inspec/lib/resources/kernel_parameter.rb

58 lines
1.4 KiB
Ruby
Raw Normal View History

2015-09-20 16:33:43 +00:00
# encoding: utf-8
2015-10-06 16:55:44 +00:00
# author: Christoph Hartmann
2015-09-20 16:33:43 +00:00
# license: All rights reserved
2015-10-26 03:04:18 +00:00
class KernelParameter < Inspec.resource(1)
2015-09-20 16:33:43 +00:00
name 'kernel_parameter'
2015-11-27 13:02:38 +00:00
desc 'Use the kernel_parameter InSpec audit resource to test kernel parameters on Linux platforms.'
example "
describe kernel_parameter('net.ipv4.conf.all.forwarding') do
its(:value) { should eq 0 }
end
"
2015-09-20 16:33:43 +00:00
def initialize(parameter = nil)
@parameter = parameter
# this resource is only supported on Linux
2015-10-26 03:04:18 +00:00
return skip_resource 'The `kernel_parameter` resource is not supported on your OS.' if !inspec.os.linux?
2015-09-20 16:33:43 +00:00
end
def value
2015-10-26 03:04:18 +00:00
cmd = inspec.command("/sbin/sysctl -q -n #{@parameter}")
2015-09-20 16:33:43 +00:00
return nil if cmd.exit_status != 0
# remove whitespace
cmd = cmd.stdout.chomp.strip
# convert to number if possible
cmd = cmd.to_i if cmd.match(/^\d+$/)
cmd
end
def to_s
"Kernel Parameter #{@parameter}"
end
end
# for compatability with serverspec
# this is deprecated syntax and will be removed in future versions
class LinuxKernelParameter < KernelParameter
name 'linux_kernel_parameter'
def initialize(parameter)
super(parameter)
end
def value
deprecated
super()
end
def deprecated
warn '[DEPRECATION] `linux_kernel_parameter(parameter)` is deprecated. Please use `kernel_parameter(parameter)` instead.'
end
def to_s
"Kernel Parameter #{@parameter}"
end
end