sh -c 'find /etc/httpd/mods-enabled/*.conf -type f -maxdepth 1' " = > cmd . call ( " find-httpd-status-conf " ) ,
" sh -c 'find /etc/httpd/conf-enabled/*.conf -type l -maxdepth 1' " = > cmd . call ( " find-httpd-conf-enabled-link " ) ,
" sh -c 'find /etc/apache2/conf-enabled/*.conf -type f -maxdepth 1' " = > cmd . call ( " find-apache2-conf-enabled " ) ,
" sh -c 'find /etc/apache2/conf-enabled/*.conf -type l -maxdepth 1' " = > cmd . call ( " find-apache2-conf-enabled-link " ) ,
" sh -c 'find /etc/nginx/nginx.conf' " = > cmd . call ( " find-nginx-conf " ) ,
" sh -c 'find /etc/nginx/conf/mime.types' " = > cmd . call ( " find-nginx-mime-types " ) ,
" sh -c 'find /etc/nginx/proxy.conf' " = > cmd . call ( " find-nginx-proxy-conf " ) ,
" sh -c 'find /etc/nginx/conf.d/*.conf' " = > cmd . call ( " find-nginx-confd-multiple-conf " ) ,
" sh -c 'find /etc/nginx/quotes.d/*.conf' " = > cmd . call ( " find-nginx-quotesd-example-conf " ) ,
2019-05-25 09:59:31 +00:00
# mount
" mount | grep -- ' on /' " = > cmd . call ( " mount " ) ,
" mount | grep -- ' on /mnt/iso-disk' " = > cmd . call ( " mount-multiple " ) ,
" mount | grep -- ' on /mnt/Research & Development' " = > cmd . call ( " mount-whitespaces " ) ,
# solaris 10 package manager
2019-06-11 22:24:35 +00:00
" pkginfo -l SUNWzfsr " = > cmd . call ( " pkginfo-l-SUNWzfsr " ) ,
2019-05-25 09:59:31 +00:00
# solaris 11 package manager
2019-06-11 22:24:35 +00:00
" pkg info system/file-system/zfs " = > cmd . call ( " pkg-info-system-file-system-zfs " ) ,
2019-05-25 09:59:31 +00:00
# dpkg-query all packages
2019-06-11 22:24:35 +00:00
" dpkg-query -W -f='${db:Status-Abbrev} ${Package} ${Version} ${Architecture} \\ n' " = > cmd . call ( " dpkg-query-W " ) ,
2019-05-25 09:59:31 +00:00
# rpm query all packages
2019-06-11 22:24:35 +00:00
" rpm -qa --queryformat '%{NAME} %{VERSION}-%{RELEASE} %{ARCH} \\ n' " = > cmd . call ( " rpm-qa-queryformat " ) ,
2019-12-16 19:18:02 +00:00
# pkg query all packages
" pkg info vim-console " = > cmd . call ( " pkg-info-vim-console " ) ,
2021-12-21 11:10:54 +00:00
" pkg version -v | grep vim-console " = > cmd . call ( " pkg-version-grep-vim-console " ) ,
2019-05-25 09:59:31 +00:00
# port netstat on solaris 10 & 11
2019-06-11 22:24:35 +00:00
" netstat -an -f inet -f inet6 " = > cmd . call ( " s11-netstat-an-finet-finet6 " ) ,
2019-05-25 09:59:31 +00:00
# xinetd configuration
2019-06-11 22:24:35 +00:00
" find /etc/xinetd.d -type f " = > cmd . call ( " find-xinetd.d " ) ,
2019-05-25 09:59:31 +00:00
# wmi test
2020-11-30 12:33:48 +00:00
" cf04ce5615167da0133540398aa9989bf48b3d15a615f08f97eafaeec6e5b2ba " = > cmd . call ( " get-wmiobject " ) ,
2019-06-11 22:24:35 +00:00
# user info on hpux
" logins -x -l root " = > cmd . call ( " logins-x " ) ,
# packages on hpux
" swlist -l product | grep vim " = > cmd . call ( " swlist-l-product " ) ,
2019-05-25 09:59:31 +00:00
# ipv4 ports on hpux
2019-06-11 22:24:35 +00:00
" netstat -an -f inet " = > cmd . call ( " hpux-netstat-inet " ) ,
# ipv6 ports on hpux
" netstat -an -f inet6 " = > cmd . call ( " hpux-netstat-inet6 " ) ,
2019-07-16 19:27:32 +00:00
# hostname linux and darwin
2019-06-11 22:24:35 +00:00
" hostname " = > cmd . call ( " hostname " ) ,
2019-05-25 09:59:31 +00:00
# hostname windows
2019-06-11 22:24:35 +00:00
" $env:computername " = > cmd . call ( " $env-computername " ) ,
2019-06-21 14:23:47 +00:00
# Manufacturer linux
2019-07-16 19:14:39 +00:00
" cat /sys/class/dmi/id/sys_vendor " = > cmd . call ( " manufacturer " ) ,
2019-06-21 14:23:47 +00:00
# Manufacturer windows
" Get-CimInstance -ClassName Win32_ComputerSystem | Select Manufacturer -ExpandProperty Manufacturer " = > cmd . call ( " manufacturer " ) ,
# Model linux
2019-07-16 19:14:39 +00:00
" cat /sys/class/dmi/id/product_name " = > cmd . call ( " model " ) ,
2019-07-16 19:27:32 +00:00
# Model darwin
" sysctl -n hw.model " = > cmd . call ( " model_darwin " ) ,
2019-06-21 14:23:47 +00:00
# Model windows
" Get-CimInstance -ClassName Win32_ComputerSystem | Select Model -ExpandProperty Model " = > cmd . call ( " model " ) ,
2019-05-25 09:59:31 +00:00
# windows_hotfix windows
2019-06-11 22:24:35 +00:00
" get-hotfix -id KB4019215 " = > cmd . call ( " kb4019215 " ) ,
2019-05-25 09:59:31 +00:00
# windows_hotfix windows doesn't exist
2019-07-09 00:20:30 +00:00
" get-hotfix -id KB9999999 " = > empty . call ,
2019-05-25 09:59:31 +00:00
# windows_task doesnt exist
2019-06-11 22:24:35 +00:00
" schtasks /query /v /fo csv /tn 'does-not-exist' | ConvertFrom-Csv | Select @{N='URI';E={$_.TaskName}},@{N='State';E={$_.Status.ToString()}},'Logon Mode','Last Result','Task To Run','Run As User','Scheduled Task State' | ConvertTo-Json -Compress " = > cmd . call ( " schtasks-error " ) ,
2019-06-28 07:14:24 +00:00
# windows_task exists and has 1 trigger
" schtasks /query /v /fo csv /tn 'WeLovePizza' | ConvertFrom-Csv | Select @{N='URI';E={$_.TaskName}},@{N='State';E={$_.Status.ToString()}},'Logon Mode','Last Result','Task To Run','Run As User','Scheduled Task State' | ConvertTo-Json -Compress " = > cmd . call ( " schtasks-success-single-trigger " ) ,
# windows_task exists and has multiple triggers
" schtasks /query /v /fo csv /tn 'WeLoveMultiplePizzas' | ConvertFrom-Csv | Select @{N='URI';E={$_.TaskName}},@{N='State';E={$_.Status.ToString()}},'Logon Mode','Last Result','Task To Run','Run As User','Scheduled Task State' | ConvertTo-Json -Compress " = > cmd . call ( " schtasks-success-multiple-triggers " ) ,
2019-06-11 22:24:35 +00:00
" modinfo -F version dhcp " = > cmd . call ( " modinfo-f-version-dhcp " ) ,
2019-05-25 09:59:31 +00:00
# crontab display for root / current user
2019-06-11 22:24:35 +00:00
" crontab -l " = > cmd . call ( " crontab-root " ) ,
2019-05-25 09:59:31 +00:00
# crontab display for non-current user
2019-06-11 22:24:35 +00:00
" crontab -l -u foouser " = > cmd . call ( " crontab-foouser " ) ,
2019-05-25 09:59:31 +00:00
# crontab display for special time strings
2019-06-11 22:24:35 +00:00
" crontab -l -u special " = > cmd . call ( " crontab-special " ) ,
2022-02-28 12:57:35 +00:00
# crontab exit status check
" crontab -l -u testuser " = > cmd_exit_1 . call ,
2019-05-25 09:59:31 +00:00
# zfs output for dataset tank/tmp
2019-06-11 22:24:35 +00:00
" /sbin/zfs get -Hp all tank/tmp " = > cmd . call ( " zfs-get-all-tank-tmp " ) ,
2019-05-25 09:59:31 +00:00
# zfs output for pool tank
2019-06-11 22:24:35 +00:00
" /sbin/zpool get -Hp all tank " = > cmd . call ( " zpool-get-all-tank " ) ,
2021-05-15 06:48:39 +00:00
# which zfs
" which zfs " = > cmd . call ( " zfs-which " ) ,
# which zpool
" which zpool " = > cmd . call ( " zpool-which " ) ,
2019-05-25 09:59:31 +00:00
# docker
2019-06-11 22:24:35 +00:00
" 4f8e24022ea8b7d3b117041ec32e55d9bf08f11f4065c700e7c1dc606c84fd17 " = > cmd . call ( " docker-ps-a " ) ,
2019-10-24 04:41:29 +00:00
" b40ed61c006b54f155b28a85dc944dc0352b30222087b47c6279568ec0e59d05 " = > cmd . call ( " df-PT " ) ,
2019-06-11 22:24:35 +00:00
" docker version --format '{{ json . }}' " = > cmd . call ( " docker-version " ) ,
" docker info --format '{{ json . }}' " = > cmd . call ( " docker-info " ) ,
" docker inspect 71b5df59442b " = > cmd . call ( " docker-inspec " ) ,
2022-03-22 06:26:41 +00:00
" docker inspect trusting_williams " = > cmd . call ( " docker-inspect " ) , # inspect container to check for mounted volumes
2022-03-24 16:54:27 +00:00
" docker inspect fried_water " = > cmd . call ( " docker-inspect-e " ) , # inspect container to check for mounted volumes
2019-05-25 09:59:31 +00:00
# docker images
2019-06-11 22:24:35 +00:00
" 83c36bfade9375ae1feb91023cd1f7409b786fd992ad4013bf0f2259d33d6406 " = > cmd . call ( " docker-images " ) ,
2022-03-22 08:37:28 +00:00
" docker inspect ubuntu:latest " = > cmd . call ( " docker-inspect-image " ) ,
2019-05-25 09:59:31 +00:00
# docker services
2019-06-11 22:24:35 +00:00
%{ docker service ls --format ' { "ID": { { json .ID } } , "Name": { { json .Name } } , "Mode": { { json .Mode } } , "Replicas": { { json .Replicas } } , "Image": { { json .Image } } , "Ports": { { json .Ports } } } ' } = > cmd . call ( " docker-service-ls " ) ,
2019-05-25 09:59:31 +00:00
# docker plugins
2019-06-11 22:24:35 +00:00
%{ docker plugin ls --format ' { "id": { { json .ID } } , "name": " { { with split .Name ":" } } { { index . 0 } } { { end } } ", "version": " { { with split .Name ":" } } { { index . 1 } } { { end } } ", "enabled": { { json .Enabled } } } ' } = > cmd . call ( " docker-plugin-ls " ) ,
2019-05-25 09:59:31 +00:00
# modprobe for kernel_module
2019-06-11 22:24:35 +00:00
" modprobe --showconfig " = > cmd . call ( " modprobe-config " ) ,
2019-05-25 09:59:31 +00:00
# get-process cmdlet for processes resource
2022-06-01 07:40:07 +00:00
'$Proc = Get-Process -IncludeUserName | Select-Object PriorityClass,Id,CPU,PM,VirtualMemorySize,NPM,SessionId,Responding,StartTime,TotalProcessorTime,UserName,Path,ProcessName | ConvertTo-Csv -NoTypeInformation;$Proc.Replace("""","").Replace("`r`n","`n")' = > cmd . call ( " get-process_processes " ) ,
2019-05-25 09:59:31 +00:00
# host resource: TCP/UDP reachability check on linux
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "nc"' } = > empty . call ,
%{ sh -c 'type "ncat"' } = > empty . call ,
%{ sh -c 'type "timeout"' } = > empty . call ,
2019-05-25 09:59:31 +00:00
%{ strings `which bash` | grep -qE '/dev/(tcp|udp)/' } = > empty . call ,
%{ echo | nc -v -w 1 -u example.com 1234 } = > empty . call ,
%{ echo | nc -v -w 1 example.com 1234 } = > empty . call ,
'timeout 1 bash -c "< /dev/tcp/example.com/1234"' = > empty . call ,
'timeout 1 bash -c "< /dev/udp/example.com/1234"' = > empty . call ,
# host resource: netcat for TCP reachability check on darwin
'type "nc"' = > empty . call ,
'type "ncat"' = > empty . call ,
'type "gtimeout"' = > empty . call ,
2019-06-11 22:24:35 +00:00
" nc -vz -G 1 example.com 1234 " = > empty . call ,
2019-05-25 09:59:31 +00:00
'gtimeout 1 bash -c "< /dev/tcp/example.com/1234"' = > empty . call ,
'gtimeout 1 bash -c "< /dev/udp/example.com/1234"' = > empty . call ,
# host resource: test-netconnection for reachability check on windows
2019-06-11 22:24:35 +00:00
" Test-NetConnection -ComputerName microsoft.com -WarningAction SilentlyContinue -RemotePort 1234| Select-Object -Property ComputerName, TcpTestSucceeded, PingSucceeded | ConvertTo-Json " = > cmd . call ( " Test-NetConnection " ) ,
2019-05-25 09:59:31 +00:00
# postgres tests
2020-01-01 15:02:53 +00:00
%q{ sh -c 'type "psql"' } = > cmd . call ( " sh -c type psql " ) ,
2019-06-11 22:24:35 +00:00
%q( psql --version | awk '{ print $NF }' | awk -F. '{ print $1"."$2 }' ) = > cmd . call ( " psql-version " ) ,
2019-05-25 09:59:31 +00:00
# mssql tests
2020-01-01 15:02:53 +00:00
" sh -c 'type \" sqlcmd \" ' " = > cmd . call ( " mssql-sqlcmd " ) ,
2019-06-11 22:24:35 +00:00
" cb0efcd12206e9690c21ac631a72be9dd87678aa048e6dae16b8e9353ab6dd64 " = > cmd . call ( " mssql-getdate " ) ,
" 7109e5d809058cd3e9cad108e21e91234d2638db4a4f81fadfde21e071a423dc " = > cmd . call ( " mssql-getdate " ) ,
" 5c2bc0f0568d11451d6cf83aff02ee3d47211265b52b6c5d45f8e57290b35082 " = > cmd . call ( " mssql-getdate " ) ,
" 148af1d7706d9cf81097f66d5b891ddfca719445d60fa582befad118f51b9d92 " = > cmd . call ( " mssql-getdate " ) ,
" 9a1dfd9e403053efb1fd1970a77a241e5c7a9eae34e6f6c56904fa8189bc2e45 " = > cmd . call ( " mssql-getdate " ) ,
" e8bece33e9d550af1fc81a5bc1c72b647b3810db3e567ee9f30feb81f4e3b700 " = > cmd . call ( " mssql-getdate " ) ,
" 53d201ff1cfb8867b79200177b8e2e99dedb700c5fbe15e43820011d7e8b941f " = > cmd . call ( " mssql-getdate " ) ,
" 4b550bb227058ac5851aa0bc946be794ee46489610f17842700136cf8bb5a0e9 " = > cmd . call ( " mssql-getdate " ) ,
" 7d1a7a0f2bd1e7da9a6904e1f28981146ec01a0323623e12a8579d30a3960a79 " = > cmd . call ( " mssql-result " ) ,
2019-05-25 09:59:31 +00:00
# oracle
2020-01-01 15:02:53 +00:00
" sh -c 'type \" sqlplus \" ' " = > cmd . call ( " oracle-cmd " ) ,
2019-06-11 22:24:35 +00:00
" 1998da5bc0f09bd5258fad51f45447556572b747f631661831d6fcb49269a448 " = > cmd . call ( " oracle-result " ) ,
2021-07-09 11:01:39 +00:00
" ${Env:ORACLE_HOME} " = > cmd . call ( " fetch-oracle-listener-in-windows " ) ,
2021-09-30 10:39:05 +00:00
" ${Env:CASSANDRA_HOME} " = > cmd . call ( " fetch-cassandra-conf-in-windows " ) ,
2019-05-25 09:59:31 +00:00
# nginx mock cmd
2019-06-11 22:24:35 +00:00
%{ nginx -V 2>&1 } = > cmd . call ( " nginx-v " ) ,
%{ /usr/sbin/nginx -V 2>&1 } = > cmd . call ( " nginx-v " ) ,
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "/usr/sbin/nginx"' } = > cmd . call ( " sh-c-type-nginx " ) ,
2019-05-25 09:59:31 +00:00
# needed for two differnt inspec.command call formats
# host resource: dig commands,
2019-06-11 22:24:35 +00:00
" dig +short A example.com " = > cmd . call ( " dig-A-example.com " ) ,
" dig +short AAAA example.com " = > cmd . call ( " dig-AAAA-example.com " ) ,
2019-05-25 09:59:31 +00:00
# firewalld resource
2019-06-11 22:24:35 +00:00
" firewall-cmd --get-zones " = > cmd . call ( " firewall-cmd--get-zones " ) ,
" firewall-cmd --get-default-zone " = > cmd . call ( " firewall-cmd--get-default-zone " ) ,
" firewall-cmd --get-active-zones " = > cmd . call ( " firewall-cmd--get-active-zones " ) ,
" firewall-cmd --state " = > cmd . call ( " firewall-cmd--state " ) ,
2021-07-12 15:13:47 +00:00
" firewall-cmd --permanent --zone=public --query-service=ssh " = > cmd . call ( " firewall-cmd--service-enabled-in-zone " ) ,
" firewall-cmd --permanent --zone=public --query-port=22/udp " = > cmd . call ( " firewall-cmd-has-port-enabled-in-zone " ) ,
" firewall-cmd --permanent --zone=public --query-rich-rule='rule family=ipv4 source address=192.168.0.14 accept' " = > cmd . call ( " firewall-cmd-has-rule-enabled " ) ,
" firewall-cmd --permanent --zone=public --service=ssh --get-ports " = > cmd . call ( " firewall-cmd-service-ports-enabled-in-zone " ) ,
" firewall-cmd --permanent --zone=public --service=ssh --get-protocols " = > cmd . call ( " firewall-cmd-service-protocols-enabled-in-zone " ) ,
" firewall-cmd --permanent --zone=public --list-services " = > cmd . call ( " firewall-cmd-services-bound " ) ,
" firewall-cmd --permanent --zone=default --list-services " = > cmd . call ( " firewall-cmd-services-bound " ) ,
" firewall-cmd --permanent --zone=public --list-sources " = > cmd . call ( " firewall-cmd-sources-bound " ) ,
" firewall-cmd --permanent --zone=default --list-sources " = > cmd . call ( " firewall-cmd-sources-bound " ) ,
2021-07-08 20:50:48 +00:00
" firewall-cmd --permanent --zone=public --get-target " = > cmd . call ( " firewall-cmd-get-target " ) ,
" firewall-cmd --permanent --zone=public --query-icmp-block-inversion " = > cmd . call ( " firewall-cmd-query-icmp-block-inversion " ) ,
2021-07-12 15:13:47 +00:00
" firewall-cmd --permanent --zone=public --list-ports " = > cmd . call ( " firewall-cmd-list-ports " ) ,
" firewall-cmd --permanent --zone=public --list-protocols " = > cmd . call ( " firewall-cmd-list-protocols " ) ,
" firewall-cmd --permanent --zone=public --query-masquerade " = > cmd . call ( " firewall-cmd-query-masquerade " ) ,
" firewall-cmd --permanent --zone=public --list-forward-ports " = > cmd . call ( " firewall-cmd-list-forward-ports " ) ,
" firewall-cmd --permanent --zone=public --list-source-ports " = > cmd . call ( " firewall-cmd-list-source-ports " ) ,
" firewall-cmd --permanent --zone=public --list-icmp-blocks " = > cmd . call ( " firewall-cmd-list-icmp-blocks " ) ,
" firewall-cmd --permanent --zone=public --list-rich-rules " = > cmd . call ( " firewall-cmd-list-rich-rules " ) ,
" firewall-cmd --permanent --zone=public --query-rich-rule=rule family=ipv4 source address=192.168.0.14 accept " = > cmd . call ( " firewall-cmd-has-rule-enabled " ) ,
2020-01-01 15:02:53 +00:00
" sh -c 'type \" firewall-cmd \" ' " = > cmd . call ( " firewall-cmd " ) ,
2019-06-11 22:24:35 +00:00
" rpm -qia firewalld " = > cmd . call ( " pkg-info-firewalld " ) ,
" systemctl is-active sshd --quiet " = > empty . call ,
" systemctl is-active apache2 --quiet " = > empty . call ,
" systemctl is-enabled sshd --quiet " = > empty . call ,
" systemctl is-enabled apache2 --quiet " = > cmd_exit_1 . call ( " systemctl-is-enabled-apache2-stderr " ) ,
" systemctl is-active dbus --quiet " = > empty . call ,
" systemctl is-enabled dbus --quiet " = > empty . call ,
" /path/to/systemctl is-active sshd --quiet " = > empty . call ,
" /path/to/systemctl is-enabled sshd --quiet " = > empty . call ,
" /usr/sbin/service sshd status " = > empty . call ,
" /sbin/service sshd status " = > empty . call ,
" service apache2 status " = > cmd_exit_1 . call ,
2019-05-25 09:59:31 +00:00
'type "lsof"' = > empty . call ,
2019-06-11 22:24:35 +00:00
" test -f /etc/mysql/debian.cnf && cat /etc/mysql/debian.cnf " = > empty . call ,
2019-05-25 09:59:31 +00:00
# http resource - remote worker'
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "curl"' } = > cmd . call ( " sh-c-type-curl " ) ,
2019-06-11 22:24:35 +00:00
" curl -i -X GET --connect-timeout 60 --max-time 120 'http://www.example.com' " = > cmd . call ( " http-remote-no-options " ) ,
" curl -i -X GET --connect-timeout 60 --max-time 120 --location --max-redirs 1 'http://www.example.com' " = > cmd . call ( " http-remote-max-redirs " ) ,
" curl -i -X GET --connect-timeout 60 --max-time 120 --user 'user:pass' 'http://www.example.com' " = > cmd . call ( " http-remote-basic-auth " ) ,
" f77ebcedaf6fbe8f02d2f9d4735a90c12311d2ca4b43ece9efa2f2e396491747 " = > cmd . call ( " http-remote-post " ) ,
" curl -i -X GET --connect-timeout 60 --max-time 120 -H 'accept: application/json' -H 'foo: bar' 'http://www.example.com' " = > cmd . call ( " http-remote-headers " ) ,
" curl -i -X GET --connect-timeout 60 --max-time 120 'http://www.example.com?a=b&c=d' " = > cmd . call ( " http-remote-params " ) ,
" curl -i --head --connect-timeout 60 --max-time 120 'http://www.example.com' " = > cmd . call ( " http-remote-head-request " ) ,
" curl -i -X OPTIONS --connect-timeout 60 --max-time 120 -H 'Access-Control-Request-Method: GET' -H 'Access-Control-Request-Headers: origin, x-requested-with' -H 'Origin: http://www.example.com' 'http://www.example.com' " = > cmd . call ( " http-remote-options-request " ) ,
2019-05-25 09:59:31 +00:00
2020-10-16 18:01:38 +00:00
# http resource - windows
2021-12-03 08:20:21 +00:00
" \n $body = \n $Body = $body | ConvertFrom-Json \n # convert to hashtable \n $HashTable = @{} \n foreach ($property in $Body.PSObject.Properties) { \n $HashTable[$property.Name] = $property.Value \n } \n $response = Invoke-WebRequest -Method HEAD -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing \n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error " = > cmd . call ( " http-windows-remote-no-options " ) ,
" \n $body = \n $Body = $body | ConvertFrom-Json \n # convert to hashtable \n $HashTable = @{} \n foreach ($property in $Body.PSObject.Properties) { \n $HashTable[$property.Name] = $property.Value \n } \n $response = Invoke-WebRequest -Method GET -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing \n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error " = > cmd . call ( " http-windows-remote-head " ) ,
" \n $body = '{ \" a \" : \" 1 \" , \" b \" : \" five \" }' \n $Body = $body | ConvertFrom-Json \n # convert to hashtable \n $HashTable = @{} \n foreach ($property in $Body.PSObject.Properties) { \n $HashTable[$property.Name] = $property.Value \n } \n $response = Invoke-WebRequest -Method POST -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing \n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error " = > cmd . call ( " http-windows-remote-head " ) ,
2019-05-25 09:59:31 +00:00
# elasticsearch resource
2019-06-11 22:24:35 +00:00
" curl -H 'Content-Type: application/json' http://localhost:9200/_nodes " = > cmd . call ( " elasticsearch-cluster-nodes-default " ) ,
" curl -k -H 'Content-Type: application/json' http://localhost:9200/_nodes " = > cmd . call ( " elasticsearch-cluster-no-ssl " ) ,
" curl -H 'Content-Type: application/json' -u es_admin:password http://localhost:9200/_nodes " = > cmd . call ( " elasticsearch-cluster-auth " ) ,
" curl -H 'Content-Type: application/json' http://elasticsearch.mycompany.biz:1234/_nodes " = > cmd . call ( " elasticsearch-cluster-url " ) ,
2019-05-25 09:59:31 +00:00
# iis_app_pool resource
2019-06-11 22:24:35 +00:00
" Import-Module WebAdministration \n If (Test-Path 'IIS: \\ AppPools \\ DefaultAppPool') { \n Get-Item 'IIS: \\ AppPools \\ DefaultAppPool' | Select-Object * | ConvertTo-Json -Compress \n } Else { \n Write-Host '{}' \n } \n " = > cmd . call ( " iis-default-app-pool " ) ,
2019-05-25 09:59:31 +00:00
# iis_site resource
2019-06-11 22:24:35 +00:00
" Get-Website 'Default Web Site' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json " = > cmd . call ( " iis-default-web-site " ) ,
2019-05-25 09:59:31 +00:00
2019-06-11 22:24:35 +00:00
# security_policy resource calls
" Get-Content win_secpol-abc123.cfg " = > cmd . call ( " secedit-export " ) ,
" secedit /export /cfg win_secpol-abc123.cfg " = > cmd . call ( " success " ) ,
" Remove-Item win_secpol-abc123.cfg " = > cmd . call ( " success " ) ,
" (New-Object System.Security.Principal.SecurityIdentifier( \" S-1-5-32-544 \" )).Translate( [System.Security.Principal.NTAccount]).Value " = > cmd . call ( " security-policy-sid-translated " ) ,
" (New-Object System.Security.Principal.SecurityIdentifier( \" S-1-5-32-555 \" )).Translate( [System.Security.Principal.NTAccount]).Value " = > cmd . call ( " security-policy-sid-untranslated " ) ,
2019-05-25 09:59:31 +00:00
2021-08-30 07:17:03 +00:00
# Windows SID calls with CimInstance
" Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'Alice' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation " = > cmd . call ( " security-identifier-alice " ) ,
" Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'Bob' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation " = > cmd . call ( " security-identifier-unknown " ) ,
" Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'DontExist' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation " = > cmd . call ( " security-identifier-unknown " ) ,
" Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID | Where-Object { $_.Name -eq 'Guests' -and { $_.SIDType -eq 4 -or $_.SIDType -eq 5 } } | ConvertTo-Csv -NoTypeInformation " = > cmd . call ( " security-identifier-guests " ) ,
" Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID | Where-Object { $_.Name -eq 'DontExist' -and { $_.SIDType -eq 4 -or $_.SIDType -eq 5 } } | ConvertTo-Csv -NoTypeInformation " = > cmd . call ( " security-identifier-unknown " ) ,
2019-05-25 09:59:31 +00:00
# alpine package commands
2019-06-11 22:24:35 +00:00
" apk info -vv --no-network | grep git " = > cmd . call ( " apk-info-grep-git " ) ,
2021-12-13 10:32:17 +00:00
" apk list --no-network --installed " = > cmd . call ( " apk-info " ) ,
2021-12-21 11:10:54 +00:00
" apk info git " = > cmd . call ( " apk-info-cmd " ) ,
2019-05-25 09:59:31 +00:00
# filesystem command
2019-06-11 22:24:35 +00:00
" 2e7e0d4546342cee799748ec7e2b1c87ca00afbe590fa422a7c27371eefa88f0 " = > cmd . call ( " get-wmiobject-filesystem " ) ,
2022-02-08 08:34:22 +00:00
" /usr/sbin/sestatus " = > cmd . call ( " sestatus " ) ,
2021-04-09 10:11:36 +00:00
" sestatus " = > cmd . call ( " sestatus " ) ,
2021-04-16 14:37:06 +00:00
" semodule -lfull " = > cmd . call ( " semodule-lfull " ) ,
" semanage boolean -l -n " = > cmd . call ( " semanage-boolean " ) ,
2021-06-14 12:47:05 +00:00
" Get-ChildItem -Path \" C: \\ Program Files \\ MongoDB \\ Server \" -Name " = > cmd . call ( " mongodb-version " ) ,
2021-07-19 09:13:56 +00:00
" opa eval -i 'input.json' -d 'example.rego' 'data.example.allow' " = > cmd . call ( " opa-result " ) ,
2021-09-22 10:53:12 +00:00
" opa eval -i 'input.json' -d 'example.rego' 'data.example.voilation' " = > cmd . call ( " opa-empty-result " ) ,
2021-07-19 09:31:31 +00:00
" curl -X POST localhost:8181/v1/data/example/violation -d @v1-data-input.json -H 'Content-Type: application/json' " = > cmd . call ( " opa-api-result " ) ,
2021-09-22 10:53:12 +00:00
" curl -X POST localhost:8181/v1/data/example/violation -d @v1-data-input1.json -H 'Content-Type: application/json' " = > cmd . call ( " opa-api-empty-result " ) ,
2021-08-10 12:32:08 +00:00
2021-08-11 05:56:28 +00:00
# ibmdb2
2021-08-11 15:03:15 +00:00
" /opt/ibm/db2/V11.5/bin/db2 attach to db2inst1; /opt/ibm/db2/V11.5/bin/db2 get database manager configuration " = > cmd . call ( " ibmdb2_conf_output " ) ,
" /opt/ibm/db2/V11.5/bin/db2 attach to db2inst1; /opt/ibm/db2/V11.5/bin/db2 connect to sample; /opt/ibm/db2/V11.5/bin/db2 select rolename from syscat.roleauth; " = > cmd . call ( " ibmdb2_query_output " ) ,
2021-08-12 10:55:11 +00:00
" set-item -path env:DB2CLP -value \" **$$** \" ; db2 get database manager configuration " = > cmd . call ( " ibmdb2_conf_output " ) ,
2021-11-23 11:35:39 +00:00
" set-item -path env:DB2CLP -value \" **$$** \" ; db2 connect to sample; db2 \" select rolename from syscat.roleauth \" ; " = > cmd . call ( " ibmdb2_query_output " ) ,
2021-12-22 13:07:19 +00:00
# file resource windows inherit
" (Get-Acl 'C:/ExamlpeFolder').access| Where-Object {$_.IsInherited -eq $true} | measure | % { $_.Count } " = > cmd . call ( " windows_file_inherit_output " ) ,
2019-05-25 09:59:31 +00:00
}
2021-04-12 09:08:13 +00:00
if @platform && ( @platform [ :name ] == " windows " || @platform [ :name ] == " freebsd " )
mock_cmds . merge! (
2021-04-16 14:37:06 +00:00
" sestatus " = > empty . call ,
" semodule -lfull " = > empty . call ,
2021-04-22 07:22:50 +00:00
" semanage boolean -l -n " = > empty . call
2021-04-12 09:08:13 +00:00
)
end
2019-05-25 09:59:31 +00:00
# ports on linux
# allow the ss and/or netstat commands to exist so the later mock is called
2019-06-11 22:24:35 +00:00
if @platform && @platform [ :name ] == " alpine "
2019-05-25 09:59:31 +00:00
mock_cmds . merge! (
2019-06-11 22:24:35 +00:00
" ps --help " = > cmd_stderr . call ( " ps-help-busybox " ) ,
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "netstat"' } = > cmd_exit_1 . call ,
%{ sh -c 'type "ss"' } = > cmd_exit_1 . call ,
2019-07-09 00:20:30 +00:00
%{ which "ss" } = > cmd_exit_1 . call ,
%{ which "netstat" } = > empty . call ,
2019-06-11 22:24:35 +00:00
" netstat -tulpen " = > cmd . call ( " netstat-tulpen-busybox " )
2019-05-25 09:59:31 +00:00
)
else
mock_cmds . merge! (
2019-07-09 00:20:30 +00:00
" ps --help " = > empty . call ,
2020-01-01 15:02:53 +00:00
%{ sh -c 'type "ss"' } = > empty . call ,
%{ sh -c 'type "netstat"' } = > empty . call ,
2019-06-11 22:24:35 +00:00
" ss -tulpen " = > cmd . call ( " ss-tulpen " ) ,
2021-05-14 12:27:10 +00:00
" ss -tulpen '( dport = 22 or sport = 22 )' " = > cmd . call ( " ss-tulpen " ) ,
" ss -tulpen '( dport = 68 or sport = 68 )' " = > cmd . call ( " ss-tulpen " ) ,
" ss -tulpen '( dport = 9200 or sport = 9200 )' " = > cmd . call ( " ss-tulpen " ) ,
" ss -tulpen '( dport = 80 or sport = 80 )' " = > cmd . call ( " ss-tulpen " ) ,
2019-06-11 22:24:35 +00:00
" netstat -tulpen " = > cmd . call ( " netstat-tulpen " )
2019-05-25 09:59:31 +00:00
)
end
2021-05-15 06:48:39 +00:00
# zfs dynamic commands
2021-05-15 12:18:19 +00:00
if @platform && %w{ centos debian ubuntu amazon } . include? ( @platform [ :name ] )
2021-05-15 06:48:39 +00:00
mock_cmds . merge! (
# zfs output for dataset tank/tmp
%{ `which zfs` get -Hp all tank/tmp } = > cmd . call ( " zfs-get-all-tank-tmp " ) ,
# zfs output for pool tank
2021-05-15 12:18:19 +00:00
%{ `which zpool` get -Hp all tank } = > cmd . call ( " zpool-get-all-tank " )
2021-05-15 06:48:39 +00:00
)
end
2021-05-15 12:18:19 +00:00
if @platform && ! %w{ centos cloudlinux coreos debian freebsd ubuntu amazon } . include? ( @platform [ :name ] )
2021-05-15 06:48:39 +00:00
mock_cmds . delete ( " /sbin/zfs get -Hp all tank/tmp " )
mock_cmds . delete ( " /sbin/zpool get -Hp all tank " )
mock_cmds . delete ( " which zfs " )
mock_cmds . delete ( " which zpool " )
end
2021-07-27 17:45:30 +00:00
if @platform && ( @platform [ :name ] == " freebsd " && @platform [ :release ] . to_f > = 10 )
mock_cmds . merge! (
2021-10-05 18:01:15 +00:00
" service sendmail enabled " = > cmd . call ( " service-sendmail-enabled " )
2021-07-27 17:45:30 +00:00
)
end
2019-05-25 09:59:31 +00:00
mock . commands = mock_cmds
@backend
end
# loads a resource class and instantiates the class with the given arguments
def load_resource ( resource , * args )
# initialize resource with backend and parameters
@resource_class = Inspec :: Resource . registry [ resource ]
raise ArgumentError , " No resource #{ resource } " unless @resource_class
2019-07-09 00:20:30 +00:00
2019-05-25 09:59:31 +00:00
@resource = @resource_class . new ( backend , resource , * args )
end
def self . mock_os ( resource , name )
osinfo = OPERATING_SYSTEMS [ name ] ||
2019-06-11 22:24:35 +00:00
raise ( " Can't find operating system to mock: #{ name } " )
2019-05-25 09:59:31 +00:00
resource . inspec . backend . mock_os ( osinfo )
end
def self . mock_command ( resource , cmd , res = { } )
resource . inspec . backend
2019-07-09 00:20:30 +00:00
. mock_command ( cmd , res [ :stdout ] , res [ :stderr ] , res [ :exit_status ] )
2019-05-25 09:59:31 +00:00
end
2019-11-09 03:08:20 +00:00
def self . home # "home" of the repo (not test!)... I really dislike this name
2020-12-18 16:49:35 +00:00
File . expand_path " ../.. " , __dir__
2019-05-25 09:59:31 +00:00
end
def self . profile_path ( name )
dst = name
2019-11-09 03:08:20 +00:00
# TODO: raise if absolute path for name
dst = " #{ home } /test/fixtures/profiles/ #{ name } " unless ( Pathname . new name ) . absolute?
2019-05-25 09:59:31 +00:00
dst
end
def self . load_profile ( name , opts = { } )
2019-06-07 23:33:56 +00:00
require " inspec/profile "
2019-05-25 09:59:31 +00:00
opts [ :test_collector ] = Inspec :: RunnerMock . new
opts [ :backend ] = Inspec :: Backend . create ( Inspec :: Config . mock ( opts ) )
Inspec :: Profile . for_target ( profile_path ( name ) , opts )
end
def self . profile_tgz ( name )
2019-11-09 03:08:20 +00:00
path = File . join ( home , " test " , " fixtures " , " profiles " , name ) # TODO: refactor these paths
2019-05-25 09:59:31 +00:00
dst = File . join ( Dir . mktmpdir , " #{ name } .tar.gz " )
# generate relative paths
files = Dir . glob ( " #{ path } /**/* " )
relatives = files . map { | e | Pathname . new ( e ) . relative_path_from ( Pathname . new ( path ) ) . to_s }
2019-06-11 22:24:35 +00:00
require " inspec/archive/tar "
2019-05-25 09:59:31 +00:00
tag = Inspec :: Archive :: TarArchiveGenerator . new
tag . archive ( path , relatives , dst )
dst
end
def self . profile_zip ( name , opts = { } )
2019-11-09 03:08:20 +00:00
path = File . join ( home , " test " , " fixtures " , " profiles " , name )
2019-05-25 09:59:31 +00:00
dst = File . join ( Dir . mktmpdir , " #{ name } .zip " )
# rubyzip only works relative paths
files = Dir . glob ( " #{ path } /**/* " )
relatives = files . map { | e | Pathname . new ( e ) . relative_path_from ( Pathname . new ( path ) ) . to_s }
2019-06-11 22:24:35 +00:00
require " inspec/archive/zip "
2019-05-25 09:59:31 +00:00
zag = Inspec :: Archive :: ZipArchiveGenerator . new
zag . archive ( path , relatives , dst )
dst
end
end