2015-10-06 16:55:44 +00:00
|
|
|
|
# author: Dominik Richter
|
|
|
|
|
# author: Christoph Hartmann
|
2019-04-26 20:05:53 +00:00
|
|
|
|
|
2019-05-15 07:20:27 +00:00
|
|
|
|
##
|
|
|
|
|
# Do not add any code above this line.
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Do not add any other code to this code block. Simplecov and
|
|
|
|
|
# coveralls only until the next code block:
|
|
|
|
|
|
2015-09-04 18:24:38 +00:00
|
|
|
|
require 'simplecov'
|
2019-04-26 20:05:53 +00:00
|
|
|
|
require 'coveralls'
|
|
|
|
|
|
|
|
|
|
SimpleCov.formatters = SimpleCov::Formatter::MultiFormatter.new([
|
|
|
|
|
SimpleCov::Formatter::HTMLFormatter,
|
|
|
|
|
Coveralls::SimpleCov::Formatter
|
|
|
|
|
])
|
|
|
|
|
|
2015-09-04 18:24:38 +00:00
|
|
|
|
SimpleCov.start do
|
|
|
|
|
add_filter '/test/'
|
|
|
|
|
add_group 'Resources', 'lib/resources'
|
|
|
|
|
add_group 'Matchers', 'lib/matchers'
|
2015-10-26 03:04:18 +00:00
|
|
|
|
add_group 'Backends', 'lib/inspec/backend'
|
2015-09-04 18:24:38 +00:00
|
|
|
|
end
|
|
|
|
|
|
2019-05-15 07:20:27 +00:00
|
|
|
|
##
|
|
|
|
|
#
|
|
|
|
|
# Do not add any other code from here until the end of this code
|
|
|
|
|
# block.
|
|
|
|
|
#
|
|
|
|
|
# Before ANYTHING else happens, this must happen:
|
|
|
|
|
#
|
|
|
|
|
# 1) require minitest/autorun
|
|
|
|
|
# 2) alias describe to mt_describe
|
|
|
|
|
# 3) require rspec
|
|
|
|
|
# 4) disable_monkey_patching from rspec
|
|
|
|
|
# 5) alias mt_describe back to describe using change_global_dsl.
|
|
|
|
|
#
|
|
|
|
|
# Explanation: eventually, our tests get around to inspec/runner_rspec
|
|
|
|
|
# (and a few others), and they load rspec. When rspec loads, it
|
|
|
|
|
# creates it's own global `describe` method, overwriting minitest's.
|
|
|
|
|
# When you tell RSpec to disable_monkey_patching, instead of using
|
|
|
|
|
# remove_method, they use undef_method, which blocks access to our
|
|
|
|
|
# Kernel.describe. We then need to go back in and reactivate it in
|
|
|
|
|
# order for our tests to finish declaring their tests and eventually
|
|
|
|
|
# actually running.
|
|
|
|
|
#
|
|
|
|
|
# Before this, the tests would get to the point of loading rspec, then
|
|
|
|
|
# all subsequently loaded spec-style tests would just disappear into
|
|
|
|
|
# the aether. Differences in test load order created differences in
|
|
|
|
|
# test count and vast differences in test time (which should have been
|
|
|
|
|
# a clue that something was up--windows is just NOT THAT FAST).
|
|
|
|
|
#
|
|
|
|
|
# The OTHER way to fix this is to ban spec style tests in our
|
|
|
|
|
# codebase. This is a more rational approach but requires more work. I
|
|
|
|
|
# need these tests up and all running and dependable. We can make them
|
|
|
|
|
# right later.
|
|
|
|
|
|
|
|
|
|
require "minitest/autorun"
|
|
|
|
|
|
|
|
|
|
module Kernel
|
|
|
|
|
alias mt_describe describe
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
require "rspec"
|
|
|
|
|
|
|
|
|
|
RSpec.configure do |config|
|
|
|
|
|
config.disable_monkey_patching!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
RSpec::Core::DSL.change_global_dsl do
|
|
|
|
|
alias describe mt_describe
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# End of rspec vs minitest fight
|
|
|
|
|
########################################################################
|
|
|
|
|
|
2017-01-05 19:29:11 +00:00
|
|
|
|
require 'webmock/minitest'
|
2016-09-08 19:46:39 +00:00
|
|
|
|
require 'mocha/setup'
|
2016-02-17 10:17:43 +00:00
|
|
|
|
require 'fileutils'
|
2016-02-18 13:27:16 +00:00
|
|
|
|
require 'pathname'
|
|
|
|
|
require 'tempfile'
|
2016-02-22 12:41:12 +00:00
|
|
|
|
require 'tmpdir'
|
2016-02-17 11:02:28 +00:00
|
|
|
|
require 'zip'
|
2018-08-28 13:11:38 +00:00
|
|
|
|
require 'json'
|
2016-02-17 10:17:43 +00:00
|
|
|
|
|
2016-07-16 03:23:26 +00:00
|
|
|
|
require 'inspec/base_cli'
|
2016-03-16 18:47:27 +00:00
|
|
|
|
require 'inspec/version'
|
2017-05-05 13:04:02 +00:00
|
|
|
|
require 'inspec/exceptions'
|
2016-02-21 00:45:55 +00:00
|
|
|
|
require 'inspec/fetcher'
|
2016-02-21 11:39:07 +00:00
|
|
|
|
require 'inspec/source_reader'
|
2015-10-26 03:04:18 +00:00
|
|
|
|
require 'inspec/resource'
|
2018-09-18 04:00:54 +00:00
|
|
|
|
require 'resource_support/aws'
|
2018-02-08 09:06:58 +00:00
|
|
|
|
require 'inspec/reporters'
|
2015-10-26 03:04:18 +00:00
|
|
|
|
require 'inspec/backend'
|
2015-10-26 21:57:34 +00:00
|
|
|
|
require 'inspec/profile'
|
2016-02-17 10:17:43 +00:00
|
|
|
|
require 'inspec/runner'
|
|
|
|
|
require 'inspec/runner_mock'
|
2018-09-07 03:28:08 +00:00
|
|
|
|
require 'inspec/globals'
|
2018-09-13 18:14:05 +00:00
|
|
|
|
require 'inspec/impact'
|
2019-01-08 22:12:42 +00:00
|
|
|
|
require 'inspec/config'
|
2016-03-17 22:00:55 +00:00
|
|
|
|
require 'fetchers/mock'
|
2018-08-28 13:11:38 +00:00
|
|
|
|
require 'inspec/dependencies/cache'
|
2016-03-17 22:00:55 +00:00
|
|
|
|
|
2018-10-04 18:31:39 +00:00
|
|
|
|
require_relative '../lib/bundles/inspec-supermarket'
|
2017-02-22 13:36:42 +00:00
|
|
|
|
|
2016-03-17 22:00:55 +00:00
|
|
|
|
require 'train'
|
2017-12-06 20:18:38 +00:00
|
|
|
|
CMD = Train.create('local', command_runner: :generic).connection
|
2016-03-17 22:00:55 +00:00
|
|
|
|
TMP_CACHE = {}
|
2015-09-03 15:33:19 +00:00
|
|
|
|
|
2017-06-15 16:10:47 +00:00
|
|
|
|
Inspec::Log.logger = Logger.new(nil)
|
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
class MockLoader
|
2016-01-29 20:54:48 +00:00
|
|
|
|
# collects emulation operating systems
|
|
|
|
|
OPERATING_SYSTEMS = {
|
2017-10-06 17:32:39 +00:00
|
|
|
|
alpine: { name: 'alpine', family: 'alpine', release: '3.6.2', arch: 'x86_64' },
|
2016-08-03 17:18:24 +00:00
|
|
|
|
arch: { name: 'arch', family: 'arch', release: nil, arch: nil },
|
|
|
|
|
centos5: { name: 'centos', family: 'redhat', release: '5.11', arch: 'x86_64' },
|
|
|
|
|
centos6: { name: 'centos', family: 'redhat', release: '6.6', arch: 'x86_64' },
|
|
|
|
|
centos7: { name: 'centos', family: 'redhat', release: '7.1.1503', arch: 'x86_64' },
|
2018-08-22 19:58:38 +00:00
|
|
|
|
cloudlinux: { name: 'cloudlinux', family: 'redhat', release: '7.4', arch: 'x86_64' },
|
2017-06-15 17:19:58 +00:00
|
|
|
|
coreos: { name: 'coreos', family: 'coreos', release: '1437.0.0', arch: 'x86_64' },
|
2016-08-03 17:18:24 +00:00
|
|
|
|
debian6: { name: 'debian', family: 'debian', release: '6', arch: 'x86_64' },
|
|
|
|
|
debian7: { name: 'debian', family: 'debian', release: '7', arch: 'x86_64' },
|
|
|
|
|
debian8: { name: 'debian', family: 'debian', release: '8', arch: 'x86_64' },
|
|
|
|
|
freebsd9: { name: 'freebsd', family: 'freebsd', release: '9', arch: 'amd64' },
|
|
|
|
|
freebsd10: { name: 'freebsd', family: 'freebsd', release: '10', arch: 'amd64' },
|
|
|
|
|
osx104: { name: 'mac_os_x',family: 'darwin', release: '10.10.4', arch: nil },
|
|
|
|
|
ubuntu1204: { name: 'ubuntu', family: 'debian', release: '12.04', arch: 'x86_64' },
|
|
|
|
|
ubuntu1404: { name: 'ubuntu', family: 'debian', release: '14.04', arch: 'x86_64' },
|
|
|
|
|
ubuntu1504: { name: 'ubuntu', family: 'debian', release: '15.04', arch: 'x86_64' },
|
2017-02-03 20:42:55 +00:00
|
|
|
|
ubuntu1604: { name: 'ubuntu', family: 'debian', release: '16.04', arch: 'x86_64' },
|
2016-10-08 21:03:59 +00:00
|
|
|
|
mint17: { name: 'linuxmint', family: 'debian', release: '17.3', arch: 'x86_64' },
|
|
|
|
|
mint18: { name: 'linuxmint', family: 'debian', release: '18', arch: 'x86_64' },
|
2016-08-03 17:18:24 +00:00
|
|
|
|
windows: { name: 'windows', family: 'windows', release: '6.2.9200', arch: 'x86_64' },
|
|
|
|
|
wrlinux: { name: 'wrlinux', family: 'redhat', release: '7.0(3)I2(2)', arch: 'x86_64' },
|
|
|
|
|
solaris11: { name: "solaris", family: 'solaris', release: '11', arch: 'i386'},
|
|
|
|
|
solaris10: { name: "solaris", family: 'solaris', release: '10', arch: 'i386'},
|
|
|
|
|
hpux: { name: 'hpux', family: 'hpux', release: 'B.11.31', arch: 'ia64'},
|
2017-10-10 08:54:18 +00:00
|
|
|
|
aix: { name: 'aix', family: 'aix', release: '7.2', arch: 'powerpc' },
|
2018-04-19 17:00:39 +00:00
|
|
|
|
amazon: { name: 'amazon', family: 'redhat', release: '2015.03', arch: 'x86_64' },
|
|
|
|
|
amazon2: { name: 'amazon', family: 'redhat', release: '2', arch: 'x86_64' },
|
2016-08-03 17:18:24 +00:00
|
|
|
|
undefined: { name: nil, family: nil, release: nil, arch: nil },
|
2016-01-29 20:54:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
# pass the os identifier to emulate a specific operating system
|
|
|
|
|
def initialize(os = nil)
|
|
|
|
|
# selects operating system
|
2017-12-04 20:31:06 +00:00
|
|
|
|
@platform = OPERATING_SYSTEMS[os || :ubuntu1404]
|
2015-09-22 16:31:21 +00:00
|
|
|
|
end
|
2015-09-06 18:24:25 +00:00
|
|
|
|
|
2015-10-05 21:22:13 +00:00
|
|
|
|
def backend
|
|
|
|
|
return @backend if defined?(@backend)
|
2015-09-22 16:31:21 +00:00
|
|
|
|
scriptpath = ::File.realpath(::File.dirname(__FILE__))
|
2015-09-06 18:24:25 +00:00
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
# create mock backend
|
2019-01-08 22:12:42 +00:00
|
|
|
|
@backend = Inspec::Backend.create(Inspec::Config.mock)
|
2015-10-14 21:44:15 +00:00
|
|
|
|
mock = @backend.backend
|
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
# create all mock files
|
2017-12-06 20:18:38 +00:00
|
|
|
|
local = Train.create('local', command_runner: :generic).connection
|
2017-12-04 20:31:06 +00:00
|
|
|
|
|
|
|
|
|
# set os emulation
|
|
|
|
|
mock.mock_os(@platform)
|
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
mockfile = lambda { |x|
|
|
|
|
|
path = ::File.join(scriptpath, '/unit/mock/files', x)
|
|
|
|
|
local.file(path)
|
|
|
|
|
}
|
2015-10-09 13:07:58 +00:00
|
|
|
|
mockdir = lambda { |x|
|
|
|
|
|
md = Object.new
|
2015-10-09 17:55:16 +00:00
|
|
|
|
|
|
|
|
|
class << md
|
|
|
|
|
attr_accessor :isdir
|
|
|
|
|
end
|
|
|
|
|
md.isdir = x
|
|
|
|
|
|
2015-10-09 13:07:58 +00:00
|
|
|
|
def md.directory?
|
2015-10-09 17:55:16 +00:00
|
|
|
|
isdir
|
2015-10-09 13:07:58 +00:00
|
|
|
|
end
|
|
|
|
|
md
|
|
|
|
|
}
|
2017-10-06 13:41:48 +00:00
|
|
|
|
emptyfile = lambda {
|
|
|
|
|
mockfile.call('emptyfile')
|
|
|
|
|
}
|
2015-10-09 13:07:58 +00:00
|
|
|
|
|
2015-10-05 21:22:13 +00:00
|
|
|
|
mock.files = {
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'/proc/net/bonding/bond0' => mockfile.call('bond0'),
|
|
|
|
|
'/etc/ssh/ssh_config' => mockfile.call('ssh_config'),
|
|
|
|
|
'/etc/ssh/sshd_config' => mockfile.call('sshd_config'),
|
2017-10-06 13:41:48 +00:00
|
|
|
|
'/etc/ssh/sshd_config_does_not_exist' => mockfile.call('sshd_config_does_not_exist'),
|
|
|
|
|
'/etc/ssh/sshd_config_empty' => emptyfile.call,
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'/etc/passwd' => mockfile.call('passwd'),
|
2016-02-19 11:48:43 +00:00
|
|
|
|
'/etc/shadow' => mockfile.call('shadow'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'/etc/ntp.conf' => mockfile.call('ntp.conf'),
|
|
|
|
|
'/etc/login.defs' => mockfile.call('login.defs'),
|
|
|
|
|
'/etc/security/limits.conf' => mockfile.call('limits.conf'),
|
|
|
|
|
'/etc/inetd.conf' => mockfile.call('inetd.conf'),
|
2015-10-06 11:47:34 +00:00
|
|
|
|
'/etc/group' => mockfile.call('etcgroup'),
|
2015-12-22 03:38:49 +00:00
|
|
|
|
'/etc/grub.conf' => mockfile.call('grub.conf'),
|
2018-01-18 21:20:48 +00:00
|
|
|
|
'/boot/grub2/grub.cfg' => mockfile.call('grub2.cfg'),
|
|
|
|
|
'/boot/grub2/grubenv' => mockfile.call('grubenv'),
|
|
|
|
|
'/boot/grub2/grubenv_invalid' => mockfile.call('grubenv_invalid'),
|
|
|
|
|
'/etc/default/grub' => mockfile.call('grub_defaults'),
|
|
|
|
|
'/etc/default/grub_with_saved' => mockfile.call('grub_defaults_with_saved'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'/etc/audit/auditd.conf' => mockfile.call('auditd.conf'),
|
|
|
|
|
'/etc/mysql/my.cnf' => mockfile.call('mysql.conf'),
|
|
|
|
|
'/etc/mysql/mysql2.conf' => mockfile.call('mysql2.conf'),
|
2017-04-05 14:09:03 +00:00
|
|
|
|
'/etc/rabbitmq/rabbitmq.config' => mockfile.call('rabbitmq.config'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'kitchen.yml' => mockfile.call('kitchen.yml'),
|
|
|
|
|
'example.csv' => mockfile.call('example.csv'),
|
|
|
|
|
'policyfile.lock.json' => mockfile.call('policyfile.lock.json'),
|
2016-12-15 13:00:56 +00:00
|
|
|
|
'nonexistent.json' => mockfile.call('nonexistent.json'),
|
2015-10-09 13:07:58 +00:00
|
|
|
|
'/sys/class/net/br0/bridge' => mockdir.call(true),
|
2015-11-24 12:06:31 +00:00
|
|
|
|
'rootwrap.conf' => mockfile.call('rootwrap.conf'),
|
2015-12-04 07:59:44 +00:00
|
|
|
|
'/etc/apache2/apache2.conf' => mockfile.call('apache2.conf'),
|
|
|
|
|
'/etc/apache2/ports.conf' => mockfile.call('ports.conf'),
|
2016-09-03 01:55:28 +00:00
|
|
|
|
'/etc/httpd/conf/httpd.conf' => mockfile.call('httpd.conf'),
|
|
|
|
|
'/etc/httpd/conf.d/ssl.conf' => mockfile.call('ssl.conf'),
|
2016-09-09 17:16:42 +00:00
|
|
|
|
'/etc/httpd/mods-enabled/status.conf' => mockfile.call('status.conf'),
|
2017-02-24 05:13:22 +00:00
|
|
|
|
'/etc/httpd/conf-enabled/security.conf' => mockfile.call('security.conf'),
|
2015-12-04 07:59:44 +00:00
|
|
|
|
'/etc/apache2/conf-enabled/serve-cgi-bin.conf' => mockfile.call('serve-cgi-bin.conf'),
|
2017-02-24 05:13:22 +00:00
|
|
|
|
'/etc/apache2/conf-enabled/security.conf' => mockfile.call('security.conf'),
|
2017-06-26 13:37:41 +00:00
|
|
|
|
'/etc/nginx/failed.conf' => mockfile.call('nginx_failed.conf'),
|
|
|
|
|
'/etc/nginx/nginx.conf' => mockfile.call('nginx.conf'),
|
|
|
|
|
'/etc/nginx/proxy.conf' => mockfile.call('nginx_proxy.conf'),
|
|
|
|
|
'/etc/nginx/conf/mime.types' => mockfile.call('nginx_mime.types'),
|
2017-09-15 20:37:57 +00:00
|
|
|
|
'/etc/nginx/conf.d/foobar.conf' => mockfile.call('nginx_confd_foobar.conf'),
|
|
|
|
|
'/etc/nginx/conf.d/multiple.conf' => mockfile.call('nginx_confd_multiple.conf'),
|
2018-05-03 13:53:20 +00:00
|
|
|
|
'/etc/nginx/quotes.d/example.conf' => mockfile.call('nginx_quotesd_example.conf'),
|
2016-02-26 12:19:16 +00:00
|
|
|
|
'/etc/xinetd.conf' => mockfile.call('xinetd.conf'),
|
|
|
|
|
'/etc/xinetd.d' => mockfile.call('xinetd.d'),
|
|
|
|
|
'/etc/xinetd.d/chargen-stream' => mockfile.call('xinetd.d_chargen-stream'),
|
|
|
|
|
'/etc/xinetd.d/chargen-dgram' => mockfile.call('xinetd.d_chargen-dgram'),
|
2017-01-31 12:37:43 +00:00
|
|
|
|
'/etc/xinetd.d/echo' => mockfile.call('xinetd.d_echo'),
|
2016-08-05 10:07:14 +00:00
|
|
|
|
'/etc/sysctl.conf' => mockfile.call('sysctl.conf'),
|
2017-01-03 17:51:39 +00:00
|
|
|
|
'/etc/postgresql/9.4/main/postgresql.conf' => mockfile.call('postgresql.conf'),
|
2017-03-15 23:57:31 +00:00
|
|
|
|
# Test certificate/key for x509_certificate using RSA keys in PEM format
|
|
|
|
|
'test_certificate.rsa.crt.pem' => mockfile.call('test_certificate.rsa.crt.pem'),
|
|
|
|
|
'test_certificate.rsa.key.pem' => mockfile.call('test_certificate.rsa.key.pem'),
|
|
|
|
|
'test_ca_public.key.pem' => mockfile.call('test_ca_public.key.pem'),
|
2017-04-04 14:34:09 +00:00
|
|
|
|
# Test DH parameters, 2048 bit long safe prime, generator 2 for dh_params in PEM format
|
|
|
|
|
'dh_params.dh_pem' => mockfile.call('dh_params.dh_pem'),
|
2017-06-15 20:54:12 +00:00
|
|
|
|
'default.toml' => mockfile.call('default.toml'),
|
2017-08-31 07:56:14 +00:00
|
|
|
|
'default.xml' => mockfile.call('default.xml'),
|
2018-01-16 22:26:39 +00:00
|
|
|
|
'database.xml' => mockfile.call('database.xml'),
|
2017-07-03 18:13:51 +00:00
|
|
|
|
'/test/path/to/postgres/pg_hba.conf' => mockfile.call('pg_hba.conf'),
|
2017-07-03 18:01:40 +00:00
|
|
|
|
'/etc/postgresql/9.5/main/pg_ident.conf' => mockfile.call('pg_ident.conf'),
|
|
|
|
|
'C:/etc/postgresql/9.5/main/pg_ident.conf' => mockfile.call('pg_ident.conf'),
|
|
|
|
|
'/etc/postgresql/9.5/main' => mockfile.call('9.5.main'),
|
|
|
|
|
'/var/lib/postgresql/9.5/main' => mockfile.call('var.9.5.main'),
|
2017-08-31 13:51:39 +00:00
|
|
|
|
'/etc/hosts' => mockfile.call('hosts'),
|
|
|
|
|
'C:\windows\system32\drivers\etc\hosts' => mockfile.call('hosts'),
|
2017-09-11 13:55:03 +00:00
|
|
|
|
'/etc/fstab' => mockfile.call('fstab'),
|
|
|
|
|
'fstab_no_home' => mockfile.call('fstab_no_home'),
|
|
|
|
|
'fstab_one_mount' => mockfile.call('fstab_one_mount'),
|
2017-08-25 20:13:43 +00:00
|
|
|
|
'/etc/aide.conf' => mockfile.call('aide.conf'),
|
2017-06-28 10:21:15 +00:00
|
|
|
|
'/var/lib/fake_rpmdb' => mockdir.call(true),
|
|
|
|
|
'/var/lib/rpmdb_does_not_exist' => mockdir.call(false),
|
2017-09-21 16:21:34 +00:00
|
|
|
|
'/etc/init/ssh.conf' => mockfile.call('upstart_ssh_enabled.conf'),
|
2017-09-25 17:49:04 +00:00
|
|
|
|
'/etc/hosts.allow' => mockfile.call('hosts.allow'),
|
|
|
|
|
'/etc/hosts.deny' => mockfile.call('hosts.deny'),
|
2017-10-17 12:49:26 +00:00
|
|
|
|
'/fakepath/fakefile' => emptyfile.call,
|
|
|
|
|
'C:/fakepath/fakefile' => emptyfile.call,
|
Allow crontab resource to read crontab at user specified paths. (#2328)
* add a emulated /etc/cron.d/crondotd file to the mocking system.
* test that we handle incoming paths correctly by rendering to_s.
* We take in both users and a path, so lets call that destination.
* To make the test pass we'll determine if we are dealing with a path or
a user and return the correct string.
* we will need the ability to determine if we are dealing with a path when either calling the crontab command or reading the file directly, so break that out into a path? method.
* remove author field.
* test contents of our crondotd file.
* we have to explicitly make @destination a String to use include?.
* when we get a path we use inspec.file to get conents, otherwise we run the crontab command.
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add documentation for example usage with file path.
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Make path? and path_or_user private methods
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add missing username filed to crondotd mock file
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Pass argument as a hash when testing file paths
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Expected results should include usernames when testing file paths
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add special string `@yearly` test to crondotd mock file
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add user to existing cron tests
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Rubocop says I need spaces after/before curly brackets
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add user to crondotd file tests and add @yearly test
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Modify initialize to take options hash and be backwards compatible.
Change initialize default argument to create a hash by default, though
it is still possible to pass in a 'user' string argument.
@user gets set with the argument value unless its a hash, in which case
it tries to set the value of the user key, otherwise it becomes nil.
@file gets set with the value of the path key, unless it doesn't exist
in which case it becomes nil.
All hash keys are symbolized to ensure consistent access.
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Check if @path is nil to determine if we run crontab command or parse
file.
path? was removed as we're not overloading a @destination variable
anymore.
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* if @user is nil assume current user otherwise crontab for @user
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Change to complete if rather than ternary.
We have three possible cases, current user, other user, or file path.
This accounts for all of them.
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add user to the crontab FilterTable
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Remove path? and path_or_user
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Move crontab parsing to two methods, parse_user_crontab and
parse_system_crontab
Because a command in a crontab file could have spaces we must parse user
and system crontabs differently.
When we parse user crontabs the user field will either be nil, or the requested user.
Both user and path parsers handle special strings (@yearly, @weekly,
etc). And also account for position of user in these files (or adds it
in user case)
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Update examples with user: and path:
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Add spaces after : in example docs
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Disable rubocop ClassLength check
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Moved rubocop ClassLength metric next to class instead of above the
module.
Remove unnecessary braces.
Add is_system_crontab? and is_user_crontab helper methods and use them.
Add tests to see if error conditions are raised when the resource is
invoked with missing parameters (user, or path), and on a unsupported
os.
Change initialize to group all hash functions together and raise errors
when user and path is unset. Also raise errors on unsupported operating
systems.
Change order of ternary and use is_system_crontab? rather than
@path.nil?
Signed-off-by: Miah Johnson <miah@chia-pet.org>
2017-12-07 12:50:07 +00:00
|
|
|
|
'/etc/cron.d/crondotd' => mockfile.call('crondotd'),
|
2019-01-12 23:44:36 +00:00
|
|
|
|
'/missing_file' => emptyfile.call,
|
2015-09-22 16:31:21 +00:00
|
|
|
|
}
|
2015-09-03 15:33:19 +00:00
|
|
|
|
|
2015-09-22 16:31:21 +00:00
|
|
|
|
# create all mock commands
|
|
|
|
|
cmd = lambda {|x|
|
|
|
|
|
stdout = ::File.read(::File.join(scriptpath, '/unit/mock/cmd/'+x))
|
2015-10-14 21:44:15 +00:00
|
|
|
|
mock.mock_command('', stdout, '', 0)
|
2015-09-22 16:31:21 +00:00
|
|
|
|
}
|
2015-10-08 10:11:55 +00:00
|
|
|
|
|
2018-10-04 18:06:17 +00:00
|
|
|
|
cmd_stderr = lambda { |x = nil|
|
|
|
|
|
stderr = x.nil? ? '' : File.read(File.join(scriptpath, 'unit/mock/cmd', x))
|
|
|
|
|
mock.mock_command('', '', stderr, 1)
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-08 10:11:55 +00:00
|
|
|
|
empty = lambda {
|
2015-10-14 21:44:15 +00:00
|
|
|
|
mock.mock_command('', '', '', 0)
|
2015-10-08 10:11:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-23 20:34:47 +00:00
|
|
|
|
cmd_exit_1 = lambda { |x = nil|
|
|
|
|
|
stderr = x.nil? ? '' : File.read(File.join(scriptpath, 'unit/mock/cmd', x))
|
|
|
|
|
mock.mock_command('', '', stderr, 1)
|
|
|
|
|
}
|
2017-06-28 10:21:15 +00:00
|
|
|
|
|
2018-09-26 02:40:05 +00:00
|
|
|
|
mock_cmds = {
|
2017-10-17 12:49:26 +00:00
|
|
|
|
'' => empty.call,
|
|
|
|
|
'sh -c \'find /no/such/mock -type f -maxdepth 1\'' => empty.call,
|
|
|
|
|
'type "brew"' => empty.call,
|
|
|
|
|
'bash -c \'type "pip"\'' => empty.call,
|
|
|
|
|
'bash -c \'type "/test/path/pip"\'' => empty.call,
|
2017-10-25 14:14:29 +00:00
|
|
|
|
'bash -c \'type "Rscript"\'' => empty.call,
|
2017-10-25 14:01:26 +00:00
|
|
|
|
'bash -c \'type "perl"\'' => empty.call,
|
2018-06-21 01:27:53 +00:00
|
|
|
|
'bash -c \'type "/sbin/auditctl"\'' => empty.call,
|
2019-01-12 23:39:35 +00:00
|
|
|
|
'bash -c \'type "sql"\'' => cmd_exit_1.call,
|
2018-03-29 15:57:15 +00:00
|
|
|
|
'type "pwsh"' => empty.call,
|
2017-10-17 12:49:26 +00:00
|
|
|
|
'type "netstat"' => empty.call,
|
|
|
|
|
'sh -c \'find /etc/apache2/ports.conf -type l -maxdepth 1\'' => empty.call,
|
|
|
|
|
'sh -c \'find /etc/httpd/conf.d/*.conf -type l -maxdepth 1\'' => empty.call,
|
|
|
|
|
'sh -c \'find /etc/httpd/mods-enabled/*.conf -type l -maxdepth 1\'' => empty.call,
|
|
|
|
|
'sh -c \'find /etc/httpd/conf-enabled/*.conf -type f -maxdepth 1\'' => empty.call,
|
|
|
|
|
'find /sys/class/net/eth1/ -maxdepth 1 -type f -exec sh -c \'echo "[$(basename {})]"; cat {} || echo -n\' \;' => empty.call,
|
|
|
|
|
'Get-Package -Name \'Not available\' | ConvertTo-Json' => empty.call,
|
2016-10-17 14:23:50 +00:00
|
|
|
|
'ps axo pid,pcpu,pmem,vsz,rss,tty,stat,start,time,user,command' => cmd.call('ps-axo'),
|
|
|
|
|
'ps axo label,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,user:32,command' => cmd.call('ps-axoZ'),
|
2017-10-06 17:32:39 +00:00
|
|
|
|
'ps -o pid,vsz,rss,tty,stat,time,ruser,args' => cmd.call('ps-busybox'),
|
2015-11-13 10:53:21 +00:00
|
|
|
|
'env' => cmd.call('env'),
|
2016-05-11 07:42:22 +00:00
|
|
|
|
'${Env:PATH}' => cmd.call('$env-PATH'),
|
2016-09-05 10:12:34 +00:00
|
|
|
|
# registry key test using winrm 2.0
|
2018-03-26 19:44:31 +00:00
|
|
|
|
'9417f24311a9dcd90f1b1734080a2d4c6516ec8ff2d452a2328f68eb0ed676cf' => cmd.call('reg_schedule'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'Auditpol /get /subcategory:\'User Account Management\' /r' => cmd.call('auditpol'),
|
|
|
|
|
'/sbin/auditctl -l' => cmd.call('auditctl'),
|
2016-01-29 09:03:17 +00:00
|
|
|
|
'/sbin/auditctl -s' => cmd.call('auditctl-s'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'yum -v repolist all' => cmd.call('yum-repolist-all'),
|
|
|
|
|
'dpkg -s curl' => cmd.call('dpkg-s-curl'),
|
2017-08-18 15:29:23 +00:00
|
|
|
|
'dpkg -s held-package' => cmd.call('dpkg-s-held-package'),
|
2018-05-31 16:11:41 +00:00
|
|
|
|
'rpm -qi curl' => cmd.call('rpm-qi-curl'),
|
|
|
|
|
'rpm -qi --dbpath /var/lib/fake_rpmdb curl' => cmd.call('rpm-qi-curl'),
|
|
|
|
|
'rpm -qi --dbpath /var/lib/rpmdb_does_not_exist curl' => cmd_exit_1.call,
|
2015-09-23 13:49:19 +00:00
|
|
|
|
'pacman -Qi curl' => cmd.call('pacman-qi-curl'),
|
2017-01-02 16:51:43 +00:00
|
|
|
|
'brew info --json=v1 curl' => cmd.call('brew-info--json-v1-curl'),
|
2018-02-23 14:01:14 +00:00
|
|
|
|
'brew info --json=v1 nginx' => cmd.call('brew-info--json-v1-nginx'),
|
|
|
|
|
'brew info --json=v1 nope' => cmd_exit_1.call,
|
2017-09-13 12:41:09 +00:00
|
|
|
|
'/usr/local/bin/brew info --json=v1 curl' => cmd.call('brew-info--json-v1-curl'),
|
2017-04-04 19:35:40 +00:00
|
|
|
|
'gem list --local -a -q ^not-installed$' => cmd.call('gem-list-local-a-q-not-installed'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'gem list --local -a -q ^rubocop$' => cmd.call('gem-list-local-a-q-rubocop'),
|
2017-03-25 05:28:42 +00:00
|
|
|
|
'/opt/ruby-2.3.1/embedded/bin/gem list --local -a -q ^pry$' => cmd.call('gem-list-local-a-q-pry'),
|
|
|
|
|
'/opt/chef/embedded/bin/gem list --local -a -q ^chef-sugar$' => cmd.call('gem-list-local-a-q-chef-sugar'),
|
2017-04-12 15:22:58 +00:00
|
|
|
|
'c:\opscode\chef\embedded\bin\gem.bat list --local -a -q ^json$' => cmd.call('gem-list-local-a-q-json'),
|
2017-03-25 05:28:42 +00:00
|
|
|
|
'/opt/opscode/embedded/bin/gem list --local -a -q ^knife-backup$' => cmd.call('gem-list-local-a-q-knife-backup'),
|
2018-06-01 08:52:46 +00:00
|
|
|
|
'npm -g ls --json bower' => cmd.call('npm-g-ls--json-bower'),
|
|
|
|
|
'cd /path/to/project && npm ls --json bower' => cmd.call('npm-ls--json-bower'),
|
2017-10-25 14:14:29 +00:00
|
|
|
|
"Rscript -e 'packageVersion(\"DBI\")'" => cmd.call('r-print-version'),
|
|
|
|
|
"Rscript -e 'packageVersion(\"DoesNotExist\")'" => cmd.call('r-print-version-not-installed'),
|
2017-10-25 14:01:26 +00:00
|
|
|
|
"perl -le 'eval \"require $ARGV[0]\" and print $ARGV[0]->VERSION or exit 1' DBD::Pg" => cmd.call('perl-print-version'),
|
2018-01-23 20:34:47 +00:00
|
|
|
|
"perl -le 'eval \"require $ARGV[0]\" and print $ARGV[0]->VERSION or exit 1' DOES::Not::Exist" => cmd_exit_1.call,
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'pip show jinja2' => cmd.call('pip-show-jinja2'),
|
2017-08-30 20:04:22 +00:00
|
|
|
|
'pip show django' => cmd.call('pip-show-django'),
|
|
|
|
|
'/test/path/pip show django' => cmd.call('pip-show-non-standard-django'),
|
2015-10-02 09:09:47 +00:00
|
|
|
|
"Get-Package -Name 'Mozilla Firefox' | ConvertTo-Json" => cmd.call('get-package-firefox'),
|
|
|
|
|
"Get-Package -Name 'Ruby 2.1.6-p336-x64' | ConvertTo-Json" => cmd.call('get-package-ruby'),
|
2018-04-05 12:54:27 +00:00
|
|
|
|
'Get-Command "choco"' => empty.call,
|
|
|
|
|
'bash -c \'type "choco"\'' => cmd_exit_1.call,
|
|
|
|
|
'(choco list --local-only --exact --include-programs --limit-output \'nssm\') -Replace "\|", "=" | ConvertFrom-StringData | ConvertTo-JSON' => cmd.call('choco-list-nssm'),
|
|
|
|
|
'(choco list --local-only --exact --include-programs --limit-output \'git\') -Replace "\|", "=" | ConvertFrom-StringData | ConvertTo-JSON' => empty.call,
|
2016-08-31 15:56:23 +00:00
|
|
|
|
"New-Object -Type PSObject | Add-Member -MemberType NoteProperty -Name Service -Value (Get-Service -Name 'dhcp'| Select-Object -Property Name, DisplayName, Status) -PassThru | Add-Member -MemberType NoteProperty -Name WMI -Value (Get-WmiObject -Class Win32_Service | Where-Object {$_.Name -eq 'dhcp' -or $_.DisplayName -eq 'dhcp'} | Select-Object -Property StartMode) -PassThru | ConvertTo-Json" => cmd.call('get-service-dhcp'),
|
2018-03-29 17:01:59 +00:00
|
|
|
|
"New-Object -Type PSObject | Add-Member -MemberType NoteProperty -Name Pip -Value (Invoke-Command -ScriptBlock {where.exe pip}) -PassThru | Add-Member -MemberType NoteProperty -Name Python -Value (Invoke-Command -ScriptBlock {where.exe python}) -PassThru | ConvertTo-Json" => cmd.call('get-windows-pip-package'),
|
2018-07-25 20:00:06 +00:00
|
|
|
|
"Get-WindowsFeature | Where-Object {$_.Name -eq 'DHCP' -or $_.DisplayName -eq 'DHCP'} | Select-Object -Property Name,DisplayName,Description,Installed,InstallState | ConvertTo-Json" => cmd.call('get-windows-feature'),
|
|
|
|
|
"Get-WindowsFeature | Where-Object {$_.Name -eq 'IIS-WebServer' -or $_.DisplayName -eq 'IIS-WebServer'} | Select-Object -Property Name,DisplayName,Description,Installed,InstallState | ConvertTo-Json" => cmd_exit_1.call('get-windows-feature-iis-webserver'),
|
|
|
|
|
"dism /online /get-featureinfo /featurename:IIS-WebServer" => cmd.call('dism-iis-webserver'),
|
2015-09-22 16:31:21 +00:00
|
|
|
|
'lsmod' => cmd.call('lsmod'),
|
|
|
|
|
'/sbin/sysctl -q -n net.ipv4.conf.all.forwarding' => cmd.call('sbin_sysctl'),
|
2015-09-25 09:51:21 +00:00
|
|
|
|
# ports on windows
|
2016-08-12 13:18:43 +00:00
|
|
|
|
'Get-NetTCPConnection -state Listen | Select-Object -Property State, Caption, Description, LocalAddress, LocalPort, RemoteAddress, RemotePort, DisplayName, Status | ConvertTo-Json' => cmd.call('get-net-tcpconnection'),
|
|
|
|
|
'netstat -anbo | Select-String -CaseSensitive -pattern "^\s+UDP|\s+LISTENING\s+\d+$" -context 0,1' => cmd.call('netstat-anbo-pipe-select-string-pattern.utf8'),
|
2016-01-06 19:14:36 +00:00
|
|
|
|
# lsof formatted list of ports (should be quite cross platform)
|
2015-12-23 21:45:41 +00:00
|
|
|
|
'lsof -nP -i -FpctPn' => cmd.call('lsof-nP-i-FpctPn'),
|
2015-09-25 09:51:21 +00:00
|
|
|
|
# ports on freebsd
|
2015-09-23 13:24:46 +00:00
|
|
|
|
'sockstat -46l' => cmd.call('sockstat'),
|
2017-10-10 08:54:18 +00:00
|
|
|
|
# ports on aix
|
|
|
|
|
'netstat -Aan | grep LISTEN' => cmd.call('netstat-aan'),
|
|
|
|
|
'rmsock f0000000000000001 tcpcb' => cmd.call('rmsock-f0001'),
|
|
|
|
|
'rmsock f0000000000000002 tcpcb' => cmd.call('rmsock-f0002'),
|
2015-09-25 09:51:21 +00:00
|
|
|
|
# packages on windows
|
2018-11-27 18:21:25 +00:00
|
|
|
|
'f7718ece69188bb19cd458e2aeab0a8d968f3d40ac2f4199e21cc976f8db5ef6' => cmd.call('get-item-property-package'),
|
2015-09-25 09:51:21 +00:00
|
|
|
|
# service status upstart on ubuntu
|
2015-09-23 20:32:31 +00:00
|
|
|
|
'initctl status ssh' => cmd.call('initctl-status-ssh'),
|
2016-02-05 11:01:33 +00:00
|
|
|
|
# upstart version on ubuntu
|
|
|
|
|
'initctl --version' => cmd.call('initctl--version'),
|
2015-09-25 09:51:21 +00:00
|
|
|
|
# show ssh service Centos 7
|
2018-11-13 19:33:08 +00:00
|
|
|
|
'systemctl show --no-pager --all sshd' => cmd.call('systemctl-show-all-sshd'),
|
|
|
|
|
'systemctl show --no-pager --all apache2' => cmd.call('systemctl-show-all-apache2'),
|
|
|
|
|
'/path/to/systemctl show --no-pager --all sshd' => cmd.call('systemctl-show-all-sshd'),
|
|
|
|
|
'systemctl show --no-pager --all dbus' => cmd.call('systemctl-show-all-dbus'),
|
|
|
|
|
'/path/to/systemctl show --no-pager --all dbus' => cmd.call('systemctl-show-all-dbus'),
|
2015-09-25 10:51:12 +00:00
|
|
|
|
# services on macos
|
|
|
|
|
'launchctl list' => cmd.call('launchctl-list'),
|
2015-09-25 10:53:40 +00:00
|
|
|
|
# services on freebsd 10
|
|
|
|
|
'service -e' => cmd.call('service-e'),
|
|
|
|
|
'service sendmail onestatus' => cmd.call('service-sendmail-onestatus'),
|
2015-09-25 10:58:03 +00:00
|
|
|
|
# services for system 5 e.g. centos6, debian 6
|
|
|
|
|
'service sshd status' => cmd.call('service-sshd-status'),
|
2017-11-02 14:03:51 +00:00
|
|
|
|
'find /etc/rc*.d /etc/init.d/rc*.d -name "S*"' => cmd.call('find-etc-rc-d-name-S'),
|
2015-09-25 10:58:03 +00:00
|
|
|
|
'ls -1 /etc/init.d/' => cmd.call('ls-1-etc-init.d'),
|
2015-10-05 09:21:25 +00:00
|
|
|
|
# user information for linux
|
|
|
|
|
'id root' => cmd.call('id-root'),
|
|
|
|
|
'getent passwd root' => cmd.call('getent-passwd-root'),
|
2015-10-08 09:44:56 +00:00
|
|
|
|
'chage -l root' => cmd.call('chage-l-root'),
|
2015-11-24 15:18:55 +00:00
|
|
|
|
# user information for ldap test
|
|
|
|
|
'id jfolmer' => cmd.call('id-jfolmer'),
|
|
|
|
|
'getent passwd jfolmer' => cmd.call('getent-passwd-jfolmer'),
|
|
|
|
|
'chage -l jfolmer' => cmd.call('chage-l-root'),
|
2015-10-05 09:21:25 +00:00
|
|
|
|
# user info for mac
|
|
|
|
|
'id chartmann' => cmd.call('id-chartmann'),
|
|
|
|
|
'dscl -q . -read /Users/chartmann NFSHomeDirectory PrimaryGroupID RecordName UniqueID UserShell' => cmd.call('dscl'),
|
|
|
|
|
# user info for freebsd
|
|
|
|
|
'pw usershow root -7' => cmd.call('pw-usershow-root-7'),
|
2016-02-09 10:05:36 +00:00
|
|
|
|
# user info for windows (winrm 1.6.0, 1.6.1)
|
2017-04-20 14:02:21 +00:00
|
|
|
|
'27c6cda89fa5d196506251c0ed0d20468b378c5689711981dc1e1e683c7b02c1' => cmd.call('adsiusers'),
|
2015-10-07 10:04:48 +00:00
|
|
|
|
# group info for windows
|
2018-05-31 17:37:44 +00:00
|
|
|
|
'4020573097e910a573e22e8863c4faa434f52910a45714606cad1fb8b060d9e9' => cmd.call('adsigroups'),
|
2017-12-20 15:57:45 +00:00
|
|
|
|
# group info for Darwin
|
|
|
|
|
'dscacheutil -q group' => cmd.call('dscacheutil-query-group'),
|
2015-10-08 10:11:55 +00:00
|
|
|
|
# network interface
|
2017-05-29 19:04:03 +00:00
|
|
|
|
'fddd70e8b8510f5fcc0413cfdc41598c55d6922bb2a0a4075e2118633a0bf422' => cmd.call('find-net-interface'),
|
2015-10-08 10:11:55 +00:00
|
|
|
|
'c33821dece09c8b334e03a5bb9daefdf622007f73af4932605e758506584ec3f' => empty.call,
|
2019-03-18 22:53:51 +00:00
|
|
|
|
'/sbin/ip -br -4 address show dev eth0' => cmd.call('interface-addresses-4'),
|
|
|
|
|
'/sbin/ip -br -6 address show dev eth0' => cmd.call('interface-addresses-6'),
|
2015-10-08 11:01:09 +00:00
|
|
|
|
'Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json' => cmd.call('Get-NetAdapter'),
|
2019-03-18 22:53:51 +00:00
|
|
|
|
'Get-NetIPAddress | Select-Object -Property IPv6Address, IPv4Address, InterfaceAlias, PrefixLength | ConvertTo-Json' => cmd.call('Get-NetIPAddress'),
|
2015-10-09 13:26:59 +00:00
|
|
|
|
# bridge on linux
|
2015-10-09 13:07:58 +00:00
|
|
|
|
'ls -1 /sys/class/net/br0/brif/' => cmd.call('ls-sys-class-net-br'),
|
2015-10-09 13:26:59 +00:00
|
|
|
|
# bridge on Windows
|
|
|
|
|
'Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter | Select-Object -Property Name, InterfaceDescription | ConvertTo-Json' => cmd.call('get-netadapter-binding-bridge'),
|
2015-10-09 17:21:55 +00:00
|
|
|
|
# host for Windows
|
|
|
|
|
'Resolve-DnsName –Type A microsoft.com | ConvertTo-Json' => cmd.call('Resolve-DnsName'),
|
2017-06-09 16:18:51 +00:00
|
|
|
|
'Test-NetConnection -ComputerName microsoft.com -WarningAction SilentlyContinue| Select-Object -Property ComputerName, TcpTestSucceeded, PingSucceeded | ConvertTo-Json' => cmd.call('Test-NetConnection'),
|
2015-10-09 17:55:06 +00:00
|
|
|
|
# host for Linux
|
2017-07-11 19:32:52 +00:00
|
|
|
|
'getent ahosts example.com' => cmd.call('getent-ahosts-example.com'),
|
2015-10-09 17:55:06 +00:00
|
|
|
|
'ping -w 1 -c 1 example.com' => cmd.call('ping-example.com'),
|
2017-04-13 15:32:04 +00:00
|
|
|
|
# host for Darwin
|
|
|
|
|
'host -t AAAA example.com' => cmd.call('host-AAAA-example.com'),
|
|
|
|
|
'ping -W 1 -c 1 example.com' => cmd.call('ping-example.com'),
|
2015-10-10 17:54:00 +00:00
|
|
|
|
# apt
|
|
|
|
|
"find /etc/apt/ -name *.list -exec sh -c 'cat {} || echo -n' \\;" => cmd.call('etc-apt'),
|
2015-10-12 08:32:14 +00:00
|
|
|
|
# iptables
|
2018-03-06 13:56:15 +00:00
|
|
|
|
'/usr/sbin/iptables -S' => cmd.call('iptables-s'),
|
|
|
|
|
%{bash -c 'type "/usr/sbin/iptables"'} => empty.call,
|
2015-12-04 07:59:44 +00:00
|
|
|
|
# apache_conf
|
2017-09-23 07:17:34 +00:00
|
|
|
|
"sh -c 'find /etc/apache2/ports.conf -type f -maxdepth 1'" => cmd.call('find-apache2-ports-conf'),
|
|
|
|
|
"sh -c 'find /etc/httpd/conf.d/*.conf -type f -maxdepth 1'" => cmd.call('find-httpd-ssl-conf'),
|
|
|
|
|
"sh -c 'find /etc/httpd/mods-enabled/*.conf -type f -maxdepth 1'" => cmd.call('find-httpd-status-conf'),
|
|
|
|
|
"sh -c 'find /etc/httpd/conf-enabled/*.conf -type l -maxdepth 1'" => cmd.call('find-httpd-conf-enabled-link'),
|
|
|
|
|
"sh -c 'find /etc/apache2/conf-enabled/*.conf -type f -maxdepth 1'" => cmd.call('find-apache2-conf-enabled'),
|
|
|
|
|
"sh -c 'find /etc/apache2/conf-enabled/*.conf -type l -maxdepth 1'" => cmd.call('find-apache2-conf-enabled-link'),
|
|
|
|
|
"sh -c 'find /etc/nginx/nginx.conf'" => cmd.call('find-nginx-conf'),
|
|
|
|
|
"sh -c 'find /etc/nginx/conf/mime.types'" => cmd.call('find-nginx-mime-types'),
|
|
|
|
|
"sh -c 'find /etc/nginx/proxy.conf'" => cmd.call('find-nginx-proxy-conf'),
|
|
|
|
|
"sh -c 'find /etc/nginx/conf.d/*.conf'" => cmd.call('find-nginx-confd-multiple-conf'),
|
2018-05-03 13:53:20 +00:00
|
|
|
|
"sh -c 'find /etc/nginx/quotes.d/*.conf'" => cmd.call('find-nginx-quotesd-example-conf'),
|
2015-12-31 00:10:06 +00:00
|
|
|
|
# mount
|
|
|
|
|
"mount | grep -- ' on /'" => cmd.call("mount"),
|
2016-01-02 23:01:26 +00:00
|
|
|
|
"mount | grep -- ' on /mnt/iso-disk'" => cmd.call("mount-multiple"),
|
2017-11-01 11:01:21 +00:00
|
|
|
|
"mount | grep -- ' on /mnt/Research & Development'" => cmd.call("mount-whitespaces"),
|
2016-01-28 13:47:46 +00:00
|
|
|
|
# solaris 10 package manager
|
|
|
|
|
'pkginfo -l SUNWzfsr' => cmd.call('pkginfo-l-SUNWzfsr'),
|
|
|
|
|
# solaris 11 package manager
|
|
|
|
|
'pkg info system/file-system/zfs' => cmd.call('pkg-info-system-file-system-zfs'),
|
2017-02-13 13:13:22 +00:00
|
|
|
|
# dpkg-query all packages
|
2018-01-26 07:57:34 +00:00
|
|
|
|
"dpkg-query -W -f='${db:Status-Abbrev} ${Package} ${Version} ${Architecture}\\n'" => cmd.call('dpkg-query-W'),
|
2017-02-13 13:13:22 +00:00
|
|
|
|
# rpm query all packages
|
2018-01-26 07:57:34 +00:00
|
|
|
|
"rpm -qa --queryformat '%{NAME} %{VERSION}-%{RELEASE} %{ARCH}\\n'" => cmd.call('rpm-qa-queryformat'),
|
2016-01-28 13:47:46 +00:00
|
|
|
|
# port netstat on solaris 10 & 11
|
|
|
|
|
'netstat -an -f inet -f inet6' => cmd.call('s11-netstat-an-finet-finet6'),
|
2016-02-26 12:19:16 +00:00
|
|
|
|
# xinetd configuration
|
|
|
|
|
'find /etc/xinetd.d -type f' => cmd.call('find-xinetd.d'),
|
2016-03-19 17:50:32 +00:00
|
|
|
|
# wmi test
|
2016-09-05 10:12:34 +00:00
|
|
|
|
"2979ebeb80a475107d85411f109209a580ccf569071b3dc7acff030b8635c6b9" => cmd.call('get-wmiobject'),
|
2016-04-21 08:31:56 +00:00
|
|
|
|
#user info on hpux
|
|
|
|
|
"logins -x -l root" => cmd.call('logins-x'),
|
|
|
|
|
#packages on hpux
|
2016-05-03 09:00:59 +00:00
|
|
|
|
"swlist -l product | grep vim" => cmd.call('swlist-l-product'),
|
|
|
|
|
# ipv4 ports on hpux
|
2016-05-03 16:08:39 +00:00
|
|
|
|
'netstat -an -f inet' => cmd.call('hpux-netstat-inet'),
|
2016-05-03 09:00:59 +00:00
|
|
|
|
#ipv6 ports on hpux
|
2016-05-03 16:08:39 +00:00
|
|
|
|
'netstat -an -f inet6' => cmd.call('hpux-netstat-inet6'),
|
2016-09-09 08:30:41 +00:00
|
|
|
|
# hostname linux
|
|
|
|
|
'hostname' => cmd.call('hostname'),
|
|
|
|
|
# hostname windows
|
|
|
|
|
'$env:computername' => cmd.call('$env-computername'),
|
2017-09-25 17:09:22 +00:00
|
|
|
|
# windows_hotfix windows
|
2017-10-18 11:24:11 +00:00
|
|
|
|
'get-hotfix -id KB4019215' => cmd.call('kb4019215'),
|
2017-09-25 17:09:22 +00:00
|
|
|
|
# windows_hotfix windows doesn't exist
|
2017-10-18 11:24:11 +00:00
|
|
|
|
'get-hotfix -id KB9999999' => empty.call(),
|
2016-11-18 23:32:52 +00:00
|
|
|
|
# windows_task doesnt exist
|
|
|
|
|
"schtasks /query /v /fo csv /tn 'does-not-exist' | ConvertFrom-Csv | Select @{N='URI';E={$_.TaskName}},@{N='State';E={$_.Status.ToString()}},'Logon Mode','Last Result','Task To Run','Run As User','Scheduled Task State' | ConvertTo-Json -Compress" => cmd.call('schtasks-error'),
|
|
|
|
|
# windows_task exist
|
|
|
|
|
"schtasks /query /v /fo csv /tn 'WeLovePizza' | ConvertFrom-Csv | Select @{N='URI';E={$_.TaskName}},@{N='State';E={$_.Status.ToString()}},'Logon Mode','Last Result','Task To Run','Run As User','Scheduled Task State' | ConvertTo-Json -Compress" => cmd.call('schtasks-success'),
|
2017-02-09 19:28:06 +00:00
|
|
|
|
'modinfo -F version dhcp' => cmd.call('modinfo-f-version-dhcp'),
|
|
|
|
|
# crontab display for root / current user
|
|
|
|
|
'crontab -l' => cmd.call('crontab-root'),
|
|
|
|
|
# crontab display for non-current user
|
2017-02-22 17:29:49 +00:00
|
|
|
|
'crontab -l -u foouser' => cmd.call('crontab-foouser'),
|
2017-05-23 17:02:32 +00:00
|
|
|
|
# crontab display for special time strings
|
|
|
|
|
'crontab -l -u special' => cmd.call('crontab-special'),
|
2017-06-04 20:03:04 +00:00
|
|
|
|
# zfs output for dataset tank/tmp
|
|
|
|
|
'/sbin/zfs get -Hp all tank/tmp' => cmd.call('zfs-get-all-tank-tmp'),
|
|
|
|
|
# zfs output for pool tank
|
|
|
|
|
'/sbin/zpool get -Hp all tank' => cmd.call('zpool-get-all-tank'),
|
2017-04-24 14:47:03 +00:00
|
|
|
|
# docker
|
2017-06-26 19:45:03 +00:00
|
|
|
|
"4f8e24022ea8b7d3b117041ec32e55d9bf08f11f4065c700e7c1dc606c84fd17" => cmd.call('docker-ps-a'),
|
2019-01-29 21:56:20 +00:00
|
|
|
|
"b40ed61c006b54f155b28a85dc944dc0352b30222087b47c6279568ec0e59d05" => cmd.call('df-t'),
|
2017-04-24 14:47:03 +00:00
|
|
|
|
"docker version --format '{{ json . }}'" => cmd.call('docker-version'),
|
|
|
|
|
"docker info --format '{{ json . }}'" => cmd.call('docker-info'),
|
|
|
|
|
"docker inspect 71b5df59442b" => cmd.call('docker-inspec'),
|
|
|
|
|
# docker images
|
|
|
|
|
"83c36bfade9375ae1feb91023cd1f7409b786fd992ad4013bf0f2259d33d6406" => cmd.call('docker-images'),
|
2018-01-23 20:30:14 +00:00
|
|
|
|
# docker services
|
|
|
|
|
%{docker service ls --format '{"ID": {{json .ID}}, "Name": {{json .Name}}, "Mode": {{json .Mode}}, "Replicas": {{json .Replicas}}, "Image": {{json .Image}}, "Ports": {{json .Ports}}}'} => cmd.call('docker-service-ls'),
|
2018-08-09 12:20:32 +00:00
|
|
|
|
# docker plugins
|
|
|
|
|
%{docker plugin ls --format '{"id": {{json .ID}}, "name": "{{ with split .Name ":"}}{{index . 0}}{{end}}", "version": "{{ with split .Name ":"}}{{index . 1}}{{end}}", "enabled": {{json .Enabled}} }'} => cmd.call('docker-plugin-ls'),
|
2017-07-05 09:41:44 +00:00
|
|
|
|
# modprobe for kernel_module
|
|
|
|
|
"modprobe --showconfig" => cmd.call('modprobe-config'),
|
2017-06-04 20:03:04 +00:00
|
|
|
|
# get-process cmdlet for processes resource
|
2017-06-09 16:18:51 +00:00
|
|
|
|
'$Proc = Get-Process -IncludeUserName | Where-Object {$_.Path -ne $null } | Select-Object PriorityClass,Id,CPU,PM,VirtualMemorySize,NPM,SessionId,Responding,StartTime,TotalProcessorTime,UserName,Path | ConvertTo-Csv -NoTypeInformation;$Proc.Replace("""","").Replace("`r`n","`n")' => cmd.call('get-process_processes'),
|
2018-03-07 13:39:27 +00:00
|
|
|
|
# host resource: TCP/UDP reachability check on linux
|
|
|
|
|
%{bash -c 'type "nc"'} => empty.call,
|
|
|
|
|
%{bash -c 'type "ncat"'} => empty.call,
|
|
|
|
|
%{bash -c 'type "timeout"'} => empty.call,
|
|
|
|
|
%{strings `which bash` | grep -qE '/dev/(tcp|udp)/'} => empty.call,
|
|
|
|
|
%{echo | nc -v -w 1 -u example.com 1234} => empty.call,
|
|
|
|
|
%{echo | nc -v -w 1 example.com 1234} => empty.call,
|
|
|
|
|
'timeout 1 bash -c "< /dev/tcp/example.com/1234"' => empty.call,
|
|
|
|
|
'timeout 1 bash -c "< /dev/udp/example.com/1234"' => empty.call,
|
2017-06-09 16:18:51 +00:00
|
|
|
|
# host resource: netcat for TCP reachability check on darwin
|
2018-03-07 13:39:27 +00:00
|
|
|
|
'type "nc"' => empty.call,
|
|
|
|
|
'type "ncat"' => empty.call,
|
|
|
|
|
'type "gtimeout"' => empty.call,
|
|
|
|
|
'nc -vz -G 1 example.com 1234' => empty.call,
|
|
|
|
|
'gtimeout 1 bash -c "< /dev/tcp/example.com/1234"' => empty.call,
|
|
|
|
|
'gtimeout 1 bash -c "< /dev/udp/example.com/1234"' => empty.call,
|
2017-06-09 16:18:51 +00:00
|
|
|
|
# host resource: test-netconnection for reachability check on windows
|
|
|
|
|
'Test-NetConnection -ComputerName microsoft.com -WarningAction SilentlyContinue -RemotePort 1234| Select-Object -Property ComputerName, TcpTestSucceeded, PingSucceeded | ConvertTo-Json' => cmd.call('Test-NetConnection'),
|
2017-07-03 18:01:40 +00:00
|
|
|
|
# postgres tests
|
|
|
|
|
%q(bash -c 'type "psql"') => cmd.call('bash -c type psql'),
|
|
|
|
|
%q(psql --version | awk '{ print $NF }' | awk -F. '{ print $1"."$2 }') => cmd.call('psql-version'),
|
2017-06-29 15:01:32 +00:00
|
|
|
|
# mssql tests
|
|
|
|
|
"bash -c 'type \"sqlcmd\"'" => cmd.call('mssql-sqlcmd'),
|
2018-01-16 22:04:00 +00:00
|
|
|
|
"cb0efcd12206e9690c21ac631a72be9dd87678aa048e6dae16b8e9353ab6dd64" => cmd.call('mssql-getdate'),
|
2018-05-31 17:47:28 +00:00
|
|
|
|
"7109e5d809058cd3e9cad108e21e91234d2638db4a4f81fadfde21e071a423dc" => cmd.call('mssql-getdate'),
|
|
|
|
|
"5c2bc0f0568d11451d6cf83aff02ee3d47211265b52b6c5d45f8e57290b35082" => cmd.call('mssql-getdate'),
|
|
|
|
|
"148af1d7706d9cf81097f66d5b891ddfca719445d60fa582befad118f51b9d92" => cmd.call('mssql-getdate'),
|
|
|
|
|
"9a1dfd9e403053efb1fd1970a77a241e5c7a9eae34e6f6c56904fa8189bc2e45" => cmd.call('mssql-getdate'),
|
2018-01-16 22:04:00 +00:00
|
|
|
|
"e8bece33e9d550af1fc81a5bc1c72b647b3810db3e567ee9f30feb81f4e3b700" => cmd.call('mssql-getdate'),
|
|
|
|
|
"53d201ff1cfb8867b79200177b8e2e99dedb700c5fbe15e43820011d7e8b941f" => cmd.call('mssql-getdate'),
|
2018-05-31 17:47:28 +00:00
|
|
|
|
"4b550bb227058ac5851aa0bc946be794ee46489610f17842700136cf8bb5a0e9" => cmd.call('mssql-getdate'),
|
2018-01-16 22:04:00 +00:00
|
|
|
|
"7d1a7a0f2bd1e7da9a6904e1f28981146ec01a0323623e12a8579d30a3960a79" => cmd.call('mssql-result'),
|
2017-06-29 15:01:32 +00:00
|
|
|
|
# oracle
|
|
|
|
|
"bash -c 'type \"sqlplus\"'" => cmd.call('oracle-cmd'),
|
2018-07-09 17:57:45 +00:00
|
|
|
|
"1998da5bc0f09bd5258fad51f45447556572b747f631661831d6fcb49269a448" => cmd.call('oracle-result'),
|
2017-09-13 12:15:09 +00:00
|
|
|
|
# nginx mock cmd
|
|
|
|
|
%{nginx -V 2>&1} => cmd.call('nginx-v'),
|
|
|
|
|
%{/usr/sbin/nginx -V 2>&1} => cmd.call('nginx-v'),
|
|
|
|
|
%{bash -c 'type "/usr/sbin/nginx"'} => cmd.call('bash-c-type-nginx'),
|
|
|
|
|
# needed for two differnt inspec.command call formats
|
2017-07-05 14:45:30 +00:00
|
|
|
|
# host resource: dig commands,
|
2017-09-27 12:05:35 +00:00
|
|
|
|
"dig +short A example.com" => cmd.call('dig-A-example.com'),
|
|
|
|
|
"dig +short AAAA example.com" => cmd.call('dig-AAAA-example.com'),
|
|
|
|
|
# firewalld resource
|
|
|
|
|
'firewall-cmd --get-zones' => cmd.call('firewall-cmd--get-zones'),
|
|
|
|
|
'firewall-cmd --get-default-zone' => cmd.call('firewall-cmd--get-default-zone'),
|
|
|
|
|
'firewall-cmd --get-active-zones' => cmd.call('firewall-cmd--get-active-zones'),
|
|
|
|
|
'firewall-cmd --state' => cmd.call('firewall-cmd--state'),
|
|
|
|
|
'firewall-cmd --zone=public --query-service=ssh' => cmd.call('firewall-cmd--service-enabled-in-zone'),
|
|
|
|
|
'firewall-cmd --zone=public --query-port=22/udp' => cmd.call('firewall-cmd-has-port-enabled-in-zone'),
|
|
|
|
|
"firewall-cmd --zone=public --query-rich-rule='rule family=ipv4 source address=192.168.0.14 accept'" => cmd.call('firewall-cmd-has-rule-enabled'),
|
|
|
|
|
'firewall-cmd --zone=public --service=ssh --get-ports --permanent' => cmd.call('firewall-cmd-service-ports-enabled-in-zone'),
|
|
|
|
|
'firewall-cmd --zone=public --service=ssh --get-protocols --permanent' => cmd.call('firewall-cmd-service-protocols-enabled-in-zone'),
|
|
|
|
|
'firewall-cmd --zone=public --list-services' => cmd.call('firewall-cmd-services-bound'),
|
|
|
|
|
'firewall-cmd --zone=default --list-services' => cmd.call('firewall-cmd-services-bound'),
|
|
|
|
|
'firewall-cmd --zone=public --list-sources' => cmd.call('firewall-cmd-sources-bound'),
|
|
|
|
|
'firewall-cmd --zone=default --list-sources' => cmd.call('firewall-cmd-sources-bound'),
|
|
|
|
|
'firewall-cmd --zone=public --query-rich-rule=rule family=ipv4 source address=192.168.0.14 accept' => cmd.call('firewall-cmd-has-rule-enabled'),
|
|
|
|
|
"bash -c 'type \"firewall-cmd\"'" => cmd.call('firewall-cmd'),
|
|
|
|
|
'rpm -qia firewalld' => cmd.call('pkg-info-firewalld'),
|
2017-08-14 17:07:16 +00:00
|
|
|
|
'systemctl is-active sshd --quiet' => empty.call,
|
2018-01-23 20:34:47 +00:00
|
|
|
|
'systemctl is-active apache2 --quiet' => empty.call,
|
2017-08-14 17:07:16 +00:00
|
|
|
|
'systemctl is-enabled sshd --quiet' => empty.call,
|
2018-01-23 20:34:47 +00:00
|
|
|
|
'systemctl is-enabled apache2 --quiet' => cmd_exit_1.call('systemctl-is-enabled-apache2-stderr'),
|
2017-08-14 17:07:16 +00:00
|
|
|
|
'systemctl is-active dbus --quiet' => empty.call,
|
|
|
|
|
'systemctl is-enabled dbus --quiet' => empty.call,
|
|
|
|
|
'/path/to/systemctl is-active sshd --quiet' => empty.call,
|
|
|
|
|
'/path/to/systemctl is-enabled sshd --quiet' => empty.call,
|
|
|
|
|
'/usr/sbin/service sshd status' => empty.call,
|
|
|
|
|
'/sbin/service sshd status' => empty.call,
|
2018-01-23 20:34:47 +00:00
|
|
|
|
'service apache2 status' => cmd_exit_1.call,
|
2017-08-14 17:07:16 +00:00
|
|
|
|
'type "lsof"' => empty.call,
|
2019-01-12 23:30:04 +00:00
|
|
|
|
'test -f /etc/mysql/debian.cnf && cat /etc/mysql/debian.cnf' => empty.call,
|
2017-10-04 20:44:09 +00:00
|
|
|
|
# http resource - remote worker'
|
2017-10-20 21:28:48 +00:00
|
|
|
|
%{bash -c 'type "curl"'} => cmd.call('bash-c-type-curl'),
|
2017-11-09 10:11:19 +00:00
|
|
|
|
"curl -i -X GET --connect-timeout 60 --max-time 120 'http://www.example.com'" => cmd.call('http-remote-no-options'),
|
2018-10-13 06:14:17 +00:00
|
|
|
|
"curl -i -X GET --connect-timeout 60 --max-time 120 --location --max-redirs 1 'http://www.example.com'" => cmd.call('http-remote-max-redirs'),
|
2017-11-09 10:11:19 +00:00
|
|
|
|
"curl -i -X GET --connect-timeout 60 --max-time 120 --user 'user:pass' 'http://www.example.com'" => cmd.call('http-remote-basic-auth'),
|
|
|
|
|
'f77ebcedaf6fbe8f02d2f9d4735a90c12311d2ca4b43ece9efa2f2e396491747' => cmd.call('http-remote-post'),
|
|
|
|
|
"curl -i -X GET --connect-timeout 60 --max-time 120 -H 'accept: application/json' -H 'foo: bar' 'http://www.example.com'" => cmd.call('http-remote-headers'),
|
2017-11-16 17:16:23 +00:00
|
|
|
|
"curl -i -X GET --connect-timeout 60 --max-time 120 'http://www.example.com?a=b&c=d'" => cmd.call('http-remote-params'),
|
2017-11-27 17:17:39 +00:00
|
|
|
|
"curl -i --head --connect-timeout 60 --max-time 120 'http://www.example.com'" => cmd.call('http-remote-head-request'),
|
2018-02-27 17:59:53 +00:00
|
|
|
|
"curl -i -X OPTIONS --connect-timeout 60 --max-time 120 -H 'Access-Control-Request-Method: GET' -H 'Access-Control-Request-Headers: origin, x-requested-with' -H 'Origin: http://www.example.com' 'http://www.example.com'" => cmd.call('http-remote-options-request'),
|
2017-10-20 21:28:48 +00:00
|
|
|
|
|
|
|
|
|
# elasticsearch resource
|
|
|
|
|
"curl -H 'Content-Type: application/json' http://localhost:9200/_nodes" => cmd.call('elasticsearch-cluster-nodes-default'),
|
|
|
|
|
"curl -k -H 'Content-Type: application/json' http://localhost:9200/_nodes" => cmd.call('elasticsearch-cluster-no-ssl'),
|
|
|
|
|
"curl -H 'Content-Type: application/json' -u es_admin:password http://localhost:9200/_nodes" => cmd.call('elasticsearch-cluster-auth'),
|
|
|
|
|
"curl -H 'Content-Type: application/json' http://elasticsearch.mycompany.biz:1234/_nodes" => cmd.call('elasticsearch-cluster-url'),
|
2018-08-09 13:19:49 +00:00
|
|
|
|
# iis_app_pool resource
|
2019-02-28 05:42:20 +00:00
|
|
|
|
"Import-Module WebAdministration\nIf (Test-Path 'IIS:\\AppPools\\DefaultAppPool') {\n Get-Item 'IIS:\\AppPools\\DefaultAppPool' | Select-Object * | ConvertTo-Json -Compress\n} Else {\n Write-Host '{}'\n}\n" => cmd.call('iis-default-app-pool'),
|
2018-01-23 20:31:57 +00:00
|
|
|
|
|
2018-11-08 18:42:59 +00:00
|
|
|
|
# iis_site resource
|
|
|
|
|
"Get-Website 'Default Web Site' | Select-Object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json" => cmd.call('iis-default-web-site'),
|
|
|
|
|
|
2018-01-23 20:31:57 +00:00
|
|
|
|
#security_policy resource calls
|
|
|
|
|
'Get-Content win_secpol-abc123.cfg' => cmd.call('secedit-export'),
|
|
|
|
|
'secedit /export /cfg win_secpol-abc123.cfg' => cmd.call('success'),
|
|
|
|
|
'Remove-Item win_secpol-abc123.cfg' => cmd.call('success'),
|
|
|
|
|
"(New-Object System.Security.Principal.SecurityIdentifier(\"S-1-5-32-544\")).Translate( [System.Security.Principal.NTAccount]).Value" => cmd.call('security-policy-sid-translated'),
|
|
|
|
|
"(New-Object System.Security.Principal.SecurityIdentifier(\"S-1-5-32-555\")).Translate( [System.Security.Principal.NTAccount]).Value" => cmd.call('security-policy-sid-untranslated'),
|
2018-07-19 19:07:36 +00:00
|
|
|
|
|
2018-10-19 13:01:00 +00:00
|
|
|
|
# Windows SID calls
|
|
|
|
|
'wmic useraccount where \'Name="Alice"\' get Name","SID /format:csv' => cmd.call('security-identifier-alice'),
|
|
|
|
|
'wmic useraccount where \'Name="Bob"\' get Name","SID /format:csv' => cmd.call('security-identifier-unknown'),
|
|
|
|
|
'wmic useraccount where \'Name="DontExist"\' get Name","SID /format:csv' => cmd.call('security-identifier-unknown'),
|
|
|
|
|
'wmic group where \'Name="Guests"\' get Name","SID /format:csv' => cmd.call('security-identifier-guests'),
|
|
|
|
|
'wmic group where \'Name="DontExist"\' get Name","SID /format:csv' => cmd.call('security-identifier-unknown'),
|
|
|
|
|
|
2018-07-25 19:57:51 +00:00
|
|
|
|
# alpine package commands
|
|
|
|
|
'apk info -vv --no-network | grep git' => cmd.call('apk-info-grep-git'),
|
2018-11-19 18:32:59 +00:00
|
|
|
|
|
|
|
|
|
# filesystem command
|
2019-02-01 05:39:52 +00:00
|
|
|
|
'2e7e0d4546342cee799748ec7e2b1c87ca00afbe590fa422a7c27371eefa88f0' => cmd.call('get-wmiobject-filesystem'),
|
2017-06-04 20:03:04 +00:00
|
|
|
|
}
|
2018-09-26 02:40:05 +00:00
|
|
|
|
|
|
|
|
|
# ports on linux
|
|
|
|
|
# allow the ss and/or netstat commands to exist so the later mock is called
|
|
|
|
|
if @platform && @platform[:name] == 'alpine'
|
|
|
|
|
mock_cmds.merge!(
|
2018-10-04 18:06:17 +00:00
|
|
|
|
'ps --help' => cmd_stderr.call('ps-help-busybox'),
|
2018-09-26 02:40:05 +00:00
|
|
|
|
%{bash -c 'type "netstat"'} => cmd_exit_1.call(),
|
|
|
|
|
%{bash -c 'type "ss"'} => cmd_exit_1.call(),
|
|
|
|
|
%{which "ss"} => cmd_exit_1.call(),
|
|
|
|
|
%{which "netstat"} => empty.call(),
|
|
|
|
|
'netstat -tulpen' => cmd.call('netstat-tulpen-busybox')
|
|
|
|
|
)
|
|
|
|
|
else
|
|
|
|
|
mock_cmds.merge!(
|
2018-10-04 18:06:17 +00:00
|
|
|
|
'ps --help' => empty.call(),
|
2018-09-26 02:40:05 +00:00
|
|
|
|
%{bash -c 'type "ss"'} => empty.call(),
|
|
|
|
|
%{bash -c 'type "netstat"'} => empty.call(),
|
|
|
|
|
'ss -tulpen' => cmd.call('ss-tulpen'),
|
|
|
|
|
'netstat -tulpen' => cmd.call('netstat-tulpen')
|
|
|
|
|
)
|
|
|
|
|
end
|
|
|
|
|
mock.commands = mock_cmds
|
|
|
|
|
|
2015-10-05 21:22:13 +00:00
|
|
|
|
@backend
|
|
|
|
|
end
|
2015-09-22 16:31:21 +00:00
|
|
|
|
|
2015-10-05 21:22:13 +00:00
|
|
|
|
# loads a resource class and instantiates the class with the given arguments
|
|
|
|
|
def load_resource(resource, *args)
|
2015-09-22 16:31:21 +00:00
|
|
|
|
# initialize resource with backend and parameters
|
2015-10-26 03:04:18 +00:00
|
|
|
|
@resource_class = Inspec::Resource.registry[resource]
|
2015-10-07 21:59:26 +00:00
|
|
|
|
@resource = @resource_class.new(backend, resource, *args)
|
2015-09-22 16:31:21 +00:00
|
|
|
|
end
|
2016-01-29 20:54:48 +00:00
|
|
|
|
|
|
|
|
|
def self.mock_os(resource, name)
|
|
|
|
|
osinfo = OPERATING_SYSTEMS[name] ||
|
|
|
|
|
fail("Can't find operating system to mock: #{name}")
|
|
|
|
|
resource.inspec.backend.mock_os(osinfo)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.mock_command(resource, cmd, res = {})
|
|
|
|
|
resource.inspec.backend
|
|
|
|
|
.mock_command(cmd, res[:stdout], res[:stderr], res[:exit_status])
|
|
|
|
|
end
|
2016-02-17 10:17:43 +00:00
|
|
|
|
|
|
|
|
|
def self.home
|
|
|
|
|
File.join(File.dirname(__FILE__), 'unit')
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-21 00:45:55 +00:00
|
|
|
|
def self.profile_path(name)
|
2016-02-17 10:17:43 +00:00
|
|
|
|
dst = name
|
2017-05-16 09:31:47 +00:00
|
|
|
|
dst = "#{home}/mock/profiles/#{name}" unless (Pathname.new name).absolute?
|
2016-02-21 00:45:55 +00:00
|
|
|
|
dst
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.load_profile(name, opts = {})
|
|
|
|
|
opts[:test_collector] = Inspec::RunnerMock.new
|
2019-01-28 03:36:33 +00:00
|
|
|
|
opts[:backend] = Inspec::Backend.create(Inspec::Config.mock(opts))
|
2016-02-21 21:12:02 +00:00
|
|
|
|
Inspec::Profile.for_target(profile_path(name), opts)
|
2016-02-17 10:17:43 +00:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.profile_tgz(name)
|
2016-02-18 13:27:16 +00:00
|
|
|
|
path = File.join(home, 'mock', 'profiles', name)
|
2017-10-10 09:36:57 +00:00
|
|
|
|
dst = File.join(Dir.mktmpdir, "#{name}.tar.gz")
|
2016-02-18 13:27:16 +00:00
|
|
|
|
|
|
|
|
|
# generate relative paths
|
|
|
|
|
files = Dir.glob("#{path}/**/*")
|
|
|
|
|
relatives = files.map { |e| Pathname.new(e).relative_path_from(Pathname.new(path)).to_s }
|
|
|
|
|
|
2017-10-10 09:36:57 +00:00
|
|
|
|
|
2016-02-18 13:27:16 +00:00
|
|
|
|
require 'inspec/archive/tar'
|
|
|
|
|
tag = Inspec::Archive::TarArchiveGenerator.new
|
|
|
|
|
tag.archive(path, relatives, dst)
|
|
|
|
|
|
2016-02-17 10:17:43 +00:00
|
|
|
|
dst
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.profile_zip(name, opts = {})
|
2016-02-18 13:27:16 +00:00
|
|
|
|
path = File.join(home, 'mock', 'profiles', name)
|
2017-10-10 09:36:57 +00:00
|
|
|
|
dst = File.join(Dir.mktmpdir, "#{name}.zip")
|
2016-02-18 13:27:16 +00:00
|
|
|
|
|
|
|
|
|
# rubyzip only works relative paths
|
|
|
|
|
files = Dir.glob("#{path}/**/*")
|
|
|
|
|
relatives = files.map { |e| Pathname.new(e).relative_path_from(Pathname.new(path)).to_s }
|
|
|
|
|
|
|
|
|
|
require 'inspec/archive/zip'
|
|
|
|
|
zag = Inspec::Archive::ZipArchiveGenerator.new
|
|
|
|
|
zag.archive(path, relatives, dst)
|
2016-02-22 12:41:12 +00:00
|
|
|
|
|
2016-02-17 10:17:43 +00:00
|
|
|
|
dst
|
|
|
|
|
end
|
2015-09-22 16:31:21 +00:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def load_resource(*args)
|
|
|
|
|
m = MockLoader.new(:ubuntu1404)
|
|
|
|
|
m.send('load_resource', *args)
|
2015-09-03 15:33:19 +00:00
|
|
|
|
end
|
2019-02-21 17:24:19 +00:00
|
|
|
|
|
|
|
|
|
# Used to capture `Inspec.deprecate()` with warn action
|
|
|
|
|
def expect_deprecation_warning
|
|
|
|
|
@mock_logger = Minitest::Mock.new
|
|
|
|
|
@mock_logger.expect(:warn, nil, [/DEPRECATION/])
|
|
|
|
|
Inspec::Log.stub :warn, proc { |message| @mock_logger.warn(message) } do
|
|
|
|
|
yield
|
|
|
|
|
end
|
|
|
|
|
@mock_logger.verify
|
|
|
|
|
end
|
2019-04-15 18:48:26 +00:00
|
|
|
|
|
|
|
|
|
# Low-level deprecation handler. Use the more convenient version when possible.
|
|
|
|
|
# a_group => :expect_warn
|
|
|
|
|
# a_group => :expect_fail
|
|
|
|
|
# a_group => :expect_ignore
|
|
|
|
|
# a_group => :expect_something
|
|
|
|
|
# a_group => :tolerate # No opinion
|
|
|
|
|
# all => ... # Any of the 5 values above
|
|
|
|
|
# all_others => ... # Any of the 5 values above
|
|
|
|
|
def handle_deprecations(opts_in, &block)
|
|
|
|
|
opts = opts_in.dup
|
|
|
|
|
|
|
|
|
|
# Determine the default expectation
|
|
|
|
|
opts[:all_others] = opts.delete(:all) if opts.key?(:all) && opts.count == 1
|
|
|
|
|
expectations = {}
|
|
|
|
|
expectations[:all_others] = opts.delete(:all_others) || :tolerate
|
|
|
|
|
expectations.merge!(opts)
|
|
|
|
|
|
|
|
|
|
# Expand the list of deprecation groups given
|
|
|
|
|
known_group_names = Inspec::Deprecation::ConfigFile.new.groups.keys
|
|
|
|
|
known_group_names.each do |group_name|
|
|
|
|
|
next if opts.key?(group_name)
|
|
|
|
|
expectations[group_name] = expectations[:all_others]
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Wire up Insepc.deprecator accordingly using mocha stubbing
|
|
|
|
|
expectations.each do |group_name, expectation|
|
|
|
|
|
inst = Inspec::Deprecation::Deprecator.any_instance
|
|
|
|
|
case expectation
|
|
|
|
|
when :tolerate
|
|
|
|
|
inst.stubs(:handle_deprecation).with(group_name, anything, anything)
|
|
|
|
|
when :expect_something
|
|
|
|
|
inst.stubs(:handle_deprecation).with(group_name, anything, anything).at_least_once
|
|
|
|
|
when :expect_warn
|
|
|
|
|
inst.stubs(:handle_warn_action).with(group_name, anything).at_least_once
|
|
|
|
|
when :expect_fail
|
|
|
|
|
inst.stubs(:handle_fail_control_action).with(group_name, anything).at_least_once
|
|
|
|
|
when :expect_ignore
|
|
|
|
|
inst.stubs(:handle_ignore_action).with(group_name, anything).at_least_once
|
|
|
|
|
when :expect_exit
|
|
|
|
|
inst.stubs(:handle_exit_action).with(group_name, anything).at_least_once
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
yield
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Use this to absorb everything.
|
|
|
|
|
def tolerate_all_deprecations(&block)
|
|
|
|
|
handle_deprecations(all: :tolerate, &block)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def expect_deprecation_warning(group, &block)
|
|
|
|
|
handle_deprecations(group => :expect_warn, all_others: :tolerate, &block)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def expect_deprecation(group, &block)
|
|
|
|
|
handle_deprecations(group => :expect_something, all_others: :tolerate, &block)
|
|
|
|
|
end
|