inspec/lib/resources/kernel_module.rb

55 lines
1.6 KiB
Ruby
Raw Normal View History

2015-09-20 16:32:50 +00:00
# encoding: utf-8
2015-10-06 16:55:44 +00:00
# author: Christoph Hartmann
# author: Dominik Richter
2015-09-20 16:32:50 +00:00
# license: All rights reserved
module Inspec::Resources
class KernelModule < Inspec.resource(1)
name 'kernel_module'
desc 'Use the kernel_module InSpec audit resource to test kernel modules on Linux platforms. These parameters are located under /lib/modules. Any submodule may be tested using this resource.'
example "
describe kernel_module('bridge') do
it { should be_loaded }
end
"
2015-09-20 16:32:50 +00:00
def initialize(modulename = nil)
@module = modulename
2015-09-20 16:32:50 +00:00
# this resource is only supported on Linux
return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !inspec.os.linux?
end
2015-09-20 16:32:50 +00:00
def loaded?
# default lsmod command
lsmod_cmd = 'lsmod'
# special care for CentOS 5 and sudo
lsmod_cmd = '/sbin/lsmod' if inspec.os[:name] == 'centos' && inspec.os[:release].to_i == 5
# get list of all modules
cmd = inspec.command(lsmod_cmd)
return false if cmd.exit_status != 0
2015-09-20 16:32:50 +00:00
# check if module is loaded
re = Regexp.new('^'+Regexp.quote(@module)+'\s')
found = cmd.stdout.match(re)
!found.nil?
end
2015-09-20 16:32:50 +00:00
def version
if inspec.os[:name] == 'centos' && inspec.os[:release].to_i == 5
modinfo_cmd = "/sbin/modinfo -F version #{@module}"
else
modinfo_cmd = "modinfo -F version #{@module}"
end
cmd = inspec.command(modinfo_cmd)
cmd.exit_status.zero? ? cmd.stdout.delete("\n") : nil
end
def to_s
"Kernel Module #{@module}"
end
2015-09-20 16:32:50 +00:00
end
end